Privacy & Cookies Policy
The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, BIP as the service provider, the website and website owners.
Business Information Point (BIP) has reviewed the data that it holds in line with the General Data Protection Regulations 2018 to ensure that it complies.
We process a wide range of personally identifiable data relating to the work that we do, we do however endeavour to only process the minimum of data required to fulfil each contract and do so under the basis of Legitimate Interest. If we did not maintain such data, we would not be able to fulfil the terms of the contracts that we hold.
BIP delivers a range of projects, each having their own data collection requirements. To request the full list of data processed for a specific project along with the purpose, lawful basis and retention periods that apply please contact BIP via email at email@example.com.
BIP aim to provide Privacy Information to clients at the point of registration whether their information has been collected directly by BIP or has been received through a referral process from one of its funders/stakeholders.
The website businessinfopoint.co.uk and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and requirements for user privacy.
What types of cookies do we use?
Essential – cookies that are essential to provide you with services you have requested. For example, these include the cookies that make it possible for you to make comments and send messages. If you set your browser to block these cookies, then these functions and services will not work for you. In particular, we won’t be able to save your preferences about cookies.
Performance – cookies which measure how often you visit our site and how you use them. We use this information to get a better sense of how our users engage with our website and to improve our site so that users have a better experience. For example, we collect information about which of our pages are most frequently visited, and by which types of users. We also use third-party cookies to help with performance. For example, the Google Analytics cookie gives us information such as your journey between pages and whether you have downloaded anything (details of how to opt out of it are below).
The cookies in use to deliver Google Analytics service are described in the table below.
|Google Analytics||These cookies are used to store information, such as what time your current visit occurred, whether you have been to the site before, and what site referred you to the web page.|
These cookies contain no personally identifiable information.
Google stores the information collected by these cookies on servers in the United States. Google may transfer this information to third-parties where required to do so by law, or where such third-parties process the information on Google’s behalf.
For more information on the usage of cookies by Google Analytics please see the Google website. A link to the privacy advice for this product is provided below for your convenience.
The following information is sent to Clicky servers by default when you visit our web site.
- URL & Title of pages viewed
- URL & Title of any links that are clicked on pages viewed
- User agent
- Browser language
- Screen resolution
- x/y coordinates of mouse events
- Unique ID tracking cookie (“UID”) The GDPR considers this to be Personal Data, even though it is randomly generated and does not identify who you are or reveal anything else about you. Its sole purpose is to more accurately track unique visitors.
- IP address (“IP”) IPs are anonymized before processing.
- Internet Explorer – http://windows.microsoft.com/en-GB/windows7/Block-enable-or-allow-cookies
- Google Chrome – https://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=95647&p=cpn_cookies
- Mozilla Firefox – http://support.mozilla.org/en-US/kb/Blocking%20cookies
- Apple Safari – http://docs.info.apple.com/article.html?artnum=32467
Contact & Communication
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use in line with the General Data Protection Regulations. Every effort has been made to ensure a safe and secure form to email submission process but we advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process.
Or whereby you the consumer have previously used the services of or enquired about using the services of the company, or a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.
This website operates the email newsletter program MailChimp, to inform subscribers about services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. The data processed through this means is done so under the basis of Consent.
All personal details relating to subscriptions are held securely and in accordance with the General Data Protection Regulations. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates this website. Under GDPR you may request a copy of personal information held about you by this website’s email newsletter program. If you would like a copy of the information held on you, please contact us using the details at the bottom of this policy.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].
This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead.
Events & Workshops
All of our events and workshop registrations are processed through Eventbrite.
When you register for an event through the Eventbrite system, personal information may be collected. Any personal information that is collected will be stored on Eventbrite servers located in the United States in accordance with the EU-U.S. Privacy Shield Framework. Your data may also be stored separately by Business Information Point. Eventbrite does not control the registration process nor the Personal Data that is collected.
If you register for a paid event, you will provide financial information (e.g., your credit card number and expiration date, billing address, etc.) some of which may constitute Personal Data.
Eventbrite also automatically collects certain technical data that is sent from the computer, mobile device and/or browser through which you access the Services (“Automatic Data”). Automatic Data, includes without limitation, a unique identifier associated with your access device and/or browser (including, for example, your Internet Protocol (IP) address) characteristics about your access device and/or browser, statistics on your activities on the Services.
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to; businessinfopoint.co.uk or Business Information Point).
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example: http://buff.ly/2tN7RoL).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
All businesses that store and process any information on living and identifiable people must comply with the General Data Protection Regulations. The regulations apply to any computerised or manual records containing personally identifiable information about people.
The term ‘processing’ may include the company obtaining, recording or holding the information or data. It also covers carrying out any set of operations on the information or data, including organising, altering, retrieving, consulting, using, disclosing or destroying the information or data.
All BIP employees are all individually responsible for complying with the General Data Protection Regulations when processing personal data.
How we store data
BIP stores electronic data predominantly on Microsoft Office 365, the data that we store here resides within the European Economic Area (EEA) and is encrypted at rest and in transit.
Through its business BIP also utilises a number of online third party platforms such as Team-Up, Mailchimp etc. checks have been carried out to ensure that any platforms used comply with GDPR, storing their data within the EEA and in rare instances where data is transferred by them outside of the EEA that these platforms only use sub-processors that are certified under the EU/US Privacy Shield and have committed to complying with GDPR. Data stored on platforms other than Office 365 is always minimal and never of a sensitive nature. Full details of the platforms used, where and how they store data can be requested from BIP.
Physical copies of data are stored in our office and secure off-site archive facility. Further information on the security measures that BIP undertake can be found in our Security Policy.
BIP does not share data with other customers or third parties other than those funding the services that BIP provides in order to meet contractual obligations, in these circumstances clients are made aware of how their data is shared at engagement stage.
BIP has adopted appropriate technical and organisational measures to prevent the unauthorised or unlawful processing or disclosure of data.
BIP is registered with the Information Commissioner’s Office and will maintain this registration as long as the company is in operation. BIP is legally obliged to observe the following data protection principles:
- Data must be processed fairly and lawfully
- Data must be obtained for lawful purposes
- Data must be adequate, relevant and not excessive
- Data must be accurate and where necessary kept up-to-date
- Data must not be kept longer than necessary
- Data must be processed in accordance with the rights of employees
- Data must be safeguarded against unauthorised or unlawful processing and against accidental loss, damage or destruction
- Data bust be kept safe and secure
- Data must not be transferred outside the UK without adequate protection and permission
When using information about any individual, BIP will ensure that they are properly informed of what we intend to do with their information.
During the course of their work BIP Employees are likely to have access to information which is private or confidential to BIP, fellow or former employees, customers or supplies. Employees have a responsibility for the preservation of the confidentiality and integrity of information used during the course of their work. In particular, they are required to take practical steps to enable BIP to comply with the data protection principles outlined in the Employer’s Responsibilities section above.
This includes keeping a clear desk outside working hours and ensuring personal data is never left viable or unattended on a desk, photocopier or computer screen.
Resources & Further Information
- General Data Protection Regulations
• Privacy and Electronic Communications Regulations 2003
• Privacy and Electronic Communications Regulations 2003 – The Guide
Your right to be informed
We will consider all Subject Access Requests and will reply within one month of receiving the request in writing. Please send any such requests or queries to BIP, Unit 10, Okehampton Business Centre, Higher Stockley Mead, Okehampton, Devon, EX20 1FJ or via email to firstname.lastname@example.org
Please note charges may apply where requests are excessive.
May 2018 Edited & customised by: West Devon Business Information Point Ltd Company Registration Number 3129157 (England and Wales). Registered office address: West Devon Business Information Point Ltd Registered Address: 17 The Lakeside, Barton Marina, Barton Turn, Barton-under-Needwood, Burton, DE13 8FN.