THIS PRIVACY POLICY HAS BEEN FORMULATED TO ASSURE YOU OF OUR COMMITMENT TO YOUR PRIVACY AND THAT OF ALL OUR CLIENTS. IT IS INTENDED TO BE STRICTLY IN ACCORDANCE WITH GDPR REGULATIONS AND THE DATA PROTECTION COMMISSIONER'S CODE OF CONDUCT FOR DATA COLLECTORS.
PLEASE READ THIS PRIVACY POLICY CAREFULLY. YOUR ACCEPTANCE OF OUR PRIVACY POLICY IS DEEMED TO OCCUR UPON YOUR FIRST USE OF OUR SITE. IF YOU DO NOT ACCEPT AND AGREE WITH THIS PRIVACY POLICY, YOU MUST STOP USING OUR SITE IMMEDIATELY
WHO WE ARE
THIS WEBSITE IS OWNED AND MANAGED BY BASED UPON LIMITED A COMPANY INCORPORATED IN ENGLAND AND REGISTERED UNDER NUMBER 5425139.
BASED UPON'S REGISTERED OFFICE IS AT 4-8 SWAN ROAD, LONDON, SE18 5TT.
INFORMATION COLLECTED AND PURPOSE
WE ASK YOU TO PROVIDE YOUR FULL NAME, TITLE, FULL POSTAL AND EMAIL ADDRESS. WE WILL PROCESS AND STORE THIS PERSONAL INFORMATION INTERNALLY ONLY AND WILL NOT DISCLOSE IT TO THIRD PARTIES. THIS INFORMATION IS GATHERED ON THE BASIS OF OUR LEGITIMATE BUSINESS INTERESTS AND SPECIFICALLY FOR THE PURPOSE OF CONDUCTING PRESENT OR FUTURE BUSINESS WITH YOU AND FOR OUR MARKETING ACTIVITIES, SUCH AS WRITING TO YOU WITH DETAILS OF OUR SERVICES.
AMENDING OR REMOVING YOUR DETAILS
YOU MAY AMEND YOUR REGISTRATION DETAILS AT ANY TIME OR ASK US TO REMOVE YOUR DETAILS FROM OUR FILES BY WRITING TO BASED UPON AT THE ABOVE ADDRESS OR EMAILING BASED UPON AT INFO@BASEDUPON.COM.
CHANGES TO OUR PRIVACY POLICY
WE MAY CHANGE THIS PRIVACY POLICY FROM TIME TO TIME (FOR EXAMPLE, IF THE LAW OR OUR BUSINESS CHANGES). ANY CHANGES WILL BE IMMEDIATELY POSTED ON OUR SITE AND YOU WILL BE DEEMED TO HAVE ACCEPTED THE TERMS OF THE PRIVACY POLICY ON YOUR FIRST USE OF OUR SITE FOLLOWING THE ALTERATIONS. WE RECOMMEND THAT YOU CHECK THIS PAGE REGULARLY TO KEEP UP-TO-DATE
COOKIES
WHAT ARE COOKIES
AS IS COMMON PRACTICE WITH ALMOST ALL PROFESSIONAL WEBSITES THIS SITE USES COOKIES, WHICH ARE TINY FILES THAT ARE DOWNLOADED TO YOUR COMPUTER, TO IMPROVE YOUR EXPERIENCE. THIS PAGE DESCRIBES WHAT INFORMATION THEY GATHER, HOW WE USE IT AND WHY WE SOMETIMES NEED TO STORE THESE COOKIES. WE WILL ALSO SHARE HOW YOU CAN PREVENT THESE COOKIES FROM BEING STORED HOWEVER THIS MAY DOWNGRADE OR 'BREAK' CERTAIN ELEMENTS OF THE SITES FUNCTIONALITY.
FOR MORE GENERAL INFORMATION ON COOKIES VISIT THIS WEBSITE.
HOW WE USE COOKIES
WE USE COOKIES FOR A VARIETY OF REASONS DETAILED BELOW. UNFORTUNATELY In MOST CASES THERE ARE NO INDUSTRY STANDARD OPTIONS FOR DISABLING COOKIES WITHOUT COMPLETELY DISABLING THE FUNCTIONALITY AND FEATURES THEY ADD TO THIS SITE. IT IS RECOMMENDED THAT YOU LEAVE ON ALL COOKIES IF YOU ARE NOT SURE WHETHER YOU NEED THEM OR NOT IN CASE THEY ARE USED TO PROVIDE A SERVICE THAT YOU USE.
DISABLING COOKIES
YOU CAN PREVENT THE SETTING OF COOKIES BY ADJUSTING THE SETTINGS ON YOUR BROWSER (SEE YOUR BROWSER HELP FOR HOW TO DO THIS). BE AWARE THAT DISABLING COOKIES WILL AFFECT THE FUNCTIONALITY OF THIS AND MANY OTHER WEBSITES THAT YOU VISIT. DISABLING COOKIES WILL USUALLY RESULT IN ALSO DISABLING CERTAIN FUNCTIONALITY AND FEATURES OF THE THIS SITE. THEREFORE IT IS RECOMMENDED THAT YOU DO NOT DISABLE COOKIES.
THE COOKIES WE SET
THIS SITE OFFERS NEWSLETTER OR EMAIL SUBSCRIPTION SERVICES AND COOKIES MAY BE USED TO REMEMBER IF YOU ARE ALREADY REGISTERED AND WHETHER TO SHOW CERTAIN NOTIFICATIONS WHICH MIGHT ONLY BE VALID TO SUBSCRIBED/UNSUBSCRIBED USERS.
THIRD PARTY COOKIES
IN SOME SPECIAL CASES WE ALSO USE COOKIES PROVIDED BY TRUSTED THIRD PARTIES. THE FOLLOWING SECTION DETAILS WHICH THIRD PARTY COOKIES YOU MIGHT ENCOUNTER THROUGH THIS SITE.
THIS SITE USES GOOGLE ANALYTICS WHICH IS ONE OF THE MOST WIDESPREAD AND TRUSTED ANALYTICS SOLUTION ON THE WEB FOR HELPING US TO UNDERSTAND HOW YOU USE THE SITE AND WAYS THAT WE CAN IMPROVE YOUR EXPERIENCE. THESE COOKIES MAY TRACK THINGS SUCH AS HOW LONG YOU SPEND ON THE SITE AND THE PAGES THAT YOU VISIT SO WE CAN CONTINUE TO PRODUCE ENGAGING CONTENT.
FOR MORE INFORMATION ON GOOGLE ANALYTICS COOKIES, SEE THE OFFICIAL GOOGLE ANALYTICS PAGE.
WE ALSO USE SOCIAL MEDIA BUTTONS AND/OR PLUGINS ON THIS SITE THAT ALLOW YOU TO CONNECT WITH YOUR SOCIAL NETWORK IN VARIOUS WAYS. FOR THESE TO WORK THE FOLLOWING SOCIAL MEDIA SITES INCLUDING; FACEBOOK, TWITTER, WILL SET COOKIES THROUGH OUR SITE WHICH MAY BE USED TO ENHANCE YOUR PROFILE ON THEIR SITE OR CONTRIBUTE TO THE DATA THEY HOLD FOR VARIOUS PURPOSES OUTLINED IN THEIR RESPECTIVE PRIVACY POLICIES.
MORE INFORMATION
HOPEFULLY THAT HAS CLARIFIED THINGS FOR YOU AND AS WAS PREVIOUSLY MENTIONED IF THERE IS SOMETHING THAT YOU AREN'T SURE WHETHER YOU NEED OR NOT IT'S USUALLY SAFER TO LEAVE COOKIES ENABLED IN CASE IT DOES INTERACT WITH ONE OF THE FEATURES YOU USE ON OUR SITE. HOWEVER IF YOU ARE STILL LOOKING FOR MORE INFORMATION THEN YOU CAN CONTACT US THROUGH ONE OF OUR PREFERRED CONTACT METHODS.
COPYRIGHT (C) 2020 BASED UPON LIMITED
Based Upon (BU) values the privacy of those who provide personal information to us. This privacy policy (the “Policy”) describes how and why we collect, store and use personal information, and provides information about individual’s rights.
This Policy applies to both personal information supplied to us either by an individual or by others. We may use personal information supplied to us for any of the purposes as set out in this Policy, or as otherwise disclosed at the point of collection.
This Policy is an important document. We recommend that you read it carefully and print and keep a copy for your future reference.
In this Policy, we use the terms:
“we”, “us”, and “our” (and other similar terms) to refer to either: Based Upon Ltd as referred to in any quotation we provide to you or contract we enter into with you; or if we have not yet provided you with a quotation or you have not yet entered into a contract, Based Upon Ltd as owner of the Based Upon website, basedupon.com. In each of the above cases Based Upon Ltd will be the data controller as prescribed in English law (the “Data Controller”);
“Contract or Quotation” refers to a written document which sets out the terms and conditions of the engagement with BU and which describes the services to be provided to you by BU. Such documents should be relied upon in determining liability for the services provided.
“Personal Information” is any information relating to an identified or identifiable natural person;
“identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors; and
“you” and “your” (and other similar terms) refer to our clients, individuals associated with our clients, contacts, suppliers, job applicants, staff and visitors to the Based Upon website, www.basedupon.com.
Your rights in relation to Personal Information and how to exercise them
Under certain circumstances you have the following rights:
the right to ask us to provide you, or a third party, with copies of the Personal Information we hold about you at any time and to be informed of the contents and origin, verify its accuracy, or else request that such information be supplemented, updated or rectified according to the provisions of local law;
the right to request erasure, anonymisation or blocking of your Personal Information that is processed in breach of the law;
the right to object on legitimate grounds to the processing of your Personal Information. In certain circumstances we may not be able to stop using your Personal Information, if that is the case, we’ll let you know why; and
withdrawal of consent – when Personal Information is processed on the basis of consent an individual may withdraw consent at any time. In the event that you no longer want to receive any marketing material from us, please use the unsubscribe option (which is in all of our marketing emails to you), or contact the Data Controller as set out below.
To exercise such rights (bar withdrawing from marketing emails – as described above) and if you have any questions about how we collect, store and use Personal Information, then please contact us using the details as set out in the “Data Controller contact information” section below.
What basis do we have for processing your Personal Information?
We will only process Personal Information where we have a lawful reason for doing so. The lawful basis for processing Personal Information by us will be one of the following:
the processing is necessary for the performance of a contract you are party to or in order to take steps at your request prior to you entering into a contract;
the processing is necessary in order for us to comply with our legal obligations (such as providing details to HMRC);
the processing is necessary for the pursuit of our legitimate business interests (including that of the delivery and the promotion of our services); and
processing is necessary for the establishment, exercise or defence of legal claims; and
What Personal Information do we collect and process?
We aim to be transparent about why and how we process Personal Information. For further information on our processing activities please review the relevant section below:
Business contacts
Collection
We process Personal Information about contacts using client relationship management tool (SalesForce.Com). Personal Information is collected and added to this tool by BU staff, and includes: name, email address, job title, telephone number, area of business, job role, jurisdiction, language, seniority and other business contact information. The Personal Information may also be collected by virtue of us providing our services to you or at a networking event. In addition Personal Information may also be collected via the Based Upon website,www.basedupon.com.
Use
For contact and communication purposes: we may use your contact information to send you business updates that we may circulate from time to time, news about any events we are organising or participating in, and/or other information about us and the services that we provide that we believe may be of interest to you. You can specify your contact preferences when registering online to receive communications from us (for example, through the Based Upon website, www.basedupon.com) or by subsequently advising us of your contact preferences using options provided on all of our marketing emails or the contact details as set out in the “Data Controller contact information” section below.
Making contact details available to BU staff.
Performing analytics – such as trends, sales intelligence, marketing effectiveness (such as click and open rates) uptake and progress.
Retention
Personal Information is retained on SaesForce.Com for as long as it is necessary for the purposes set out above (being the length of the business relationship). If a business contact requests to be forgotten their contact details will be deleted from SalesForce.Com. If a business contact opts out of receiving marketing materials their details will still be retained but marketing materials will no longer be sent.
Clients and individuals associated with clients
Collection
We request that our clients only provide Personal Information which is necessary for us to carry out our services.
If we need Personal Information in respect of individuals associated with clients in order to provide legal services we ask our clients to provide this Policy to the data subjects.
In the majority of circumstances we will collect Personal Information from our clients or from third parties acting on behalf of our clients.
Use
Providing services: we will use and disclose Personal Information in such a manner as we believe is reasonably necessary to provide our services, for example we may need to liaise with local or overseas contractors on your behalf (including correspondence with you) or to liaise with other professional service providers in relation to services that we are providing.
Administration: we will use Personal Information to agree payment arrangements, and to collect our fees and costs owing to us in connection with service provision.
Managing client relationships: providing clients with information on our services and business updates that we consider may be relevant to them; arranging and hosting events; and identifying where we may make improvements in service delivery.
Retention
Our general retention period for documentation created for the purpose of providing our services is 12 years. In some instances there are legal and regulatory exceptions which may require documentation to be held for longer or shorter periods. If you require further information please contact us using the details as set out in the “Data Controller contact information” section below.
Job applicants
Please refer to information made available when applying online for further details as to how Personal Information is collected, processed and how long it is retained for.
Journalists
Collection
Personal Information, including name, email address, telephone number and other business contact information, may be collected from PR agencies or from databases that we subscribe to.
Use
Press releases and joint press releases from our clients/organisations that we are working with.
Invitations to meet BU staff.
Press party.
To highlight any spokespeople who may be of interest on a specific industry theme or topic relevant to the journalist.
Business trips may require the use of the Personal Information to assist us with travel arrangements.
Internal communications.
Retention
Personal Information will be retained for as long as it is necessary for the purposes of the above, or if you advise us you no longer wish to be contacted your Personal Information will be removed from our contact lists.
Suppliers (including individual contractors)
Collection
Personal Information, including name, email address, telephone number and other business contact information, is collected to receive services from suppliers, to manage the relationship with the supplier, and for the provision of services to our clients.
Use
To receive services from our suppliers: please note that we will use and disclose their Personal Information in such manner as we believe is reasonably necessary to receive and to review the provision of those services from suppliers.
Services to clients: if a supplier is assisting us in delivering services to our clients we will process Personal Information to manage that relationship.
Administration: to agree payment arrangements with our suppliers, and to make payments to them.
Retention
A general retention period of 12 years will be applied unless there are any legal and or regulatory exceptions which may require documentation to be held for shorter or longer periods. If you require further information please contact us using the details as set out in the “Data Controller contact information” section below.
Staff
Personal Information in relation to staff will be held on various internal systems and applications. A privacy notice which sets out the purposes for which Personal Information is used, how it is used and containing information on data subject rights has been processed and distributed to all staff. This notice is provided to all new staff at the commencement of employment. If further information is required please contact your manager.
Visitors to the Based Upon website
Collection
Personal Information will be collected if you sign up to attend any of our events and/or to receive our marketing literature.
Use
Business contacts: if you have signed up to attend one of our events or to receive our marketing literature please see the paragraph above headed ‘Business contacts’.
Who else may have access to your Personal Information?
On occasion, we may need to share your Personal Information with third parties. We will only share Personal Information where we are legally permitted to do so.
Where you supply us with Personal Information as a client, we will assume, unless you instruct us otherwise in writing, that we can disclose your Personal Information in such manner as we believe is reasonably necessary to provide our services (including as described in this Policy), or as is required under applicable law. This might be because, for example, we may pass your Personal Information to third parties such as:
credit-checking agencies for credit control reasons;
events: we may need to pass on your Personal Information (e.g. name, company, occupation) to a third party in connection with management of an event, in which case the details will only be used by the third party for that specific purpose;
business partners and service providers: to enable us to provide our services to you, we may need to share your Personal Information with our professional advisers (such as accountants, legal services providers or auditors) and external service providers. Our arrangements with external service providers currently cover the provision of support services including IT, marketing communications, HR management and payroll services;
disclosures required by law or regulation: in certain circumstances, please note that we may be required to disclose Personal Information under applicable law or regulation.
How we look after your Personal Information
We have in place appropriate technical and organisational security measures to protect your Personal Information against unauthorised or unlawful use, and against accidental loss, damage or destruction.
Where we engage third parties to process data on our behalf, we will ensure, via a data processing agreement with the third party, that the third party takes such measures in order to maintain our commitment to protecting data.
International transfers of Personal Information (including to outsourced service providers)
The Company may be required to transfer personal data to a country/countries outside of the EEA. Please note that the legal regimes of some territories outside of the EEA do not always offer the same standard of data protection as those inside the EEA, although we will ensure that your Personal Information is only ever treated in accordance with this Policy.
Where possible, we have entered into standard European Commission approved form model data protection clauses, to provide you with the service required and with our external service providers in relation to services that they may provide that involve processing data from locations outside of the EEA for which we are Data Controller.
For example: Based Upon uses the CRM Platform ‘SalesForce.Com’ which stores data on the ‘eu12’ instance in Data centres in Frankfurt and Paris. However, at times this information may be shared with third party applications in other territories. These applications have been fully licenced by Based Upon and any Data transfer is compliant with Salesforce’s own GDPR compliant Privacy Policy.
Access to all Salesforce information is through password protected accounts and, in certain instances, only through limited approved IP address ranges.
Links to other websites
The Based Upon website, www.basedupon.com, may link to other, unaffiliated third party websites. Please note that Based Upon is not, and cannot, control or be responsible for the content or privacy and confidentiality practices of any third party websites. You must always carefully review the privacy and confidentiality policy of any third party website that you may visit in order to understand how the operators of that website may collect, store and use your Personal Information.
Updates to this Policy
This Policy was last updated in June 2018. Please check back regularly to keep informed of updates to this Policy.
Making a Complaint
If you think your data rights have been breached, you are able to raise a complaint with the Information Commissioner (ICO). You can contact the ICO at Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone on 0303 123 1113 (local rate) or 01625 545 745.
Data Controller contact information
Based Upon Ltd 4-8 Swan Road London SE18 5TT sharrine@basedupon.com Tel : 0208 320 2122