Introduction

We are committed to safeguarding the privacy of all the individuals we interact with in the course of our business.

The privacy notice applies to:

  • the personnel of our customers and prospective customers;
  • the personnel of our suppliers and other business partners; and
  • our website visitors.

Under data protection law, we act as “controllers” with respect to the personal data of these persons. That means we determine the purposes and means of the processing of the data.

This privacy notice will help you to understand those purposes and means. The notice includes details of the personal data that we collect, the ways that we use that personal data, the circumstances in which we disclose that data to third parties and our data retention policies.

In this notice, “we”, “us” and “our” refer to Business Solutions in the Cloud Limited (trading as BSITC Limited and b.solutions). For more information about us, see Our details below.‌

Exclusions

‌This notice does not apply with respect to the personal data of our employees, freelancers and other personnel. We have a separate privacy notice for these persons.

Nor does this notice apply with respect to personal data that we process on behalf of our customers – as to which see Acting as a data processor below.

Related documents

This notice should be read alongside our cookies policy (https://b-solutions.io/cookie-policy).

The personal data that we collect

We have set out in the table below the categories of personal data that we process and the sources of that data.

Category

Description

 

Source

Prospect data

Information relating to the personnel of our prospective customers, which may include individual names, prospective customer names, job titles and roles and contact details

Insofar as the relevant data is stored in our customer relationship management systems, the prospect data also includes communication content and metadata

You, your employer, our customers and business partners, or a third-party data source

Customer data

Information relating to the personnel of our customers and our customer relationships, which may include individual names, customer names, job titles and roles and contact details

Insofar as the relevant data is stored in our customer relationship management system, the customer data also includes communication content and metadata

You, your employer, our customers and business partners, or a third-party data source

If a prospective customer becomes a customer of b.solutions, the relevant prospect data becomes customer data for the purposes of this notice

Business partner data

Information relating to the personnel and representatives of our actual and prospective suppliers, services providers and other business partners, which may include individual names, prospective customer names, job titles and roles and contact details

Insofar as the relevant data is stored in our supplier management system, the business partner data also includes communication content and metadata

Your, your employer, our customers and business partners, or a third party data source

General communications data

Information not included in the above categories contained in or relating to any communication, including both communication content and metadata

You, your employer or us

Our website will generate the metadata associated with communications made using the website contact forms.

Publication data

Information contained in reviews, testimonials, case studies and other works and materials relating to our websites, applications, services and/or business that we are licensed to publish

You, your employer or us

Analytics data

Information about your use of our website and services, which may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use

Our website analytics tracking system

Purposes of processing and legal bases

In this section, we have set out the purposes for which we may process personal data and the legal bases of the processing.

Operations – We may process your personal data for the purposes of operating our website, sending proposals, negotiating and entering into contracts, providing our services (including support services), asset and share sales and other corporate transactions, generating and sharing invoices, bills and other payment-related documentation, and credit control. The legal basis for this processing is our legitimate interests, namely the proper administration of our websites, applications, services and business.

Publications – We may process publication data for the purposes of publishing such data on our website and elsewhere through our services in accordance with any licence we have been granted. The legal basis for this processing is our legitimate interests, namely the publication of content in the course of promoting our websites, applications, services and business.

Relationships and communications – We may process prospect data, customer data, business partner data and general communications data for the purposes of managing our relationships, responding to enquiries, requesting feedback, and communicating with you and your employer or any organisation you represent (excluding communicating for the purposes of direct marketing) by email, SMS, post and/or telephone, as well as the purpose of complaint handling. The legal basis for this processing is our legitimate interests, namely communications with our website visitors, service users, prospect personnel, customer personnel and business partner personnel, the maintenance of our business relationships, enabling the use of our services, and the proper administration of our websites, applications, services and business.

Recruitment – If you contact us in relation to any job advertisement or other role in our business, we may process the relevant general communications data for the purposes of our engagement and recruitment processes. The legal basis for this processing is your consent. However, if we take forward your application to the assessment or interview stage, or internal privacy notice will apply in place of this privacy notice.

Direct marketing – We may process prospect data and customer data for the purposes of creating, targeting and sending direct marketing communications by email, SMS and/or post and making contact by telephone for marketing-related purposes. To the extent that we ask for your consent to direct marketing, the legal basis for this processing will be consent; otherwise, the legal basis of this processing will be our legitimate interests, namely promoting our websites, applications, services and business and communicating marketing messages and offers to the personnel of prospective customers and customers.

Research and analysis – We may process usage data for the purposes of researching and analysing the use of our websites, applications and services, as well as researching and analysing other interactions with our business. The legal basis for this processing is our legitimate interests, namely monitoring, supporting, improving and securing our websites, applications, services and business.

Record keeping – We may process your personal data for the purposes of creating and maintaining our databases, backup copies of our databases and our business records generally. The legal basis for this processing is our legitimate interests, namely ensuring that we have access to all the information we need to properly and efficiently run our business in accordance with this notice.

Security – We may process your personal data for the purposes of security and the prevention of fraud and other criminal activity. The legal basis of this processing is our legitimate interests, namely the protection of our website, services and business, and the protection of others.

Insurance and risk management – We may process your personal data where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks and/or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.

Legal claims – We may process your personal data where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

Legal compliance and vital interests – We may also process your personal data where such processing is necessary for compliance with a legal obligation to which we are subject or in order to protect your vital interests or the vital interests of another natural person.

Providing your personal data to others

We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, and obtaining professional advice.

In addition, we may transfer personal data to our service providers in the following categories:

Service provider category

 

Key current appointee(s)

Communications and project management platforms

Google, Inc (Google Workspace), Zoom Video Communications Inc

Lead and customer relationship management and support platforms

Pipedrive OU, Zoho Group

Bookkeeping and accounting platforms

Xero (UK) Limited

Contract execution and management platform

Dropbox International Unlimited Company (HelloSign)

Subscription management and payment services providers

Chargebee Inc, GoCardless Ltd, HSBC Bank Plc

Freelance personnel

Various

We may disclose personal data in the context of proposed business/share sales and other corporate transactions to any purchaser or prospective purchaser (and that person’s representatives) of:

  • the whole or a part of our business; or
  • all or a substantial part of the shares in our company,

but only insofar as such disclosures are reasonably necessary to facilitate the relevant transaction.

In addition, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise, or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

International transfers of your personal data

We may transfer your personal data between Jersey, the European Economic Area (EEA) and the UK (and process that personal data in each of these jurisdictions) for the purposes set out in this notice and may permit our suppliers and subcontractors to do so, during any period with respect to which the relevant transfers are not restricted by applicable data protection law or benefit from an adequacy determination from all the competent data protection authorities.

In addition, we may transfer personal data to our service providers in other jurisdictions (including the US).  Insofar as such transfers are to jurisdictions that do not benefit from adequacy determinations from all competent data protection authorities, they will be protected by standard contractual clauses approved by the competent data protection authorities or other appropriate safeguards.

You acknowledge that publication data may be available, via the internet, around the world. We cannot prevent the use (or misuse) of the publication data by others.

Retaining and deleting personal data

This sets out our data retention policies and procedures, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes, and shall be retained and deleted in accordance with the following table.

Category

Retention period

 

Prospect data

12 to 24 months following the date of the most recent communication between b.solutions and the relevant prospect

Customer data

6 to 7 years following the end of the customer relationship

Business partner data

6 to 7 years following the end of the business relationship

General communications data

6 to 7 years following the date of the communication

Publication data

6 to 7 years following the date that we cease to publish the relevant data

Analytics data

36 months following the date of collection

Notwithstanding the above table, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Your rights

In this section, we have listed the rights that you have under data protection law. Your principal rights under data protection law are:

  • the right to access – you can ask for copies of your personal data;
  • the right to rectification – you can ask us to rectify inaccurate personal data and to complete incomplete personal data;
  • the right to erasure – you can ask us to erase your personal data;
  • the right to restrict processing – you can ask us to restrict the processing of your personal data;
  • the right to object to processing – you can object to the processing of your personal data;
  • the right to data portability – you can ask that we transfer your personal data to another organisation or to you;
  • the right to complain to a supervisory authority – you can complain about our processing of your personal data; and
  • the right to withdraw consent – to the extent that the legal basis of our processing of your personal data is consent, you can withdraw that consent.

These rights are subject to certain limitations and exceptions. You can learn more about the rights of data subjects by visiting

https://edpb.europa.eu/our-work-tools/general-guidance/gdpr-guidelines-recommendations-best-practices_en

and

https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

You may exercise any of your rights in relation to your personal data by written notice to us, using the contact details set out below.

Third-party websites

Our website includes hyperlinks to, and details of, third-party websites. In general, we have no control over, and are not responsible for, the privacy policies and practices of third parties.

Updating information

Please let us know if the personal information that we hold about you needs to be corrected or updated.

Acting as a data processor

In respect of personal data supplied or made available to our applications by our customers (or by their customers), and processed by our applications, we do not act as a data controller; instead, we act as a data processor.

Insofar as we act as a data processor rather than a data controller, this notice shall not apply. Our legal obligations as a data processor are instead set out in the contract between us and the relevant data controller.

Amendments

We may update this notice from time to time by publishing a new version on our website.

You should check this page occasionally to ensure you are happy with any changes to this notice.

Our details

This website is owned and operated by Business Solutions in the Cloud Limited (trading as b.solutions).

We are a company incorporated in Jersey (registration number 131599) with our registered office at Hillside, Wellington Road, St Saviour, Jersey, JE2 7TH.

Our data protection officer is Rachel Hotton.

You can contact us:

  • by post, to the postal address given above;
  • using our website contact form; or
  • by email, using the email address published on our website.

Your CV has been submitted.

Thank you. If you’re keen to join our team, why not follow us on on LinkedIn to stay up to date with our news, new product developments and client stories?