Brits Business Hub

Privacy Policy Brits Business Hub

Privacy Policy for Brits Business Hub Ltd

Privacy Policy

Effective Date: 15-May-2026

Privacy Notice

This privacy notice explains how Brits Business Hub uses the personal information we collect from you, either through using our website, or in any other way, electronically, verbally or in writing.

Topics:

Data controller

Basis for collecting your data (Lawful processing)

Recipients of data and data transfers

Sensitive Information

Retention policy

Data Storage and Security

Cookies

Your Rights as a data subject

Automated decision making

3rd Party Websites

Contact Details

Data Controller

Brits Business Hub processes personal data as a Data Controller, as we determine the type of data collected, the purpose to which it is put to, its retention and disposal, how it is collected and where it is stored. Brits Business Hub shall comply with all applicable Data Protection Laws in the processing of personal data.

We can be contacted at Brits Business Hub:

William Court, 70 Alcester Road, Birmingham, England, B13 8BB

On what basis do we collect and process your data?

Data Protection law defines the basis by which we can lawfully collect and process personal data. If you are a registered customer, we will use your personal information to:

Confirm acceptance of your registration;

Communicate with you about our services;

Check that you are a registered customer if you call us;

Collect payment from you;

Let you know by email about any changes to our services and website;

Market our products and services to you;

Improve our understanding of the type of customers we are attracting to our services and how they use the services;

To provide you with better service

We will collect personal data when we are required to through a legal obligation, such as requirements from public agencies in relation to financial reporting. We will also collect and process personal data where it is in the legitimate interest of Brits Business Hub to do so. Specifically, we use legitimate interest in relation to be processing our customer’s personal data and for our Business-to-Business marketing activities. If you subscribe to one of our services, your credit or debit card information will be taken by one of our partner companies. We do not store your credit or debit card details.

As part of our marketing efforts and in the legitimate interest of our business, we may send marketing emails promoting similar products or services to our customers, in compliance with the soft opt-in exemption. This exemption allows us to contact our existing customers with offers for products or services that are like those they have previously purchased from us. Further information on soft opt-in can be found here.

For the data we act as data controller for, we have determined the following basis:

Customers

Purpose of Processing

Data Category

Data Type

Legal Basis

Engage commercially

Identity Details

First Name

Legitimate Interest

Engage commercially

Contact Details

Last Name

Legitimate Interest

Engage commercially

Contact Details

Mobile telephone No.

Legitimate Interest

Engage commercially

Contact Details

Direct Dial telephone No.

Legitimate Interest

Engage commercially

Contact Details

Business Email address

Legitimate Interest

Marketing

Identity Details

First Name

Legitimate Interest

Marketing

Identity Details

Last Name

Legitimate Interest

Marketing

Contact Details

Business Email address

Legitimate Interest

We collect data in relation to your communications and interaction with us. This can include emails, text messaging, postal service delivery, social media posting or any other form of communication. In addition to the lawful purpose described previously for the above categories, we have a legitimate interest purpose to collect and retain this data to enable and improve our communication and for record keeping purposes.

The data we collect as data controllers from our data subjects is obtained directly from the data subject themselves or is obtained from sources such as social media platforms.

Data recipients and data transfers

We do not sell any of your personal data to any third party. Where required, Brits Business Hub share personal data with service providers such as our accountants and insurance companies. We may, as required, share your personal information with printing and mailing companies, as well as email service providers and other delivery companies.

Brits Business Hub will transfer and store the personal data we collect about you in countries other than the country in which the data was originally collected, outside of the EEA. Brits Business Hub operates within the United Kingdom, and we may contact you from our offices inside and outside of the United Kingdom. Brits Business Hub will transfer your personal data on the basis of establishing Standard Contractual Clauses to provide the appropriate safeguards. Brits Business Hub data protection policies are actively enforced to provide adequate privacy protection controls to uphold an individual’s rights and freedoms, by allowing the secure transfer of personal data outside of the EEA.

Specifically, we share your data with:

Third Party Category

Type of Personal Data Shared

Objective of Sharing Personal Data

Retention Period

Energy Suppliers

First & Last Names;

Business Email Address;

Business landline number,

Mobile Number

For your utility’s requirement.

Disclosure of personal information for the fulfilment of the contract.

This would include credit checks; payments and maintenance of the site(s).

This is required when establishing the suitability of a potential customer prior to them enlisting our services.

Details are retained for a period of seven years following the termination of a contract.

Systems Integrated Partners/analytics software services

First & Last Names;

Business Email Address,

Business landline number;

Mobile Number

To enable us to effectively monitor and optimise the delivery of our services.

Details are retained for a period of seven years following the termination of a contract.

Cloud Telephony Systems

Business landline number/Direct Dial

Mobile Number

Cloud Telephony Platform to provide and record telephony services, embedded within Salesforce.

Details are retained for a period of seven years following the termination of a contract.

    

Where required we will disclose your personal data with law enforcement and fraud prevention agencies. This is so we can help tackle fraud or where such disclosure is necessary for compliance with a legal obligation to which we are subject. Additionally, to protect your vital interests or the vital interests of another natural person, or in connection with the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

Personal data in electronic form is held in EU or UK accredited data centres; our email system stores data outside of the EEA. Where data is transferred outside of the EEA, we ensure that the transfer is covered by an EU adequacy decision such as the USA Privacy Shield or through mechanism such as standard contractual clauses as approved by the EU.

Sensitive information

Brits Business Hub does not process special category data as defined by Article 9 of the GDPR.

Retention policy

The data we collect directly from you is the minimum we require to facilitate the lawful processing described above. Personally Identifiable Information (PII) placed on our system will be deleted in accordance with legal obligations, such as HMRC requirements. Outside of that Brits Business Hub has developed a retention policy to ensure personal data is held only for as long as is required for the purpose we collected it or for our legitimate purposes.

Generally, personal data required for financial transaction and audit purposes, including reporting to the HMRC will be retained for 6 years plus the current year it is collected. The data we process for direct marketing purposes will be retained for as long as our legitimate interest is current. In the instance whereby we no longer have a legitimate business purpose to retain it, we will anonymise or delete such personal data immediately.

Data Storage and Security

Brits Business Hub follows strict security procedures to ensure that your personal information is not damaged, destroyed, or disclosed to a third party without your permission and to prevent unauthorised access. We store both physical and electronic records. We have put in place technical and organisational measures to ensure our physical security as well as technical measures for data backup, authorisation and authentication onto systems. We use secure firewalls and other measures to restrict electronic access, including anti-virus and anti-malware measures. If the data must be transferred to a third party, we require them to have in place similar measures to protect your personal data. We have a process in place to mitigate the impact of any data breach that should occur.

Only persons who need the information to fulfil their duties are granted access to personal data. We may require you to cooperate with our security checks before we disclose information to you. You can update the personal information that you give us at any time by contacting us directly.

Your rights as a data subject

The regulations provide a number of rights to you as the Data Subject. Brits Business Hub is committed to upholding those rights and those applicable to the personal information we collect and process are listed below. In addition to these rights, you have the right to escalate any concern to the Supervisory Authority, which in the UK is the Information Commissioners Office https://ico.org.uk. A full and detailed explanation of all rights can be found at https://ico.org.uk/for-the-public/.

The Right to be Informed – you should be clear about what, why and in what way your personal information will be processed at the time it is processed. This privacy policy sets out that information.

Right of Access – you have the right to know what personal information is held, by whom and why.

The Right to Rectification – If the information we have collected and processed is inaccurate or incomplete, you have the right to have it rectified.

Right to Erasure – You have the right to have your personal data erased and to prevent processing in some specific situations.

Right to Restrict Processing – If you contest the accuracy of the personal data we hold, we will restrict the processing of your data until accuracy is verified.

Right to Data Portability – You have the right to move, duplicate or transfer your data easily from one IT environment to another in a safe and secure way.

Right to Object – You have the right to object to profiling and direct marketing.

You also have rights in relation to automated decision making.

You also have the right to lodge a complaint with the UK’s supervisory body, The Information Commissioners Office – https://ico.org.uk

Automated decision making

Brits Business Hub Business does not use automated decision making to process personal data.

Third party websites

Our website may contain links to other websites. This privacy policy only applies to Brits Business Hub, so if you follow a link to another website, you should read that organisation’s own privacy policy.

Changes to our privacy policy

We keep our privacy policy under review, and we will place any updates on our website.

Brits Business Hub Data Protection Officer & Dispute Resolution

Brits Business Hub has a designated Data Protection Officer (DPO), who is responsible for matters regarding privacy and data protection. Should you wish to contact the DPO, refer to the following contact information:

Attention: Data Protection Officer

William Court, 70 Alcester Road, Birmingham, England, B13 8BB

 Email: contact@britsbusinesshub.co.uk

Note, if you remain dissatisfied with the resolution received from our designated DPO, you have the right to directly contact the relevant Data Protection Authority within your jurisdiction. We do however request that you attempt to resolve any issues with us first although you have a right to contact the Data Protection Authority at any chosen time.