YOUR PRIVACY IS IMPORTANT TO US!
We keep our privacy agreement and notices under regular review. This privacy agreement was last updated on July 1st, 2019.
1.1. Please read this Agreement carefully before accessing or using Nebuli® websites, newsletters, feeds, applications, events, social media, marketing and advertising channels and any other related media products and services (Collectively “products and services”). The following privacy terms and notices (including the General Terms and Conditions attached hereto, which shall be deemed to be a part of these privacy terms and notices) constitute the entire agreement and understanding between you and Nebuli Ltd. (“Nebuli”) with respect to the use of this web site, superseding all prior or contemporaneous communications and/or proposals. By accessing or using our products and services, you agree to be bound by the terms and notices set forth below, as well as any changes to the terms and conditions made by Nebuli. If you do not wish to be bound by these terms and notices, you may not access or use our products and services.
2. PARTIES AND DEFINITIONS
3. WHO ARE WE?
3.1. The Sites are operated by Nebuli Ltd., an independent UK private limited company (Company Number 10622690), with the registered office in England at the address of 8 Devonshire Square, London, EC2M 4PL, United Kingdom.
4. WHO TO CONTACT FOR PRIVACY QUESTIONS OR CONCERNS?
4.1. You have the right to access, rectification, opposition, erasure (“right to be forgotten”), and right to restriction of processing of your personal data by directing any such requests to Nebuli. In order to make things easier for you, and without prejudice to the legal requirements Nebuli must comply with under the laws, Nebuli allows you to exercise the above-mentioned rights by sending a request or questions via: https://nebuli.com/contact.
4.2. You may also contact the UK Information Commissioner’s Office at https://ico.org.uk/concerns/handling/ to report concerns you may have about our data handling practices.
7. PERSONAL INFORMATION ABOUT USERS AND CUSTOMERS
7.1. Nebuli is used by “Users”, “Participants”, “Contributors” and by “Customers”. The information we receive from Users and Customers and how we handle it is set out below.
7.2. NEBULI USERS AND CUSTOMERS
7.2.1. As a User, Participant, Contributor and/or Customer, we collect information relating to you and your use of our Services from a variety of sources:
188.8.131.52. Information we collect directly from the User and/or Customer:
184.108.40.206.1. Registration information: information you provide to us when you register for an account.
220.127.116.11.2. “My Account” settings: you can view and edit various preferences and personal details on “My Account” settings. For example, your default language, registered email, non-transactional communication preferences, Account name and profile URL.
18.104.22.168.3. Work data: We store your work and interests data (for example through surveys and Nebuli contributor application process) for you.
22.214.171.124.4. Plan + Billing info: we store information about your Plan. If you subscribe to a paid plan, we require you to provide your billing details.
126.96.36.199.5. Other data you want to share: We may collect your personal information or data if you submit it to us in other contexts. For example, if you provide us with a testimonial, or when running a contest with Nebuli. We may also obtain personal data directly from individuals in a variety of other ways, including but not limited to obtaining personal data from individuals who provide us their business card, complete our online forms, subscribe to our newsletters, e-mail notifications and our subscriptions preferences centre, register for webinars, attend meetings or events we host, visit our offices or apply for jobs or open roles. We may also obtain personal data directly when, for example, we are establishing a business relationship, performing professional services through a contract, or through our hosted software applications.
188.8.131.52. Information we collect about the User and/or Customer indirectly or passively when interacting with us:
184.108.40.206.1. Usage data: Nebuli collects usage data about Users whenever they interact with our services, including information they have elected to make publicly available.
220.127.116.11.2. Device and application data: Nebuli collects data from the device and application the User uses to access our services, such as the IP address and browser type. We may also infer the geographic location based on the User IP address.
18.104.22.168.3. Referral data: if the User arrives at a Nebuli website from an external source (such as a link on another website or in an email), we record information about the source that referred the User to us.
22.214.171.124.4. Information from third parties: Nebuli may collect User personal information or data from third parties if the User gives permission to those third parties to share such information with others or the data is extracted from publicly accessible sources. For example, Nebuli may share minimal service data with a select third-party for data enrichment purposes, provided that User has given prior permission to those third parties to share such information with other parties (i.e. Nebuli may share Users’ email addresses with a third party to obtain some information like company name etc) or it comes from publicly accessible sources like social media profiles. Enriching data allows us to analyse a deeper subset of data from which we may present personalized content. Prior to sharing data with any data enrichment vendor, Nebuli signs the corresponding Data Protection Agreement with the vendor to ensure that the data is adequately protected, that it has been lawfully obtained by vendors enabling Nebuli to use such data in connection with the Services, and to ensure vendors adopt adequate security controls.
126.96.36.199.5. We may obtain personal data indirectly about individuals from a variety of other sources, including recruitment services and our clients. We may attach personal data to our customer relationship management records to better understand and serve our business clients, subscribers and individuals, satisfy a legal obligation, or pursue our legitimate interests.
- Public sources – Personal data may be obtained from public registers (such as Companies House), news articles, sanctions lists, and Internet searches.
- Social and professional networking sites – If you register or login to our websites using social media (e.g., LinkedIn, Google, or Twitter) to authenticate your identity and connect your social media login information with us, we will collect information or content needed for the registration or login that you permitted your social media provider to share with us. That information may include your name and email address and depending on your privacy settings, additional details about you, so please review the privacy controls on the applicable service to set how much information you want shared with us.
- Business clients – Our business clients may engage us to perform professional services which involves sharing personal data they control as part of that engagement. For example, we will review payroll data as part of an audit and we often need to use personal data to provide global mobility and pension services. Our services may also include processing personal data under our clients’ control on our hosted software applications, which may be governed by different privacy terms and policies.
- Recruitment services – We may obtain personal data about candidates from an employment agency, and other parties including former employers, and credit reference agencies.
188.8.131.52.6. Information from cookies and page tags: Nebuli uses third party tracking services that employ cookies and page tags (also known as web beacons or web bugs) to collect aggregated and anonymized data about visitors to our websites. This data may include usage and User statistics.
184.108.40.206.1. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
220.127.116.11.2. The table below explains the key cookies we use and why:
|These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.||Click here for an overview of privacy at Google. This page also explains how you can opt out from Google Analytics tracking system if you wish to.|
|Session cookies||Code in the form: gHH788fftfHLJh67dd… (this code changes on every session.)||This cookie is set by our content management system on a small number of browsers, upon arrival to Nebuli site to optimize the performance of the website. It is not used by Nebuli for any other purpose. This cookie is deleted when a user closes their browser.|
18.104.22.168. General Flow of How Cookies are Generated
22.214.171.124.1. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
126.96.36.199.2. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
188.8.131.52.3. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
184.108.40.206.4. Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
7.3. CATEGORIES OF PERSONAL DATA WE COLLECT
- Personal data – Below is a list of personal data we commonly collect to conduct our business activities:
- Contact details (e.g., name, company name, job title, work and mobile telephone numbers, work and personal email and postal address).
- Professional details (e.g., job and career history, educational background and professional memberships, published articles, professional and career interests).
- Financial information (e.g., taxes, payroll, investment interests, pensions, assets, bank details, insolvency records).
- CCTV at our sites may collect images of visitors. Our policy is to automatically overwrite CCTV footage within 30 days.
- Sensitive personal data – We typically do NOT collect sensitive or special categories of personal data about individuals. When we do need to process sensitive personal data, it is with the consent of the individual unless it is obtained indirectly for legitimate purposes. Examples of sensitive personal data we may obtain include:
- Dietary restrictions or access requirements when registering for in-person events that reveal religious beliefs or physical health.
- Personal identification documents that may reveal race or ethnic origin, and possibly biometric data of private individuals, beneficial owners of corporate entities, or applicants.
- Expense receipts submitted for individual tax or accounting advice that reveal affiliations with trade unions or political opinions.
- Adverse information about potential or existing clients and applicants that may reveal criminal convictions or offenses information.
- Information provided to us by our clients in the course of a professional engagement.
- Child data – Although we do NOT intentionally collect information from individuals under 13 years of age, we may occasionally receive details about children attending performances and other events we host with their parents or guardians (e.g., school events and presentations, galas, art exhibits).
- Location-based data – We may process geographical locations you enter when seeking an office near you.
7.4. Why do we need personal data?
7.4.1. We aspire to be transparent when we collect and use personal data and tell you why we need it, which typically includes:
- Providing professional advice and delivering reports related to our tax, advisory, audit and assurance, pension scheme administration, restructuring, mergers and acquisitions and other professional services. Our services may include reviewing client files for quality assurance purposes, which may involve processing personal data for the relevant client.
- Promoting our professional services, products and capabilities to existing and prospective business clients.
- Sending invitations and providing access to guests attending our events and webinars or our sponsored events.
- Personalizing online landing pages and communications we think would be of interest based on interactions with us.
- Administering, maintaining and ensuring the security of our information systems, applications and websites.
- Authenticating registered users to certain areas of our sites.
- Seeking qualified candidates, and forwarding candidate career inquiries to our People team, which may be governed by different privacy terms and policies.
- Processing online requests, including responding to communications from individuals or requests for proposals and quotations.
- Contacting journalists regarding company press releases, invitations to annual press parties, highlighting messages that may be of interest on specific industry topics.
- Travel arrangement assistance.
- Helping support clients to run a series of development programs for education and learning purposes to inform leaders in the healthcare, civil service and other industries.
- Complying with legal and regulatory obligations relating to countering money laundering, terrorist financing, fraud and other forms of financial crime.
8. PURPOSES AND LEGITIMATE BASIS OF THE USE AND SHARING YOUR DATA
8.2. We also use your information to review, investigate and analyze how to improve the services provided. We may also collect and analyze your data to monitor, maintain and improve our services and features.
8.3. We may internally perform statistical and other analysis on information we collect (technical and meta data) to analyze and measure user behavior and trends, to understand how people use our services, in order to. Improve and optimize our performance of such services, and to monitor, troubleshoot and improve our services, including to help us evaluate or devise new features.
8.4. We may use your information for internal purposes designed to keep our services secure and operational, such as testing purposes, troubleshooting, to prevent abusive activity (i.e. fraud, spam, phishing activities), and for service improvement, research and development purposes.
8.6. We will occasionally send you Nebuli product intro, tips and inspirational use cases and user stories by any means, including email and similar means of electronic communication like personalised advertisements as part of providing relevant content helpful to use our services effectively. In order to customize such information and commercial communications as much as possible, Nebuli may use statistical techniques that allow the creation of user profiles and data segmentation.
8.8. Your data is not disclosed to any third party except (i) for providing the services you requested and for which Nebuli collaborates with third parties, (ii) when we have your permission, (iii) when it is required by a competent authority in the exercise of its duties (for example in order to investigate, prevent or take action regarding illegal activities) or (iv) as otherwise required by law.
9. LEGITIMATE BASIS OF PROCESSING YOUR DATA
9.1. Nebuli’s use of your data for the purposes described above is based on the following legitimate basis:
9.1.1. Users’ and Customers’ Data
220.127.116.11. If you are a User and/or Customer, we are entitled to use your data in order to fulfil our contractual obligations with you and, if you are acting on behalf of a legal person, we have a legitimate interest to use your data in order to maintain the relation with your company as a Nebuli client.
18.104.22.168. In addition, we are entitled by law to use your data for direct marketing purposes, in order to send you commercial communications related with Nebuli products or services which are similar to the Services, since legislation on data privacy recognizes direct marketing to clients as a legitimate interest of use of personal data, and legislation on information society services expressly allows Nebuli to send you commercial communications by electronic means, provided that they are related with products or services which are similar to the Services. In any case, you are entitled to ask us, now or at any moment, not to send you any commercial communications. If you do not want us to send you commercial communications, you can do it, now or at any moment, by changing the communication preferences in your account settings page. Additionally, all commercial communications you might receive in the future, will include an easy and free-of-charge way for you to ask us not to receive further commercial communications.
10. SHARING YOUR DATA WITH THIRD PARTIES.
10.1. As described in clause 6.8 above, we may occasionally share personal data with trusted third parties to help us deliver efficient and quality services. These recipients are contractually bound to safeguard the data we entrust to them. We may engage with several or all of the following categories of recipients:
- Parties that support us as we provide our services (e.g., providers of telecommunication systems, mailroom support, IT system support, archiving services, document production services and cloud-based software services).
- Our professional advisers, including lawyers, auditors and insurers.
- A potential buyer, transferee, merger partner or seller and their advisers in connection with an actual or potential transfer or merger/acquisition of part or all of our business or assets, or any associated rights or interests.
- Payment services providers.
- Marketing services providers.
- Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation.
- Recruitment services providers.
11. CANCELING YOUR ACCOUNT, OPTING OUT OF EMAIL, AND MODIFYING PERSONAL INFORMATION
11.1. You may cancel your account and you may opt out of receiving any emails from Nebuli at any time by changing the settings in your account settings page. Deleting your account will cause all of your data in the account to be permanently deleted from our systems within a reasonable time period, as permitted by law and will disable your access to any other services that require a Nebuli account. We will respond to any such request, and any appropriate request to access, correct, update or delete your personal information within the time period specified by law (if applicable) or without excessive delay. We will promptly fulfil requests to delete personal data unless the request is not technically feasible or such data is required to be retained by law (in which case we will block access to such data, if required by law).
11.2. You may modify your personal information by logging in and visiting your settings at “My Account” page and “Plan + Billing” page, following the instructions provided, or update your e-mail subscriptions setting via our subscription preferences centre (links of which included in all of our e-mail newsletters and transactional e-mails).
12. RETENTION OF YOUR INFORMATION
12.1. We retain information for active Nebuli Accounts as long as it is necessary and relevant for our operations. In addition, we may retain information from closed accounts to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce the Nebuli Terms of Service and take other actions permitted by law.
13. WHAT ARE YOUR DATA PROTECTION RIGHTS?
13.1. Your data protection rights are highlighted below:
- Access – You can ask us to verify whether we are processing personal data about you, and if so, to provide more specific information.
- Correction – You can ask us to correct our records if you believe they contain incorrect or incomplete information about you.
- Erasure – You can ask us to erase (delete) your personal data after you withdraw your consent to processing or when we no longer need it for the purpose it was originally collected.
- Processing restrictions – You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction.
- Data portability – In some circumstances, where you have provided personal data to us, you can ask us to transmit that personal data (in a structured, commonly used, and machine-readable format) directly to another company if is technically feasible.
- Automated Individual Decision-making – You can ask us to review any decisions made about you which we made solely based on automated processing, including profiling, that produced legal effects concerning you or similarly significantly affected you.
- Right to Object to Direct Marketing including Profiling – You can object to our use of your personal data for direct marketing purposes, including profiling. We may need to keep some minimal information to comply with your request to cease marketing to you.
- Right to Withdraw Consent – You can withdraw your consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent. It may mean we are not able to provide certain products or services to you and we will advise you if this is the case.
13.2. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds.
14. PERSONAL DATA SECURITY
14.1. We have put appropriate technical and organizational security policies and procedures in place to protect personal data (including sensitive personal data) from loss, misuse, alteration or destruction. We aim to ensure that access to your personal data is limited only to those who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We may apply pseudonymization, de-identification and anonymization techniques in efforts to further protect personal data.
14.2. If you have access to parts of our websites or use our services, you remain responsible for keeping your user ID and password confidential. Please be aware that the transmission of data via the Internet is not completely secure. Whilst we do our best to try to protect the security of your personal data, we cannot ensure or guarantee the security of your data transmitted to our site; any transmission is at your own risk.
15. EXTERNAL LINKS
16. Further information
General information about UK data protection may be found at:
The U.K.’s Information Commissioner’s website:
Direct Marketing Association:
Nebuli Ltd. Registered in England number 10622690. Registered Office: 8 Devonshire Square, London, EC2M 4PL, United Kingdom. VAT Number: GB 325 4117 30.