BeenThereDoneThat Privacy Policy

BeenThereDoneThat (BTDT Global) Ltd is committed to protecting the privacy of all members of our community and users of our online platform - beentheredonethat.co. Please read the following privacy policy that explains how we use and protect your information. We will be the "data controller" of the information you provide to us.

BeenThereDoneThat Members should view a separate privacy policy that pertains more specifically to them. Click Here.

BTDT GLOBAL PRIVACY POLICY

1. INTRODUCTION

If you have any queries or requests concerning this privacy policy or how we handle your data more generally, please get in touch with us by contacting our general support team at: [email protected]

We, Been There Done That Global Ltd (BTDT Global) are committed to protecting the privacy of all those whose personal data we process. Please read the following privacy policy that explains how we use and protect your information.  

You may be reading this privacy policy for a range of reasons, for instance, you may be a (i) a visitor to beentheredonethat.co (our website); (ii) a subscriber to our newsletter or other communications, entrant to our competition or registrant to our webinars; (iii) a BTDT Global client; (iv) a member of the BTDT Global community; (v) a BTDT Global employee (or applicant); or (vi) a supplier to BTDT Global. 

Paragraphs 1 to 13 of this policy apply to you whichever category you fall into. However, to help you locate the information that is most relevant to you, specific information in relation to our use of your personal information can be found here, in the sections below: 

2. BTDT AS A DATA CONTROLLER

BTDT Global is the data controller of all personal information that we process about you. 

BTDT has offices, and processes personal data in, both the UK and the USA.  

3. CONTACT DETAILS

If you have any queries or requests concerning this privacy policy or how we handle your personal data more generally, please get in touch with us by contacting our general support team at: [email protected]

If you would prefer to write to us, you can do so at: Been There Done That (BTDT Global) Ltd, Zetland House Unit 3 F2, Third Floor, 5-25 Scrutton Street, London, England, EC2A 4HJ (UK office); or 175 Varick Street, New York, 10012 (US office).

4. THE BASIS ON WHICH WE PROCESS YOUR INFORMATION

We will only process the data we collect about you if there is a reason for doing so, and if that reason is permitted under data protection law. We will have a lawful basis for processing your information if: it is necessary to perform or enter into our contract with you (either as a member or customer of BTDT Global, or a supplier to us); we have a legitimate interest for processing your data; you have provided your consent; or we are under a legal obligation to do so.

Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” in section 10 below. 

5. HOW WE SHARE INFORMATION

The personal information we are holding about you may on the legal grounds set out in this privacy policy be shared with and processed by: 

- our service providers, such as our marketing automation provider, technology (including cloud) service providers, payment providers, marketing analytics providers, banks, and other support providers;

- our professional advisors (such as our lawyers, accountants and auditors); or

- another organisation to whom we may transfer our agreement with you, or if we enter into a joint venture with, purchase or are sold to or merged with another business entity.  

6. INTERNATIONAL TRANSFERS

We will not retain your information for any longer than we think is necessary.

Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the ‘Use of my information’ section above, in line with our legitimate interest or for a period specifically required by applicable regulations or laws, such as retaining the information for regulatory reporting purposes.

When determining the relevant retention periods, we will take into account factors including:

- our contractual obligations and rights in relation to the information involved;

- legal obligation(s) under applicable law to retain data for a certain period of time;

- statute of limitations under applicable law(s);

- our legitimate interests for your benefit (see section on 'How we use your personal information' above);

- (potential) disputes; and

- guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your information where we no longer require your information for the purposes collected 

As part of our business we transfer certain of your personal information to our business partners in the USA. However, we will only do so where: 

- appropriate safeguards have been put in place which meet the requirements of the Article 46 of the GDPR, for example using the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA; or 

- one of the exceptions for specific situations under GDPR Article 49 is applicable to the transfer. These include (in summary):

                   - the transfer is necessary to perform, or to form, a contract to which we are a party with you or with a third party where the contract is in your interests;

                   - you have provided your explicit consent to the transfer; or

                   - the transfer is of a limited nature, and is necessary for the purpose of our compelling legitimate interests.

7. DIRECT MARKETING

Where we have a legitimate interest for doing so (and are permitted to do so by law) we will use your information to let you know about our other activities and opportunities that may be of interest to you and we may contact you to do so by email or phone. You can withdraw your consent or opt out of receiving our marketing communications at any time. If you are not located in the EU, you may opt-out of receiving marketing communications and updates at any time. Additionally, you can control your email marketing preferences by doing the following:

- For member purposes: Updating your settings on our platform via http://beentheredonethat.co/, or by emailing [email protected]

- For marketing purposes: You can manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of BeenThereDoneThat marketing emails, or by emailing [email protected]

8. SECURITY

We adopt robust technologies and policies to ensure the personal information we hold about you is suitably protected. 

We take appropriate technical and organisational measures to protect your information from unauthorised access and against unlawful processing, accidental loss, destruction and damage.

Where you have chosen a password that allows you to access our platform, you are responsible for keeping this password confidential. 

We advise you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure.

Although we will take steps to protect your information, we cannot guarantee the security of your data transmitted to the platform; any transmission is at your own risk.

Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

9. RETENTION OF YOUR INFORMATION

We will not retain your information for any longer than we think is necessary.

Information that we collect will be retained for as long as needed to fulfil the purposes outlined in the ‘Legal Grounds and Purposes of Processing” sections. 

When determining the relevant retention periods, we will take into account factors including:

- our contractual obligations and rights in relation to the information involved;

- legal obligation(s) under applicable law to retain data for a certain period of time;

- statute of limitations under applicable law(s);

- our legitimate interests for your benefit; 

- (potential) disputes; and

- guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your information where we no longer require your information for the purposes collected. We will keep basic data to identify you and retain it solely for preventing further unwanted processing. Unless we are required or permitted by law to hold on to your information for a specific retention period, we may retain your information for the following purposes and periods:

- casual visitors to our site:

         - IP addresses and related data: up to 26 months (i.e. the period that cookies on your site hold this information);

         - Information you submit via the “Get in touch”: 1 year.  

- Subscribers to our newsletter or other marketing communications: 3 years from the date that you unsubscribe to our newsletter and all other marketing communications;

- Registrants for webinar or other event registrants (e.g. white papers): 3 years from the date of the event;

- our clients: 6 years from the point you cease to be a BTDT customer; 

- our members: 6 years from the point you cease to be a BTDT member; 

- our employees and prospective employees:

        - if you are an unsuccessful applicant: 6 years from receipt of your application:

         - if you are an employee: 6 years from the point you cease to a BTDT Global employee; and

- our suppliers: 6 years from the point you cease to be a BTDT Global supplier.

10. YOUR RIGHTS

Under data protection law, you have a number of rights concerning the data we hold about you. If you wish to exercise any of these rights, please contact our general support team using the contact details ([email protected]) set out above. For additional information on your rights please contact your data protection authority and see below.

The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this policy.

The right of access. You have the right to request certain information about, access to and copies of your personal information (if we’re processing it). Please note that you are entitled to request one detailed summary of that personal information at no cost, but for any further costs we reserve the right to charge a reasonable fee based on administration costs.

The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete.

The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of certain of the information that we hold about you. However, please note that this will not apply if we are required to retain the information for compliance with a legal obligation.

The right to restrict processing. You have rights to request that we stop using your personal information or limit the way in which we use it. When processing is restricted, we can still store your information, but will not use it further.

The right to data portability. You have the right to request that we return your personal information in an accessible and transferrable format, or that we send it directly to another company, where technically feasible;

The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your information with the national data protection authority in the UK, the ICO - https://ico.org.uk. The postal address is Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

The right to withdraw consent. If you have given your consent to anything we do with your information (i.e. where we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time.

The right to object to processing. You have the right to object to certain types of processing where we use it for our legitimate interests or for marketing purposes.

11. PROFILING

If you are a BTDT Global member, we conduct profiling in order to match you to the most appropriate briefs. We do not conduct automated profiling otherwise. 

12. COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website or platform may become inaccessible or not function properly.

13. CHANGES TO OUR PRIVACY POLICY

Any changes to our privacy policy will be posted to our platform and website and, where appropriate, we will notify you of the changes for example by email or push notification. This privacy policy was last updated: 7 June, 2021. 

ANY VISITOR TO THE BTDT WEBSITE

1. INFORMATION WE COLLECT FROM YOU

- your IP address;

- other location data;

- device information, such as your hardware model, mobile network information, unique device identifiers;

- your cookie preferences;

- any information you submit via the “Get in touch” function (e.g. name, organisation, email address, phone number, message and marketing preferences); and/or

- any other personal information that you otherwise send to us.

2. HOW WE COLLECT YOUR INFORMATION

We collect information when you:

- when you visit our website, browse its pages, or when you return; and/or

- when you submit a message to us via the “Get in touch” function. 

Some of the information is collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies which are active on our website. For more information on cookies and what you can do to disable certain cookies on our website, please read our Cookie Policy [https://www.iubenda.com/privacy-policy/80704370/cookie-policy]. 

3. LEGAL GROUNDS AND PURPOSE OF PROCESSING

It is in our legitimate business interests to do so: to monitor and perform analytics in respect of who is visiting our website; to consider and respond to your message or request; or if you are a subscriber to our newsletters, or other communications, to tailor marketing communications to your needs and preferences.

SUBSCRIBERS TO BTDT NEWSLETTER AND/OR OR COMMUNICATIONS, ENTRANTS TO OUR COMPETITIONS AND/OR REGISTRANTS FOR OUR WEBINARS

1. INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

- your name;

- email address;

- other data you consent to give, such as organisation, job title, address, age, birthday, ethnic group, resume/CV.

- your preference to receive our newsletter or other marketing communications;

-  your attendance at our webinar and any contributions that you make to it;  

- details about how you interact with our newsletter and/or email communications e.g. whether you open them, how long you spend reading them, and whether you click on the links contained within them; and/or

- your IP address.  

2. HOW WE COLLECT YOUR INFORMATION

We collect your personal information when:

- you sign up to receive our newsletter or other communications, or enter one of our competitions;

- you read and/or engage with our newsletter or other marketing communications; and/or 

- you attend one of our webinars and engage with us as part of it.  

3. LEGAL GROUNDS AND PURPOSES OF PROCESSING 

It is in our legitimate business interests to do so: to keep internal records for administration purposes; to personalise and improve our newsletters and marketing communications; and/or to defend legal claims or otherwise protect our rights as a business.  

Consent: where we have requested your consent and you have provided it (e.g. where you have signed up to receive our newsletter or other marketing communication (including white papers), applied to join a webinar or have entered a competition.

BTDT CLIENTS 

(INCLUDING PROSPECTIVE OR FORMER CLIENTS) 

1. INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

- your name;

- email and/or postal address;

- your job title;

- your company or organisation;

- date of birth;

- details of previous work we have completed for you;

- your preference to receive our newsletter or other marketing communications; and/or

- any other personal information that you supply to us. 

2. HOW WE COLLECT YOUR INFORMATION

We collect your personal information when:

- you complete an application or registration/subscription form, or otherwise contact us directly via email, phone, post, message; 

-you sign up to receive our newsletter; and/or

- you enter into a contract for services with us.

3. LEGAL GROUNDS AND PURPOSES OF PROCESSING 

It is necessary for the performance of our contract or for the purposes of entering into a contract: in order to negotiate, enter into and undertake our contractual obligations with you, for instance, to contact individuals at your organisation and obtain instructions and discuss your requirements.

It is in our legitimate business interests to do so: to keep internal records for administration purposes; to personalise and improve our platform; to communicate with you (including with regard to our services and fees); to tailor marketing communications about our products and services to your needs and preferences; to enable our support team to help you with any enquiries or questions in the most efficient way possible; to contact you for your views and feedback on our services; to enforce our contractual terms with you, to defend legal claims or otherwise protect our rights as a business; to gain insights into market trends and demographics; to develop our services so as to optimise experience for you or other clients in the future; and to send you marketing information about products and services which we think may be of interest to you. 

Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements. 

4. HOW WE SHARE INFORMATION

In addition to the parties set out in paragraph 5 at the front of this privacy policy, the personal information we are holding about you may on the legal grounds set out in this privacy policy be shared with and processed by our members and/or their providers. 

BTDT MEMBERS

(INCLUDING PROSPECTIVE OR FORMER MEMBERS)

1. INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

- your name;

- email and/or postal address;

- log-in and password to our member platform accessible via our website (platform);

- experience (both personal and professional);

- bank details for payment by us;

- your company or organisation;

- date of birth;

- details of previous work you have completed for us; and/or

- any other personal information that you supply to us. 

2. HOW WE COLLECT YOUR INFORMATION

We collect information when you:

- create an account with us or you change your account settings;

- invoice us for work completed (including payment details); and/or

- use our platform after becoming a member.  

3. LEGAL GROUNDS AND PURPOSE OF PROCESSING

It is necessary for the performance of our contract or for the purposes of entering into a contract: in order to negotiate, enter into and undertake our contractual obligations connection with your membership (for instance, to enable us to provide you with access to the platform, to match you to suitable briefs, to contact you in connection with our contract, including briefs, and to make payments to you).

It is in our legitimate business interests to do so: to keep internal records for administration purposes; to personalise and improve our platform (e.g. so you receive briefs quicker from us); to enable our member support team to help you with any enquiries or questions in the most efficient way possible; to contact you for your views and feedback on our platform, projects and business and to notify you if there are any important changes or developments to the platform or your membership; to analyse your activity on the platform so that we can administer, support, improve and develop our business; to enforce our contractual terms with you, to defend legal claims or otherwise protect our rights as a business; to gain insights into market trends and demographics; to develop our marketing or advertising materials; to analyse your use of our platform and the projects you complete for us and so send you more tailored marketing communications, to present you with new opportunities and ways to work with us.

Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements, such as to create a record of your transaction with us. 

4. HOW WE SHARE INFORMATION

In addition to the parties set out in paragraph 5 at the front of this privacy policy, the personal information we are holding about you may on the legal grounds set out in this privacy policy be shared with and processed by our clients and/or their providers. 

5. SECURITY

Where you have chosen a password that allows you to access our platform, you are responsible for keeping this password confidential. We advise you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will take steps to protect your information, we cannot guarantee the security of your data transmitted to the platform; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. 

BTDT EMPLOYEES (INCLUDING PROSPECTIVE AND FORMER EMPLOYEES)

1. INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

- your name;

- email and/or postal address;

- gender;

- date of birth;

- employment status;

- employment history and experience (both personal and professional);

- references from previous employers;

- interview notes;

- salary and benefits (including life insurance, pension, tax and social-security related information);

- next of kin, spouse or other beneficiaries;

- passport or residential ID documents;

- bank details for payment by us;

- national insurance number;

- student loan status;

- disciplinary records, performance records, or performance feedback;

- timesheets; and

- other personal information that you may supply to us. 

2. HOW WE COLLECT YOUR INFORMATION

We collect information when you:

- make an application to work for us, or attend an interview with us; and/or

- commence working with us. 

3. LEGAL GROUNDS AND PURPOSE OF PROCESSING

It is necessary for the performance of our contract or for the purposes of entering into the contract: in order to negotiate, enter into and undertake our contractual obligations connected with your employment.

It is in our legitimate business interests to do so: to keep employment records for administration purposes; to assess your continued suitability for a role and planning progression; for promoting the business publicly; to contact you (and other individuals) and to enforce our contractual terms with you and to defend legal claims or otherwise protect our rights as a business.  

Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements, such as to create a record of your transaction with us. 

4. SPECIAL CATEGORIES OF INFORMATION

In respect of any information about your health (including any medical condition, health and sickness records such as details of absences from work including time on statutory parental leave or sick leave), to the extent that you are a UK-based employee of BTDT Global, we will process such special categories of personal data on the following legal grounds:

- Pursuant to Schedule 1, Part 2(8) of the UK Data Protection Act 2018, we will use information relating to leaves of absence, which may include sickness absence or family related leaves, to comply with employment and other laws. We will use information about your physical or mental health, or disability status, to ensure your health and safety in the workplace and to assess your fitness to work, to provide appropriate workplace adjustments, to monitor and manage sickness absence and to administer benefits including statutory maternity pay and statutory sick pay.

- We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations or exercise specific rights in the field of employment law. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive or other personal data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.

5. HOW WE SHARE INFORMATION

In addition to the parties set out in paragraph 5 of the front of this privacy policy, personal information we are holding about you may on the legal grounds set out in this privacy policy be shared with and processed by our clients and/or their providers.

OTHER SUPPLIERS TO BTDT

1. INFORMATION THAT WE COLLECT FROM YOU

We collect the following information about you:

- your name;

- email address;

- job title

- your company or organisation;

- details of previous work you have completed for us; and/or

- bank details for payment by us.

2. HOW WE COLLECT YOUR INFORMATION

We collect information when you:

- contact us in connection with the services you provide to us; and/or

- invoice us for work completed (including payment details).

3. LEGAL GROUNDS AND PURPOSE OF PROCESSING

It is necessary for the performance of our contract or for the purposes of entering into a contract: in order to negotiate, enter into and undertake our contractual obligations to you (for instance to make payments to you).

It is in our legitimate business interests to do so: to tailor marketing communications to your needs and preferences; to enforce our contractual terms with you, to defend legal claims or otherwise protect our rights as a business; to present you with new opportunities and ways to work with us. 

It is in our legitimate business interests to do so: to keep internal records for administration purposes; to communicate with you (including with regard to services and fees; to enable our support team to help you with any enquiries or questions in the most efficient way possible; to enforce our contractual terms with you, to defend legal claims or otherwise protect our rights as a business; [o send you marketing information about products and services which we think may be of interest to you; or to obtain evidence of identity and credit history.

Compliance with a legal obligation: in order to prevent fraud or money laundering or to comply with any other legal or regulatory requirements, such as to create a record of your transaction with us. 

© Copyright 2020. All rights reserved by Been There Done That Global Limited

Built with