Data policy
Updated 2nd January 2024
General Data Protection Compliance
i. GDPR Alignment: Our handling of the BizCrunch Data, including your interaction with it, adheres to the General Data Protection Regulation (EU) 2016/679 (EU GDPR), its UK adaptation via the European (Withdrawal) Act 2018 (UK GDPR), and the Data Protection Act 2018.
ii. Framework: This Data Policy is an integral part of your Subscription Plan. It outlines the terms ensuring that our exchange of BizCrunch Data serves mutual legitimate interests and safeguards individual rights related to the personal data made accessible via the the BizCrunch Platform.
iii. Contact: You should address any questions regarding this Data Policy to our Data Protection Officer ("DPO") at dpo[@]bizcrunch.co.
1.1. Definitions
The following terms shall have the following meanings:
Applicable Data Protection Laws means laws regulating data protection and privacy globally, including UK and EU GDPR, and the EU e-Privacy Directive (Directive 2002/58/EC).
Personal Data means information about identifiable individuals as defined in relevant data protection laws.
Platform Personal Data means personal data accessible through the BizCrunch Platform, detailed in Annex I.
Standard Contractual Clauses means collectively the Standard Contractual Clauses (2021/914/EC) Module 1 and/or the ICO’s UK Addendum to the Standard Contractual Clauses.
All other defined terms not specifically defined herein shall have the meaning given to them in the BizCrunch Terms and Conditions, a copy of which can be accessed via our Website.
1.2 Data Access and Usage
BizCrunch will provide specific personal data via its Platform for processing, strictly adhering to determined.
1.3 Roles and Responsibilities
BizCrunch acts as the controller of Platform Personal Data. Subscribers process this data independently for agreed purposes, avoiding joint controller scenarios.
1.4 Legitimate Interests
The processing basis is the legitimate interest of BizCrunch in delivering business insights and the Subscriber Business' interest in assessing merger and acquisition opportunities.
1.5 Lawful Compliance
Both BizCrunch and Users must independently comply with all applicable data protection laws.
1.6 Restrictions on Data Types
Special categories of personal data are not disclosed for processing.
1.7 Data Transfers
Restrictions apply to data transfers outside the EEA/UK, adhering to adequacy measures under GDPR and using Standard Contractual Clauses as necessary.
1.8 Data Security
Subscriber Business is required to implement suitable measures to protect the BizCrunch Platform Personal Data against unauthorised access and data breaches.
1.9 Subcontractor Engagement
Subscriber Business must obtain prior written consent from BizCrunch before allowing any third-party access to Platform Personal Data, and shall procure from such third-party their written confirmation to adhere to this Data Policy.
1.10 Cooperation in Data Queries
If any party receives communication, such as inquiries or complaints, from individuals, regulatory bodies, or any external entity concerning either (a) how BizCrunch shares Personal Data from the BizCrunch Platform for the approved reasons, or (b) the way this data is handled by the other party or a User of a Subscribing Business, that party must promptly notify the other, providing comprehensive details. Both parties should collaborate effectively and earnestly to address these communications, complying with all Applicable Data Protection Laws.
1.11 Incident Reporting
You must immediately notify BizCrunch of any data security incidents, and collaborate in mitigating and resolving these issues.
1.12 Post-Agreement Data Handling
At the end of your Subscription Plan, you must delete all data obtained from the BizCrunch Platform.
1.13 Audit Rights
BizCrunch may conduct audits to ensure your compliance with this Data Policy, and you shall provide such reasonable assistance to BizCrunch in facilitating such audit.
Email Address Usage Guidelines
2.1 Provision of Email Addresses
BizCrunch provides business email addresses for direct communication with relevant individuals. Users must follow email marketing rules and data protection laws.
2.2 Limits on Emailing
2.2.1 Do not send emails to more than 5 people at once using BizCrunch email addresses.
2.2.2 If no reply is received, limit follow-up emails to a maximum of 4 attempts per individual, with at least a 4-day gap between each email.
2.3 Email Content Requirements
2.3.1 Clearly identify yourself in every email, including contact details like a postal address, email address, and phone number.
2.3.2 Include an easy way for recipients to opt out of future emails.
2.4 Handling Opt-Outs
2.4.1 Promptly add individuals who opt out or object to your marketing to a ‘do not contact’ list and cease communications.
2.4.2 Regularly check your marketing list against the ‘do not contact’ list to avoid sending unwanted emails.
2.5 Compliance with Laws
You and all Users must stay compliant with all Applicable Data Protection Laws and any updates or replacements to it.
Data Usage Rights
Access to the BizCrunch Platform and BizCrunch Data is only allowed as specifically outlined below.
3.1 Personal Use Guidelines
Individual Users can access and use BizCrunch Data, including Platform Personal Data, following these rules:
(a) All use of BizCrunch Data must comply with all Applicable Data Protection Laws.
(b) Access to BizCrunch data is limited to the individual user; sharing is only permitted within the same Subscription Plan. You are not permitted under any circumstances to share or use BizCrunch Data outside of the aforementioned group.
Annex I Data Information
A: Overview of Data on BizCrunch Platform
1. Data Subjects Involved: The data includes information on directors, shareholders, employees, and other associated individuals of companies listed on the BizCrunch Platform.
2. Types of Data Collected: This encompasses business-related information such as names, business contact details (email and phone), job titles, shareholding details, and directorship information.
3. Sensitive Data: No sensitive personal data is included.
4. Data Transfer Frequency: The data is transferred on a continuous basis.
5. Processing Activities: Data is collected, recorded, structured, organised, retrieved, and accessed.
6. Purpose of Data Use: The data is used as per the Subscription Plan, mainly for enabling the Subscribing Business to utilise the BizCrunch Data as outlined in their Subscription Plan and detailed in Section 3 of this Data Policy.
7. Data Retention Period: Data is retained for the duration of the Subscription Plan.
8. Recipients of Data: Subscribing Business (access is limited to authorised Users).
9. Public and Legal Authorities: Access is provided to authorised personnel for legal and regulatory purposes.
B: Parties and Roles
1. Data Exporter
Name: Biz Crunch Ltd
Address: 86-90 Paul Street, London, England, United Kingdom, EC2A 4NE
Official registration number: 14268311
Contact person and contact details: Data Protection Officer, dpo[@]bizcrunch.co
Activities relevant to the data transferred under these Clauses: Provision of BizCrunch Data via the BizCrunch Platform
Role (controller/processor): Controller
2. Data Importer
Name: Subscribing Business (as set out on subscription)
Address: Subscribing Business address (as set out on subscription)
Contact Person’s name, position and contact details: As set out in the Subscription Summary
Role (controller/processor): Controller
C: ICO Registration
Information Commissioner Registration Number for Biz Crunch Ltd (trading as BizCrunch): ZB610698
Contact points for data protection enquiries: Email: dpo[@]bizcrunch.co