Diva Luscious Modelling Agency (“the Agency”) is committed to protecting the privacy and security of personal data. This policy outlines m our approach to data protection, ensuring we comply with legal requirements and best practices.

 

The purpose of this policy is to:

 

◦Ensure compliance with data protection laws, including the General Data Protection Regulation (GDPR).

◦Protect the rights of clients, models, employees, and partners.

◦Provide transparency about how personal data is collected, used, and stored.

◦Safeguard against data breaches and misuse of personal data.

 

This policy applies to all employees, contractors, models, clients, and partners of the Agency who handle personal data.

 

Personal Data

Any information relating to an identified or identifiable natural person.

 

Processing

Any operation performed on personal data, such as collection, storage, use, and sharing.

 

Data Subject

An individual whose personal data is processed by the Agency.

 

5.1. Types of Data Collected

We may collect the following types of personal data:

 

Models

Name, contact details, date of birth, physical measurements, portfolio images, social media profiles, and contractual information.

 

Clients

Name, contact details, company information, project details, and payment information.

Employees and Contractors: Name, contact details, employment records, payment information, and performance reviews.

 

5.2. Methods of Collection

Personal data is collected through:

 

◦ Online forms and applications.

◦Direct communication (email, phone, meetings).

◦Contracts and agreements.

◦Social media interactions.

 

6.1. Purpose of Use

We use personal data for:

 

◦Managing model portfolios and bookings.

◦Communicating with clients about projects and contracts.

◦Handling employment and contractor relationships.

◦Marketing and promotional activities.

◦Complying with legal obligations.

 

6.2. Legal Basis for Processing

We process personal data based on:

 

Consent: Explicit consent from data subjects.

◦Contract: Fulfilment of contractual obligations.

◦Legal Obligation: Compliance with legal requirements.

Legitimate Interests: Pursuing legitimate business interests without overriding the rights of data subjects.

 

7.1. Data Storage

Personal data is stored securely in:

 

– Encrypted digital databases.

– Locked physical files where necessary 

 

7.2. Security Measures

We implement the following security measures:

 

◦ Access controls and authentication protocols.

◦Regular security audits and updates.

◦Data encryption and pseudonymization.

◦Employee training on data protection practices.

 

We may share personal data with:

 

◦ Clients and contractors for project-related purposes.

◦Legal authorities when required by law.

◦Third-party service providers (e.g., IT services, payment processors) under strict confidentiality agreements.

 

Data subjects have the following rights:

 

◦AccessRequest access to their personal data.

◦Rectification**: Request correction of inaccurate data.

◦Erasure**: Request deletion of their data (“right to be forgotten”).

◦Restriction**: Request restriction of data processing.

◦Data Portability**: Request transfer of their data to another organization.

◦Objection**: Object to data processing based on legitimate interests.

 

In case of a data breach, we will:

 

◦Immediately assess and contain the breach.

◦Notify affected data subjects and relevant authorities within 72 hours, if required.

◦Investigate and implement measures to prevent future breaches.

 

This policy will be reviewed annually or when necessary to comply with changes in regulations or business practices.

 

For questions or concerns regarding this policy, please contact:

 

Data Protection Officer (DPO)

Diva Luscious Modelling Agency

Unit 135165

P O Box 7169

Poole 

BH15 9EL

 

This policy ensures that Diva Luscious Modelling Agency maintains high standards of data protection and complies with relevant laws and regulations.