1. Scope of our User Privacy Notice
This User Privacy Notice applies to your use of this website and all Black Business Recommendation Group applications, services (including payment services), products and tools (collectively the ‘Services’), regardless of how you access or use these Services, including access via mobile devices and apps.
We are committed to protecting and respecting your privacy and the confidentiality of the information we collect, store and disclose. We take all reasonable steps to keep your information secure with appropriate safeguards, including password protection and controlled access, however, the transmission of information via the internet is not entirely secure. We will do our best to protect your personal data, although we cannot guarantee the security of your data transmitted to our sites and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Black Business Recommendation Group is responsible for the collection and processing of your personal data in connection with the provision of our Services and for the purpose of the General Data Protection Regulation ((EU) 2016/679 (“GDPR”), the data controller is Black Business Recommendation Group.
3. Data protection officer and contact
We have appointed a data protection officer to oversee the protection of your personal data. If you have any questions about this User Privacy Notice or about data protection at Black Business Recommendation Group in general, you can contact the data protection officer responsible at any time via firstname.lastname@example.org
Furthermore, if you have any questions or complaints regarding this User Privacy Notice, or our handling of personal data, you can also contact the team at any time via email@example.com
4. What personal data we collect and process
We collect your personal data when you use our Services, create a membership account, provide us with information via a web form, add or update information in your Black Business Recommendation Group account, participate in online community discussions or otherwise interact with us.
With regard to each of your visits to our website we will automatically collect technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your location, browser plug-in types and versions, and operating system; and information about your visit, including the pages on our sites that you visit, page response times and page interaction information.
5. Purposes and legal basis for data processing
We process your personal data for various purposes and based on several different legal bases that allow this processing. For example, we process your personal data to provide and improve our Services, to provide you with a personalised user experience on this website, to contact you about your Black Business Recommendation Group account and our Services, to provide customer service, to provide you with personalised advertising and marketing communications, and if necessary to detect, prevent, mitigate and investigate fraudulent or illegal activity. We do not share your information with third parties unless we state otherwise and only in circumstances when the third party is a trusted partner for the purpose the information was collected.
We may also use the information collected to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes. Other ways we may use your information include:
to improve our websites or services to ensure that content is presented in the most effective manner;
to allow you to participate in interactive features of our services;
as part of our efforts to keep our website safe and secure;
to measure or understand the effectiveness of advertising we serve to you and others, to deliver relevant advertising to you; and
to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
6. Storage duration and erasure
Your personal data will be stored by us in accordance with applicable data protection laws to the extent necessary for the processing purposes set out in this User Privacy Notice. Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged to keep your personal data longer (e.g. for legal compliance, tax, accounting or auditing purposes). In Europe, the retention periods are generally between 6 and 10 years (e.g. for contracts, notifications and business letters). As far as legally permissible or required, we restrict the processing of your data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where we may still need the data for the execution of the contract or for the assertion of or defence against legal claims, or where such retention is otherwise required or permitted by law. In these cases, the duration of the restriction of processing depends on the respective statutory limitation or retention periods. The data will be deleted after the relevant limitation or retention periods have expired.
7. Rights as a data subject
Subject to possible restrictions under national law, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of our legitimate interests. You can also lodge a complaint with a supervisory authority.
You can withdraw your consent to the processing of your personal data by us at any time. As a result, we may no longer process your personal data based on this consent in the future. The withdrawal of consent has no effect on the lawfulness of processing based on consent before its withdrawal.
You have the right to obtain access to your personal data that is being processed by us. In particular, you may request information on the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint with a supervisory authority, any available information as to the personal data’s source (where they are not collected from you), the existence of automated decision-making, including profiling and, where appropriate, meaningful information on its details.
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
You have the right to obtain from us the erasure of personal data concerning you, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
You have the right to obtain from us restriction of processing to the extent that:
the accuracy of the data is disputed by you, the processing is unlawful, but you oppose the erasure of the personal data,
we no longer need the data, but you need it to assert, exercise or defend legal claims or
you have objected to the processing.
The exercise of the above data subjects’ rights (e.g. right to access or erasure) is generally free of charge. Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge an appropriate fee (at most our actual costs) in accordance with the applicable statutory regulations or refuse to process the application.
8. Cookies & similar technologies
9. Data security
We protect your personal data through technical and organisational security measures to minimise risks associated with data loss, misuse, unauthorised access and unauthorised disclosure and alteration. To this end we use firewalls and data encryption, for example, and authorisation controls for data access.
Changes to our User Privacy Notice
We regularly review our User Privacy Notice to ensure it is in accordance with best practice and legislative changes. Any changes we make to our User Privacy Notice in the future will be made available on our Black Business Recommendation website. The most recently published version on our policy will apply to how we use your personal information.
Black Business Recommendation Group Limited with company registration number 10061333 and registered office address 160 Kemp House City Road, London, England, EC1V 2NX
Date issued: April 2021
Date issued: April 2021