1. This document is a broad description of the way this organisation/data controller processes personal data.
2. Data controller (“we” “our” “us”) is BESA Publications Ltd a company registered in England and Wales under number 03034318 whose registered office is Old Mansion House, Eamont Bridge, Penrith, United Kingdom CA10 2BX.
3. Our email address for data protection issues is legal@sfg20.co.uk
4. We process personal data about users of this website, to the extent necessary for the website to function as specified in the applicable contractual relationship with the subscriber by which access to the website it provided.
5. The personal data we process is:
Personal Data |
Lawful Basis of Processing |
The name, username, email address, record of account activities, transaction records, and subscriber organisation as applicable for each user. |
Legitimate interest in performing contractual obligations to the subscriber. |
The name, employer, job title, LinkedIn page, employment email address, and employment telephone number for marketing prospects. |
Legitimate interest in promoting services to marketing prospects. |
Tokenised payment reference for direct debit (via GoCardless, see https://gocardless.com/privacy/) and credit card payments (via Stripe, see https://stripe.com/gb/privacy) in respect of subscribers which are sole traders or partnerships. |
Not applicable, no personal data stored. |
6. Where necessary or required we share personal data with suppliers and other companies in the same group.
7. We may also disclose personal data to third parties:
a. In the event that we sell or buy any business or assets, in which case we may disclose personal data we hold to the prospective seller or buyer of such business or assets;
b. If we or substantially all of our assets are acquired by a third party, in which case personal data we hold will be one of the transferred assets;
c. In order to comply with any legal obligation, or in order to enforce or apply any contract with the data subject; or to protect our rights, property, or safety of our employees, customers, or others; and
d. Other third parties from time to time, which will be updated to this notice.
8. As the data subject, you have the right to: (a) access to a copy of the information comprising your personal data, (b) object to processing that is likely to cause or is causing damage or distress; (c) prevent processing for direct marketing; (d) object to decisions being taken by automated means; and (e) have inaccurate personal data rectified, blocked, erased or destroyed.
9. You have the right to lodge a complaint concerning our compliance with the data protection principles with the Information Commissioner here: https://ico.org.uk/concerns/
10. We retain personal data for up to one year, or until it is no longer required.
Effective as of 1 January 2024, last amended 1 May 2024.