To look after our clients properly (and to find new ones) we occasionally need to collect information from you, but we never play fast and loose with your privacy. Your details are safe with us.
We’re Beneath. We’re a tech-specialist B2B marketing agency.
When we refer to “we” or “our” or “Beneath” we are referring to Beneath Limited.
We’ve got team members dotted about the globe, but our registered address is:
9 Park Lane Business Centre, Park Lane, Langham, Colchester, England, CO4 5WR
Our company number is: 11030973
What info do we collect?
When you access our website, or sign up to any services such as newsletters, blogs, or social media feeds, apply for a job with us or contact us for any other reason, we will receive personal information about you. This can consist of a range of data items such as your name, email address, work postal address, telephone number or mobile number, as well as information collected about your use of our websites (this could include your IP address).
Whatever information we retain we will do so securely and accurately. We will only retain the information for as long as it is reasonable to do so. So, if you become a client or supplier, for example, we’ll keep and use your information for two years from your last transaction with us or one year after your last interaction, whichever is longer.
And if you want us to stop using your data, you only have to ask. We’ll be sad to see you go, obviously, but it’s your info.
We’ll only use your info for good
We will never retain or use your details for nefarious or spammy purposes. That’s just not our style. We need and use this information to understand your needs, to provide our services and to make sure our services keep hitting the mark (according to Data Protection laws we have a “legitimate interest” in processing personal data in this way). At the risk of this becoming a listicle, we’re most likely to use your information for the following:
- Internal record keeping.
- Providing and improving our services.
- Occasionally sending you promotional emails about new services or activities (but even then, only if we think it’s relevant and interesting to you).
- If you’ve provided us with the necessary details, we may also reach out to you via third party social media channels (the usual suspects – LinkedIn, Instagram, Facebook, and Twitter although this list may grow as new channels emerge). But again, this is so we’re able to provide you with targeted, relevant information about our services and what the good folk of Beneath have been up to.
Will we share your information?
Nope, not unless it’s absolutely essential – by which we mean if it becomes necessary under the law to do so. The only other instance in which your information will be shared is via third-party data processors (like email service providers for instance) so we can use their technology to spread Beneath’s good word to brighten up your day.
Such providers are carefully selected. These are large, reputable, well-storied businesses with cast iron privacy policies of their own. In short, we treat your data the way we hope other people treat our data.
Data protection laws also require that we tell you if your personal information is sent outside of the EEA – we may do this as data servers can be anywhere in the world. However, if your data is sent or stored outside of Europe it will only be in a place that the EU have approved or a place that has signed a specific agreement with us to keep data safe and secure.
Under no circumstances will we ever sell your data to third parties – oh, hell no.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We get how important it is to get this stuff right.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
While it’s highly unlikely we’ll ever need to use them, we have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
You’ve got rights
As a ‘Data Subject’ (forgive how cyborg that sounds) you have a range of important rights under data protection laws. We’ve tried to summarise the key aspects below, but it’s pretty complex stuff. So once again we’ve turned to the people who understand this stuff the best, the ICO, and have included links to the appropriate sections on their website to help you get a fuller explanation of these rights.
Not gonna lie to you, it gets a bit legalese down there for a while.
- The right to access – you have the right to confirm as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply you a copy of your personal data upon request and within one month of verification of your identity. We may extend the time within which we must provide the information by a further two months if the request is particularly complex or if there are numerous requests and we will let you know if this is the case. The first copy will be provided free of charge, but additional copies may be subject to a processing fee.
- The right to rectification – you have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed. If the request is accepted by us, the rectification will be completed within one month (may be extended by us by a further two months if complex). We will use all reasonable endeavours to notify any third party with whom we have shared the data of any rectifications made.
- The right to erasure / right to be forgotten – in some circumstances you have the right to the erasure of your personal data without undue delay. However, there are exclusions of the right to erasure. We will use all reasonable endeavours to notify any third party with whom we have shared the data of any actioned erasure requests.
- The right to restrict processing – in some circumstances you have the right to restrict the processing of your personal data. Where processing has been restricted, we may continue to store your personal data. However, we will only otherwise process it: with your consent or for the establishment, exercise, or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest. We will use all reasonable endeavours to notify any third party with whom we have shared the data of any restriction placed on the processing of your data.
- The right to object to processing – you have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for certain tasks. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise, or defence of legal claims.
- The right to data portability – to the extent that the legal basis for our processing of your personal data is:
- A) consent; or
- B) that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract and
- C) such processing is carried out by automated means,
You have the right to receive your personal data from us in a structured, commonly used, and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
- Rights related to automated decision making including profiling – Beneath does not use automated decision making (including profiling) when processing your data.
- The right to withdraw consent – Under UK GDPR you have the right to withdraw consent to our processing your data. You can do so at any time, and we will make every effort to cease using your information in a timely manner. Like we said earlier, we’ll be sorry to see you go, but it’s your data.
To withdraw consent, or to make any enquiry regarding your rights as a data subject, simply email firstname.lastname@example.org.
Cookies are rapidly becoming yesterday’s news – it’s all about that sweet first-party data now. Only those cookies that are essential for the running of our website might occasionally be used. Most browsers allow you to refuse to accept cookies and to delete cookies however if you do this then our website might not operate correctly. Our website might contain links to sites owned and operated by other folk who may have a different approach to cookie use. These less enlightened ‘others’ have their own privacy policies and they are responsible for their sites (just as we are responsible for ours).
We’re naturally keen to understand how visitors to our website interact with our storyful content. We want to keep doing better for you. For this reason we, like most folk, use website analytics.
Excusing the descent once again into legal speak, we may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. Still with us? Excellent work, great tenacity.
For lovers of technical details, the relevant cookies are: 1PJAR_, AID, ANID, APISID, CGIC, CONSENT, HSID, NID, SAPISID, SEARCH_SAMESITE, SID, SIDCC, SSID, TAID, _secure-3PAPISID, _secure-3PSID and _secure 3PSIDCC.
You can also opt out of being tracked by Google Analytics in the future by downloading and installing Google Analytics Opt-out Browser Add-on for your current web browser: http://tools.google.com/dlpage/gaoptout?hl=en.
Contacts and complaints
We sincerely hope you won’t ever need to make any of the latter. We take our obligations looking after your data seriously and will always do our level best to ensure you’re happy with how we go about it.
If there’s anything in this policy that you’re unsure about, or if you want to know more about any of your information we may be holding, or (heaven forfend) you wish to make a complaint just email us at the following address and we’ll get right on it:
If you need guidance on the nitty gritty when it comes to your data rights, there’s no better place to look than the Information Commissioner’s Office (ICO) website.
Updates to this policy