Privacy Policy


The General Data Protection Regulation (GDPR) came into force in May 2018 and replaced the 1998 Data Protection Act (DPA). It’s a very important piece of legislation that affects Splinter Motion, its clients and suppliers. This Privacy Notice explains in detail the types of personal data Splinter Motion may collect when we interact with you. It also explains the steps we have taken to process that data and keep it safe. We hope the following sections will answer any questions you have but if not, please do get in touch with us.

About Splinter Motion

Splinter Motion are an agency supplying creative support to other businesses and offering creative services. Our in-house designers offer a very diverse skillset that can be used to assist with your project.


Explaining the legal basis for processing your data

Splinter Motion must have a valid lawful basis in order to process personal data. The first principle of data protection law requires that Splinter Motion processes all personal data lawfully, fairly and in a transparent manner.

We have listed and evaluated our processing and made a record of the lawful basis for processing.

In most situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business, and which does not materially impact your rights, freedom or interests. In specific situations, we can collect and process your data with your consent. For example, if we request contact details to set up a client meeting or collaboration session.


What sort of data do we collect?

The bulk of our processing activity is concerned with name, address data and contact data that has been passed to us by our clients for the purpose of delivering creative services. That means we may store your phone number and email address to help manage the process.


How we protect your data

Splinter Motion has implemented a series of technical and organisational security measures to keep your data safe.

We use certified cloud services with data centres that meet international standards and have up to date cyber security systems to help keep intruders at bay.

Splinter Motion members have had information security training which is kept on record.

New starters naturally received the same training.

Our use of cloud computing suppliers is subject to checks that adequate safeguards have been put in place to protect your data.


How long do we keep your data?

Data is processed in Splinter Motion systems for the purpose of delivering creative services to our clients. This data will be stored against the client company support profile for the duration of the contract with the client.


Where do we store your data?

Our data centres are in Europe. In addition, we use “cloud computing” providers such as Google and Microsoft for services such as email.


What are your rights over your personal data?

You have the right to request:


  • Access to the personal data we hold about you, free of charge in most cases. This is also known as a Subject Access request.
  • The correction of your personal data when incorrect, out of date or incomplete.
  • That we stop any consent-based processing of your personal data after you withdraw that consent.
  • That your data be deleted from our systems.


You have the right to request a copy of any information about you that Splinter Motion holds at any time, and also to have that information corrected if it is inaccurate.

To ask for your information, please email:

Creative Director, Splinter Motion:

If we choose not to action your request, we will explain to you the reasons for our refusal.


Your right to withdraw consent

If you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent. Where we rely on our legitimate interest: In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.


Proof of identity

We require proof of your identity before we can disclose personal data. Proof of your identity should include a copy of two documents such as your birth certificate, passport, driving licence, official letter addressed to you at your address e.g. bank statement, recent utilities bill or council tax bill.