Data Controller

Jack Allen

This Privacy Policy is written for Catalyst, Rendezvous & The Data Gatherer, a UK based direct marketing & media agency, data broker and email broadcaster providing marketing services and data that assist our customers in making critical commercial decisions and business growth. Some of the information we broker may be classified as “personal data” under European Union (EU) law. This is because it’s information relating to individuals (e.g. sole trader, partnership, company director, beneficial owner, professional etc). This privacy policy provides information we are required to give in relation to the processing of personal data under EU law.

We also facilitate the licencing or selling of professional business contact information to authorised resellers. This extends to organisations for marketing and data management purposes. Therefore we broker information on businesses and business professionals. This information includes the following examples:

• Company and business professional contact information. This  includes name, job title, address, phone number, fax, e-mail address, domain names, and trade associations;
• Detailed company profiles and statistics, including number of employees;
• Background information regarding company management, such as beneficial ownership/persons of significant control,
• Company operational histories, including territories, subsidiaries, affiliates, and lines of business;
• Detailed trade and business credit information, including payment histories and patterns;
• Business information regarding profitability, debts, assets, net worth, and business relationships;
• Business compliance information from public source government and professional records, media and business publications

For our own business purposes, we also collect information such as:

• Credit/debit card information in order to process certain customer payments
• IP addresses of visitors to our website
• Contact details of actual or potential customers

We do not seek to collect any information in relation to a European resident’s race or ethnic origin. Neither do we collect data on political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, genetic or biometric data.

Where does the data originate?

Our data originates from:

• Organisations
• Data vendors
• Governmental and administrative public records such as business registrations, company filings
• Public sector information (e.g. Company Registrars)
• Regulatory bodies and law enforcement agencies
• Our World Wide Network Partners
• Our Marketing Data originates from our customer base, previous customers, public sources, events, promotions and website visitors.

Who do we share Data with?

We share the Data (and that may include personal data) with:

• Worldwide Network Partners – independent business information providers across the world with whom we have entered into commercial agreements
• Customers – businesses and organisations with whom we enter into agreements to purchase or access data. Where necessary we contractually require these recipients to only use personal data for the intended purpose of the disclosure. We require that they destroy or return it when it is no longer needed.
• Resellers – We facilitate the licencing of professional business contact information and are authorised resellers and/or third-party businesses for marketing and data management purposes.

We may also disclose personal data:

As required or appropriate in order to protect our website, business operations or legal rights, or in connection with a sale or merger involving us or our businesses. (In the event that our business is purchased or sells parts or all of the business, the information collected will be considered an asset that can be transferred). If a court, tribunal administrative authority law enforcement agencies, regulatory authorities or government agencies, is based in a country outside the EU we would only comply with such a request if there was an international agreement (such as a mutual legal assistance treaty) in place.

Profiling

Our customers may choose to use the information we provide for profiling or combine with other information available to them. Their decision making may be based around whether to insure or market to, extend credit, acquire, trade or partner with a business. They may use the information to predict whether a business is likely to continue trading, pay its bills on time, receive credit, whether they would be likely to purchase a product or service, where they benchmark within their industry or whether they are subject to any specific risks. We do not make any decisions about an organisation – we do not hold blacklists and we do not tell our customers whether to trade with an organisation.

Data Retention

Depending on the nature and purpose for which it was collected, Personal data is stored for different lengths of time. We store personal data in line with any applicable statutory minimum periods. This policy is reviewed periodically (usually annually).  This is to ensure it is still necessary to be retained for the purpose for which it was collected. Where there is a statutory maximum for which data can be retained, such as County Court Judgements, we will delete accordingly on expiration.

Privacy Policy: Grounds for Processing

In technical legal terms we process personal data under the grounds of Legitimate Interest - the supply of commercial data (and the marketing of our business). The purpose of this processing is to enable businesses to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations and better understand organisations, industries, and markets. We also licence or sell professional business contact information to authorised resellers or organisations for marketing and data management purposes.

With all data provided for the purposes of marketing on the grounds of Legitimate Interest, we recommend including an "opt-out" option when making contact to give the recipient of your communication the option to no longer receive contact from your organisation.

Privacy Policy: Data Subject Access Request

You have the right to request from us confirmation of whether we are processing your personal data, and if so access to that information.

If any of your personal data is inaccurate you have a right to request rectification. We are very keen to ensure the data we hold is accurate and up to date, as well as the data that we broker from others.

You have the right to object to our processing. You can request personal data is deleted or restricted in its use. In considering our response we undertake to ensure your interests, fundamental rights and freedoms are properly balanced against our legitimate interests. We will also look at whether it is still necessary to process your data for the purpose it was collected.

We will always observe your objection to receiving either our marketing team or to us passing on your contact details to third parties for their direct marketing purposes: please contact hello@thedatagathere.co.uk including the name, business name, address, telephone number and email address that you wish to have excluded.

Before we are able to provide you with any information or correct any inaccuracies we may ask you to verify your identity and to provide other details to help us identify you and respond to your request.

Updating the Privacy Policy

We strive for continuous improvement in our services, processes and protecting data subject rights. We will therefore update this privacy policy from time to time. Therefore, we advise you to check this privacy policy on a regular basis, or if requested we will send it to you on a regular basis.

Complaints

All complaints or concerns and appropriate resolution relating to the practices of handling personal information will be logged. Please send all complaints to: hello@thedatagatherer.co.uk