Introduction

The purpose of this Transparency Notice ("Notice") is to provide you with information regarding who we are and how we collect and use your personal data and the rights that you have in connection with our use of that data. This Notice is given to comply with our obligations under the GDPR and the Data Protection Act (DPA) 2018.

Board Intelligence Ltd is a company registered in England and Wales that offers a SaaS platform and services that help businesses to have better and more informed board meetings. For the purposes of this Notice, Board Intelligence is a controller under the GDPR and DPA 2018. If you have any questions about this Notice, please contact us by email at: info@boardintelligence.com, by telephone on: +44 (0)207 192 8218, or by post at: 24 Cornhill, London, EC3V 3ND.

We have appointed a Data Protection Officer who can be contacted by email at: info@boardintelligence.com.

How do we obtain your personal data?

We use a limited number of third party providers to obtain personal data for the purposes of contacting individuals who we think are likely to be interested in our product, services, or events. We are happy to provide you with details of these third parties on request.

From time to time we will ourselves directly research publicly available data (for example company annual reports) to obtain personal data for the purposes of contacting individuals who we think are likely to be interested in our product, services, or events.

What personal data do we collect and how do we use it?

We process your personal data in order to share relevant information with you about our research, thought leadership, products and services or to invite you to an event. We rely on legitimate interests to process your personal data (being our interest in providing you with details of our product, services and relevant events as described in this Notice) .

The personal data that we process is as follows: first name; surname; title; telephone number; email address; job title/role; nationality; date of birth; gender; and awards/qualifications (e.g. MBE, OBE).

We do not store details of your nationality , gender or date of birth however they may appear in a researched list (for example one that has been obtained via search of Companies House). Where possible, we limit our search parameters to omit this data however where we are unable to do this (for example where data fields are pre-determined) we delete these fields and the data within them on receipt and do not otherwise process them.

Do we share your personal data?

We share your personal data with a limited number of our employees and contractors who have confidentiality provisions in their contracts that govern use of any data obtained within the course of their employment or engagement. We may share your personal data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority.

What are your rights?

As a data subject, you have the following rights under the GDPR, which this Notice and our use of personal data have been designed to uphold:

  • The right to be informed about our collection and use of personal data;
  • The right of access to the personal data we hold about you;
  • The right to rectification if any personal data we hold about you is inaccurate or incomplete;
  • The right to be forgotten - you have the right to ask us to delete any personal data we hold about you. This right is subject to limited exceptions under the GDPR (for example we may continue to process your data in connection with the establishment, exercise or defence of legal claims);
  • The right to restrict (i.e. prevent) the processing of your personal data;
  • The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation) where processing is automated and based on consent or the performance of a contract;
  • The right to object to us using your personal data for particular purposes; and
  • Rights with respect to automated decision making and profiling.

How and where do you store my data?

We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was collected.  We maintain a marketing suppression list to ensure that where you have opted out of our communications, you are not contacted again. We also monitor marketing communications sent by email in order to track and improve our communications.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, together with any applicable legal, regulatory, tax, accounting or other requirements. Where we have had no interaction from you with us or our communications for a period of 36 months from the date of our first communication with you, we will email you to ask whether you wish to continue to receive our communications and we will act in accordance with your response (where we do not receive a response from you within 10 days we will automatically add you to our suppression list and you will not receive further communications from us).

Data security is very important to us, the steps that we take to secure and protect your data are built around the suite of security policies and controls we have in place to maintain our externally audited ISO27001 and Cyber Essentials Plus accreditations. We may sometimes use third party processors that are located outside of the European Economic Area (“the EEA”). Where we transfer any personal data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and as required under the GDPR.

How can you control use of your personal data?

In addition to your rights under GDPR, you will be given options to restrict our use of your data. This includes the ability to opt-out of receiving marketing emails from us by unsubscribing using the links provided in our e-mails or to specify how you would like to hear from us.   We will ensure that our records are updated to reflect your requirements.

You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receive.

Questions or concerns?

If you have any concerns or questions about our use of your personal data, please contact us using the details provided in this Notice and we will do our best to resolve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.