What is the Purpose of GDPR?: GDPR is a European regulation aimed at protecting individuals’ right to privacy and control of their own data. This covers all EU countries, companies dealing with these countries and information about any EU resident, regardless of where the company or entity may be.
What it means for companies and use of Personal Data:
GDPR does NOT mean that collecting, processing or using private data will become illegal or impractical. It only means that companies must be responsible at all times for the personal data they come into contact with.
As a Video Production company, we film/record, edit and produce videos for our clients, which we then transfer via an ftp site (password protected) to our clients.
We do not store Personal Data, other than clients’ email addresses, which are used to contact the client personally and Video Footage files which are explained further on.
We do not share clients contact details with anyone else and our email contacts are as secure as they can be within “Windows 10 Outlook Email” which we constantly update for security reasons.
Any filming/recording which takes place, has been confirmed and booked by our clients,who themselves, have the responsibility to ensure that the person/people taking part in the recordings are fully aware and have given consent to be filmed and for the footage to be used in a Research Capacity. We in turn, are happy to sign any non-disclosure agreement relating to the particular project, that is supplied by the booking client.
As a company, on occasion we use regular and well trusted sub-contractors in different areas of the country, which we have assessed and are all GDPR Compliant or are in the process of becoming fully GDPR compliant and who have always and will continue to use and follow our “Code of Conduct” to the rule. The sub-contracting companies use the same equipment and follow the same data storage and data transfer rules and sites that we adhere to.
Our Professional Digital Video Cameras record to SD Cards, which are then downloaded back at the office and then recorded over at the next recording session.This deletes any of the previous recordings, so there is no risk of any footage or personal data going missing or getting into the wrong hands. Our cameras and all recording equipment are only handled by our own fully trained technicians/cameramen and are transported in our fully secure (standard locks, additional deadlocks and sonic alarms) vehicles and are never left in an unattended vehicle at any time.
We download and keep a copy of the video file in our secure External Hard Drives, for back-up purposes, for a period of time, of which the Admin Office Manager (Gina Roberts) and Head Cameraman (John Roberts) only, have access to.
The secure site that we use to send the video files to our clients is www.wetransfer.com
When transferring video files using “wetransfer.com”, we will always implement the password feature, adding a personal password to each “wetransfer” ftp transfer, ensuring the security of your files, so that only the person requesting the files will receive the password and link for downloading. These files will then be held in our own personal “wetransfer” account and can only be accessed by our Office Manager (Gina Roberts) via a username and password for a period of time (once downloaded by the client) until they are then deleted.
We use www.wetransfer.com to transfer all of our MP4 video and MP3 Audio files to our clients, “WeTransfer” are fully GDPR compliant, please see below statement and article from their own site:-
For larger video files e.g. High Definition Raw Footage, we transfer to an External Hard Drive, either supplied by us or the booking client and the External Hard Drive is then taken by the said client (we request confirmation of who is taking the Hard Drive so that our technician or cameraman know who they are giving the footage to and we/they ensure the correct person receives the Hard Drive on site), so the client or named person, then takes responsibility of the video/audio files.
With regard to clients’ personal e-mails, we at Filming For Research Ltd take our Internet Security very seriously and as such we regularly update our software and also use McAffee Total Protection – for email and internet security.
The GDPR requires you to retain personal data no longer than is necessary for the purpose you obtained it for.
We keep footage files for up to six months to ensure that if our client in some way mislays their footage, or inadvertently deletes it before using it at their end, we can then send them our back-up copy.
We regularly cleanse our Hard Drives of files and footage – any files older than six months are securely deleted from our Hard Drive, which are then rewritten over with new files.