Privacy Notice For Caroline Davidson Literary Agency (Authors)

 

INTRODUCTION

This Privacy Notice (Privacy Notice), together with our Cookie Policy, sets out the ways in which Caroline Davidson Literary Agency (we, us, our) collects and uses and shares your personal data (your information) in connection with our business. It also explains what rights you have to access or change your personal data.

​

Under the General Data Protection Regulation (GDPR) which comes into force 25 May 2018 we are data controllers and data processors of your information. We are called controllers because we make decisions about how your data is used, and we also process your data when we carry out basic activities like storing, deleting and changing the information we hold.

​

We take your privacy and our responsibility to protect your information very seriously. Read our Privacy Notice to understand:

​

• Who we are

• Our policy on children accessing our website

• Information we may collect about you

• How we use information about you and recipients of your information

• Who we might share your information with

• Third-party links

• How we look after your information and how long we keep it for

• International transfers of your information

• Your rights to the information we hold about you

• Changes to this privacy notice and your duty to inform us of changes in your personal information

 

WHO WE ARE

Caroline Davidson Literary Agency (CDLA) is a literary agency. You can contact us as follows:

​

FAO:  

 

Address:     

                    

                   

 

Email:        

                   

 

OUR POLICY ON CHILDREN ACCESSING OUR WEBSITE

Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13. If you are under the age of 13, please do not access our website at any time or in any manner.

 

INFORMATION WE MAY COLLECT ABOUT YOU

Information that you provide to us

​

We will collect information that you provide to us when you:

​

• correspond with us by phone, email or post;

• interact with us in person;

• submit typescripts or other content to us by post and email;

       Please note our submission guidelines, for fiction and non-fiction, state we do not accept submissions by email.

• enter into a contract with us to represent you;

• sign a book contract that we have negotiated for you, including the sale of subsidiary rights; and

• give us links to reviews, articles, features and media coverage about you and/or your work.

​

Your information includes anything which identifies you, including your contributions to a blog or other user-generated content. Please be aware these contributions may include personal information that is more implicit then explicit.

​

If you provide us with more sensitive information this is known as Special Category “Sensitive” information. This may include details about your racial or ethnic origin, political opinions, religious, philosophical or similar beliefs, trade union membership, genetics, biometrics, health, sexual life, sexual orientation or about criminal offences or proceedings.  This type of information is not actively collected by CDLA, but if it is provided to us it will be treated with respect. This information will only be used with your explicit consent; however, there may be occasions when we have a legal obligation to share this information without your prior consent.

 

The information you provide to us is dependent on the circumstances. For example,

​

• as part of the submission process we ask you to provide a CV or résumé. This will include:

  • identity and contact data such as your name, address, email address and phone number(s);

  • additional information which adds background and supports your submission. This information could include your academic and work history, qualifications, travelling, skills, projects and research that you are involved in; and

• if we represent you, you may also need to provide us with your bank details, VAT and tax information, immigration and residency information, your existing contracts (and related correspondence) with publishers or other licensees of your work.

​

Information we collect about you:

​

• we will collect any information contained in any correspondence between us. For example, if you contact us by email, post or telephone, we may keep a record of that correspondence; and

• we will also unintentionally collect certain information about how you use our website and the device that you use to access our website through the deployment of cookies. The information collected is wide ranging and might include your geographical location, device information (such as your hardware model, mobile network information, unique device identifiers), the data transmitted by your browser (such as your IP address, date and type of request, content of the request regarding the specific site, time zone settings, access status/HTTP status code, volume of data transmitted, browser type and version, language-setting, time zone settings referral source, length of visit to the website, date and time of request, operating system and interface) number of page views, the search queries you make on the website and similar information. This occurs even though our website does not allow you to create an account and/or log on, and the information gathered is not used by CDLA. For more information on cookies please read CDLA’s Cookie Policy.

​

Information we receive from third parties

​

In certain circumstances, we will receive information about you from third parties. For example:

​

• if we represent you, you will normally authorise us to receive information about you from your publishers and other licensees such as information about your contracts, performance, royalties and other payments. These publishers and other licensees may be based inside or outside the EU;

• if you are the co-author or co-contributor of a typescript, your co-author(s) or co-contributor(s) will be required to provide us with information about you. The co-author(s) and co-contributor(s) may be based inside or outside the EU; and

• if you submit a typescript to us for our review, we may use third party providers to verify the information that you provide to us in connection with that submission. These third party providers include internet search engines; for example, we may use Google to identify which websites would be best employed to confirm your publication history. These websites may be hosted inside or outside the EU.

​

We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from them.

​

HOW WE USE INFORMATION ABOUT YOU AND RECIPIENTS OF YOUR INFORMATION

We use your information lawfully. We do not sell your information to third parties. However we may share your information as set out in the section, Who We Might Share Your Information With.

​

We will use your information for the purposes listed below either on the basis of:

​

• performance of your contract with us and the provision of our services to you;

• your consent (where we request it);

• where we need to comply with a legal or regulatory obligation; or

• our legitimate interests or those of a third party. Please see below for further clarification on this point.

​

We use your information for the following purposes to:

​

• manage our relationship with you, which will include notifying you about changes to our terms of use or privacy policy (on the basis of performing our contract with you and on the basis of our legitimate interests to keep our records up-to-date;

• contact you and manage and facilitate our business relationship with you, including (if we represent you) the administration of your contract with us. This includes administration of any contracts with third parties when we represent you on such contracts. The information is required on the basis of our legitimate interests in maintaining our business contracts, in addition to our need to meet our contractual obligations to you;

• protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so); and

• enable us to comply with our policies and procedures and enforce our legal rights, and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).

​

Legitimate interests

As outlined above sometimes we will use your information on the basis of our legitimate business interests (legitimate interests). This means our legitimate interests in conducting and managing our business and our relationship with you. We may use your information for the purposes listed below on the basis of our legitimate interests to:

​

• contact you about submissions you made or content you provided to us;

• respond to your queries and correspondence;

• administer your account with us; and

• operate a safe and lawful business or where we have a legal obligation.

​

Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).

​

If you have any concerns about our processing, you have rights and choices which include the right to object on the basis of our legitimate interests. You also have the right to withdraw your consent for our use of your information in reliance of your consent. Please refer to the section Your Rights to the Information We Hold About You. This section can be found below.

​

WHO WE MIGHT SHARE YOUR INFORMATION WITH

Your information may be processed by us or by the staff of a third party we work with to deliver our business. Processing can mean any activity that involves the use of information about someone that can identify them. All uses, for example, obtaining, recording, storing, organising, retrieving, deleting and destroying are types of data processing. We take measures to ensure that third parties processing your information on our behalf are acting lawfully in accordance with our instructions and are subject to appropriate confidentiality requirements.

​

In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties such as:

​

• third parties we use to deliver our business, for example, Wix who host our website. The Privacy Policy for Wix.com can be found here;

• if we represent you, any publishers or other licensees of your work (or prospective publishers and licensees) as well as sub- or co-agents and advisors (such as your solicitor or accountant);

• our financial services and payment service providers;

• any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets; and

• any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or where such disclosure may be permitted or required by law of the UK and/or other countries, or where we have a legal obligation to do so.

​

We require third parties to maintain appropriate security to protect your information from unauthorised access or processing. These third parties may be based inside or outside the EU.

​

THIRD-PARTY LINKS

This website may include links to third-party websites, plug-ins and applications. Clicking on those or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

​

HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR

We look for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:

​

• ensuring the physical security of our office and archive; and

• limiting access to your personal information to those in our business who need to use it in the course of their work.

​

We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,

​

• we archive our paper correspondence regularly and destroy unnecessary information;

• deleted emails are deleted regularly;

• we retain information relating to commercial contracts, including sub-contracts, royalties and the associated correspondence for the period the author remains with CDLA and/or CDLA is doing work on their behalf;

• we retain information relating to submissions for as long as necessary. We try to respond to submissions within three weeks of receipt. Where possible and/or applicable the submission is sent back. Any submissions which cannot be sent back are destroyed. CDLA does not keep a record of submissions received and/or sent back; and

• we destroy unpublished typescripts and related correspondence if the author is no longer under contract to CDLA. However, we may permanently keep a log summarising details of these in the event of a legal claim.

​

Please note our submission guidelines, for fiction and non-fiction, state we do not accept submissions by email. Any unsolicited submissions by email are deleted on receipt.

​

INTERNATIONAL TRANSFERS OF YOUR INFORMATION

Our business is located in the UK.

​

We will transfer your personal data outside the European Economic Area (EEA) where necessary for us to perform our contract with (if we represent you) such as by way of sharing your personal data with licensees or purchasers of your Work or sub- and co-agents (as applicable and including prospective parties).

​

Whenever we transfer your personal data out of the EEA (other than a necessary to perform our contract with you), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:

​

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries ; 

• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, European Commission: Model contracts for the transfer of personal data to third countries; and

• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

​

A list of the countries outside of the EEA to which we may transfer your personal information is available here.

​

YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU 

You have certain rights in respect of the information that we hold about you, including:

​

• the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Notice;

• the right to request access to the information that we hold about you;

• in certain circumstances, the right to receive a copy of any information we hold about you;

• the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;

• the right to withdraw your consent for our use of your information in reliance of your consent (refer to the section subtitled How We Use Information About You And Recipients Of Your Information to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Notice;

• the right to object to our using your information on the basis of our legitimate interests (refer the section subtitled How We Use Information About You And Recipients Of Your Information to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;

• in certain circumstances, the right to ask us to limit or stop processing information about you, or erase information we hold about you; and

• the right to lodge a complaint about us to the UK Information Commissioner’s Office, as well as with the relevant authority in your country of work or residence.

​

Please note that we may need to retain certain information for our own record-keeping purposes.

​

How to exercise your rights and help CDLA in the way that you do

You may contact us via the details at the top of this Privacy Notice if you wish to action any of these additional rights and we will comply with your requests unless we have a lawful reason not to do so. CDLA’s contact details can be found at the beginning of this Privacy Notice, and they are also on our website and in our email signatures.

​

The best way to make a request is to send them in a detailed and clear letter.

​

What we need from you to process your requests

We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

​

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

​

It might be best to make one request at a time because our response to your initial query may provide sufficient information to answer all your queries.

​

CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES

We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.

​

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your profile account information or contacting us via the contact details at the top of this Privacy Notice.

​

This Privacy Notice was adapted from the template provided by the Association of Authors’ Agents, issued 16 May 2018, and Hachette’s Privacy Notice of 23 April 2018 which can be found on their website.

​

This Privacy Notice was updated on 24 May 2018.