Privacy Policy

Rooster

PRIVACY POLICY

At Aardman we respect your privacy, and we are committed to keeping all your personal data secure. This Privacy Policy explains how we collect and use personal data in connection with this website.

Contents

  1. Introduction
  2. Children
  3. Information we may collect from you
  4. Information we may receive from other sources
  5. Special categories of personal data
  6. Cookies
  7. Lawful processing of your personal data
  8. Uses made of your personal data
  9. Competitions
  10. Marketing
  11. Disclosure of your information
  12. Where we transfer and store your personal data
  13. How we safeguard your information
  14. Internet risks
  15. How long we keep your personal data
  16. Your rights
  17. Other websites
  18. Cookies policy
  19. Contact
  20. Changes to our Privacy Policy
1 Introduction

This site at https://www.shaunthesheep.com/ (including any related online or mobile site) (the “site”) is operated by Aardman Animations Limited (“Aardman”, “we”, “us” or “our”). We are a company registered in the UK with company number 02050843 and with our registered office at Gas Ferry Road, Bristol, BS1 6UN.

For the purposes of applicable data protection laws, including the UK GDPR (as defined by section 3(1) of the Data Protection Act 2018), and/or any equivalent data protection laws that apply in England and Wales, Aardman is a “controller”. That means that we retain control over, and are responsible for, all personal data collected on this site and must ensure that we use those personal data in compliance with data protection laws.

In this Privacy Policy, “personal data” or “personal information” means any data about a living individual who can be identified either from those data alone, or from those data when combined with other information that is in the possession of, or is likely to come into the possession of, us (or our representatives or service providers). In addition to factual information, it may also include digital or online identifiers like IP addresses, any expression of opinion about an individual and any indication of our intentions or the intentions of any other person in respect of an individual.

Please read this Privacy Policy carefully to understand our views and practices regarding your personal information and how we will treat it. By continuing to use this site, you acknowledge our collection, storage and use of your personal information as described below.

2 Children

For children

We don’t usually collect or use any information about you.

If we’ve asked for your personal details (such as when you enter a competition), we hope you have read and understood the explanation we gave you.

If you have any queries, please ask your parent or guardian. Or else you can email us with your query at privacy@aardman.com.

For adults

We do not generally seek to collect personal data from children under the age of majority (which is 18 in the UK), nor from children under the age at which a parent’s or guardian’s consent is required (which is 13 in the UK). We will only collect personal data from children for specific, limited purposes, such as competitions. If we do seek personal data from children, we will use separate, specific privacy notices for that collection, which will govern the use of those data. If there is no separate privacy notice in place and it becomes apparent to us that children have in fact sent personal data to us (contained in an email for example), the information will be deleted.

If you believe your child has provided us with personal details without your permission and you would like to have those details deleted, please contact us as described below.

3 Information we may collect from you

We may collect the following data from you during your visit to the site:

  • personal data you provide by filling in forms on this site, including personal data provided at the time of registering for any of our newsletters and mailing lists (for example, first name, last name and email address);
  • personal data you provide when reporting a problem with this site or requesting technical support;
  • personal data you provide when submitting user-generated content for our AardBoiled service;
  • personal data you provide when entering a competition, prize draw, promotion or survey;
  • personal data you provide to us if you contact us for any other reason;
  • details of your visits to this site, including traffic data, location data and other communications data and the resources that you access; and
  • information about your browser version, operating system and screen resolution.
4 Information we may receive from other sources

Occasionally we may receive information about you (including personal data) from other sources. For example:

If there is a separate privacy notice governing the collection of your data, then that privacy notice will apply. If there is no separate privacy notice, or to the extent that such notice does not provide information equivalent to the information set out in this Privacy Policy, then we will process information about you that we receive from third parties and/or other sources in accordance with this Privacy Policy.

Where we need to collect personal data by law, or under the terms of a contract that we have with you and you fail to provide that data when requested, we may not be able to perform the contract that we have or are trying to enter into with you. If so, we shall notify you if that is the case at the time.

5 Special categories of personal data

We do not seek to collect any special categories of personal data about you: those would include details of a person’s race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health information, genetic and biometric data and information about criminal convictions and offences.

If, however, when using any interactive feature of the site (such as an online contact form or questionnaire), you in fact provide us with any such special data or information about criminal convictions and offences, then by submitting such data/information, we’ll assume that you are happy for us to use such data/information for (a) the purpose for which you have voluntarily provided such data/information and (b) any purpose that is reasonably compatible with such purpose. You may withdraw that permission at any time by contacting us.

6 Cookies

A ‘cookie’ is a small text file of letters and numbers that we store on your browser or the hard drive of your computer when you access and use our site if you agree. Cookies contain information that is transferred to your device.

For detailed information on the cookies we use and the purposes for which we use them, please see our cookies policy at section 18 below.

7 Lawful processing of your personal data

However we use your personal data, we make sure that our use complies with lawful bases for using or processing your personal data. We may rely on one or more of these bases when we process your personal data. The bases include where:

  • we need to process your personal data in order to perform our contractual obligations to you;
  • we have obtained your consent – please note that, if we need your consent for a particular purpose of processing and you do not give us consent (or if you give it but then withdraw it), then we will not process (or continue to process) your personal data for that purpose;
  • we need to process your personal data in order to discharge our legal and regulatory obligations;
  • we need to process your personal data in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings; or
  • the use of your personal data as described is necessary for our legitimate interests, such as:

    • allowing us to manage and administer the operation of our business effectively and efficiently;
    • maintaining compliance with internal policies and procedures;
    • monitoring the use of our copyrighted materials;
    • enabling quick and easy access to information on our products, content and services;
    • offering up-to-date security solutions for mobile devices and IT systems; and
    • obtaining further knowledge of current threats to network security in order to update our security solutions and to provide those to the market.

If we are processing your personal data because this is necessary for our legitimate interests, then we may continue to do so unless you have a right to object to this (please see “Your rights” at section 16 below).

Please note that, if we need to process your personal data in order to operate the site and/or to provide our products, content and services, and you object or (if we require consent) you do not consent to our processing your personal data, then the site and/or those goods and services may not be available to you.

8 Uses made of your personal data

Your personal data may be stored and processed by us for the purposes listed below and in accordance with the lawful bases listed below.

Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific lawful bases we are relying on to process your personal data where more than one ground has been set out below.

Purpose/activity

Lawful bases for processing

To provide the site and to ensure that content from the site is presented in an effective and user-friendly manner for you and for your device.

Necessary for our legitimate interests (for running our site, to keep our site updated and relevant, customer interaction and customer relations and the provision of administration and IT services).

To investigate and address any comments, queries or complaints, or to fix any problems, notified to us by you or other users of the site.

  1. Necessary for our legitimate interests (customer interaction and customer relations, provision of IT support, technical administration and maintenance).
  2. Consent (in respect of special categories of personal data only, and only if you have provided this to us, seesection 5 above).

To encourage and allow you to participate in interactive features on our site, including competitions, prize draws, promotions or surveys (for which see section 9 below), when you choose to do so.

  1. Performance of a contract with you.
  2. Necessary for our legitimate interests (to study how people use our site and interactive features, to help us develop those and to address any issues people experience in using those, and for the promotion and popularity of our site and brands).
  3. Consent (in respect of special categories of personal data only, and only if you have provided this to us, see section 5 above).

For ongoing review and improvement of our site and its security, including technical analysis and statistical monitoring to detect and prevent any potential disruptions, system failures, cyber-attacks or malicious data from affecting our IT systems or any data held by us.

Necessary for our legitimate interests (for running our site, analysis of site and business performance, the provision of administration and IT services, network security and the protection of our site, systems and data).

To conduct research, statistical analysis and behavioural analysis on our site users and their behaviour (including anonymizing data for those purposes), and to create and share insights based on aggregated, anonymous data collected through such research and analysis (provided that individual users are not identifiable from such insights).

Necessary for our legitimate interests (to study how people use our site and interactive features and to create and share anonymised insights with business partners and third parties).

For the management and administration of our business.

  1. Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of any business reorganisation or group restructuring exercise).
  2. Performance of a contract with you (for example if you are a company that we are doing business with).

To disclose your information to specified third parties as permitted by this Privacy Policy (see section 11 below).

  1. Performance of a contract with you.
  2. Necessary for our legitimate interests (for running our business, provision of services and detection and prevention of issues affecting our business).

In order to comply with and/or assess compliance with applicable laws, rules and regulations, and our internal policies and procedures, which includes processing personal data as reasonably required in order to establish, exercise or defend legal claims or for the purpose of legal proceedings.

  1. Necessary to comply with our legal obligations.
  2. Necessary to establish, exercise or defend legal claims or for the purpose of legal proceedings.
  3. Necessary for our legitimate interests (to comply with our internal policies and procedures).

Change of purpose
We shall only use your personal data for the purposes for which we collected the data, unless we reasonably consider that we need to use such data for another reason and that reason is compatible with the original purpose. If you would like to get an explanation of how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we shall notify you and we will explain the legal basis on which we intend to rely.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, if and to the extent that this is required or permitted by law.

9 Competitions

From time to time we may run competitions, prize draws, promotions or surveys (referred to here collectively as “competitions”).

We may well need to process your personal data for you to take part in competitions and, if you are a winner, to contact you about your prize (including sending prizes to you through a postal service or courier) and use your details in accordance with the following paragraph. We will not use your personal data for any other purpose, including sharing it with third parties (besides postal services or couriers), unless we have notified you of this separately in writing before doing so.

The winner’s first name may be posted on our websites and/or social media channels that relate to the competition. In addition, under applicable competition rules (including the CAP code), a winner’s first name, surname and county must be made available to individuals who request this information within a certain period after a competition has ended (usually around thirty (30) days). We will make this information available in accordance with the CAP code as it is in our legitimate interests to comply with applicable competition rules. Further information about the CAP code is available at https://www.asa.org.uk/about-asa-and-cap.html. If you have any questions about how we run competitions please email privacy@aardman.com.

We may issue a separate privacy notice for a specific competition, which sets out how we will use personal data for that competition. In those circumstances we will provide you with the separate privacy notice at the time you submit your personal data. If we do not issue a separate privacy notice then this privacy policy will apply to our processing of personal data for competitions. If we do issue a separate privacy notice and there is any inconsistency between that notice and this Privacy Policy, then the separate notice will take precedence over this Privacy Policy.

10 Marketing

We will never process your personal data, or share it with third parties, for marketing purposes unless you have specifically consented to us doing so in advance.

 

11 Disclosure of your information

Except for the disclosures set out below, or any other disclosures that we may notify to you in separate privacy notices from time to time, we will take steps to ensure that your personal information is accessed and processed only by personnel of Aardman that have a need to do so for the purposes described in this Privacy Policy.

We may share your personal data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

We may also share your personal data with third parties as further described below:

  • if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets (or their representatives and advisers) for due diligence purposes.
  • if Aardman or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • with third-party agents and contractors for the purposes of providing services to us or on our behalf (for example, our accountants, professional advisers, IT and communications providers), in which case those third parties will be subject to appropriate data protection obligations and they will only use your personal data for the purposes described in this Privacy Policy.
  • to the extent required by law (for example, if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation), or in order to enforce or apply the terms of any other agreements, or to protect the rights, property or safety of Aardman, our customers or others, including exchanging personal data with other companies and organisations for the purposes of fraud protection and credit risk reduction.
  • If we are required to disclose information relating to competitions and competition winners in to ensure compliance with applicable competition rules and regulations in accordance with section 9 above.
12 Where we transfer and store your personal data

The personal data that we collect from you may be transferred to, and stored at, a destination outside the United Kingdom (“UK”). It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the provision of support services to us (or you) in relation to our interactions with you.

Where we transfer your personal data to another country outside the UK, we will take all steps reasonably necessary to ensure that your personal data are treated securely and in a manner consistent with legal requirements and this Privacy Policy. In relation to data transferred outside the UK, for example, this may be done in one of the following ways:

  • the country to which we send the data might be approved by the UK government as offering an adequate level of protection for personal data;
  • the recipient might have signed up to a contract based on “standard data protection clauses” or an international data transfer agreement approved by the UK government, obliging them to protect your personal data in accordance with standards of protection that apply within the UK; or
  • in other circumstances the law may otherwise permit us to transfer your personal data outside the UK

You can obtain more details of the protection given to your personal data when transferred outside the UK by contacting us using the contact details provided below.

13 How we safeguard your information

We have extensive controls in place to maintain the security of our information and information systems. Files are protected with safeguards according to the sensitivity of the relevant information, including hashing or data encryption where appropriate. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where personal data are gathered, processed or stored is limited to authorised employees.

As a condition of employment, our employees are required to comply with all applicable laws and regulations, including in relation to data protection law. Unauthorised use or disclosure of confidential information (including personal data) by an employee of Aardman is prohibited and may result in disciplinary measures.

If you contact us about your information, you may be asked for some personal data for identification purposes. This type of safeguard is designed to ensure that only you, or someone authorised by you, has access to your information.

14 Internet risks

Despite the safeguards set out in this Privacy Policy, unfortunately the transmission of information by online or mobile means is not completely secure. Aardman cannot guarantee the security of information transmitted to this site, and for that reason any transmission you make is at your own risk. We recommend that you use anti-virus, firewall and/or other security protections according to your own analysis of your security requirements. Once we have received your personal data, we will use the procedures and security features set out in this Privacy Policy to try to prevent unauthorised access to, or loss or destruction of, your personal data.

15 How long we keep your personal data

How long we will hold your personal data for will vary and will be determined by the following criteria:

  • the purpose for which we are using it (as further described in this Privacy Policy) – we will need to keep the data for as long as is necessary for that purpose; and
  • legal obligations – laws or regulations may set a minimum period for which we have to keep your personal data.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

16 Your rights

Where we collect, use or store your personal data under this Privacy Policy, you may, depending on your circumstances, have the following rights:

  • the right to obtain information regarding the processing of your personal data (including whether or not we are holding and/or processing your personal data, the extent of the personal data we are holding and the purposes and extent of the processing) and access to the personal data that we hold about you, if any;
  • where we are relying on consent for a particular purpose, the right at any time to withdraw your consent to the processing of your personal data for such purpose;
  • in some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible – which is sometimes known as the right to “data portability”, and please note that (a) this right only applies to personal data which you have provided directly to Aardman and which we are processing either on the basis of consent or because the processing is necessary in order for us to perform our contractual obligations to you and (b) if you request the right to data portability and it is not available to you, we will let you know;
  • the right to request that we rectify your personal information if it is inaccurate or incomplete;
  • the right to request that we erase your personal data in certain circumstances – please note that there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it, in which case we will let you know;
  • the right to object to, or request that we restrict, our processing of your personal data in certain circumstances – again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal data but we are legally entitled to refuse that request and, if so, we will let you know;
  • the right to object to decisions based solely on automated processing, including profiling, which produce legal effects or otherwise significantly affect you (for example, where a computer algorithm, rather than a person, makes decisions that affect your contractual or other rights) – please note that we do not currently carry out any such automated decision-making processes; and
  • the right to lodge a complaint with the relevant data protection regulator if you think that any of your rights have been infringed by us, and please note that:

    • the data protection regulator for the UK is the Information Commissioner’s Office (“ICO”);
    • you can submit complaints through the ICO helpline by calling 0303 123 1113; and
    • further information on reporting concerns is available at a href="https://ico.org.uk/concerns/">https://ico.org.uk/concerns/.

To find out more about your legal rights, please see the ICO's website (www.ico.org.uk).

You can exercise your rights above at any time by contacting us at Aardman Animations Limited, Gas erry Road, Bristol, BS1 6UN or a href="mailto:privacy@aardman.com">privacy@aardman.com, giving us enough information to identify you and to respond to your request.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). We ay, however, charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in those circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we shall notify you and keep you updated.

17 Other websites

If you follow a link to another website (including any website operated by Aardman), different privacy policies may apply. You should read those policies before you submit any personal data to those websites, and please note that use of your personal data by those websites will be subject to those privacy policies.

In particular, please be aware that the Aardstore at www.aardstore.com/ is not run by Aardman. The Aardstore is run by “Digital Stores”, a trading name of Universal Music Direct Limited. The Aardstore is subject to separate privacy policies which is available at https://www.aardstore.com/privacy/ and Aardman is not responsible for the collection or use of any personal information that is submitted to or through the Aardstore.

18 Cookies policy

Our websites (including this site and other online and mobile sites run by Aardman) use cookies and other tracking and monitoring software to distinguish you from other users of our site and to collect technical information about the services that you use and how you use them. This information helps us to provide you with a good experience when you browse our sites, allows us to improve our sites and our services, and allows us to compile statistical reports on site visitors and site activity. Cookies do not affect your security, since a cookie cannot read data off your system or read cookie files created by other sites.

The information that we collect through our use of cookies, to the extent that you are individually identifiable from it, constitutes personal data, and we will protect it according to the standards and processes set out in this Privacy Policy.

Please note that we have implemented some third party services parties (including, for example, advertising networks and providers of external services like web traffic analysis services) and such third partiesmay also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies. You will have the option to reject non-essential cookies should you wish to, via an initial prompt when you first visit the page and you can revisit your choices at any time by clicking the cookies settings button in the left hand corner of the page, but please note that some of our site features may not function if you remove cookies from your system. For further general information about cookies please visit www.aboutcookies.org or www.allaboutcookies.org.

Cookies we use

We may use the following cookies and similar tracking technologies on our sites:

Please note, we have no control over cookies that are placed by Google Analytics or third party social media companies. If you decide to enable these cookies, we recommend you check their privacy policies to ensure you are happy to accept these cookies (information on each provider is available by accessing your cookie preferences).

 

19 Contact

Questions, comments and requests regarding this Privacy Policy or the handling of your personal data are welcomed and should be addressed to:

If you are not satisfied with the response you receive, you may escalate concerns to the applicable privacy regulator in your jurisdiction, which for the UK is the ICO (see section 16above for their contact details).

20 Changes to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email.

Please check back frequently to see any updates or changes to our Privacy Policy.

 

Last modified: August 2022