top of page

Privacy Notice

In accordance with and compliance with the provisions contained in the Data Protection Acts 1988-2018 and the General Data Protection Regulation (GDPR), we inform you that Creative Shore Limited, its affiliates, subsidiaries, parent companies, business units, and other related companies (hereinafter referred to as the “Controller”), recognizes the importance of the legitimate, controlled, and informed processing of the Personal Data of the Data Subject. In particular, Creative Shore Limited (“Creative Shore”) is the entity that collects and retains the personal data that you, as the Data Subject, voluntarily provide to carry out the following:

(i) For identification and statistical purposes of the Data Subject; (ii) To enable you to enter into a contract with the Controller, and to manage and fulfil the obligations derived from it; (iii) To process your registration as a supplier, client, employee, or applicant, or to modify it in the database; (iv) To create quotations and budgets; (v) To approve registration, modification, extension, unlocking, and changes to payment conditions; (vi) To supply information to authorities in case of any requirement or legal mandate, or in case Creative Shore needs to provide it to third parties with whom it has contracted or entered into a service agreement.

The Controller will only obtain personal information directly from the Data Subject and only when it is relevant, appropriate, and necessary for the intended purposes established in this Privacy Notice. The Personal Data collected by the Controller will be treated confidentially. In accordance with Article 12 of the GDPR, the Controller will collect and process the Data Subject’s Personal Data in a manner consistent with the purposes for which it was originally requested under this Privacy Notice or for those purposes that the Data Subject may subsequently approve and for which consent is given in terms of the GDPR.


The data collected in this act will remain in the possession of the Controller for as long as the commercial relationship with you as a Supplier, Client, or Employee of the Controller persists and for up to 5 years following its termination for any reason. Once this period has concluded, your data will be blocked and deleted without the Controller retaining any copy or record of it. During this time, you can request the Controller, by sending an email to [Insert Contact Email], to Access, Rectify, Cancel, or Object (ARCO Rights) to the processing of your data through a request, which the Controller undertakes to respond to in accordance with the GDPR. The Controller will respond to your requests, provided none of the exceptions contained in the GDPR apply, and the applicant meets the requirements of Article 29 of the GDPR, described as follows:

  • The name of the data subject and address or other means to communicate the response to your request;

  • Documents that prove the identity or, where applicable, the legal representation of the Data Subject;

  • A clear and precise description of the Personal Data for which one seeks to exercise any of the aforementioned rights; and

  • Any other element or document that facilitates the location of the Personal Data.

For the aforementioned purposes, you acknowledge that by accepting the terms of this Privacy Notice and providing all or part of the data collected, (i) you do so voluntarily, (ii) the required data may include financial and/or asset-related personal data, (iii) the Controller may collect your personal data in various ways and use such data as set forth herein, including, among other things, to create a database for the Controller or transfer all or part of the data to subsidiaries, affiliates, parent companies, business units, and companies that are part of the same corporate interest group, as well as to third parties that the Controller considers appropriate, provided that it does not harm you as the Data Subject in any way and always within the limits allowed by the GDPR and other applicable regulations. Furthermore, you authorize the Controller to transfer your personal information to third parties in accordance with the GDPR.

In accordance with Articles 7 and 9 of the GDPR, it is understood that you agree that the Controller may collect financial and/or asset-related data from you. However, for the purposes stated, the Controller will not collect sensitive personal data, and if this should occur, it will be done by obtaining your explicit written consent, informing you in advance of the purposes for the processing of such data.

By providing your information voluntarily, you as the Data Subject acknowledge that you have read and agree to this Privacy Notice under its terms and accept that your data may be transferred and processed within and outside of the country, to authorities, third parties with whom we have a legal relationship, and to any of our affiliates, subsidiaries, business units, as well as any parent company or company within the WPP group worldwide.

In the event of transfer or referral, even when it is understood to be authorized by you, we guarantee that we will enter into the necessary agreements to ensure the confidential and private processing of your information, so that it remains secure at all times.

We reserve the right to make changes or updates to this Privacy Notice at any time. In such an event, the Controller will announce the changes with reasonable advance notice before they are implemented. However, it is the Data Subject’s responsibility to periodically review this Notice. If the Data Subject does not exercise their right to object and generally their ARCO rights, the legal relationship will continue, and the processing of the Data Subject's Personal Data will be as stipulated by the new provisions established by the Controller in this Notice.

Any complaint or additional information regarding the processing of your personal data or any question regarding the GDPR can be directed to the Data Protection Commission. For more information, visit www.dataprotection.ie.

The laws and regulations of different countries may impose different requirements on the Internet and the protection of Personal Information. The Controller is located in Ireland, and all matters related to the platforms, websites, and generally the means of communication designated for this purpose by Creative Shore Limited, its affiliates, subsidiaries, parent companies, business units, and other related companies are governed by Irish law. By entering your information, the Data Subject authorizes the transfer and acceptance of this Privacy Notice.

You can configure your browser to block cookies that we may use or to alert you about them; however, this will result in some parts of the website not functioning. Our cookies do not store any personally identifiable information, so all information collected by these cookies is anonymous.

Cookies allow our website to provide you with enhanced functionality and greater personalization based on your interaction with it.

If you as the Data Subject do not authorize or object to the Processing of Personal Data under the terms of this Notice, you should not use the portals, platforms, websites, and generally any means of communication designated or assigned by the Controller, its affiliates, subsidiaries, parent companies, business units, and other related companies for this purpose.

Date of last update: April 10, 2024.

bottom of page