Business Contact Privacy Policy

This document describes how we use and share personal data related to our business connections.

We use personal data for managing business contacts and promoting products and services to clients and potential customers.

We employ tracking, monitoring, and profiling tools in our marketing decisions to determine who to contact, what to contact them about, and when.

1. What personal data collected by us is used for

Managing our relationship with you

We do this by:

  • Informing you about product changes or scheduled maintenance activity
  • We will contact you with billing enquiries, invite you to events and webinars, and handle your queries.
  • We will run client surveys or questionnaires to gather feedback on your perceptions of us and ask about further product features that may enhance our products.

Marketing our products to you

We use personal information for marketing reasons, usually in regard to existing or prospective clients and their agents. This includes providing you with unique data and software insights, analysis, and research, as well as early notification of special events, webinars, and product and service changes.

Our marketing activities could include:

  • contacting you via email, phone, or post to inform you about our products and services
  • monitoring your interactions with us to help us identify which kind of products and services you may be interested in so that we can adjust our marketing accordingly.

We will refrain from contacting you for marketing purposes via any specific channel (e.g., email, telephone, or postal mail) if you have indicated that you do not wish to receive correspondence from us in that manner. If you request that we refrain from contacting you for marketing purposes, you may still receive correspondence from us for other reasons, such as as part of our standard relationship management activities.

Providing our services to you

In order to deliver the information, services, alerts, and product information you have requested, we may occasionally need to access and use your personal data. If you register for a webinar, for instance, we may use your contact information to send you an invitation and instructions.

For more details on how we use personal information when you're a registered user of our products, see the Business and Product Privacy Notice.

Monitoring and improving our websites

We personalise and enhance the user experience of our websites by using information such as how different people browse across our sites, how long they spend on specific pages, and whether they download any of our content. Also, by tracking which pages users have viewed, we can see which parts of the site are most popular and make improvements to better suit your interests and preferences.

Additionally, this data is used for system administration and security purposes, as well as to compile non-personalised data for use by our company, our partners in business, and certain sponsors or advertisers. This data may include anonymous statistics regarding service enrolment or usage, as well as browsing patterns.

Legal and regulatory purposes

We may use your personal data for legal and regulatory purposes. For instance, this may involve responding to enquiries or complaints from you or a regulator regarding the use of your personal data.

In order to exclude you from future direct marketing activities, we will include your name on our suppression list if you object to the processing of your personal data for direct marketing purposes.

Typically, regulators will request that we conduct an investigation into any complaint that you may make us against us regarding the processing of your data. Your personal data will be accessed during the course of the investigation.

2. Types of data we use and where we obtain it from

Information Type Description of Information Source of Information
Name and Contact details This is basic personal information about you from your place of employment, including contact details. This data is typically supplied directly by you; it might be delivered, for instance, during an event, by email, our websites, or over the phone.
Employment and Work details This contains data on your company and your position within it, including your job title and coworkers. This data is typically supplied directly by you; it might be delivered, for instance, during an event, by email, our websites, or over the phone.
Login details If you register for any of our web-based services, your username and password—which are logged—are among this information. You either give us this information or we create it (like when we change your password).
Contact notes This includes data on our interactions with you including what we sent you, who in the company knows you and any issues or queries addressed through our customer accounts team. We produce these records ourselves.
Device information This is information regarding the device you are using to visit our website or access any customer portal, including the type of device, running system, browser, IP address, and what cookies are on it. We produce these records ourselves.
Website use This includes data on how you have used our website, including page visits and content downloaded. Keeping track of how you interact with our websites allows us to generate this information ourselves.
Categories of use and history To handle our contacts, we could classify you into several groups based on specific criteria. If we believe you would be interested in one of our goods, for instance, we could label you as a live opportunity; if we have not heard from you for a considerable period, we could label you as a lapsed contact. This data guides our decisions on if, when, and how best to get in touch with you.
This also helps define our date retention periods for the data we hold on you.
We produce these records ourselves.

3. How long do we retain your data?

Your personal information will be retained for as long as necessary.

As a general rule, we will retain your personal information for as long as you or your employer remain an employee of a client or prospective client of ours, or for as long as you have any interaction with us (via our websites or communications) in the previous two years. Your right under data protection law allows you to ask us to erase it early.

4. Our legal basis for processing your data

Legitimate Interests

The use of your personal data for legitimate reasons is permitted under UK data protection law, but only if the benefits outweigh the risks to you. The legal requirement for processing personal data is known as the "legitimate interests" condition. The majority of our processing operations depend on this circumstance.

Legitimate Interest Explanation
Keeping in contact with our suppliers and customers; learning about them and maintaining our business relationships We want to keep in touch with you and make the most of our relationship with you. For instance, if you work for one of our clients, we might need to get in touch with you about one of the goods your boss bought from us. Or, if you work for one of our providers, we might need to talk to you about a product that your company sends us.
It's also important to us to know what kinds of people use our services and goods and how they do it.
Marketing We have an interest in promoting our products and services to our clients and potential clients
Giving people information on goods and services that could be useful to them People who buy our products and services from us from us or might buy from us in the future are interested in finding out about useful goods and services.
Monitoring and safeguarding our data and systems There are times when we need to use personal information to make sure that our systems and the information we offer on our website are safe and that only the right people can access it.
Commercial interests We, like any commercial organisation, endeavour to generate revenue by offering services to our clients and customers.

Other legal basis for processing data

In certain situations, we may have alternative lawful basis for processing personal data. The subsequent table contains a list of these, as well as examples of the situations in which they may be applicable.

Lawful Basis Explanation
Consent Your permission may be required of us in certain situations. When you fill out a form on our website, for instance, and want to receive marketing emails or phone calls from us, we will ask you explicitly if you want us to use your data in a certain way. The permission can be revoked whenever you choose.
Necessary for performance of a contract or to take steps for entering into a contract. If you sign up to one of our products or services, it will often be necessary for us to use your details in order to provide that product or service.
Necessary in order to comply with a legal obligation. We are subject to the same data-sharing requirements as any other business, including those from regulators, government agencies, and courts.

5. Who we share your data with

Service Providers

  • Third parties may host our database of personal data. For instance, in order to store, administer, analyse, and make use of our databases containing personal information, we may rely on cloud-based services like HubSpot.
  • To assist with sales and relationship management, we may employ third-party service providers.
  • While conducting accounting audits, our auditors may get access to personally identifiable information.
  • We may share your personal information with third parties so that they can perform analytics or make improvements.

Unless you express your explicit consent, these service providers will not be able to use your information for promotional or marketing purposes.

Online advertising platforms

We may utilise third-party advertising platform providers, such as Google, to offer you advertisements. These third parties may use information about your visits to our and other websites to target you with advertisements for products and services that you might be interested in.

Regulators

We may need to disclose personal information to a regulator, such as the Information Commissioner's Office or the Financial Conduct Authority.

6. Where we store your data

We only process your data in the UK.

We use cloud-based SaaS providers such as Microsoft that use Geo-regional back up processes.

While the United Kingdom and other nations in the European Union maintain a high degree of data protection regulation, some regions of the world may not give the same level of legal protection for personal data. As a result, if we move personal data overseas, we ensure that appropriate precautions are in place to protect the information. For instance, these precautions could include:

  • Creating a contract with the beneficiary that includes terms approved by the authorities as providing an adequate level of protection.

7. Use of automated decision making or profiling

We employ profiling techniques to better understand our clients and potential clients. This allows us to better understand who would be interested in which of our products and services.

We identify our business contacts based on the sort of organisation and job they work in, and then tailor our advertising accordingly. For example, we may decide that managers in a business risk team would be interested in learning about our credit risk assessment solutions, and we may contact them accordingly. We use information about a person's previous interactions with us to anticipate whether and when they will want to purchase a specific product from us. We utilise this to determine when to contact them and what items to inform them about.

8. Your rights in relation to the data processing we carry out

  • Access: You have the right to know what personal data we have on you, as well as other information about how we use it.
  • Withdrawal of consent: If we rely on your consent to use your data, you have the right to withdraw it at any time. You can do this by contacting us or (for consent-based emails) by clicking the "unsubscribe" link.
  • Objection to direct marketing: You have the right to object to us using your personal information for direct marketing. If you do this, we will discontinue using information for those purposes.
  • Rectification: If the information we have about you is inaccurate or out of date, you have the right to request that we update it.
  • Objection to legitimate interests: If you disagree with us using your personal data under the legal basis of legitimate interests, you have the right to object. We will then reassess the extent to which we can continue to utilise the data given your specific circumstances.
  • Erasure: In certain instances, you may request that we delete your personal information from our systems. However, this normally does not apply to all of your data because we may have a valid purpose for keeping some of it.
    Restriction: In certain cases, you may request that we limit how we use your personal information.
  • Portability: You have the right to get limited types of information in portable format.

9. Your right to complain

If you have a complaint about our processing of your data, you can contact our Data Protection Officer at iso@redflagert.com

Please see our Consumer Contact Privacy Notice for information on how we will handle your personal information in response to complaints and questions.

You also have the right to file a complaint with the Information Commissioner's Office (ICO), which oversees the processing of personal data in the United Kingdom. You can do this online at www.ico.org.uk or by calling 0303 123 1113, or by writing to the Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, SK9 5AF.