Privacy Policy

Hello, welcome to the Be the Riot (BTR) Privacy Policy. At BTR, we are committed to keeping your personal information safe and secure, and handling it in accordance with our legal obligations. This Privacy Policy sets out in detail the purposes for which we process your personal information, what rights you have in relation to that information, who we share it with and everything else we think is important for you to be aware of.

Please make sure you check it carefully and if you don’t agree with it, then (although we hate to turn you away) you shouldn’t use our website or services. This is because by accessing our website or services, you confirm that you accept the way in which we process your personal information.

If you have any concerns, please feel free to contact us at info@betheriot.com.

About Be The Riot

We are Be The Riot Ltd, a company incorporated and registered in England and Wales with company number 12988201. Our registered office is at 7 Bell Yard London WC2A 2JR (referred to as BTR, we, our and us). We are the data controller for the purposes of the personal information processed in accordance with this Privacy Policy.

You can contact us regarding this Privacy Policy by email to info@betheriot.com.

Contents of this Privacy Policy:  

1.      About this Privacy Policy

2.      The personal information we collect, how we collect it, and why

3.      Our legal basis for processing personal information

4.      When do we share your personal information?

5.      Communications

6.      How long do we store your personal information?

7.      Security of your personal information

8.      Links

9.      Age restrictions

10.   Your rights and choices

11.   Contacting us

12.   Cookies

13.   General

In this Privacy Policy, unless the context requires a different interpretation:

a)      the singular includes the plural and vice versa;

b)      references to sub-clauses, clauses, schedules or appendices are to sub-clauses, clauses, schedules or appendices of this privacy policy;

c)      a reference to a person includes firms, companies, government entities, trusts and partnerships;

d)      "including" is understood to mean "including without limitation";

e)      reference to any statutory provision includes any modification or amendment of it;

f)       the headings and sub-headings do not form part of this privacy policy.

 

1.      About this Privacy Policy

This Privacy Policy applies to the personal information we collect about you through our website, through delivery of our services, by telephone, by post, through our social media platforms, from third parties and when you otherwise communicate with us.

This Privacy Policy may change from time to time and, if it does, the up-to-date version will always be available on our Website. We will also tell you about any important changes to our Privacy Policy.

2.      The personal information we collect, how we collect it, and why

Personal information means any information about an individual from which that individual can be identified. The following shows information we process about you, and the purpose for which we process that information. There may be more than one reason for which we collect such information and we have only listed the main reasons. If you would like further information, please contact us at info@betheriot.com.

Information you provide to us: (Subscribers) names, email addresses and other information we collect for the purpose of subscriptions to our newsletter.

The main reasons we collect it: This enables us to send the newsletter as agreed, and customise it where feasible.

Information you provide to us: Your preferences for receiving communications and notifications.

The main reasons we collect it: We store your preferences so we know exactly how to communicate with you (e.g. for marketing or sending service communications), and in some cases, how not to communicate with you.

Information you provide to us: (Clients) individual names, job titles, work email addresses, work phone numbers.

The main reasons we collect it: We obtain personal information of staff at our clients in order to successfully deliver our consultancy services to them in accordance with our contractual obligations, and at the standards we set for ourselves.

Information you provide to us: (Clients) Confidential business data relating to business strategy, equality, diversity and inclusion (EDI) challenges.

The main reasons we collect it: Whilst not generally personal data, we may encounter and personal data relating to individual matters, such as incidences of discrimination, as part of our services to our clients.

Information we collect automatically: Service status.

The main reasons we collect it: We store clients’ information about their work with us and interactions with our service.

Information we collect automatically: Your interactions with our service.

The main reasons we collect it: When you interact with our services, for example when a client purchases a workshop package with us, we record and track this information for our ongoing operations and to analyse how our clients enjoy our service so that we can continue to develop it.

 

Information we collect automatically: Payment information.

The main reasons we collect it: Once applicable, we will record payment and transaction data to keep financial and security records for our business and to comply with our legal obligations to retain financial and transaction information.

Information we collect automatically: IP address.

The main reasons we collect it: This enables us to uniquely identify visitors to our website and it enables us to deliver you a more personalised service (e.g. more personalised content).

Information we collect automatically: Records of promotions.

The main reasons we collect it: Whenever we hold promotions, we keep an internal record of how they have been distributed. We collect data around promotions, how participants interact with them, and we use that data to improve the way we hold promotions in future.

Information we collect from other sources: Social media information.

The main reasons we collect it: We import some of the information you have disclosed to your social media pages, such as Facebook or Google (if you choose to connect to BTR via a social network) and may use this information for analytical purposes. Equally, certain parts of our service enable you to share our content or information by email, text (SMS) message or other social applications.

 

In respect of all the above information, our overarching purpose is to enable us to deliver the best professional training and consultancy to our customers.

3.      Our legal basis for processing personal information

We only ever use your information in line with applicable data protection laws – in particular, the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018 (DPA 2018) and together the Data Protection Legislation. In short, this means we only use it where we have a legal basis to do so. Under the Data Protection Legislation, these are the general legal bases for which we process your personal information, as detailed in the table above:

·        Consent – you have given us consent to process your personal information for a specific purpose that we have told you about.

·        Performance of our contract – processing your personal information is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.

·        Legitimate interests – processing your personal information is necessary for our legitimate interests or those of a third party, provided those interests are not outweighed by your rights and interests (including where processing is required to comply with or enforce a legal obligation, or to exercise or defend our legal rights).

 

4.      When do we share your personal information?

We may disclose your information for certain purposes and to third parties, as described below:

·        BTR staff and our group of companies: we share your information with our staff (including employees, consultants, agents and advisors) and within the BTR group of companies as required for: providing you with access to our services according to our agreement, data storage and processing, providing customer support, making internal choices around business improvements, content development, and for the other purposes set out in this Privacy Policy.

·        Third Party Providers: We use certain companies, agents or contractors (Third Party Providers) to perform services on our behalf or to help deliver our services to you. In particular, we contract with Third Party Providers, for example to provide interactive workshops, track our contacts and communications, advertising, marketing communications, infrastructure and IT services, to personalise and enhance our services, to provide customer service, to collect debts, to analyse and action data (including data about interactions with our services), and to process and administer consumer surveys. In the course of providing such services, these Third Party Providers may have access to your personal information. We do not authorise them to use or disclose your personal information except in connection with providing their services to us.

·        Promotions with our partners: We may offer joint promotions, schemes or incentives with our selected partners that, in order for you to participate, will require us to share your information with the relevant partner. In fulfilling these types of promotions, we may share your name and other information in connection with fulfilling the relevant incentive. Please note that our partners are responsible for their own privacy and data protection methods and if applicable you should refer to their relevant privacy policy.

·        To protect legitimate interests: There are certain circumstances where BTR and our Third Party Providers may disclose and/or make use of your information where a disclosure would be necessary to: (a) satisfy any applicable law, regulation, legal process, or other legal or governmental request or requirement, (b) enforce applicable terms of use, including investigation of any actual or alleged breaches, (c) detect, prevent, or otherwise address illegal or suspected illegal activities (including payment fraud), security or technical issues, or (d) protect against harm to the rights, property or safety of BTR, its users or the public, as required or permitted by law.

·        Transfers of our business: In connection with any corporate reorganisation, restructuring, investment, merger or sale, or other transfer of assets, we will transfer information, including personal information, provided that the receiving party agrees to comply with our requirements as set out in this Privacy Policy relating to your personal information.

 

5.      Communications

This section is to explain how we will ensure that you only receive communications that you wish to receive.

Marketing communications:

We want to ensure that you are informed and aware of the best services and promotions that we can offer you. By consenting to receive additional communications (by mail, telephone, text/picture/video message or email) from us and any named third parties that feature at the point of obtaining consent in respect of such information, we will process your personal information in accordance with this Privacy Policy.

You can change your marketing preferences and unsubscribe at any time by emailing us or clicking the ‘unsubscribe’ in applicable communications. If you choose not to receive this information we will be unable to keep you informed of new services and promotions of ours, or the BTR group of companies, that may interest you.

Whatever you choose, you’ll still receive other important information, for example service updates, as described below.

Service communications:

As detailed in the table at section 2, we may send you communications such as those which relate to any service updates (e.g. new product features, service availability) or provide customer satisfaction surveys. We consider that we can lawfully send these communications to you as we have a legitimate interest to do so, namely to effectively provide you with the best service we can and to grow our business.

6.      How long do we store your personal information?

Unless a longer retention period is required or permitted by law, we will only hold your personal information on our systems for the period necessary to fulfil the purposes outlined in this Privacy Policy or until you request that the Data be deleted. Even if we delete your personal information, it may persist on backup or archival media for legal, tax or regulatory purposes.

In accordance with this Privacy Policy, you have the right to request that we delete your personal information, except where we are legally permitted or required to maintain certain personal information. For example:

·        We are legally required to retain financial and transaction data for a minimum period of 7 years for tax, audit and accounting purposes. This includes keeping a record of the amount of each transaction, what it related to, and who we transacted with.  

·        If there is an unresolved issue relating to a client, for example relating to an issue with an ongoing service agreement or an unresolved dispute, then we will retain your personal information until the issue is resolved.

·        There may be other situations where we have legitimate business interests to retain personal information, such as to prevent fraud or protect security of other people interacting with us.

Any Third Party Providers that we engage will keep your personal information stored on their systems for as long as is necessary to provide the relevant services to you or us. If we end our relationship with any third party providers, we will take reasonable steps to ensure that they securely delete or return your personal information to us.

We may retain personal information about you for statistical purposes. Where information is retained for statistical purposes it will always be anonymised, meaning that you will not be identifiable from that information.

7.      Security of your personal information

We are committed to securing and protecting your personal information, and we make sure to implement appropriate technical and organisational measures to help protect the security of your personal information. We may adopt various policies including anonymisation, pseudonymisation, encryption, password restricted access, and retention policies to guard against unauthorised access and unnecessary retention of personal information in our systems.

The information that we collect from you may be transferred to, and stored at, a destination outside of the European Economic Area (EEA). When we transfer and store your personal information outside of the EEA we will take steps to ensure that the information is transferred in accordance with this Privacy Policy and applicable data protection laws. In particular, we will ensure that appropriate contractual, technical, and organisational measures are in place with any parties outside the EEA such as the Standard Contractual Clauses approved by the EU Commission.

Unfortunately, the transmission of your personal information via the internet is not completely secure and although we do our best to protect your personal information, we cannot guarantee the security of your information transmitted to us over the internet and you acknowledge that any transmission is at your own risk.

8.      Links

Our website may, from time to time, contain links to websites operated by third parties, which will usually be those of our commercial partners. This Privacy Policy only applies to the personal information that we collect from you and we cannot be responsible for personal information collected and stored by third parties. If you click on a link, please understand that the relevant third party websites have their own terms and conditions and privacy policies, and we do not accept any responsibility for the content of those third party websites or third party terms and conditions or policies. Please check these policies before you submit any personal information to these websites.

9.      Age restrictions

You must be 16 years of age or older to use our website and services generally. We do not knowingly collect personal information from individuals under 16 years of age. If you are under that age limit, then please do not use BTR or provide any personal information to us. If you are under 18 years of age, then you will be required to have consent of your parent or guardian to access our website and/or services and we will only process the basic information which we require from you for so that you can use our website and/or services.

If you are a parent or legal guardian of a child under the applicable age limit or accessing our website and/or services without consent, and you become aware that your child has provided his/her personal information to us, please contact us at info@betheriot.com. If we learn that we have collected personal information of an individual under the age of 16, then we will take all reasonable steps to delete that information from our systems.

10.   Your rights and choices

This section explains that you have a number of rights in relation to your personal information.

Under the Data Protection Legislation, you are entitled to certain rights. There are circumstances in which your rights may not apply. You have the right to request that we:

·                  provide you with a copy of the information we hold about you;

·                  update any of your personal information if it is inaccurate or out of date;

·                  delete the personal information we hold about you - if we are providing services to you and you ask us to delete personal information we hold about you then we may be unable to continue providing those services to you;

·                  restrict the way in which we process your personal information;

·                  stop processing your data if you have valid objections to such processing; and

·                  transfer your personal information to a third party.

For more information on your rights and how to use them, or if you would like to make any of the requests set out above, please contact us.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

As explained in section 4, even if you consented to the processing of your personal information for marketing purposes (by ticking the relevant box or by requesting information about services for example), you have the right to ask us to stop processing your personal information for such purposes. You can exercise this right at any time by contacting us. Please note that we reserve the right to charge a fee for responding to requests where we reasonably determine that they are manifestly unfounded or onerous or being made in bad faith.

11.   Contacting us

If you have any questions or concerns about how we handle your personal information, please contact by email to info@betheriot.com.  

If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner's Office (ICO). The ICO's contact details can be found on their website at https://ico.org.uk/.

12.   Cookies

We may use cookies on our website which help us monitor use of it, and in turn improve it based on how our interact with it. You can choose to accept or turn off cookies within your browser settings.

13.   General

You may not transfer any of your rights under this Privacy Policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.

If any court or competent authority finds that any provision of this Privacy Policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Privacy Policy will not be affected.

Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

This Privacy Policy will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.