PRIVACY POLICY

Syncsmith Ltd
Last Updated: 3rd March 2025

1. INTRODUCTION

1.1 This Privacy Policy explains how Syncsmith Ltd (“Syncsmith”, “we”, “us”, or “our”) collects, uses, stores and protects personal data when individuals interact with us, including through our website and in the course of our business activities.

1.2 Syncsmith Ltd is a music supervision agency incorporated in England and Wales and operates internationally in connection with the sourcing, licensing and supervision of musical works for film, television, advertising, digital media and related projects.

1.3 We are committed to ensuring that personal data is handled in accordance with applicable data protection legislation, including:

  • The UK General Data Protection Regulation (“UK GDPR”);

  • The Data Protection Act 2018;

  • Where applicable, the EU General Data Protection Regulation (“EU GDPR”); and

  • Other relevant international data protection laws.

1.4 This Privacy Policy applies to all individuals who interact with us, including but not limited to artists, composers, rights holders, clients, website users and newsletter subscribers.

2. DATA CONTROLLER

2.1 For the purposes of applicable data protection law, the Data Controller is: Syncsmith Ltd, 13 Innox Hill, Frome, BA11 2LW. United Kingdom. For all data protection enquiries, please contact the Data Controller.

2.2 Syncsmith Ltd is the data controller responsible for your personal data for the purposes of applicable data protection law.

3. CATEGORIES OF PERSONAL DATA

3.1 In the course of our business activities, we may collect and process the following categories of personal data:

3.2 Artists, Composers and Rights Holders - We may collect:

  • Full name and professional name;

  • Contact details, including email address and telephone number;

  • Company, publisher or management details;

  • Performing rights organisation (PRO) affiliation;

  • Music metadata and submission materials;

  • Territory or rights ownership information where relevant to licensing;

  • Links to portfolios, streaming services and social media profiles;

  • Contractual documentation;

  • Financial and payment information where required for licensing or payment purposes.

3.3 Clients (Production Companies, Brands and Agencies) - We may collect:

  • Names and job titles of representatives;

  • Business contact information;

  • Project details and production information;

  • Contractual documentation;

  • Billing and invoicing information.

3.4 Website Users - When you visit our website, we may automatically collect:

  • IP address;

  • Approximate geographic location derived from IP address;

  • Browser type and version;

  • Device information;

  • Pages visited and time spent;

  • Referral source;

  • Cookie and analytics data.

3.5 Newsletter Subscribers - Where you subscribe to receive communications from us, we collect:

  • Name;

  • Email address;

  • Communication preferences.

4. HOW WE COLLECT PERSONAL DATA

4.1 We collect personal data:

  • Directly from you via website forms and music submission portals;

  • Through email and written correspondence;

  • During negotiations and contractual arrangements;

  • Through industry networking and professional referrals;

  • Through publicly available industry databases and professional directories;

  • Through analytics and cookie technologies used on our website.

4.2 Where we obtain personal data from publicly available sources (such as professional directories) we will use it only in accordance with this Privacy Policy and applicable law.

5. PURPOSES OF PROCESSING AND LAWFUL BASIS

5.1 We process personal data only where we have a lawful basis to do so. The lawful bases on which we rely under UK GDPR include:

a.    Contractual Necessity - We process personal data where necessary to:

  • Evaluate music submissions;

  • Identify suitable works for audiovisual projects;

  • Negotiate and administer sync licensing agreements;

  • Manage contractual relationships;

  • Process payments and financial transactions.

b.    Legitimate Interests - We may process personal data where it is necessary for our legitimate business interests, including:

  • Maintaining industry databases and records;

  • Communicating regarding potential projects or collaborations;

  • Improving our services and website functionality;

  • Protecting the integrity and security of our systems.

c.     Consent - You may withdraw your consent at any time without affecting the lawfulness of prior processing. We rely on consent for:

  • Sending marketing communications and newsletters;

  • Placing non-essential cookies on your device.

5.2 We may process personal data where required to comply with legal or regulatory obligations, including tax and accounting requirements.

5.3 We may contact industry professionals regarding potential projects or collaborations where it is reasonable to do so in a professional context.

6. MUSIC SUBMISSIONS

6.1 Where individuals submit musical works or related materials to Syncsmith Ltd:

  • We process associated personal data for the purpose of evaluating suitability for current or future projects.

  • Submission of materials does not create any contractual obligation or representation agreement unless expressly agreed in writing.

  • We do not acquire ownership of submitted works through submission alone.

  • Submission data may be retained for consideration in future opportunities unless a request for deletion is received and retention is not required for legitimate business purposes.

7. MARKETING COMMUNICATIONS

7.1 Where you have opted to receive marketing communications from us, we may send periodic updates, industry news or opportunities relevant to our services.

7.2 All electronic marketing communications comply with the Privacy and Electronic Communications Regulations (PECR). Each communication will contain a clear mechanism to unsubscribe. Individuals may also opt out of marketing communications at any time by contacting us directly.

7.3 We do not sell, rent or trade personal data to third parties for marketing purposes.

8. DATA SHARING

8.1 We may share personal data with the following categories of recipients where necessary for the purposes described in this Privacy Policy:

  • Clients and production partners in connection with music licensing and project evaluation;

  • Professional advisers including lawyers, accountants and auditors;

  • Technology and service providers who support our operations;

  • Regulatory authorities or law enforcement where required by law.

8.2 We do not sell personal data.

9. DATA STORAGE AND SECURITY

9.1 We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or alteration.

9.2 Data may be stored using secure third-party service providers, including but not limited to:

  • Google Workspace;

  • Cloud storage platforms;

  • Email marketing providers;

  • Contract management systems.

9.3 Access to personal data is restricted to authorised personnel on a need-to-know basis.

9.4 While we take reasonable steps to safeguard data, no system can guarantee absolute security.

9.5 Some service providers we use may process personal data outside the United Kingdom or European Economic Area. Where this occurs, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses or equivalent safeguards recognised under applicable data protection law.

10. DATA RETENTION

10.1 We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Contractual and financial records: typically retained for 6–7 years;

  • Music submissions: retained for potential future opportunities unless deletion is requested;

  • Marketing data: retained until consent is withdrawn or the individual unsubscribes.

10.2 Retention periods may vary depending on legal, accounting, contractual or operational requirements.

11. YOUR RIGHTS

11.1 Under applicable data protection law, you have the right to:

  • Request access to your personal data;

  • Request rectification of inaccurate or incomplete data;

  • Request erasure where appropriate;

  • Request restriction of processing;

  • Object to processing based on legitimate interests;

  • Request data portability;

  • Withdraw consent at any time where processing is based on consent.

  • The right not to be subject to automated decision-making where applicable.

  • Lodge a complaint with the Information Commissioner’s Office (ICO).

11.2 Requests may be made by contacting us using the details provided above.

11.3 We will respond to valid requests within one month in accordance with applicable data protection law.

12. COMPLAINTS

12.1 If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). Further information can be found at www.ico.org.uk. We encourage individuals to contact us first so we can attempt to resolve concerns directly.

13. THIRD-PARTY LINKS

13.1 Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of such external sites.

14. CHANGES TO THIS POLICY

14.1 We may update this Privacy Policy from time to time to reflect legal, regulatory or operational changes. The updated version will be published on our website with a revised “Last Updated” date.