Privacy Policy

MEDIA WATCHER

The Media Watcher adheres to the principles of data protection as established under the EU General Data Protection Regulation (GDPR) and the UK GDPR. These principles guide our role in supporting the Data Controller in the lawful and responsible processing of Users’ personal data. In accordance with these frameworks, personal data is:

  • Lawfully, fairly, and transparently processed, ensuring data subjects are informed about how their data is used.
  • Collected for explicit and legitimate purposes, and not further processed in a way incompatible with those purposes.
  • Relevant and limited to what is necessary, avoiding excessive data collection.
  • Accurate and, where necessary, updated, with steps taken to correct inaccuracies without delay.
  • Stored no longer than necessary for the purposes for which it was collected.
  • Protected through appropriate security measures to guard against unauthorized access, loss, or damage.
  • Processed with accountability, including supporting data subject rights and maintaining records of processing activities.

PURPOSE OF PROCESSING OF PERSONAL DATA

Enforcement of the Agreement

In the course of delivering services to its Clients, Media Watcher operates as a Data Processor, processing personal data on behalf of and for the benefit of the Client. The processing of personal data is conducted strictly for purposes necessary to:

  • Fulfill the terms and conditions outlined in the Agreement;
  • Deliver the agreed-upon services;
  • Satisfy obligations and exercise rights arising from the Agreement; and
  • Respond to and fulfill User requests as required.

In particular, Media Watcher processes Users’ personal data to support the Client’s compliance with applicable laws, related regulatory requirements, and the Client’s internal due diligence protocols.

Once the personal data is no longer required for these stated purposes, and upon receiving a written request from the Client, Media watcher deletes the data from its systems. No backup copies are retained after the transfer of data to the Client is complete.

Other Legitimate Processing Purposes

Beyond the execution of the Agreement, Media watcher may process personal data based on its legitimate interests, subject to applicable legal requirements and, where necessary, the Client’s prior consent. Such purposes include:

  • Service Enhancement and Fraud Detection: With consent where required, Media watcher may process personal data, including biometric identifiers, to enhance the accuracy and reliability of its identity verification services and to detect and prevent fraud or illicit behavior, particularly through machine learning models and AI-driven analysis.
  • Monitoring for Illicit Activities: As part of its services, Media watcher may verify User data against databases of known illegal activity to identify potential threats. Any suspicious findings are promptly reported to the Client.
  • Profiling and Analytics: For the purposes of compliance and fraud prevention, The Media Watcher may carry out profiling, statistical modeling, and predictive analytics. These may involve aggregating anonymized or pseudonymized data across Users to develop risk insights and support the Client’s decision-making processes.
  • Legal Claims: In specific instances, Media Watcher may retain or process personal data to establish, exercise, or defend legal claims in accordance with applicable law.
  • Compliance and Documentation: Processing is conducted in line with principles of legality and accountability. Media Watcher  ensures a valid legal basis for all processing activities, including in jurisdictions outside the EU/UK, maintaining detailed records to evidence its compliance.

LEGALITY OF PROCESSING OF PERSONAL DATA

Media watcher may process sensitive personal data when the Client has a valid legal basis to do so, as required under applicable data protection laws. Such processing is conducted in accordance with the principles set out in the GDPR and other relevant regulations.

Where Media Watcher processes personal data in pursuit of its own legitimate interests, we rely on Article 6(1)(f) of the GDPR. Our legitimate interest lies in the necessity of conducting internal analysis, and in the ongoing development and improvement of our services. These services are utilized by our Clients to detect fraud, prevent illicit activities, and support efforts to combat money laundering, terrorism financing, and other activities of significant public concern. The processing of personal data for these purposes is consistent with the original objectives for which the data was collected, as the Client’s legal obligations and operational needs in addressing fraudulent or unlawful behavior are aligned with our own legitimate interests.

Additionally, in certain circumstances—such as the initiation or anticipation of legal claims, investigations, or regulatory obligations—Media Watcher may be required to retain and process personal data under a legal preservation requirement, often referred to as a “litigation hold.” In such cases, Media Watcher relies on Article 6(1)(c) of the GDPR, which permits the processing of personal data when necessary for compliance with a legal obligation.

RETENTION PERIOD

Personal data is retained only for as long as necessary to fulfill the specific purpose for which it was collected. Our Clients determine the duration of storage and initiate deletion once that purpose is met. If you wish to request deletion of your data, please contact the Client who initiated your verification.

Biometric and other personal data processed by Media Watcher will be securely deleted once the retention purpose expires, or after six (6) months from your last interaction—whichever comes first.

DATA SUBJECT RIGHTS

Right of Access – You can request to know if your data is being processed and get a copy of it.

Right to Rectification – You can ask for inaccurate or incomplete data to be corrected.

Right to Erasure (“Right to be Forgotten”) – You can request your data to be deleted under specific conditions.

Right to Restrict Processing – You can ask for your data to only be used in limited ways under certain situations.

Right to Be Informed – You must be notified when your data is corrected, deleted, or its use is restricted.

Right to Data Portability – You can receive your data in a readable format and transfer it to another service.

Right to Object – You can object to how your data is being used if it’s based on legitimate or public interest.

Right Not to Be Subject to Automated Decisions – You can refuse decisions made only by automated systems unless exceptions apply.

Right to Lodge a Complaint – You can file a complaint with a data protection authority if you believe your rights have been violated.

Exercising Your Data Rights

If you wish to exercise any of the data protection rights outlined above, or if you would like Media Watcher to forward your request to the appropriate Client who holds or controls your data, you may contact us via email at_______________. Alternatively, you may use our designated online form, where available, to submit your request directly.

Once we receive your request, we will acknowledge and respond within one calendar month. In some cases, where requests are particularly complex or involve multiple submissions, this period may be extended by an additional two months. Should an extension be necessary, we will notify you within the initial month, providing the reasons for the delay and an estimated timeline for resolution.

Please be aware that we may need to verify your identity before taking further steps with your request. This verification is an important safeguard to ensure your personal data is not disclosed or altered without proper authorization. We may request additional documentation or confirmation to confirm your identity or your authority to act on behalf of another individual. This requirement may be based on our legal responsibilities or at the direction of the relevant Client.

In most cases, submitting a data rights request is free of charge. However, if we determine that a request is manifestly unfounded, excessive, or repetitive, we reserve the right to charge a reasonable administrative fee to cover the associated costs. In certain situations, we may also decline to act on the request if justified under applicable law, and in such cases, we will inform you of the reasons for our decision.

APPOINTMENT OF DATA PROTECTION OFFICER

Media Watcher takes data protection seriously and is accountable for implementing and maintaining policies and procedures designed to ensure full compliance with applicable data protection laws, including both the EU General Data Protection Regulation (GDPR) and the UK GDPR. We regularly review and update our practices to align with evolving legal requirements and best practices in privacy management.

If you have any questions, concerns, or inquiries related to how we handle personal data or how we comply with data protection laws, you may contact our Data Protection Officer (DPO) directly. The DPO is responsible for overseeing Media Watcher’s data protection strategy and ensuring that we meet our legal obligations. You may reach our DPO at _____________

THIRD PARTY PROCESSORS

When Media Watcher engages third-party companies to process personal data on its behalf, we retain full responsibility for the security and proper handling of that data. We are committed to ensuring that any third-party processor we work with upholds the same high standards of data protection that we adhere to.

Before entering into a partnership with any third-party processor, Media Watcher thoroughly evaluates their ability to provide adequate guarantees regarding the security and confidentiality of personal data. This includes assessing their data protection practices, security measures, and compliance with applicable privacy laws.

To formalize the relationship and ensure data protection requirements are met, Media Watcher signs a written agreement with each third-party processor. This agreement outlines the types of personal data to be processed, the specific purposes for which the data will be used, and other necessary provisions to ensure compliance with data protection laws. These provisions are designed to safeguard personal data and ensure it is handled in accordance with applicable regulations.

BREACH OF PERSONAL DATA

In the event of a personal data breach, or if a breach is suspected, The Media Watcher will take immediate action to address the situation. The incident will be promptly reported to our Data Protection Officer (DPO) or the Director for further investigation and handling.

Depending on the nature and severity of the breach, Media Watcher will notify the relevant data protection authority as required by law, as well as the affected Client, and, where necessary, the individual(s) whose personal data has been compromised. This notification will occur as soon as possible and within the statutory timelines set by applicable data protection laws, including the EU GDPR and UK GDPR.

The breach report will include a thorough description of the incident, including its causes, the scope and severity of the breach, and the types of personal data affected. Additionally, the  report will outline the corrective actions that are being taken to address the breach and prevent similar incidents in the future.

Media Watcher is committed to supporting the affected Client throughout the process, ensuring that all necessary measures are taken to mitigate the impact of the breach. This may include further security measures, communication with affected individuals, and working with relevant authorities to ensure proper resolution.

INTERNATIONAL TRANSFER OF DATA

Media Watcher ensures that personal data collected from Data Subjects is primarily processed and stored on servers located within the European Union (EU), in full compliance with applicable local data localization requirements. Where necessary, Clients may have the option to choose the geographical location for data processing to meet their own legal and regulatory obligations.

In certain circumstances, Media Watcher may transfer personal data outside the EU/EEA or the United Kingdom to facilitate efficient service delivery, enable communication with third parties, or meet specific operational needs. When such international data transfers are required, Media Watcher applies the appropriate safeguards as defined in Chapter V of the EU GDPR and corresponding provisions of the UK GDPR.

These safeguards may include:

  • The EU Commission’s Adequacy Decisions or UK Adequacy Regulations, recognizing that the destination country provides an adequate level of data protection;
  • The use of Standard Contractual Clauses (SCCs) adopted by the European Commission or the UK’s Information Commissioner’s Office (ICO);
  • Implementation of Binding Corporate Rules (BCRs) for intra-group transfers where applicable.

All third-party processors or recipients involved in cross-border data transfers are contractually bound to comply with these safeguards, ensuring that personal data continues to be handled lawfully, securely, and in line with the expectations of both Clients and Data Subjects.

Additionally, data transfers from the UK to the EU/EEA are currently permitted under UK regulations, and Media Watcher continuously monitors legal developments to ensure ongoing compliance with evolving cross-border data protection requirements.

Changes to This Privacy Notice

Media Watcher regularly reviews and updates this Privacy Notice to ensure it remains compliant with applicable data protection laws. We reserve the right to amend this Notice at any time. Any updates will take effect immediately upon being published on our website.

We encourage users to review this Privacy Notice periodically to stay informed about how we protect your information. By continuing to use our services after changes are made, you acknowledge and agree to the updated terms.

To request a previous version of this Privacy Notice, please contact us at ____________Our legal and technical support teams are available 24/7 to assist you.