1. GENERAL

1.1. Privacy and data protection is important to us at Creedcast AB, reg. no 559208-7711 (“Creedcast”, “we”, “us” or “our”). This Privacy Policy aims to inform you as client, supplier, contractor, employee etc. about our processing of your personal data, and what rights you have as a data subject. Creedcast’s processing of personal data is carried out in accordance with applicable legislation, including the general data protection regulation (“GDPR”).
‍
1.2. This Privacy Policy applies to the personal data we may process in connection with talent and customer engagements, business contacts and recruitments.

1.3. Set forth below is a description of how we process your personal data, and if you wish to receive additional information on the processing of your personal data, you are welcome to contact us at: mylouise@qast.media

2. PERSONAL DATA WE PROCESS

2.1. Personal data refers to information which, directly or indirectly, may be associated with a living natural person, such as name, personal identity number, IP address, payment details, photos, e-mail addresses, phone number and other contact details etc.

2.2. We process personal data about persons who:

2.2.1. are a client of Creedcast
‍
2.2.2. are a representative and/or employee of a client

2.2.3. applies for a job at Creedcast or enter a business or legal relationship with Creedcast

are otherwise affected by our services; orreceives our newsletters, other communication and/or attend our events.

2.3. We process personal data for the purposes of administrating and performing our services, managing customer and talent relationships, fulfilling our legal obligations, recruiting staff, entering business or legal relationships, improving and marketing our services and sending newsletters.

2.4. The personal data that CREED processes is either provided by you, the company which you represent or by a company which you have engaged, and which uses our services. We may also collect personal data from private and public registers as well as from public authorities.

3. LEGAL BASIS

3.1. We process personal data when necessary to (i) provide our services and fulfill our obligations towards you in accordance with agreements and terms entered into, (ii) communicate with you, (iii) send out newsletters and/or offers about our services, (iv) when we have your consent to process your personal data or (v) when there is another legitimate interest for us to process your personal data. If we process your personal data for any specific purpose which requires your consent under the GDPR, or any other data protection legislation, we will obtain your consent in advance.

3.2. Personal data will always be processed confidentially and protected by appropriate security measures. CREED ensures that companies that process and/or manage personal data on our behalf, uses a high level of security measures in order to protect your personal data.

3.3. We may disclose your personal data to external parties with whom we collaborate e.g. licensors, marketing agencies, e-mail service providers and database and website service providers etc. We may also disclose your personal data when we have a legal obligation to do so, e.g. due to anti-money laundering legislation, tax legislation, court orders or requests from government authorities.

3.4. We may transfer and store personal data in countries outside the EU/EEA in order to perform our services. When CREED transfers personal data to such countries, we will ensure that your personal data is adequately protected through the use of relevant safeguards.

4. STORAGE AND DELETION OF PERSONAL DATA

‍4.1. Personal data will only be stored for as long as it is necessary in order for us to fulfil the purposes of the processing, or for as long as we are required to store the information according to applicable legislation and relevant guidelines. The personal data is thereafter erased in accordance with our erasure procedure.

4.2. You may unsubscribe from our newsletters or similar communication at any time. In such event we will no longer store or process your personal data for such purposes.

5. YOUR RIGHTS AS A DATA SUBJECT

‍5.1. CREED is the controller for the processing of your personal data, and as a data subject you have certain rights as regards your personal data. The rights are however not absolute, meaning that there are exceptions to some of the rights where we cannot proceed and fulfill your request.

5.2. As a data subject, you have the following rights:

5.2.1. Right to withdraw your consent – meaning that you have the right to withdraw your consent where CREED process your personal data based on consent;

5.2.2. Right to access – meaning that you have the right to request a confirmation of our processing of your personal data, to receive information about the processing, access the personal data in question, and the right to obtain a copy of your personal data;

5.2.3. Right to rectification – meaning that you have the right to have any incorrect personal data about you as a data subject corrected by us;

5.2.4. Right to erasure – meaning that you have the right to have your personal data erased under certain circumstances. This right is limited, and we may be obligated to save your personal data in accordance with applicable law;

5.2.5. Right to object – meaning that you have the right to object to Creedcast’s processing of your personal data under certain circumstances;

5.2.6. Right to restricted processing – meaning that you have the right to have Creedcast restrict the processing of your personal data, but not delete it; and

5.2.7. Right to data portability – meaning that you may request Creedcast to transfer your personal data to another data controller.

5.3. If you feel that our processing of your personal data does not comply with applicable data protection legislation, you are entitled to lodge a complaint with the Swedish Data Protection Authority (Sw. Datainspektionen).

5.4. Any requests by you as a data subject under this Privacy Policy shall be sent to: mylouise@qast.media

6. LINKS TO THIRD PARTY SITES

Our website, Google Forms, social media channels etc. may contain links to third party sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by Creedcast and, therefore, we strongly advise you to review the privacy policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

7. AMENDMENTS AND ADDITIONS
‍
Creedcast has the right to amend this Privacy Policy from time to time without giving prior notice to such change. The latest version will always be available on Creedcast’s website: www.qast.media, and we advise you to review this Privacy Policy periodically for any changes.