Board Intelligence Ltd (BI) is a company registered in England and Wales that offers a SaaS platform and professional services that help businesses to have better and more informed board meetings. BI is committed to protecting and respecting your privacy. This notice (together with our website terms of use and any other documents referred to in it) sets out the basis on which any personal data we collect (here, by phone, by email or otherwise), will be processed by us. We will only collect and use personal data in ways that are described here and in a manner that is consistent with our obligations and your rights under the law. Please read the following carefully to understand our practices regarding your personal data and how we will treat it. To help you navigate this notice, please click on any of the links below to move to the section of the notice that you are interested in:

  1. Definitions
  2. Your Rights
  3. What Data Do We Collect?
  4. How Do We Use Your Data?
  5. How And Where Do We Store Your Data?
  6. Do We Share Your Data?
  7. How Can You Control Your Data?
  8. Your Right To Withhold Information
  9. How Can You Access Your Data?
  10. Our Use Of Cookies
  11. Contacting Us
  12. Changes To This Privacy Notice

1. Definitions

In this notice, the following terms have the following meanings:

  • “Cookie” means a small text file placed on your computer or device by us or a third party when you visit certain parts of our website and/or when you use certain features of our website;
  • "data controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
  • "DPL" means all applicable data protection and privacy legislation in force from time to time in the UK including: the General Data Protection Regulation ((EU) 2016/679) as it forms part of the law of England and Wales, Scotland and Northern Ireland; the Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426);
  • “personal data” means any information relating to an identified or identifiable natural person (a ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; and
  • “we/us/our” means Board Intelligence Ltd, the data controller for the purposes of this notice.

2. Your Rights

2.1 As a data subject, you have the following rights under the GDPR, which this notice and our use of personal data have been designed to uphold:

  • The right to be informed about our collection and use of personal data;
  • The right of access to the personal data we hold about you (see section 9);
  • The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us using the details in section 11);
  • The right to be forgotten (subject to any exceptions outlined in the DPL);
  • The right to restrict (i.e. prevent) the processing of your personal data;
  • The right to data portability (i.e. obtaining a copy of your personal data to re-use with another service or organisation) where processing is automated and based on consent or the performance of a contract;
  • The right to object to us using your personal data for particular purposes; and
  • Rights with respect to automated decision making and profiling.

2.2 If you have any cause for complaint about our use of your personal data, please contact us using the details provided in this notice and we will do our best to resolve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.

3. What Data Do We Collect?

We may collect and process personal data and non-personal data (such as contact data, financial data, transaction data, technical data, profile data, usage data, marketing and communications data) depending on the purpose of the processing:

When you visit our Website

Depending upon your use of our website, we may collect personal and non-personal data using browser Cookies or web beacons (please also see section 10 on our use of Cookies and similar technologies) including: name; business/company name; job title; contact information such as email addresses and telephone numbers; your log-in information; time-zone; demographic information such as post code, preferences and interests; IP address; web browser type and version; web browser plug-in type and version; operating system; a list of URLs starting with a referring site and the site you exit to; your activity on our website including date and time; content you viewed or searched for; page response times, download errors, length of visits to the website, page interaction information (such as pages viewed, scrolling and clicks) and methods used to browse away from the page.

When we provide our services

We will process contact and verification data including your name, title, surname, address, email address, IP address and telephone number in order to manage your account and to provide you with services and support as described in our contract - this will include sharing some personal data (such as your name and IP address) with our third party sub-processors, details of which can be found here. We may also process client IP addresses, audit logs (which may include personal data), interaction and user data in order to validate and monitor access to our service and to provide service data to enable our clients and users to get the best out of our service. This notice does not override or supersede the provisions in our contract that describe how we use personal data.

When we undertake marketing activities

We may process your data in connection with our marketing activities, for example we may process contact data such as your name, job title and email address to provide you with information or updates about our services, in connection with events that we are running, to manage your preferences, and to provide you with marketing communications that you have subscribed to or that we reasonably consider you might be interested in. From time to time we may process your data (such as your email or postal address) to invite you to an event or in connection with feedback that you have provided to us or a survey that you have completed. We may also monitor some of our communications with you in order to track and improve our communications with you or to comply with a request that you have made (e.g. to download thought leadership content or to update your preferences). We use a limited number of third party providers to obtain personal data for the purposes of contacting individuals who we think are likely to be interested in our product, services or events. For more details on how we process personal data gathered from these third parties, please refer to our Transparency Notice.

When we engage with suppliers

We will process your personal data (such as your name, surname, email address and postal address) in order to facilitate the provision and payment of services from you to us. We may process financial data that you have shared with us for the purposes of payment.

In connection with a role with us

We may process your personal data in order to progress or consider a career or role with us. For details of how we process your personal data in this regard, please refer to our Candidate Privacy Notice.

When we engage with third parties

In addition to those analytics providers referred to in section 10 below, we may also receive and process personal data from referees or third parties that we have relationships with (such as social media organisations, recruitment agencies, our contractors, partners and business contacts). This data is used in accordance with the provisions of this notice and in particular section 4 below.

To exercise/comply with our legal obligations

We may process your personal data to comply with our legal rights and obligations (e.g. where it is necessary to do so to comply with a legal obligation such as a court order).

4. How Do We Use Your Data?

4.1 All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was collected.

4.2 Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data (e.g. by subscribing to newsletters), to comply with our legal obligations or in connection with our (or those of a third party’s) legitimate interests. Specifically, we may use your data for the purposes set out below subject to our legitimate interests:

  • Providing and managing your access to our website;
  • Personalising and tailoring your experience on our website;
  • Notifying you about changes to our service (if we have a contract in place with you, we will rely on performance of a contract);
  • In the management and provision of our services and to carry out our obligations arising from any contracts entered into between you and us (if we have a contract in place with you, we will rely on performance of a contract);
  • Providing you with information about other products and services we offer that are similar to those that you have already purchased, use or enquired about;
  • Notifying you about changes to our service (if we have a contract in place with you, we will rely on performance of a contract);
  • Replying to emails from you or responding to unsubscribe or preference updates;
  • Supplying you with marketing communications and emails that you may unsubscribe from or opt-out of at any time by contacting us or by using the unsubscribe link provided in the applicable communication (we will obtain your consent to share marketing communications and emails where applicable);
  • Conducting market research;
  • Analysing your use of our website and gathering feedback to enable us to continually improve our website and your user experience;
  • Analysing your use of our service (which may include gathering feedback) to enable us to continually improve our services and your user experience (if we have a contract in place with you, we will rely on performance of a contract);
  • Administering our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • To manage your relationship with us.

4.3 With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by post, telephone or email with information, news and offers in connection with our services. We will take all reasonable steps to ensure that we protect your rights and comply with our obligations under the DPL.

4.4 You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it. Under the DPL, you have the right at any time to object to us:

  • using your personal data for direct marketing purposes, and to request that we delete it;
  • processing your personal data in reliance upon our legitimate interests or those of a third party.

4.5 We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period if it relates to a complaint or in connection with our legal rights or obligations.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, together with any applicable legal, regulatory, tax, accounting or other requirements.

5. How and Where Do We Store Your Data?

5.1 We only keep your personal data for as long as we need to in order to use it as described in section 4 and/or for as long as we have your permission to keep it.

5.2 Some or all of your data may be stored outside of the UK or the European Economic Area (“the EEA”). If we do store data outside the UK or the EEA, we will take all reasonable steps to ensure that your data is treated safely and securely in compliance with the DPL.

5.3 Data security is very important to us and to protect your data we have taken suitable measures to safeguard and secure the data we collect, including: suitable measures to protect data we collect via our website, secure servers, use of strict procedures and security features to prevent unauthorised access and the maintenance of our ISO27001 and Cyber Essentials Plus accreditations.

6. Do We Share Your Data?

6.1 We may share your personal data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. From time to time, we may restructure, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to the change, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy notice, be permitted to use that data only for the same purposes for which it was originally collected by us.

6.2 We may sometimes contract with third parties to supply services (such as payment processing, search engine facilities, advertising and marketing services) to you on our behalf or use third party tools (such as Microsoft, Salesforce, DocuSign) within our business to support our operations. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights (including under any contract that you have in place with us), our obligations, and the obligations of the third party under the law.

6.3 We may compile statistics about the use of our website including data on traffic, usage patterns, user numbers, and other information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, and advertisers. Such data will only be shared and used within the bounds of the law.

6.4 We may sometimes use third party data processors that are located outside of the UK or the EEA. Where we transfer any personal data outside the UK or the EEA, we will take all reasonable steps to ensure that your data is treated safely and securely as described in section 5 above and in accordance with any contract that we have in place with you.

6.5 In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority.

7. How Can You Control Your Data?

7.1 In addition to your rights under the DPL, you will be given options to restrict our use of your data. This includes the ability to opt-out of receiving marketing emails from us, by contacting us or unsubscribing using the link provided in our communications. We maintain a marketing suppression list to ensure that where you have opted out of our communications, you are not contacted again. You may also decline or delete Cookies in accordance with section 10 below.

7.2 You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.

8. Your Right to Withhold Information

8.1 You may access certain areas of our website without providing any data at all. However, to use all features and functions available on our website you may be required to submit or allow for the collection of certain data.

8.2 You may restrict our use of Cookies. For more information, see section 10.

9. How Can You Access Your Data?

You have the right to ask for a copy of your personal data held by us. Under the GDPR, there is generally no fee payable for this and we will respond to your request without charge. Please contact us for more details at: info@boardintelligence.com

10. Our Use of Cookies

10.1 Our website may place and access certain first party Cookies on your computer or device. First party Cookies are those placed directly by us and are used only by us. By using our website you may also receive certain third party Cookies on your computer or device. Third party Cookies are those placed by websites, services, and/or parties other than us. We use Cookies to facilitate and improve your experience of our website and to provide and improve our services and communications. Our Cookie Policy provides details of the Cookies that are placed on our website.

10.2 When you visit our website for the first time, you will be shown a pop-up requesting your consent to our Cookie settings. By giving your consent, you are enabling us to provide the best possible experience and service to you. You may, if you wish, choose the type of Cookies that are acceptable however certain features of our website may not function fully or as intended if you alter the recommended Cookie settings.

10.3 Our website uses analytics services provided by Google analytics and other third party analytics service providers from time to time. Website analytics refers to a set of tools used to collect and analyse anonymous usage information, enabling us to better understand how our website is used. This, in turn, enables us to improve our website and the services offered through it. You do not have to allow us to use these Cookies, however whilst our use of them does not pose any material risk to your privacy or your safe use of our website, it does enable us to continually improve our website and services, making it a better and more useful experience for you.

10.4 Our website uses marketing services provided by third parties. Such third parties may place a Cookie on your device in connection with such marketing services. The expected lifespan of these Cookies ranges by provider and are refreshed in accordance with industry standards. For a full list of lifespans per service/cookie, please visit our Cookie Policy.

10.5 Please visit our Cookie Policy page for a full list of providers and associated Cookies, including a summary of their intended purpose.

10.6 In addition to the controls that we provide, you can choose to delete, enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party Cookies. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.

10.7 You can choose to delete Cookies on your computer or device at any time, however you may lose any information that enables you to access our website more quickly and efficiently including, but not limited to, login and personalisation settings.

10.8 It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.

10.9 Our website may include links to third-party websites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and we are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

11. Contacting Us

We have appointed a DPO. To contact our DPO or if you have any questions about our website or this privacy notice, please contact us by email at info@boardintelligence.com, by telephone on +44 (0)207 192 8218, or by post at 24 Cornhill, London, EC3V 3ND.

12. Changes to our privacy notice

We may change this privacy notice from time to time (for example, if the law changes). Any changes to this privacy notice in the future will be posted on our website and, where appropriate, may be notified to you via email. Please check back frequently to see any update or changes to our privacy notice because you will be deemed to have accepted them on your first use of our website following the alterations and it represents the current and applicable version of the notice.

Last updated: 7th October 2021