Who we are
What information we collect
When you register with us for one of our services, we receive and store information about you such as the following. Information you provide to us on registering for our eSourcing and Business Intelligence services: We collect information you provide to us. This includes:
- Your name, email address, address and/or postal code, payment method and telephone number. We collect this information in a number of ways, including when you enter it while using our service, interact with our Customer Services, or participate in surveys or marketing promotions;
- Information when you choose to provide account settings, set preferences in your account, or otherwise provide information to us through our service or elsewhere;
- We do not store any personal banking or credit card details.
Information we collect automatically when you use our eSourcing and Business Intelligence services: We collect information about you and your use of our service, your interactions with us and our advertising, as well as information regarding your computer or other device used to access our service (such as mobile devices, operating system, browser). This information includes:
- Your activity on the service, such as user profile matches, viewing history and search queries;
- Details of your interactions with Customer Service such as date, time and reason for contacting us, transcripts of chat conversations and, if you call us, your phone number and call recordings;
- Device IDs or other unique identifiers, device and software characteristics (such as type and configuration), connection information, statistics on page views, referral URLs, IP address (which may tell us your general location), browser and standard web server log information;
We do not collect any personal data from you that we do not need in order to provide, oversee and improve this service to you. Information we collect for Ingenium and Opus: Information gathered through our eSourcing or Business Intelligence services is not shared with or used by Ingenium or Opus. Ingenium and Opus are entirely separate databases and independently researched whereby we collect contact details such as name, organisation name, organisation address, organisation email, organisation phone number, job title, job function, and industry sector.
Why we collect it
eSourcing and Business Intelligence services: We use information to provide, facilitate, analyse, administer, enhance and personalize our service delivery and support delivery efforts in accordance with our contractual obligations to you. For example, we use information to:
- Process your registration, your orders and your payments, and to communicate with you on these and other topics;
- Provide secure access to our services, manage your account and support quality monitoring;
- Determine your general geographic location to provide localized content, provide you with information we think will be relevant to your business, and help us quickly and efficiently respond to enquiries and requests;
- Prevent, detect and investigate potentially prohibited or illegal activities, including fraud, and enforcing our terms;
- Analyse and understand our customers, improve our service (including user interface experiences) and optimize content selection, search and relevance algorithms, and delivery;
- Communicate with you concerning our service, so that we can send you news, details about new features or content available on our services, and customer surveys;
- Measure the success of our marketing campaigns and to better understand our customers;
- Assist you with operational requests such as password reset requests and other matters relating to your use of the service.
Ingenium and Opus: The information held on contacts in Ingenium and Opus is used to share information we think will be relevant to the contacts’ business or organisation in B2B, B2G and G2B contexts. This information may be sent on behalf of BiP or on behalf of third parties.
How and where we process it
The personal data that we collect from you and process in relation to our services is processed by our staff in the UK. For the purposes of IT hosting and maintenance, this information is located on servers within the European Union. We do not undertake any automated decision making on the basis of your personal information and third parties do not have access to your personal data unless the law allows them to do so.
What we do to protect it
We take the security of your information very seriously. To oversee the effective and secure processing of your personal information and to safeguard against its loss, theft, and unauthorized access, use and modification, we operate comprehensive data protection and information security policies and procedures, which are certified to the international standards ISO 9001 and ISO 27001, and we use reasonable administrative, logical and managerial measures. We use multiple layers of firewalls, specialist devices to detect and prevent intrusion attempts, and encryption systems to ensure data is scrambled while being transmitted from system to system. We employ strong physical security policies to prevent physical access to our data centres. We perform regular system patching and use independent security specialists to perform penetration tests to reveal vulnerabilities in our systems and to enable them to be fixed proactively. Unfortunately, however, no measures can be guaranteed to provide 100% security. Accordingly, we cannot guarantee the security of your information.
Who it may be shared with
We disclose your information for certain purposes and to third parties, as described below: Service Providers: We use other service providers (i.e. companies, agents or contractors) to perform services on our behalf or to assist us with the provision of services to you. For example, we engage service providers to provide infrastructure and IT services, to provide software to enable us administer our business, to process credit card transactions or other payment methods, to collect debts, to analyse and enhance data (including data about users’ interactions with our service), and to process and administer consumer surveys. In the course of providing such services, these service providers may have access to your personal information. We do not authorise them to use or disclose your personal information except in connection with providing their services to us. Protection of BiP and others: BiP and its Service Providers may disclose and otherwise use your personal and other information where we or they reasonably believe such disclosure is needed to:
- Satisfy any applicable law, regulation, legal process, or governmental request;
- Detect, prevent, or otherwise address illegal or suspected illegal activities (including payment fraud), security or technical issues;
- Protect against harm to the rights, property or safety of BiP, its customers or the public, as required or permitted by law.
- While using our services you may have opportunities to post certain information publicly and third parties could use the information you disclose;
- Certain portions of our services may contain tools that give you options to share information by email and social or other sharing applications, using the clients and applications on your smart device and the recipients could use the information you disclose;
Ingenium and Opus: The data held in Ingenium and Opus may be used to send targeted campaigns and / or surveys on behalf of third party organisations as a managed service, where the data is segmented by job function and various organisational attributes such as industry sector and employee number. Some third parties have access to some of this information via our mailing platform and campaign management service, iServe. On rare occasions, data may be shared directly with a third party to enable them to run their own campaigns via their own platforms. These third parties range through governmental organisations, charities, and businesses across a wide range of industry sectors interested in B2B, B2G and G2B engagement. We do not share the information with organisations interested in B2C. If, as a result of a communication, you have taken an action, such as downloaded a paper or registered for an event for example, information about your engagement with that campaign may be included in campaign performance reporting and may result in further communication relating to the action you have taken. When you register with us for one of our eSourcing or Business Intelligence services, the details you provide are not used for Ingenium or Opus and we will not sell or lease your personal information to third parties unless we have your permission or are required by law to do so. The only other times we will pass your details to anyone else would be if we are required to do so for fraud or other legal purposes.
How long we keep it
We are required under UK tax law to keep our customers’ basic personal data (name, address, contact details) for a minimum of 6 years plus the current year after which time it will be destroyed. Your information that we use for marketing purposes will be kept with us until you notify us that you no longer wish us to retain this information.