Intro

Creativetrans is committed to protecting client privacy and takes its responsibility regarding the security of client information very seriously. We comply with the General Data Protection Regulation (GDPR). We will always be clear and transparent about the information we are collecting and what we will do with that information.

What personal data we collect and why we collect it

Personal Data

Personal data means any information relating to you which allows us to identify you, such as your name, contact details, project reference number, payment details and information about your access to our website.

We may collect personal data from you when you arrange a project with us (either directly or indirectly through our trusted third party partners), use our website or other websites accessible through our website, or when you contact us.

Specifically, we may collect the following categories of information:

1. Name, job title, business name, business address, company registration numbers, e-mail address, telephone number, credit/debit card or other payment details;
2. Information about your purchases of our trusted partners’ products and services;
3. Information about your use of our website;
4. The communications you exchange with us or direct to us via letters, emails, chat service, calls, and social media.

We will process any such data only if you have given your explicit consent, or it is necessary, or if you have deliberately made it public.

What do we use your personal data for, why, and for how long?

Your data may be used for the following purposes:

1. Providing products and services you request: we use the information you give us to perform the services you have asked for in relation to your project, including requested project changes;
2. Contacting you in the event of a project delivery time change; we send you communications about the services you have asked for and any changes to such services. These communications are not made for marketing purposes and cannot be opted-out of;
3. Credit or other payment card verification/screening: we use your payment information for accounting, billing and audit purposes and to detect and/or prevent any fraudulent activities;
4. Administrative or legal purposes: we use your data for statistical and marketing analysis, systems testing, customer surveys, maintenance and development, or in order to deal with a dispute or claim. Note that we may perform data profiling based on the data we collect from you for statistical and marketing analysis purposes. Any profiling activity will be carried out with your prior consent only and by making best endeavours to ensure that all data it is based on is accurate. By providing any personal data you explicitly agree that we may use it to perform profiling activities in accordance with this Privacy Policy;
5. Customer Services communications: we use your data to manage our relationship with you as our customer and to improve our services and enhance your experience with us;
6. Provide tailored services: we use your data to provide information we believe is of interest to you, prior to, during, and after your project with us and to personalise the services we offer to you.
7. Marketing: from time to time we will contact you with information regarding price promotions and ancillary products via e-communications. You will have the choice to opt in or opt out of receiving such communications by indicating your choice at the project booking stage. You will also be given the opportunity on every e-communication that we send you to indicate that you no longer wish to receive our direct marketing material.

We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for.

We may also process your personal data for one or more of the following:

• To comply with a legal obligation;
• You have consented to us using your personal data (e.g. for marketing related uses);
• To protect your vital interests or those of another person;
• It is in our legitimate interests in operating as a translation/interpretation agency.

We will not retain your data for longer than is necessary to fulfil the purpose it is being processed for. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means.

We must also consider periods for which we might need to retain personal data in order to meet our legal obligations, or to deal with complaints, queries and to protect our legal rights in the event of a claim being made.

When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimise over time the personal data that we use, and if we can anonymise your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.

Security of your personal data

All data is securely stored on Creativetrans servers or company-owned computer and digital storage media all data is reliably erased from the device prior to its transfer out of company control, and/or the media must be destroyed, using current best practices for the type of media.

For each device and server we have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, suppliers and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality and non-disclosure agreements

Sharing your personal data

We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.

“Third parties” includes third-party service providers. The following activities are carried out by third-party service providers: IT services, auditing services, secured Cloud storage and hosting services, email server.

All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

Transferring information outside EU

We may need to disclose potential personal data contained in the documents relevant to the work we are quoting for to third parties linguists outside the EEA in order to perform the contract we have entered into with you. We have strict non-disclosure agreement and contracts in place with all our sub-contractors abroad.

Before sending personal data outside the EEA, we consider the below:

• Do we need to transfer personal data abroad?
• Have we complied with all the other data protection principles?

If we conclude that there is a necessity for the completion of the work we are contracted for to send the documents outside the EEA, we ensure the same degree of protection than the data kept in the EEA and all the same safeguards are implemented.

Rights of access, correction, erasure, and restriction

You have to right to contact us at any time to request access if you have any concerns regarding the data we hold, please don’t hesitate and get in touch with us. We’ll answer all your questions and make the necessary changes as per your request.

It is important that you read and retain this notice, also please read our private policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information via our website.