Privacy policy

Introduction
EiB Group Limited (“EiB”) are strongly committed to protecting personal data. This Privacy Policy describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves, or by others. We may use personal data provided to us for any of the purposes described in this Privacy Policy or as otherwise stated at the point of collection.

Personal data is any information relating to an identified or identifiable living person. EiB processes personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.

When collecting and using personal data, our policy is to be transparent about why and how we process personal data.

Our policy embraces and is fully aligned with the principles set out in the General Data Protection Regulation (GDPR) as it applies in the UK, tailored by the Data Protection Act 2018.

Security
We take the security of all the data we hold very seriously. We have a framework of policies, procedures and training in place covering data protection, confidentiality and security. We regularly review the appropriateness of the measures, we have in place, to keep the data we hold secure.

When and how we share personal data and locations of processing
We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality and security standards.

We are part of a group of firms located in the European Union (“EU”). As a result, we made need to transfer any personal data outside of the EU. We have taken steps to ensure all personal data is provided with deemed adequate levels of protection by the European Commission and that all transfers of personal data are done lawfully. Where we use certain service providers, we may use Standard Contractual Clauses (SCCs) approved by the European Commission or the ICO UK Addendum which give personal data the same protection it has in the EEA.

Third party organisations that provide applications/functionality, data processing or IT services to us
We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud-based software as a service provider, identity management, website hosting and management, data analysis, data back- up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.

Third party organisations that otherwise assist us in providing goods, services or information
We use Consultants who are subject to our Sub-Contractor Selection Process and are contracted at a general and project level, to provide services to our clients. Their contracts require them to comply with all our policies, procedures, and guidelines included in this policy.

Auditors and other professional advisers
We make available to our auditors, accountants and legal advisors such information as is required to ensure the professional management of the Company and to comply with all legal requirements and obligations.

We have audited their systems and processes in relation to compliance of General Data Protection Regulations and are happy they comply in all regards.

Our auditors and accountants are:

TC CH Limited, 4 Office Village, Forder Way, Cygnet Park Hampton, Peterborough PE7 8GX

Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation.

Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.

Personnel (Directors, Staff and Consultants)
We collect personal data concerning our own personnel (director, staff and consultants) as part of the administration, management and promotion of our business activities.

Changes to this privacy policy
We recognise that transparency is an ongoing responsibility, so we will keep this Privacy Policy under regular review.

This policy was last updated on 1st May 2022.

Data controller and contact information
The data controller is EiB Group Limited (the limited company registered in England under registration no. 11267170 and with its registration address at Spring Lodge, 172 Chester Road, Helsby, Cheshire, WA6 0AR.

If you have any questions about this privacy statement or how and why we process personal data, please contact us at:

Data Protection Manager:

EiB Group Limited Lancaster House, 67 Newhall Street, Birmingham, B3 1NQ

Email: caroline.mott@eibgroup.co.uk

Individuals’ rights and how to exercise them
Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights. Where we decide how and why personal data is processed, we are a data controller and include further information about the rights that individuals have and how to exercise them below.

Access to personal data
You have a right of access to personal data held by us as a data controller. This right may be exercised by emailing us at caroline.mott@eibgroup.co.uk. We may charge for a request for access in accordance with applicable law. We will aim to respond to any requests for information promptly, and in any event within the legally required time limits (currently one month).

As a person who believes the company holds certain information about you, you are entitled to know:

  • confirmation that you are processing their personal data.
  • a copy of their personal data; and
  • other supplementary information as set out in this policy.

Amendment of personal data
To update personal data submitted to us, email us at caroline.mott@eibgroup.co.uk.

When practically possible, once we are informed that any personal data processed by us is no longer accurate, we will make corrections (where appropriate) based on your updated information.

Withdrawal of consent
Where we process personal data based on consent, individuals have a right to withdraw consent at any time. To withdraw consent to our processing of your personal data please email us at caroline.mott@eibgroup.co.uk or, to stop receiving an email from an EiB marketing list, please click on the unsubscribe link in the relevant email received from us.

Other data subject rights
This privacy statement is intended to provide information about what personal data we collect about you and how it is used. As well as rights of access and amendment referred to above, individuals may have other rights in relation to the personal data we hold, such as a right to erasure/deletion, to restrict or object to our processing of personal data and the right to data portability.

If you wish to exercise any of these rights, please send an email to caroline.mott@eibgroup.co.uk

Complaints
We hope that you won’t ever need to, but if you do want to complain about our use of personal data, please send an email with the details of your complaint to caroline.mott@eibgroup.co.uk. We will look into and respond to any complaints we receive.

You also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”) (the UK data protection regulator). For further information on your rights and how to complain to the ICO, please refer to the ICO website.

Collection of personal data
EiB processes personal data about contacts (existing and potential EiB clients and/or individuals associated with them) using a customer relationship management system (the “EIB CRM”).

The collection of personal data about contacts and the addition of that personal data to the EiB CRM is initiated by an EiB user and will include name, employer name, contact title, phone, email and other business contact details. In addition, the EiB CRM may collect data from EiB email (sender name, recipient name, date and time) and calendar (organiser name, participant name, date and time of event) systems concerning interactions between EiB users and contacts or third parties.

Use of personal data
Personal data relating to business contacts may be used for our legitimate interests for the following purposes:

  • Administering, managing and developing our businesses and services.
  • Processing personal data in order to run our business, including:
    – managing our relationship with clients.
    – developing our businesses and services (such as identifying client needs and improvements in service delivery and learning more about a client, relationship opportunity we or other EiB subsidiary trading companies have an interest in).
    – analysing and evaluating the strength of interactions between us and a contact.
    – performing analytics, including producing metrics for EiB leadership, such as on trends, relationship maps, sales intelligence and progress against account business goals.
    – maintaining and using IT systems.
    – hosting or facilitating the hosting of events; and
    – administering and managing our website and systems and applications.
    – Providing information about us and our range of services

Unless we are asked not to, we use client business contact details to provide information that we think will be of interest about us and our services. For example, industry updates and insights, other services that may be relevant and invites to events.

EiB member firms do not sell or otherwise release personal data contained in the EiB CRM to third parties for the purpose of allowing them to market their products and services without consent from individuals to do so.

Data retention
Personal data will be retained on the EiB CRM for as long as we have, or need to keep a record of, a relationship with a business contact, which is for the duration of our relationship with a contact or their organisation.

Personal data may be held for longer periods where extended retention periods are required by law or regulation and in order to establish, exercise or defend our legal rights.

When and how we share personal data and locations of processing
The information in the EiB CRM may be accessed by EiB member firms for the purposes described above.

Further details about the processors used by EiB Group Ltd are:

TC CH Limited, 4 Office Village, Forder Way, Cygnet Park Hampton, Peterborough PE7 8GX

The nature of processing activities is for the provision of book-keeping, accounting, HR and payroll services.

Individual responsibility
As a director, employee or consultants, you are responsible for:

  • Checking that any information you provide in connection with your work with the company is accurate and up to date;
  • Notifying the company of any changes to information you have provided, for example changes of address; and
  • Ensuring that you are familiar with and follow this Privacy Policy.

Data security
You are responsible for ensuring that:

  • Any personal data that you hold, whether in electronic or paper format, is kept securely.
  • Personal information is not disclosed either verbally or in writing, accidentally or otherwise, to any unauthorised third party.
  • Items that are marked ‘personal’ or ‘private and confidential’, or appear to be of a personal nature, are opened by the addressee only.

The office address should not be used for matters that are not work related.

Any breach of this Privacy Policy, either deliberate or through negligence, may lead to disciplinary action being taken and could in some cases result in a criminal prosecution.

Policy communication
EiB’s Data Protection Policy is communicated to all employees during their induction to the company and provided in writing for their retention as part of their induction pack. Employees are reminded of this during the annual appraisal process, and any updates are communicated to all staff at the time.

Any need for improvements will be applied as soon as possible. Employees are encouraged to offer their feedback on this policy if they have any suggestions for how it may be improved. Feedback of this nature should be addressed to the Chief Executive Officer’s Executive Assistant.