1. Introduction

Stratosphere Ventures Limited is committed to protecting personal data and being transparent about how we use it.

This privacy statement explains why and how we collect and use personal data, the circumstances in which we share it, and the rights available to individuals under UK data protection law.

This statement applies to personal data you provide to us directly, personal data we receive from others (for example, clients, collaborators, or referrals), and personal data collected when you visit our website.

2. Who we are and how to contact us

Controller: Stratosphere Ventures Limited

Company number: 17062351

Registered address: 24 Weybridge Road, Thornton Heath, England, CR7 7LN

Website: www.stratosphereventures.co.uk

LinkedIn: https://www.linkedin.com/company/stratosphere-venture/

Privacy contact email: stratosphereventure@gmail.com

Data Protection Officer

We are not currently legally required to appoint a Data Protection Officer. For any privacy query or rights request, contact stratosphereventure@gmail.com.

3. What personal data is and how this statement applies

Personal data is information that relates to an identified or identifiable living person (for example, name, contact details, online identifiers, and photographs).

We process personal data for different purposes depending on how you interact with us. The lawful basis, the data we collect, who we share it with, and how long we keep it can vary by context.

4. Our processing activities (by type of relationship)

A. Website visitors

What we collect

• Device and browser information, IP address, pages visited, referral source, and cookie identifiers (depending on your cookie choices).

Why we use it

• To operate the website, maintain security, understand usage, and improve performance.

Lawful basis

• Legitimate interests (site operation and security) for strictly necessary processing

• Consent for non-essential cookies/technologies (see Cookies section)

B. People who contact us (enquiries, messages, calls)

What we collect

• Name, contact details, message content, and any information you choose to provide.

Why we use it

• To respond, assess your needs, provide information, and manage the relationship.

Lawful basis

• Legitimate interests (responding and running our business)

• Contract (where your request is part of taking steps to enter into a contract)

C. Business consulting clients and client contacts (SIC 70229)

What we collect

• Contact details, role, business information, project briefs, meeting notes, deliverables, communications, and billing records.

Why we use it

• To onboard you, provide consulting services, manage projects, invoice, and keep proper records.

Lawful basis

• Contract (service delivery)

• Legitimate interests (relationship management, service improvement, protecting our business)

• Legal obligation (accounting/tax)

D. Talent (models, artists, performers, creatives) and recruitment/placement activity (SIC 78109)

What we collect

• Identity/contact details; professional profile (experience, availability, preferences); portfolio content (photos, headshots, digitals, showreels); and, where relevant, measurements/appearance details commonly required for specific opportunities.

Why we use it

• To build and maintain talent profiles, assess suitability, identify and communicate opportunities, introduce talent to potential clients/collaborators, coordinate bookings/castings, and support portfolio development.

Lawful basis

• Contract (where you engage us to provide talent services)

• Legitimate interests (matching talent with opportunities, maintaining an organised talent database)

• Consent / your instruction where appropriate, particularly for sharing a profile externally in a way that goes beyond what you would reasonably expect.

Important note on images and public use

• We do not publish or use your images for our marketing unless you have agreed (and where required, provided consent).

E. Photography and portfolio-building clients (SIC 74202)

What we collect

• Booking details, creative requirements, contact information, communications, and image content produced during the service.

Why we use it

• To plan and deliver shoots, edit and provide outputs/galleries, manage selections, and provide customer support.

Lawful basis

• Contract

• Legitimate interests (quality control, service administration, protecting our work)

F. Customers (including retail sale of clothing, SIC 47710)

What we collect

• Order details, delivery address, contact details, and transaction records (payments are usually processed by payment providers).

Why we use it

• To fulfil orders, handle returns, manage customer support, prevent fraud, and keep records.

Lawful basis

• Contract

• Legal obligation (accounting/tax)

• Legitimate interests (fraud prevention, service management)

G. Legal, regulatory and compliance

What we collect

• Information relevant to disputes, claims, complaints, and compliance.

Why we use it

• To comply with the law, protect our rights, and handle disputes or investigations.

Lawful basis

• Legal obligation

• Legitimate interests

• Legal claims (where required to establish, exercise, or defend legal claims)

5. When and how we share personal data

We only share personal data where we are legally permitted to do so and where it is necessary for the purpose.

We may share personal data with:

• Service providers (hosting, email, booking, invoicing/accounting, cloud storage, portfolio/gallery tools, analytics) acting under contract and instructions

• Clients/collaborators (for recruitment/introductions and bookings), where relevant and consistent with the service and your expectations/instructions

• Professional advisers (legal/accounting/insurance)

• Authorities/regulators (including HMRC) where required or lawfully requested

We do not sell personal data.

6. International transfers

Some suppliers may process data outside the UK. Where personal data is transferred internationally, we use appropriate safeguards (for example, the UK IDTA / UK Addendum and contractual/security controls) to protect your information.

7. Security

We take security seriously and use appropriate technical and organisational measures to protect personal data, including access controls, secure storage practices, and limiting access to those who need it for legitimate purposes.

8. Data retention

We keep personal data only for as long as necessary for the purpose collected and then delete or anonymise it.

Typical retention:

• Financial/tax and core business records: commonly up to 6 years after the relevant financial year, to align with accounting/tax and limitation considerations (longer if needed for disputes).

• Talent profiles/portfolios: while active and for a reasonable period afterwards for continuity, unless you request deletion and we have no lawful reason to retain.

• Website analytics/cookies: according to cookie settings and platform configuration.

9. Your rights and how to exercise them

You have rights under UK GDPR, including:

• access, rectification, erasure

• restriction, portability

• objection (especially to direct marketing and processing based on legitimate interests)

• withdrawal of consent (where consent is used)

To exercise any rights: stratosphereventure@gmail.com.
We may ask for verification of identity where necessary.

Complaints

You can complain to the Information Commissioner’s Office (ICO).

10. Cookies and similar technologies (PECR)

We use cookies and similar technologies to operate the site and, where enabled, to understand usage and improve performance.

• Strictly necessary cookies are required for core functionality and security.

• Non-essential cookies (such as analytics/marketing cookies) are used only with your consent.

You can manage your preferences via the cookie banner/settings (where available) and in your browser.

11. Changes to this statement

We may update this statement to reflect changes in our services, technology, or legal requirements.

We will update the “Last updated” date and publish the current version on our website.