Privacy Policy

Scroll down

I Heart Studios Group Limited understands that your privacy is important to you and that you care about how your personal data is used. We are committed to ensuring that your privacy is protected.

This privacy notice sets out how we look after your personal data and tells you about your privacy rights and how the law protects you. Personal data is any information about you from which you can be identified. It does not include data where your identity has been removed. This privacy notice applies when you have provided your personal data to us yourself or someone else has provided your personal data to us.

Please read this privacy notice in full, so that you understand how your personal data is used by us.

We may also provide you with other privacy notices on specific occasions when we are collecting or processing personal data about you, to make sure that you are fully aware of how and why we are using your personal data. This privacy notice is in addition to those other notices and is not intended to override them.

1. Information about us

I Heart Studios Group Limited

Registered Number 7657037
Registered Address 6th Floor Charlotte Building, 17 Gresse Street, London, W1T1QL, UK
Trading Address J409 The Biscuit Factory, 100 Clements Road, London, SE16 4DG, UK
VAT/BTW Number GB126963590

I Heart Studios Netherlands BV

Registered Number 66899094
Registered Address Joop Geesinkweg 222, 1114AB Amsterdam, The Netherlands
Trading Address Joop Geesinkweg 222, 1114AB Amsterdam, The Netherlands
VAT/BTW Number NL856737112B01

I Heart Studios Hong Kong Limited

Business Registration Number 2667001
Registered Address Unit 305-7, 3/F Laford Centre, 838 Lai Chi Kok Road, Cheung Sha Wan, Kowloon, Hong Kong
Trading Address Unit 06, 2/F, 1 Hung To Road, Kwun Tong, Hong Kong

2. What personal data we collect?

We may collect some or all of the following personal data about you which we have grouped together as follows (this may vary according to your relationship with us):

3. How do we collect your data?

We use different methods to collect personal data from and about you, as follows:

Direct interactions. You may give us your Identity, Contact, Correspondence, Marketing and Communications Data, Financial and Transaction Data by filling in forms or by corresponding with us by post, phone, email, in person, via social media, via our website or otherwise. This includes personal data you provide when you:

Automated technologies or interactions. As you interact with our website or use our services, we may automatically collect Usage Data about your equipment, browsing actions and patterns. We collect this data by using cookies and other similar technologies. Please see Cookies in Part 4 below for more details.

Third parties or publicly available sources. We may receive personal data about you from various third parties (which may include public sources) as set out below:

4. How do we use your personal data?

In accordance with data protection laws, we will only process your personal data where we have a lawful basis for doing so. Most commonly, we will use your personal data in the following circumstances:

Sometimes we may ask you to consent to our collection and use of certain of your personal data. You have the right to withdraw your consent at any time.

Your personal data may be used for the following purposes. Note that we may process your personal data on more than one lawful basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal basis we are relying on to process your personal data:

We may process any of your personal data identified in this policy where necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice, and for the establishment, exercise or defence of legal claims. Our lawful basis is our legitimate interests (proper protection of our business against risks, protection and assertion of legal rights).


What we can do?

We may send marketing communications to you:

Third-party marketing

We will not share your personal data with any company outside our group of companies for marketing purposes without your express opt-in consent.

Opting out

You have the right to ask us to stop sending you marketing communications at any time.
You can do this by:

If you opt out of receiving some or all of our marketing, we will retain your Marketing and Communications Data for our records in order to ensure that we know that you have opted out.

If you change your mind after opting out, you can update your choices at any time by contacting us.


We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use using cookies that may be stored on your device when you visit our website. This information is used to create reports about the use of our website. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of anyone visiting our website.

For more information on Google Analytics please visit:

To opt out of being tracked by Google Analytics across all websites, please visit:

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

5. How long will do we keep your personal data?

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected, including for the purposes of satisfying any legal, accounting, or reporting requirements and obligations. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us.

In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

6. Where do we store or transfer your personal data?

We may share your data within the group of companies of which we are a part. This may involve transferring your data outside the European Economic Area (EEA) depending on the subsidiary.

Some of our external third parties are based outside the European Economic Area (EEA) so their processing and storage of your personal data will involve a transfer of data outside the EEA

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

7. Do we share your personal data?

We may have to share your personal data with the parties set out below for the purposes set out in Part 4 above.

Internal Third Parties

Other companies in the I Heart Studios Group Limited. Currently we operate in the UK, the Netherlands and Hong Kong.

External Third Parties

Requirements for our third party service providers

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Other disclosures we may make

We may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

Other Websites

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements or notices. When you leave our website, we encourage you to read the privacy notice of every website you visit.

8. How do we keep your personal data secure?

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9. What are your rights?

You have the right to request:

  1. access to the personal data we hold about you (commonly known as a data subject access request). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  2. correction of your personal data if any of your personal data held by us is inaccurate, out of date or incomplete. Please contact us should your personal information change at any point during our relationship
  3. deletion or removal of any of your personal data that we have, in certain circumstances.
  4. that we restrict the processing of your personal data, in certain circumstances.
  5. that we stop using your personal data for a particular purpose or purposes, in certain circumstances.
  6. the transfer of your personal data to you or to a third party, in certain circumstances.

You have the right to withdraw consent at any time where we are relying on consent to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw consent. Please note that if you withdraw consent, we may not be able to provide certain products or services to you. We must comply with this request by law.

You also have the right to stop the use of your personal data for direct marketing through all or any channels, at any time. We must always comply with your request by law.

Further information about your rights can also be obtained from the Information Commissioner’s Office ( or Dutch Data Protection Authority (https:/

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office ( or Dutch Data Protection Authority (https:/ We would, however, appreciate the chance to deal with your concerns before you approach the ICO or DDPA so please contact us in the first instance.

10. How do you exercice your rights?

If you want to exercise your legal rights in relation to your personal data, please contact us using the contact details in Part 11.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Please note that we are not always required to comply with your request. For example, there may be specific legal reasons which will be notified to you, if applicable, at the time of your request and, in some cases, we may have compelling legitimate grounds to process your information which override your rights and freedoms.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

11. How do you contact us?

If you have any questions about this privacy notice including any requests to exercise your legal rights, please contact our Data Privacy Manager as follows:

12. Changes to this privacy policy

We may change this Privacy Notice from time to time by publishing a new version on our website. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. We recommend that you check this page occasionally for any policy changes or updates.