This Privacy Policy explains how [Insert Legal Company Name], trading as UKBizConnect ("We," "Us," or "Our"), collects, uses, stores, and shares the personal information of our members and website visitors ("You").
We are the Data Controller of the personal data we process. We are registered with the Information Commissioner's Office (ICO) under registration number: [Insert ICO Registration Number].
1. Contact Details
| Detail | Information |
|---|---|
| Legal Entity Name | [Insert Legal Company Name] |
| Trading Name | UKBizConnect |
| Registered Address | [Insert Registered Office Address] |
| Contact Email (for privacy matters) | [Insert Dedicated Privacy Email Address, e.g., privacy@ukbizconnect.co.uk] |
| Data Protection Officer (DPO) / Privacy Lead | [Name or Title of DPO/Privacy Lead - If applicable] |
2. Information We Collect
We collect different types of personal data depending on your interaction with us:
| Category of Data | Examples of Data Collected | Purpose of Collection |
|---|---|---|
| Identity Data | Name, business name, job title, company registration number. | Account creation, membership management, platform security. |
| Contact Data | Business email address, phone number, physical business address. | Communication, sending service updates, facilitating networking. |
| Profile Data | Professional biography, industry sector, business interests, profile photo, membership tier. | Displaying your professional profile to other members, matching you with relevant contacts. |
| Financial Data | Payment card details (processed securely via [Payment Processor, e.g., Stripe]), billing address, transaction history. | Processing membership fees and event payments. |
| Usage Data | How you use our website (pages viewed, time spent), links clicked, search queries within the platform. | Improving website functionality, understanding member engagement. |
| Technical Data | IP address, browser type, operating system, device identifiers. | Site security, troubleshooting, and analytics. |
| Marketing Data | Your preferences for receiving marketing from us and third parties. | Sending newsletters, event invitations, and relevant promotions. |
3. Lawful Basis for Processing
Under UK GDPR, we must have a lawful basis to process your personal data. We rely on the following:
| Processing Activity | Lawful Basis |
|---|---|
| Membership & Service Provision | Contract: Necessary to perform the membership contract with you (e.g., providing access to features, displaying your profile). |
| Sending Service Emails | Legitimate Interests: Providing essential information about the platform, security, and administrative updates. |
| Direct Marketing (B2B) | Legitimate Interests or Consent: Sending targeted, relevant marketing communications about UKBizConnect services or events, where our legitimate interests are not overridden by your rights. We use Consent for non-members or if required by PECR. |
| Payment Processing | Contract and Legal Obligation: Processing fees and maintaining financial records for tax compliance. |
| Website Analytics (Non-essential Cookies) | Consent: Based on your explicit agreement via our cookie banner. |
4. How We Share Your Personal Data
We only share your data as necessary and with appropriate safeguards:
Other Members (Networking): Your Profile Data (Name, Company, Job Title, Bio, Contact details you choose to publish) is shared with other registered UKBizConnect members to facilitate networking, as this is the core function of the Service.
Service Providers: We use third-party processors for essential business functions (e.g., IT hosting, CRM software, email delivery, payment processing). They are only permitted to use your data to provide services to us and must adhere to strict UK GDPR contracts.
Example: Stripe for payment processing, Amazon Web Services (AWS) for hosting.
Legal Requirements: We will disclose data if legally required to do so by government bodies, regulators (like the ICO), or law enforcement.
5. International Data Transfers
The UKBizConnect Service is primarily hosted in the UK. However, some of our service providers may be located outside the UK/EEA (e.g., US-based software platforms).
Whenever your personal data is transferred outside the UK/EEA, we ensure a similar degree of protection by implementing at least one of the following safeguards:
Transferring data to countries deemed to provide an adequate level of protection for personal data by the UK Government.
Using Standard Contractual Clauses (SCCs) approved for use in the UK, which provide specific protection for personal data.
6. Data Security and Retention
Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. We limit access to your personal data to employees, agents, and contractors who have a business need to know.
Retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for satisfying any legal, accounting, or reporting requirements.
Generally, we keep data for the duration of your membership plus a period of [e.g., six years] thereafter to comply with tax and audit requirements, or until you exercise your right to erasure.
7. Your Legal Rights (The Data Subject Rights)
Under UK GDPR, you have the right to:
| Right | Description |
|---|---|
| Right to Access | Request a copy of the personal data we hold about you (Subject Access Request). |
| Right to Rectification | Request correction of inaccurate or incomplete data we hold about you. |
| Right to Erasure | Request that we delete or remove personal data where there is no good reason for us to continue processing it. |
| Right to Restrict Processing | Ask us to suspend the processing of your personal data in certain circumstances. |
| Right to Data Portability | Request the transfer of your personal data to you or a third party in a structured, commonly used, machine-readable format. |
| Right to Object | Object to the processing of your personal data where we are relying on a legitimate interest, and object to direct marketing. |
| Right to Withdraw Consent | Where we rely on consent to process your data, you have the right to withdraw that consent at any time. |
To exercise any of these rights, please contact us at [Insert Dedicated Privacy Email Address].
8. Cookies and Tracking Technologies
Our website uses cookies to distinguish you from other users. This helps us to provide you with a good experience and allows us to improve our site.
Essential Cookies: Necessary for the site to function (e.g., login, security). We rely on our Legitimate Interests for these.
Analytics/Marketing Cookies: Used to measure site performance and deliver targeted advertising. We rely on your Consent for these.
Please refer to our separate Cookie Policy [Insert Link to Cookie Policy] for detailed information on the cookies we use and how you can manage your preferences.
9. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or via a prominent notice on our website. The "Effective Date" at the top of this policy will be updated accordingly.
10. How to Complain
If you are not satisfied with our response to any concern you raise with us, or if you believe we are processing your data unlawfully, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.
ICO Contact Details:
Website: https://www.ico.org.uk
Helpline: 0303 123 1113
