Privacy Policy

UPDATED NOTICE

This privacy policy has not yet been updated to included all areas of our business. We are trying to correct this as soon as we can. Sections missing involve email retention, email forwarding,  contacts management, The Creative Network, cast and crew profiles, HR, project management, file retention policy, obscured identity retention policy, archive service, live streaming policies and video conferencing recording policies.

Important Notice

We have produced this Privacy Policy to explain to you, the user, what information we collect on you, as well as how we collect and use your data.

It’s important that you thoroughly read the privacy policy shown below so you understand what data we collect before you use this website.

We do NOT sell your personal data to advertising companies or sell our analytics to other companies.

Contents

Use this contents section to navigate to each section of this privacy policy page.


 

  • Section 1: Policy Information
    1. Owner and Data Controller
      1. Background
      2. Company Operations
      3. Contact
    2. Policy Information and Expiry
    3. Policy Terms and Definitions

 

  • Section 2: Our Websites
    1. Visiting our Websites
    2. Embedded Content
    3. Third-Party Services
    4. MMN CDN

 

  • Section 3: Project Management & Archives
    1. Project Processing
    2. Submitting footage for a project
    3. Identity Permissions, Releases and Retention
    4. Project Publishing
    5. Live Productions
    6. Project Retention
    7. Archive Service
      1. Hosting Platforms
      2. Project Reuse, Copyright and Availability
      3. Project Metadata and TCN Integration

 

  • Section 4: User Accounts
    1. User Registration & Social Login
    2. Signing In
    3. Comments

 

  • Section 5: Account-Provided Services
    1. Education Services
    2. The Creative Network
    3. eCommerce, WooCommerce and Payment Gateways
    4. Uploaded Media
    5. Pages and Posts Creation

 

  • Section 6: Email & Communications Tools
    1. Contact Forms
    2. Email Retention
    3. Email Forwarding
    4. Contacts Management

 

  • Section 7: Identity Protection & Anonymisation
    1. Children’s data and safeguarding
    2. Entering filming zones
    3. Obscured identities within projects

 

  • Section 8: Your Rights, Data Protection & Access
    1. Storing of Data
    2. What rights you have over your data
    3. What data breach procedures we have in place

1: Owner and Data Controller

MMN MATTHEW’S Media Networks LTD is a registered company in England and Wales (company number 12377292) based in Cardiff, Wales that provides media production and training services to local businesses and organisations.

Our website address is: https://matthewsnetmedia.co.uk.

A full list of our digital properties can be found at: https://matthewsnetmedia.co.uk/press/digital-ownership.

 

You can contact our privacy department here:

MMN MATTHEW’S Media Networks LTD Privacy Enquiries 
c/o Matthew Tyler-Howells 
37 Handley Road 
Pengam Green 
Cardiff, United Kingdom 
CF24 2HF 

GDPR@matthewsnetmedia.co.uk

2: Policy Terms

Policy Information and Expiry

This policy, version 1.3 (MMN Privacy Policy 2020-05.rev03), was last updated on Thu, 04 June 2020. This policy is valid until its renewal date of 03 June 2022 or until the policy is updated and renewed.

This policy resides at the web address https://matthewsnetmedia.co.uk/legal/privacy.

Terms and Definitions

Throughout this privacy policy document, the terms “we”, “us”, “our”, “the company” and “owner” refer to MMN MATTHEW’S Media Networks LTD.

The terms “you”, “visitor” and “user” refer to you, the visitor to the website.

We use an opt-out system for agreeing to these legal terms. By visiting this website, you are automatically accepting our privacy policy and terms of service, available here. If you do not agree to the privacy policy and terms of service, you must stop using this website and our services immediately. We also recommend that you clean your browser’s cookies cache after terminating the use of this website.

This does not prevent you from using externally hosted services, such as our social media pages, unless integrations are used. In this case, this will be explicitly identified and stated to you.

3: Visiting this Website

What is this service and why is data collected?

We use tracking and analytics tools to produce analytics reports and monitor our website’s usage.

What services are used?

We use Jetpack, Google Analytics, Google Maps, and Google My Business. 

What is my data used for?

From this, we can calculate the number of unique visitors to our website, how many times each page has been loaded, your interactions with each page and its contents, and what country you are visiting our page from.

What personal data is collected?

This is gathered using ‘cookies’, which are small files stored in your browser and on your computer. These cookies are stored and obtained whenever you load our website. The presence of one of our cookies indicates that you are a regular visitor to this website. Data collected includes what device you are using (manufacturer, model, make), operating system, internet browser and IP address.

How long is data stored for?

Cookies usually last a maximum of 7 days on your computer. Our analytics data refresh and purge every 30 days.

What personal data is used but not stored?

Your IP (internet protocol) address is compared to a list of countries’ IP address ranges to identify which country you are visiting from and whether or not you should be given access to the website. This is not stored on our systems.

Google Analytics is a web analysis service provided by Google Ireland Limited (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

Read Google’s privacy policy here: https://policies.google.com/privacy
Google Analytics opt-out browser add-on: https://tools.google.com/dlpage/gaoptout?hl=en

The Activity and WordPress.com Stats features records activities on the website including visited pages, interactions, IP addresses, browser client, referring URL (how you got to this website), browser language, country code, page loading times and timestamps.

For more information on what Jetpack and WordPress.com obtains, please see:

4: Embedded Content

What is this service and why is data collected?

We use embedded content from our own servers, other websites and other servers on this website through the use of IFrames (inline frames) and embedded code. Articles on this site may include embedded content (e.g. videos, images, articles, etc.).

What happens to my data?

We do not store details about your interactions with embedded data.

Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

5: Third-Party Services

We are not responsible for any third-party services and it is your responsibility to read their individual privacy policies and terms of service.

Elementor is the designing tool we use to develop and stylise this website.

All data is processed by us, MMN MATTHEW’S Media Networks LTD within our WordPress.org CMS (content management system).

Read Elementor’s privacy policy here, although it is targeted towards web developers and the users of the service, so not you – the user of this website.

https://elementor.com/about/privacy/

We use Cloudflare for SSL, HTTPS and website protection against DDoS (distributed denial of service) attacks.

Cloudflare may obtain personal data such as: IP address, your country code and browser client. Cloudflare may also store cookies on your device.

Read Cloudflare’s privacy policy here: https://www.cloudflare.com/privacypolicy

Radio shows and podcasts produced by MMN MATTHEW’S Media Networks LTD use Mixcloud, Spotify, Apple Podcasts, Deezer and other streaming sites to host episodes. Mixcloud and other streaming players are included on the show pages through the use of embedded code. Please read above about embedded code.

Read Mixcloud’s privacy policy here: https://www.mixcloud.com/privacy/

Read Spotify’s privacy policy here: https://www.spotify.com/uk/legal/privacy-policy/

Read Apple Podcasts’ privacy policies here: https://www.apple.com/legal/privacy/en-ww/
https://itunespartner.apple.com/podcasts/articles/podcast-analytics_data 
https://www.apple.com/legal/internet-services/itunes/us/terms.html 

Read Google Podcasts’ privacy policy here: https://play.google.com/intl/ALL_ALL/about/podcast-terms.html

Read Deezer’s privacy policy here: https://www.deezer.com/legal/personal-datas

YouTube players are used throughout this site to provide video content through embedded players.

View YouTube’s privacy policy here: https://policies.google.com/privacy?hl=en

Embedded posts to social media may be included on this website.

View Facebook’s privacy policy: https://www.facebook.com/policy.php

View Twitter’s privacy policy: https://twitter.com/en/privacy

View Instagram’s privacy policy: https://help.instagram.com/519522125107875

View Tiktok’s privacy policy: https://www.tiktok.com/legal/privacy-policy?lang=en#privacy-eea

6: MMN CDN

Domains containing a URL similar to “cdn.matthewsnetmedia.co.uk” are owned by MMN MATTHEW’S Media Networks LTD. We use a self-created CDN (content delivery network) to host and provide fast access to on-demand content (such as videos, images, webpages). The CDN does not store any data and is subject to the privacy policies listed on this page, namely “visiting this website” and “embedded content”.

7: User Registration & Social Login

What is this service and why is data collected?

When you a register an account through our website, we need to collect personal data about you to create an account and associate it with your identity. This allows us to provide login details for you to return to our website.

You can also register by logging in with a Facebook or Google social account. You can also register by logging in with a WordPress.com account.

You can use social media login services which will gain access to your third-party login information and account information for the purpose of registering and logging into our website. Using third-party social media login services is optional. It is recommended that you create a standard email-based account with us first, then in account settings link your social media accounts if you wish. Your social media accounts will be tied to your WordPress-generated account, created through the login and registration forms.

What services are used?

We use Jetpack, WordPress.com, Facebook, Google, reCAPTCHA, Elementor and Elementor Pro.

What is my data used for?

We create an account within our WordPress.org CMS (content management system) based on the personal information you provide us with. This then allows us to verify your identity through your email address and password when logging in when revisiting the site. Your data is only passed on to Jetpack, a service that powers WordPress.

What personal data is collected?

Your first name, middle name, last name, full name, nickname, email address, phone number, place of education or school or college or university, username, social media profile links, biography, Gravatar, profile picture, IP address, browser client, country code, operating system and device type are all personal data that can be stored in relation to your account.

How long is data stored for?

This data is stored indefinitely until you delete your account or until you request deletion of your account. Note that full removal of this data can take an extra 30 days due to our analytics services.

By creating a user account on our website, you agree to WordPress’ privacy policy and terms of service.

Read WordPress’ privacy policy here: https://en-gb.wordpress.org/about/privacy/

Read Automattic’s privacy policy here: https://automattic.com/privacy/

Read Jetpack’s privacy policy here: https://jetpack.com/support/privacy/

This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook, Inc. Information taken from your account will include: your full name, email address, access requests and phone number.

Read Facebook’s privacy policy here: https://www.facebook.com/policy.php

This service allows this Application to connect with the User’s Google account, provided by Google Ireland Limited. Information taken from your account will include: your full name, email address and phone number.

Read Google’s privacy policy here: https://policies.google.com/privacy

View WordPress.com’s privacy policy here: https://wordpress.com/support/your-site-and-the-gdpr/

8: Signing In

What is this service and why is data collected?

When you use our login form, we compare the details you provide us with the details you used to register an account. We also monitor login attempts to ensure that your account and our website is not targeted by hackers or bots.

What services are used?

We use Jetpack, WordPress.com, Facebook, Google, reCAPTCHA, Elementor and Elementor Pro.

What is my data used for?

We compare your inputted data to the data on your account. Your password is encrypted and stored locally on our CMS. Your data is only passed on to Jetpack, a service that powers WordPress.

What personal data is collected?

Your email address, phone number, username, IP address, browser client, country code, operating system and device type are all personal data that is used and stored in relation to logging into your account. All activity whilst you are logged in on this site is logged and tracked by Jetpack and WordPress.com.

How long is data stored for?

This data is stored indefinitely until you delete your account or until you request deletion of your account. Note that full removal of this data can take an extra 30 days due to our analytics services. Analytics data, including logs, are only stored for 30 days.

By creating a user account on our website, you agree to WordPress’ privacy policy and terms of service.

Read WordPress’ privacy policy here: https://en-gb.wordpress.org/about/privacy/

Read Automattic’s privacy policy here: https://automattic.com/privacy/

Read Jetpack’s privacy policy here: https://jetpack.com/support/privacy/

This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook, Inc. Information taken from your account will include: your full name, email address, access requests and phone number.

Read Facebook’s privacy policy here: https://www.facebook.com/policy.php

This service allows this Application to connect with the User’s Google account, provided by Google Ireland Limited. Information taken from your account will include: your full name, email address and phone number.

Read Google’s privacy policy here: https://policies.google.com/privacy

View WordPress.com’s privacy policy here: https://wordpress.com/support/your-site-and-the-gdpr/

9: Comments

What is this service and why is data collected?

If you leave a comment on our site you may opt in to saving your name, e-mail address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Any comments you post are stored indefinitely.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

What services are used?

We use Akismet, Jetpack, WordPress.com, Facebook, Google, reCAPTCHA, Elementor and Elementor Pro.

10: Contact Forms

What is this service and why is data collected?

Contact Forms allow you to contact us about an issue or enquiry, such as account issues and business enquiries. Data is collected to ensure that your message is not from a known spam sender or bot, and for us to be able to respond to your message.

What services are used?

We use Jetpack, Elementor and Elementor Pro.

What personal data is collected?

Your email address, phone number, IP address, browser client, country code, operating system and device type are all personal data that is used and stored when filling out and submitting through a contact form.

How long is data stored for?

This data is stored indefinitely on our email systems and our website.

11: Uploaded Media

What is this service and why is data collected?

If you are a client, editor, author or employee of MMN MATTHEW’S Media Networks LTD or its partner organisations, and you upload images, video or audio content to our website, you are subject to this service.

What personal data is collected?

Your username, user ID, IP address, browser client, country code, operating system and device type are all personal data that is stored when uploading media. Images or other media files may also contain embedded metadata such as EXIF data. You should avoid uploading images with embedded location data (EXIF GPS) included, as visitors can download and extract any data from these images.

How long is data stored for?

This data is stored indefinitely on our website and on WordPress.com servers.

12: eCommerce, WooCommerce and Payment Gateways

What is this service and why is data collected?

If you purchase a product, service, digital tool or asset from us or our partners, you are subject to these eCommerce terms. Payment data is collected to process your payment and order, and is shared with selected payment gateways.

What services do we use?

Jetpack, WordPress.com, WooCommerce, Stripe and PayPal

What personal data is collected?

Your username, user ID, full name, mailing address, postcode, country, phone number, email address, IP address, browser client, country code, operating system and device type are all personal data that is stored on our servers. Your credit or debit card information is stored securely and encrypted within the WooCommerce system.  Your credit or debit card information is shared with Stripe and PayPal payment processors.

How long is data stored for?

Check with Stripe and PayPal. 

Privacy Policies

WooCommerce: https://automattic.com/privacy/
https://woocommerce.com/gdpr/#

Stripe: https://stripe.com/gb/privacy

PayPal: https://www.paypal.com/us/webapps/mpp/ua/privacy-full

13: Education Services

What is this service and why is data collected?

For online learning, we use the LearnDash LMS (Learning Management System) within our WordPress website system. User login and registration data, alongside course progress is stored in cookies and within our system database.

What services do we use?

LearnDash, Cloudflare, Jetpack, Akismet, WooCommerce, Stripe, PayPal, WordPress.com, Facebook, Google

What personal data is collected?

Your username, user ID, IP address, browser client, country code, operating system and device type are all personal data that is stored.

How long is data stored for?

This data is stored indefinitely on our website and on WordPress.com servers unless you request deletion of your account.

14: Storing of Data

This website is hosted by German firm 1&1 IONOS on servers in the United Kingdom and Germany. Additional routing through Cloudflare is also used, using networks in the United Kingdom, EU countries and United States of America. Our company is registered in England and Wales, two countries that make up the United Kingdom.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

We will retain your data indefinitely until you tell us to remove it. You can do this by using the contact information at the top of the page. If you delete your account from our website, your details will be removed but may remain in backups. Wherever possible, we will try to remove it as soon as possible if we are able to.

15: What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

16: What data breach procedures we have in place

Part 1: We will close our website down following a data breach, deleting all data from our hosting partner 1&1 IONOS (UK), resetting details with our domain registrar GoDaddy (UK) and purging cache data on Jetpack and Cloudflare.

Part 2: We will send email notifications to registered users and post public alerts on our social media pages.

Part 3: We will check the last viable backup of our systems.

Part 4: We will restore our systems using a checked and verified backup. Users will be deleted alongside their data, meaning users will need to register for a new account.

Part 5: We will review any logs and see what procedures can be used in future to protect our systems and our users’ data.

17: Children’s data and safeguarding

We do not ask for visitors’ ages and treat child visitors’ data as any other visitor’s data. Parents and children can contact us and we can delete the child’s data. We do not knowingly store any children’s data. This site is designed to be used by those of or over the age of 13. The intended audience of this site is 18 to 65 year olds, although this is inclusive. Users of all ages can use our site as it is universally accessible.