Thank you for your kind interest in our award-winning work. Whether you’re an existing client or would like our support, we’re committed to protecting and respecting your privacy at all stages of your publicity journey with us.

This Privacy Policy describes what that commitment entails. It includes, among other things, the types of information we collect, our legal basis for collecting it, how long we keep it, what we do with it, and what your rights are about it. For your convenience, it also includes links to our Cookie Policy and Website Terms of Use. By visiting this website, requesting representation, and engaging our services, you kindly agree to the terms of these three policies.

Thank you once again for visiting.

We obtain (and “process”) your name contact details and type of PR package you’re most interested in. We also obtain any extra details about your objectives that you provide in the contact form. If you engage our services, we will obtain further information from you, which may also include some sensitive information such as your address, occupation, age, marital status, images, and background information about the product or service you have requested us to promote.

Where do we get this information?

We obtain basic information from the contact form on our website when you provide it to us. Additional information is obtained during the course of your PR campaign when you provide it to us.

What do we use for your information for?

The information you provide us through the contact form on our website will be used for to respond to your enquiry and progress the publicity requirements you need. The additional information you provide us during the course of your PR campaign will be used by us and our consultants to orchestrate the contracted services.

We will process your personal data if one of the following applies:

  1. You have given consent
  2. It is necessary for the performance of an agreement/contract of services or pre-contractual negotiations (such as drafting the agreement)
  3. It is necessary for compliance with a legal obligation or statutory requirement
  4. It is necessary for the purposes of the legitimate interests pursued by us or by a third party.

Place of processing

The Data is processed at our operating offices and in any other places where the parties involved in the processing are located. Data is naturally transferred between members of Palamedes staff; to any representative, advisers and other third parties you have authorised to interact with us on your behalf; to media organisations through which we are seeking publicity on your behalf; to payment system operators and financial institutions; between call handling representatives (such as Virtually There, which has its own privacy policy here); to third party service providers who we engage for website design and graphic design projects; to government agencies or authorities, regulators, law enforcement agencies and other parties where authorised or required by law who ask us to disclose that information and to which we are legally required to disclose your personal information. If you have asked us to secure publicity outside of the UK, your personal data will necessarily be transferred outside of the UK for this purpose.

International data transfers

Data transfers will only ever take place outside of the UK if we are seeking publicity for you in a country outside of the UK or if you otherwise request a service from us that requires us to make such a transfer. In such cases, data we collect may be transferred to, stored and processed in any country or territory where one or more of our external service providers or consultants are based. While other countries or territories may not have the same standards of data protection as those in your home country, we will continue to protect personal data that we transfer in line with this privacy policy.

Whenever we transfer your personal data out of the UK or the European Economic Area (EEA), we ensure similar protection and use specific approved International Data Transfer Agreement contracts that give your personal data the same protection it has in the UK or the EEA.

We never (ever) sell personal data to third parties.

Personal Data shall be processed and stored for as long as required for the purpose they have been collected for. In practical terms, we retain personal data in the form of invoices, contracts and some email correspondence for six years to comply with tax obligations and contractual claims.

Once the retention period expires, your personal data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

How we secure your information?

We store information on secure, password-enabled encrypted servers. Some of those servers are in the United States and have self-certified themselves as compliant with the EU-US Privacy Shield. Payments made to us are done so through Stripe. Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. Stripe’s own privacy policy can be found here.  The Palamedes PR website is protected using SHA-2 256-bit encryption and a 2048-bit signing algorithm which encrypt the information you provide us and keeps sensitive data safe. The padlock icon, displayed next to our URL in the web browser, indicates a secure mode where communications between browser and web server are encrypted. This type of connection is designed to prevent anyone from reading or modifying the data you exchange with the website.

Cookies

You can view our cookies policy here.

Legal Notice

Palamedes PR makes no warranties of any kind that this website, social media platforms and emails are free from viruses or other forms of harmful computer code. (We’ve taken all reasonable care to ensure that bugs and other computer nasties aren’t lurking about). In no event shall Palamedes PR, its employees or agents, be liable for any direct, indirect or consequential damages resulting in the use of this website. You can read our full website terms of use here.

Under the General Data Protection Regulation (GDPR) 2018, you can access and receive the information we have, correct or update it, restrict its use, object to us storing it, ask to have it deleted, or complain to a supervisory authority such as the Information Commissioner’s Office (ICO). These requests can be exercised free of charge and will be addressed by us as early as possible and always within one month. You can exercise these rights by contacting our Data Protection Officer, Anthony Harvison (anthony.harvison@palamedes.co.uk)

Where Personal Data is processed for a public interest and/or in the exercise of an official authority vested in us for the purposes of the legitimate interests, you may object to such processing by providing a ground related to their particular situation to justify the objection.

We may make changes to this Privacy Policy from time to time to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations. We encourage you to check our website from time to time to ensure that you are aware of our current Privacy Policy. In the event that we make substantial changes to this Privacy Policy that may materially affect how we process a client’s personal data rights, we will always notify those clients by email.

Last update: 24/04/2023. (No material changes – language only)