Our Data Promise

Our Data Promise

We are committed to protecting and respecting the privacy of our members and stakeholders. This policy sets out the basis on which, in your capacity as a business, any personal data we collect from you (relating to your business) or you provide to us will be processed, shared or transmitted by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Heart of London Business Alliance Limited is the Data Controller, for the purpose of compliance under the Data Protection Act 1998, the Privacy and Electronic Communication (EC Directive) Regulations 2003 and the EU General Data Protection Regulation. Heart of London Business Alliance Limited can be contacted at Sackville House, 40 Piccadilly, London, W1J 0DR.

Our Data Promise last updated: 24th March 2018.

1  What type of information and data do we collect about you?

We may collect and process the following data about your business:

1.1  Information you give us. You may provide us with personal information (for example contact details of staff members) relating to individuals employed by, representing or engaged by your business (relevant individuals), via completing the request forms on our website or by corresponding with us by phone, e-mail or otherwise. You may also provide us with information relating to relevant individuals when you search for a particular service, order a service or product on our website, contact us via the website or report a problem with our website. We may collect relevant individuals’ personal data to inform them of the various products and services we offer. The information you give us may include the name, e-mail address, phone number and occupation of relevant individuals. You acknowledge that in providing us with any personal information relating to relevant individuals, you are fully complying with all aspects of data protection legislation, including where applicable having obtained the consent of such relevant individual to provide us with such personal data. You will immediately notify us if you suspect any breach of applicable data protection legislation and will provide us with all assistance required in the event of a breach.

1.2  Information we collect about you. Each time you visit our website, we may automatically collect the following information:

1.2.1  technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.

1.2.2  information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; browser version; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our service number.

This information may be collected by placing Cookies on your computer. Please see below for more information about the way we use Cookies.

1.3  Information we receive from other sources. We may receive information about your business:

1.3.1  when you use any of the other services we provide.

1.3.2  from the third parties we work with (including, for example, business partners, payment and delivery services, analytics providers, search information providers, credit reference agencies).

2  How do we use your information?

We use information held about you in the following ways:

2.1  Information you give to us. We will use this information:

2.1.1  to carry out our obligations arising from any contracts entered into between your business and us and to provide you with the information, products and services you request from us;

2.1.2  to provide you with information about other goods and services we offer similar to those you have already purchased or enquired about;

2.1.3  to notify you about changes to our service;

2.1.4  to ensure content from our website is presented in the most effective manner for you and for your computer;

2.1.5  to provide marketing information to you and for the purposes of member support.

2.2  Information we collect about you. We will use this information:

2.2.1  to administer our website, applications and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

2.2.2  to improve our website and applications to ensure content is presented in the most effective manner for you and for your computer;

2.2.3  as part of our efforts to keep our website and applications safe and secure;

2.2.4  to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and

2.2.5  to make suggestions and recommendations to you as a business and other users of our website and applications about goods or services which may interest your business or them.

2.3  Information we receive from other sources. We may combine this information with information you give to us and information we collect about your business. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).

3  When we may disclose information to others

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

3.1  We may disclose your personal information to third parties:

3.1.1  In the event we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

3.1.2  If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

3.1.3  If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our website’s terms of use or our terms and conditions of supply and other agreements; or to protect our rights, property, or safety or that of our members or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

4  Where we store your personal data

4.1  The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting personal data, you agree to this transfer, storing or processing and have all necessary consents of any relevant individual to permit this transfer outside of the EEA. We will take all steps reasonably necessary to ensure your data is treated securely and in accordance with this privacy policy.

5  Security of your information

5.1  Unfortunately, as you will be aware, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

6  Rights of Individuals

Any relevant individual shall have the right to ask us not to process their personal data for marketing purposes. We will usually inform you and any relevant individual (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose such information to any third party for such purposes. A relevant individual can exercise their right to prevent such processing by checking certain boxes on the forms we use to collect data.

Under the EU General Data Protection Regulation relevant individuals also have the right to revoke or amend any consent they have provided allowing us to store and their personal data.

For a full update on personal rights under the EU General Data Protection Regulation See Section 3 on: http://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX:32016R0679.

Relevant Individuals can also exercise their data rights at any time by emailing us via contact details available on our website.

7  Links to other websites

Our website contains links to and from the websites of our partners, members and affiliates. If you follow a link to any of these websites, please note these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

8  Access to information

The Data Protection Act 1998 and the EU General Data Protection Regulation give you the right to access information held about you. Your right of access can be exercised in accordance with the Act and Regulation.

9  Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

10  Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be emailed to us via contact details available on our website.