Why we collect your personal data and what we do with it

When you supply your personal details to Steinberg Stories, they are stored and processed for the following reasons;

  1. We need to collect your personal information in order to provide you with the services you have requested we undertake on your behalf. This request and our agreement to provide services constitutes a contract and we will therefore require the ability to process your data in order to fulfil this contract and provide the services to the standard necessary.
  2. We collect, store and process this information based upon a “Legitimate Interest” because without it we would be unable to provide you with the services.
  3. In the order of business, we also need to communicate with you regarding your services and potentially third parties upon your request or agreement. This processing activity is also classified as a Legitimate Interest.
  4. Should we have your consent, we may also occasionally send you marketing, industry information or newsletters that we feel would be of interest. You may withdraw this consent at any time, by contacting any member of our team by phone, email or website contact form.

Personal data may be provided to Steinberg Stories in a number of ways including directly from you (email, post, in person, website), recommendations or forwarding of relevant information from associated parties (such as government agencies).

Retention Period:

We have a legal obligation to retain your records for 7 years post completion of services, after which time you can ask that we delete your records if you wish. You may do this by contacting any member of our team by phone, email or website contact form. Should we not be requested to delete your records, these will be retained indefinitely in order for us to provide a better service at a later date without having to collect personal data again.


Your records are stored electronically on our office computers and hardcopies are stored in a locked facility. Electronic records are backed up daily and stored securely in the cloud.

Third-Parties / Outsourced Providers:

We will never share your data with any third party without your prior written or verbal consent. Only the following people/agencies will/could have access to your data;

  • Members of the Steinberg Stories team, to provide you with services
  • IT service company who manage our IT and servers
  • Website Development company who manage our website
  • Government agencies should this be required for fulfilment of contract
  • Payroll providers should this be required for fulfilment of contract
  • On occasion we may be required to utilise other third-party providers, which may then mean they have access to your personal data. We will always ensure that all third parties have the necessary measures in place to protect your personal data.

Data Access Requests:

You have the right to see what personal data we hold at any time and you can do this by contacting any member of the team or emailing dataprotection@steinbergstories.wordpress.com and submitting a “Subject Access Request”. We will respond to this request within one calendar month.

Data Rectification:

In addition to this, you also have the right to request that we update any information that you believe to be incorrect. It is likely that this request will be dealt with immediately, however we will respond to this request within one calendar month. This can be done by contacting any member of our team by email, phone or website contact form or emailing dataprotection@steinbergstories.wordpress.com

Other rights:

If you decide that you don’t want us to contact you anymore, you are welcome to email us at dataprotection@steinbergstories.wordpress.com to ask us to stop. This request will be reviewed and we will respond to you within one calendar month. If you are asking us to stop sending marketing information, we will do so immediately. You are also able to click on the unsubscribe link at the bottom of any communications. If you would like us to erase all of the data we store and process for you, or you would like us to update or amend data held, please email us at dataprotection@steinbergstories.wordpress.com. We will respond to your request within one calendar month but hopefully sooner.

Complaints process:

If you feel that we have mishandled or breached our responsibilities in handling your personal data, please contact John Steinberg (Data Controller) on john@morgansteinberg.co.uk. We are strongly committed to protecting your personal data. Should you be unsatisfied with our response, you have the right to raise your concern directly with the Information Commissioner’s Office, the UK Data Protection Supervisory Authority.