Exist Business Intelligence Limited (ExistBI) treats the privacy of our visitors and users with the highest importance. This policy details the measures that we take to preserve and safeguard your privacy when you visit our website or communicate with our personnel. It also demonstrates how we may process data in accordance with the EU General Data Protection Regulation (“GDPR”).

This Privacy Policy may be updated from time to time.

1. Our details

Exist Business Intelligence Limited is the trading name of ExistBI, a company incorporated in the United Kingdom with company number 07741811 and registered office at Hamilton House, Mabledon Place, London, WC1H 9BB, United Kingdom.

You can contact us on +44 (0) 207 554 8568 or by writing to us at:

Exist Business Intelligence Limited
Hamilton House,
Mabledon Place,
London, WC1H 9BB,
United Kingdom.

If you need to contact our Data Protection Officer, please email tori.russ@existbi.com with the subject title FAO: Data Protection Officer.

2. Information collection

We call data that identifies or could reasonably be used to identify you as an individual ‘Personal Data’. This includes information about you that you give us by filling out forms on this site (www.existbi.com), registering or by corresponding with us by phone, live web chat, email or otherwise. This information may include your full name, job title and contact details including your email address and telephone number.

We do not collect or process any special categories of Personal Data.

3. Your information and how we use it

We collect your data, including Personal Data, for certain legitimate business interests of ours. Processing under this basis may occur in the following circumstances:

  • When you make a request for further information on our website, either through a demo form, live web chat, contact form or similar transmission, we will use the data you provide to fulfil your request for information. We will also store this information on our database and use it to follow up with you, either by telephone or through an electronic communication.
  • When you register on our website, we will use the data provided to give you access to resources on the website.
  • When you interact with our website, we use Google Analytics to better understand your journey and help us provide improvements. Google Analytics may record your geographical location, device, internet browser and operating system, none of which would be classified as Personal Data.
  • Where you have provided us with your details, we may contact you to notify you of changes to our services.

When you register on our website, you are also given the opportunity to provide us with your consent. If you choose to do this, then we will use the Personal Data provided with your registration to let you know about our products and services which we think you will find interesting. You will be able to access resources on the website and will be sent relevant email notifications based on your interests. We may also contact you by telephone.

You can subsequently withdraw your consent at any time by contacting us, or following the ‘unsubscribe’ link that is provided in emails from ExistBI.

Any information that we process, including Personal Data, will be stored on a secure server behind a firewall. We will not retain your Personal Data for longer than is necessary for the processing. Where you have registered and provided your consent to receive communications from us, then we will retain your Personal Data for this purpose until your consent is withdrawn.

4. Where will your information be shared?

We use third party processors to assist us in storing your data safely and securely while interacting with our website. These third parties are carefully screened so we can ensure that there are adequate controls in place and, where relevant, that such third parties are GDPR compliant. Additionally, where this would result in the transfer of Personal Data outside the EEA, we have confirmed that there are appropriate transfer mechanisms in place.

Our third party processors include:

  • Salesforce CRM (personal data stored)
  • Google Analytics (no personal data processed)
  • MailChimp (personal data stored)

We may share your Personal Data with our sister company, Exist MGT Limited (a company incorporated in the United Kingdom with company number 07741284) as part of our legitimate business interests. You can object to this by exercising your rights, better detailed below.

5. Your rights

Under the EU General Data Protection Regulation, you possess a number of rights in relation to your Personal Data. These rights include (i) the right to be informed; (ii) the right of access; (iii) the right to rectification; (iv) the right to erasure; (v) the right to restrict processing; (vi) the right to data portability; (vii) the right to object; and (viii) rights in relation to automated decision making and profiling. We are committed to upholding these rights. If you wish to exercise any of these rights, please contact us using the details below.

Where you have provided us with consent, you have the right to withdraw this consent at any time. To reiterate, you can do this at any time by contacting us directly or following the ‘unsubscribe’ link provided in any electronic communications you receive from us.

You also have the right to complain to a supervisory authority where you feel that our processing of your Personal Data has infringed your rights. The supervisory authority in the United Kingdom is the Information Commissioner’s Office (ICO): https://ico.org.uk

6. Accessing your information

If you wish to exercise your right of access, then you may make a subject access request by contacting us as per the below. In most cases, we will not charge you a fee and will respond within one month. Fees may be charged for repeated or vexatious requests and we may take two months to provide all information in response to particularly complex requests. We will let you know if this is the case.

7. Cookies

Our site uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our site.

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser. They enable the site or service provider systems to recognise your browser and capture and remember certain information, such as items saved in your online shopping basket.

Any data gathered through the use of cookies will not identify you personally. It is strictly aggregate statistical data about our visitors and how they used the resources on this web page. No Personal Data will be shared at any time via cookies.

You may choose to decline all cookies on your computer. Your browser has an option to disable the use of cookies. If you do choose to decline cookies, then you may be limited to certain areas of our website.

8. Third party links

We may sometimes include or offer third party products or services on our website. The websites of these third parties will have separate and independent privacy policies, with which you should familiarise yourself. We bear no responsibility or liability for the content and activities of these third party sites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback regarding these third party websites.

9. Compliance with Privacy Shield Principles

ExistBI is also the trading name of Exist Management LLC, a California corporation. Exist Management LLC complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union to the United States. Exist Management LLC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit http://www.privacyshield.gov/

10. Access

We will grant individuals reasonable access to Personal Data that we hold and will also take reasonable steps to permit individuals to correct, amend or delete Personal Data that is demonstrated to be inaccurate, incomplete or processed in violation of Privacy Shield principles. The foregoing in no way limits your rights detailed elsewhere in this Privacy Policy, nor your general rights under the GDPR.

11. Choice

You will be offered the opportunity to choose, either by opt-in or opt-out (as appropriate and in accordance with the GDPR) whether your Personal Data is to be disclosed to a third party acting as a Data Controller, or is to be used for a purpose materially different from the purpose for which it was originally collected, or subsequently authorised.

We do not process any sensitive Personal Data.

12. Security

ExistBI is committed to taking reasonable and appropriate precautions to protect Personal Data from loss, misuse, unauthorised access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the Personal Data.

13. Purpose Limitation and Data Integrity

ExistBI will use Personal Data only in ways that are compatible with the purposes for which it was originally collected or as subsequently authorised by the individual. We will also take reasonable steps to ensure that the Personal Data is relevant to its intended use, accurate, complete and current. We undertake to adhere to the Privacy Shield Principles for the duration that we receive Personal Data under our Privacy Shield certification.

14. Onward Transfer

As detailed above, we may share your Personal Data with third party processors who assist us in providing services and only for limited and specific purposes. We will obtain assurances that these third parties will safeguard Personal Data in a manner consistent with this Privacy Policy and the relevant Privacy Shield Principles.

We recognise that we remain responsible for onward transfers to third party processors and undertake to take reasonable steps to prevent, remediate or stop such disclosure where we become aware that a third party processor is acting outside of its permitted scope. If we transfer Personal Data to a third party acting as a Data Controller, then we will apply the Notice and Choice principles and obtain reassurance from these third parties that they will provide the same level of protection as required under the Privacy Shield Principles.

15. Recourse, Enforcement and Liability

In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. EU individuals with enquiries or complaints regarding our Privacy Shield policy should first contact us using the details provided at the beginning of this Privacy Policy.

Where complaints cannot be resolved through ExistBI internal processes, we have further committed to cooperate with EU Data Protection Authorities (“EU DPAs”) and comply with advice given by the EU DPAs regarding human resources and non-human resources transferred from the EU in accordance with Privacy Shield Principles. In the event that ExistBI has been deemed non-compliant with the Privacy Shield Principles, we shall take appropriate steps to address any adverse effects and promote future compliance. ExistBI is also subject to the investigatory and enforcement powers of the Federal Trade Commission, which is the competent supervisory authority under the Privacy Shield.

Where a complaint cannot be resolved by any of the before mentioned recourse mechanisms, individuals have a right to invoke binding arbitration under the Privacy Shield Panel as last resort recourse mechanism.

16. Limitations

ExistBI’s adherence to the Privacy Shield Principles may be limited (a) to the extent necessary to meet applicable national security, public interest or law enforcement requirements such as lawful requests from public authorities; (b) by statute, government regulation or case law that creates conflicting obligations or explicit authorisations, provided that in exercising any such authorisation, an organisation can demonstrate that its non-compliance with the Privacy Shield Principles is limited to the extent necessary to meet the overriding legitimate interests furthered by such authorisation; or (c) where the effect of the GDPR or Member State law is to allow exceptions or derogations, provided such exceptions or derogations are applied in comparable contexts.

This Privacy Policy was last updated in March, 2018.

Print Friendly, PDF & Email