In this privacy notice, we use the following standard terms:
“personal data” any information collected about an identifiable living individual
“process” personal data is processed when we do anything with it, which includes: collecting, recording, organising, storing, adapting, altering, retrieving, using, viewing, combining, disclosing, or deleting it.
“we”, “us”, and “our” refers to Based Upon Ltd
“you” and “your” refers to clients, individuals related to our clients, prospects, suppliers or other contacts
What information we collect, use and why
We collect the minimum data required to run the business. We collect data directly from individuals and do not purchase, rent or buy from data brokers.
Data collected by us is used for the following purposes:
to provide goods and services
to manage customer accounts and guarantees
for service updates and marketing
for recruitment
to manage enquiries and our customer relationships
to meet our legal obligations
We collect the following data types:
names, addresses and contact data
financial information to make and receive payments
records of meetings and communications
customer or client account and transaction records
analytics to track website usage and optimise user experience
Lawful bases and data protection rights
Lawful basis
UK data protection law requires us to have a lawful basis for processing all personal data collected. At Based Upon we process data with the following legal basis:
contract – to comply with agreed contractual terms
legal obligation – to comply statutory requirements
consent – to undertake marketing activities
legitimate interests – to keep in touch with current customers
Individual rights
UK data protection law provides individuals with rights regarding their personal data which are outlined below:
right of access – individuals have the right to request copies of their data with an explanation of what data is collected, where and how it was collected, who it is shared with and how long the data is retained
right of rectification – individuals have the right to ask for errors or incomplete records to be put right
right to data deletion – individuals may request to have their data deleted from our systems
right to restrict processing – individuals may ask us to stop processing data where accuracy is in doubt, processing is unlawful or in the event of legal action
right to object to processing – individuals may object to us processing their data for legitimate interests and ask us to cease processing
right to data portability – individuals can ask us to transfer their personal data to another organisation
right to withdraw consent – individuals have the right to remove consent to our data processing at any point
To exercise any of these rights please contact us at the contact details above. Based Upon have 1 calendar month to respond to your request except in complex situations where we may extend this.
In some circumstances we may not be able to comply fully with your request where an exemption is in place or where processing takes place to meet a legal obligation.
Who do we share your data with
Based Upon share personal data with the following data processors. Details of their security and privacy management is detailed in their privacy policies.
Google - https://policies.google.com/privacy?hl=en-GB
We also share, when appropriate, personal data with:
professional and legal advisors
relevant legal authorities
professional consultants
organisations where we have a legal obligation to provide data
suppliers and service providers
We have a stringent selection process for software and systems to ensure that we use products with high security standards and meet UK data protection legislation.
Our suppliers and service providers are contracted with confidentiality and NDA clauses in place. We carefully select our suppliers and service providers following a defined process to assess their security and privacy standards.
We do not share, sell or exchange data with organisations external to Based Upon.
Sharing information outside the UK
Where necessary, we may transfer personal information outside of the UK because of selecting mainstream software with global hosting. When doing so, we comply with the UK data protection regulations, making sure appropriate safeguards are in place.
Digital Advertising, Tracking Technologies and Your Rights
Based Upon uses targeted advertising technologies to show you relevant adverts based on your browsing behaviour and interests. This helps us reach you with information about our products that may interest you.
How we use your data for advertising:
We share certain data with advertising platforms like Google Ads, Facebook/Meta Ads, and LinkedIn Advertising
This data may include your IP address, device information, pages visited, and actions taken on our website
We use this information to create "audiences" for our advertising campaigns
We may show you Based Upon adverts when you visit other websites or use social media platforms
Advertising platforms we work with:
Google Ads and Google Display Network
Facebook/Meta Ads
Instagram Ads
LinkedIn Advertising
Pinterest Advertising
Tracking Technologies We Use:
We employ various tracking technologies to deliver personalised advertising:
Cookies: Small text files stored on your device that remember your preferences and track interactions
First-party cookies: Set by our website
Third-party cookies: Set by our advertising partners
Pixels and Tags: Invisible tracking elements on our website and in marketing emails that monitor page visits, email opens, and actions taken
Device Fingerprinting: Information about your device that creates a "fingerprint" to identify your device across websites
Cross-Device Tracking: Technology that recognises you across different devices for a seamless advertising experience
Full details of cookies we use can be found in our cookie policy <add link here>
Retargeting/Remarketing: Shows you Based Upon adverts on other websites after you've visited our site
These tracking technologies typically remain active for up to 24 months unless you clear them or opt out.
Legal Basis for Marketing Activities
Under UK data protection law, we rely on the following legal grounds for our marketing activities:
Consent: For most electronic communications where you've explicitly agreed to receive marketing
Legitimate Interest: For existing customer communications, postal marketing, and some digital advertising where we've balanced our interests against your privacy rights
Contractual Necessity: To communicate about products you've purchased, warranties, or care instructions
Soft Opt-in: For existing customers, we may send marketing about similar products, always with an opt-out option
Controlling Your Marketing Preferences
You have several options to control how your data is used:
Browser settings: Adjust your browser to block cookies (see your browser's help section)
Advertising platform opt-outs:
Google: https://adssettings.google.com
Facebook/Meta: Ad Preferences in your account settings
LinkedIn: Privacy Controls in your account settings
Industry-wide tools:
Your Online Choices: https://www.youronlinechoices.com/uk/your-ad-choices
Digital Advertising Alliance: https://optout.aboutads.info
Alternatively, please email tom@basedupon.com with "Advertising Opt-Out" in the subject line
If you opt out, you may still see Based Upon advertisements, but they will not be personalised. Please note it may take up to 30 days for all platforms to process your request.
We respect your privacy choices and regularly review our practices to ensure we're respecting your rights while delivering relevant communications.
Data management and retention
UK data protection regulations require us to actively manage data ensure it is retained for the minimum period possible.
Our legal obligations require us to retain financial data for 7 years for audit purposes.
Our contracts include a statute of limitation which requires us to retain data relating to product sales for 12 years
Customer data is retained for the life of the business relationship and subject to the retention periods above.
We often have relationships with prospective clients for some years via our marketing channels and email marketing systems. Options to unsubscribe from communications are always provided.
How to complain
If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.
If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.
The ICO’s address:
Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
This privacy notice is regularly reviewed and may be revised at any point. Please check this notice to ensure you understand the current position.
This notice was last updated in April 2025.
COOKIES
WHAT ARE COOKIES
AS IS COMMON PRACTICE WITH ALMOST ALL PROFESSIONAL WEBSITES THIS SITE USES COOKIES, WHICH ARE TINY FILES THAT ARE DOWNLOADED TO YOUR COMPUTER, TO IMPROVE YOUR EXPERIENCE. THIS PAGE DESCRIBES WHAT INFORMATION THEY GATHER, HOW WE USE IT AND WHY WE SOMETIMES NEED TO STORE THESE COOKIES. WE WILL ALSO SHARE HOW YOU CAN PREVENT THESE COOKIES FROM BEING STORED HOWEVER THIS MAY DOWNGRADE OR 'BREAK' CERTAIN ELEMENTS OF THE SITES FUNCTIONALITY.
FOR MORE GENERAL INFORMATION ON COOKIES VISIT THIS WEBSITE.
HOW WE USE COOKIES
WE USE COOKIES FOR A VARIETY OF REASONS DETAILED BELOW. UNFORTUNATELY In MOST CASES THERE ARE NO INDUSTRY STANDARD OPTIONS FOR DISABLING COOKIES WITHOUT COMPLETELY DISABLING THE FUNCTIONALITY AND FEATURES THEY ADD TO THIS SITE. IT IS RECOMMENDED THAT YOU LEAVE ON ALL COOKIES IF YOU ARE NOT SURE WHETHER YOU NEED THEM OR NOT IN CASE THEY ARE USED TO PROVIDE A SERVICE THAT YOU USE.
DISABLING COOKIES
YOU CAN PREVENT THE SETTING OF COOKIES BY ADJUSTING THE SETTINGS ON YOUR BROWSER (SEE YOUR BROWSER HELP FOR HOW TO DO THIS). BE AWARE THAT DISABLING COOKIES WILL AFFECT THE FUNCTIONALITY OF THIS AND MANY OTHER WEBSITES THAT YOU VISIT. DISABLING COOKIES WILL USUALLY RESULT IN ALSO DISABLING CERTAIN FUNCTIONALITY AND FEATURES OF THE THIS SITE. THEREFORE IT IS RECOMMENDED THAT YOU DO NOT DISABLE COOKIES.
THE COOKIES WE SET
THIS SITE OFFERS NEWSLETTER OR EMAIL SUBSCRIPTION SERVICES AND COOKIES MAY BE USED TO REMEMBER IF YOU ARE ALREADY REGISTERED AND WHETHER TO SHOW CERTAIN NOTIFICATIONS WHICH MIGHT ONLY BE VALID TO SUBSCRIBED/UNSUBSCRIBED USERS.
THIRD PARTY COOKIES
IN SOME SPECIAL CASES WE ALSO USE COOKIES PROVIDED BY TRUSTED THIRD PARTIES. THE FOLLOWING SECTION DETAILS WHICH THIRD PARTY COOKIES YOU MIGHT ENCOUNTER THROUGH THIS SITE.
THIS SITE USES GOOGLE ANALYTICS WHICH IS ONE OF THE MOST WIDESPREAD AND TRUSTED ANALYTICS SOLUTION ON THE WEB FOR HELPING US TO UNDERSTAND HOW YOU USE THE SITE AND WAYS THAT WE CAN IMPROVE YOUR EXPERIENCE. THESE COOKIES MAY TRACK THINGS SUCH AS HOW LONG YOU SPEND ON THE SITE AND THE PAGES THAT YOU VISIT SO WE CAN CONTINUE TO PRODUCE ENGAGING CONTENT.
FOR MORE INFORMATION ON GOOGLE ANALYTICS COOKIES, SEE THE OFFICIAL GOOGLE ANALYTICS PAGE.
WE ALSO USE SOCIAL MEDIA BUTTONS AND/OR PLUGINS ON THIS SITE THAT ALLOW YOU TO CONNECT WITH YOUR SOCIAL NETWORK IN VARIOUS WAYS. FOR THESE TO WORK THE FOLLOWING SOCIAL MEDIA SITES INCLUDING; FACEBOOK, TWITTER, WILL SET COOKIES THROUGH OUR SITE WHICH MAY BE USED TO ENHANCE YOUR PROFILE ON THEIR SITE OR CONTRIBUTE TO THE DATA THEY HOLD FOR VARIOUS PURPOSES OUTLINED IN THEIR RESPECTIVE PRIVACY POLICIES.
MORE INFORMATION
HOPEFULLY THAT HAS CLARIFIED THINGS FOR YOU AND AS WAS PREVIOUSLY MENTIONED IF THERE IS SOMETHING THAT YOU AREN'T SURE WHETHER YOU NEED OR NOT IT'S USUALLY SAFER TO LEAVE COOKIES ENABLED IN CASE IT DOES INTERACT WITH ONE OF THE FEATURES YOU USE ON OUR SITE. HOWEVER IF YOU ARE STILL LOOKING FOR MORE INFORMATION THEN YOU CAN CONTACT US THROUGH ONE OF OUR PREFERRED CONTACT METHODS.