privacy policy
Black Lion Data Protection Policy
Introduction
Black Lion Innovations Group Ltd. (“Black Lion,” “we,” “us,” or “our”) is committed to maintaining the privacy and security of all personal data collected. This Data Protection Policy outlines how we comply with the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). By using Black Lion’s platform, users agree to this policy and consent to the data practices described.
Data Collection and Processing
Black Lion collects and processes personal data to provide our services and enhance the user experience. Categories of data collected include:To tailor your experience and respond to your needs.
Personal Identifiers:
Name, contact information, date of birth, and professional details.
Financial Information:
Bank account details and payment transaction data.
Music and Creative Asset Information:
Data related to music ownership, earnings, and associated metadata.
Technical Data:
IP addresses, device identifiers, browser type, operating system, and usage analytics.
Communications:
Any messages or feedback provided through customer service channels.
We collect data directly from users, automatically through cookies and analytics, and, where applicable, from third-party integrations.
Data Protection Principles
Black Lion adheres to the following principles to protect personal data:Third-Party Disclosure
Lawfulness, Fairness, and Transparency:
Processing is done lawfully, with transparency to users.
Purpose Limitation:
Data is collected only for specific, legitimate purposes and not processed further in incompatible ways.
Data Minimisation:
We limit data to only what is necessary for our services.
Accuracy:
We take steps to keep personal data accurate and up-to-date.
Storage Limitation:
Data is retained only as long as needed for its purpose or as required by law.
Integrity and Confidentiality:
We use technical and organisational measures to protect data from unauthorized access or loss.
Lawful Basis for Processing
Black Lion processes personal data under the following legal bases, as required by the UK GDPR:
Consent:
When users give explicit permission for data processing.
Contractual Necessity:
To fulfill our contractual obligations to users.
Legitimate Interests:
To improve our services, secure our platform, and provide user support.
Data Subject Rights
Under the UK GDPR, users have the following rights regarding their personal data:
Access:
To request access to their personal data and information on how it is processed.
Rectification:
To correct inaccurate data.
Erasure:
To request deletion of their data, under specific conditions.
Restriction:
To restrict the processing of their data under certain circumstances.
Data Portability:
To obtain and transfer their data to another service.
Objection:
To object to data processing for direct marketing or profiling.
Automated Decision-Making and Profiling:
Users have rights related to automated processing of their data.
Users may exercise their rights by contacting us at privacy@blacklionapp.com. We will respond to Data Subject Access Requests (DSARs) within one month.
Security Measures
To protect personal data, Black Lion employs:
Encryption:
For data at rest and in transit.
Access Control:
Role-based access limitations to sensitive data.
Regular Security Audits:
To identify and resolve potential vulnerabilities.
Incident Response:
Documented procedures to respond to data breaches, including notification to the ICO within 72 hours if necessary and to affected individuals if required.
Data Breach Procedures
In case of a data breach:
ICO Notification:
We will notify the Information Commissioner’s Office if required within 72 hours of becoming aware of a breach.
User Notification:
Affected individuals will be informed if the breach poses a high risk to their rights and freedoms.
Corrective Action:
Black Lion will take steps to address the breach and prevent recurrence.
Data Transfers
Data Protection Impact Assessments (DPIAs)
Data Protection Fee
Users may exercise their rights by contacting us at privacy@blacklionapp.com. We will respond to Data Subject Access Requests (DSARs) within one month.
Introduction
Black Lion Innovations Group Ltd. (“Black Lion,” “we,” “us,” or “our”) is committed to maintaining the privacy and security of all personal data collected. This Data Protection Policy outlines how we comply with the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). By using Black Lion’s platform, users agree to this policy and consent to the data practices described.
Data Collection and Processing
Black Lion collects and processes personal data to provide our services and enhance the user experience. Categories of data collected include:To tailor your experience and respond to your needs.
Personal Identifiers:
Name, contact information, date of birth, and professional details.
Financial Information:
Bank account details and payment transaction data.
Music and Creative Asset Information:
Data related to music ownership, earnings, and associated metadata.
Technical Data:
IP addresses, device identifiers, browser type, operating system, and usage analytics.
Communications:
Any messages or feedback provided through customer service channels.
We collect data directly from users, automatically through cookies and analytics, and, where applicable, from third-party integrations.
Data Protection Principles
Black Lion adheres to the following principles to protect personal data:Third-Party Disclosure
Lawfulness, Fairness, and Transparency:
Processing is done lawfully, with transparency to users.
Purpose Limitation:
Data is collected only for specific, legitimate purposes and not processed further in incompatible ways.
Data Minimisation:
We limit data to only what is necessary for our services.
Accuracy:
We take steps to keep personal data accurate and up-to-date.
Storage Limitation:
Data is retained only as long as needed for its purpose or as required by law.
Integrity and Confidentiality:
We use technical and organisational measures to protect data from unauthorized access or loss.
Lawful Basis for Processing
Black Lion processes personal data under the following legal bases, as required by the UK GDPR:
Consent:
When users give explicit permission for data processing.
Contractual Necessity:
To fulfill our contractual obligations to users.
Legitimate Interests:
To improve our services, secure our platform, and provide user support.
Data Subject Rights
Under the UK GDPR, users have the following rights regarding their personal data:
Access:
To request access to their personal data and information on how it is processed.
Rectification:
To correct inaccurate data.
Erasure:
To request deletion of their data, under specific conditions.
Restriction:
To restrict the processing of their data under certain circumstances.
Data Portability:
To obtain and transfer their data to another service.
Objection:
To object to data processing for direct marketing or profiling.
Automated Decision-Making and Profiling:
Users have rights related to automated processing of their data.
Users may exercise their rights by contacting us at privacy@blacklionapp.com. We will respond to Data Subject Access Requests (DSARs) within one month.
Security Measures
To protect personal data, Black Lion employs:
Encryption:
For data at rest and in transit.
Access Control:
Role-based access limitations to sensitive data.
Regular Security Audits:
To identify and resolve potential vulnerabilities.
Incident Response:
Documented procedures to respond to data breaches, including notification to the ICO within 72 hours if necessary and to affected individuals if required.
Data Breach Procedures
In case of a data breach:
ICO Notification:
We will notify the Information Commissioner’s Office if required within 72 hours of becoming aware of a breach.
User Notification:
Affected individuals will be informed if the breach poses a high risk to their rights and freedoms.
Corrective Action:
Black Lion will take steps to address the breach and prevent recurrence.
Data Transfers
Data Protection Impact Assessments (DPIAs)
Data Protection Fee
Users may exercise their rights by contacting us at privacy@blacklionapp.com. We will respond to Data Subject Access Requests (DSARs) within one month.