Privacy Policy

  • Privacy Policy

Privacy Policy

Brainbox Data Science LTD

Who we are

This policy is provided to you by Brainbox Data Science LTD ("BrainboxBI") and describes who we are, why we need to collect your information, and how we will use it. It will also tell you who we share your information with and how we use data to improve the service we provide to you. BrainboxBI is aware of the trust you place in us when you visit our website or utilize our services, and of our responsibility to protect your information.

"We", "Us", "Our", or "BrainboxBI" in this policy refers to Brainbox Data Science LTD, a company registered in the United Kingdom with company number 11450916 and VAT number 336944572. Our registered address is 67 Fane Road, Peterborough, UK PE4 6ER, and we are a data controller, who processes your personal data as necessary to deliver our services to you. Any reference to "you", "your", "yours", or "yourself" in this policy is a reference to any of our clients, potential clients, or people visiting our websites as the context requires, unless otherwise stated.

At BrainboxBI, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, including any other media form, media channel, mobile website, or mobile application related or connected thereto (collectively, the "Site"). Please read this privacy policy carefully. If you have any questions regarding the policy send your enquiries to

Information We Collect

BrainboxBI is a data services provider. We help organisation innovate through the use of artificial intelligence technology. We also help develop Anaplan and PowerBI platform capabilities including data modelling and management. In our commitment to providing top-notch services, we gather personal data necessary to establish your identity as our client and effectively manage our relationship with you, ensuring the delivery of exceptional service tailored to your needs.

For both existing and potential clients, we may gather the following information, depending on your stage in the customer journey:

  • Identity Data: This includes your title, first name, last name, account name, or similar identifiers.
  • Contact Data: Information such as billing address, registered address, email address, and telephone number.
  • Profile Data: This encompasses transaction details, preferences, feedback, and survey responses.
  • Usage Data: Information on how you interact with our website and services.
  • Marketing and Communications Data: Your preferences regarding marketing communications from us and our partners, as well as your communication preferences.

We collect this information through various channels, including our website, account opening applications, contact forms, telephone calls, instant messaging systems, seminar/webinar registrations, and ongoing client service interactions. Additionally, we may obtain information from third parties, such as lead generation providers, credit reference agencies, publicly available sources, or screened third-party data lists.

We maintain records of your preferences and activities, including details such as:

  • Your preferred services
  • Utilized services and their performance
  • Historical and/or statistical data related to your activities

Your Personal Information is utilized to provide you with services or information about our offerings. We continuously assess your evolving needs following the establishment of your account with us or subscription to resources available on our platforms (e.g., blogs, newsletters, etc.).

Furthermore, we gather, use, and share statistical or demographic data for various purposes, referred to as "Aggregated Data." While this data may originate from your personal data, it does not directly or indirectly reveal your identity. For instance, we may analyze usage data to determine the percentage of users accessing specific website features. If Aggregated Data is combined or connected with your personal data in a way that identifies you directly or indirectly, we treat it as personal data, ensuring compliance with relevant laws and this privacy policy.

How and why we use your information

We utilize your personal information solely when we have a lawful basis for doing so, including:

  • Compliance: To adhere to our legal and regulatory obligations, including General Data Protection Regulation (GDPR)
  • Contractual Performance: For fulfilling our contract with you or initiating steps, as requested, prior to entering into a contract.
  • Legitimate Interests: When we or a third party have a valid business or commercial reason, provided your rights and interests are not overridden.
  • Consent: Where you have provided explicit consent.

A "legitimate interest" arises when we or a third party have a business or commercial rationale for using your information, ensuring it doesn't supersede your rights and interests.

What we use your personal information for

  • Providing services and support to you.
  • Conducting customer identification and verification checks.
  • Furnishing information or evidence related to audits, legal claims, complaints, or regulatory investigations.
  • Preventing and detecting crime against you and the public.
  • Ensuring compliance with internal business policies, including data retention and security measures.
  • Operational improvements, such as efficiency enhancements, training, and quality control.
  • Safeguarding the confidentiality of commercially sensitive information.
  • Statistical analysis to manage business performance.
  • Preventing unauthorized access and modifications to systems.
  • Updating and enhancing customer records.
  • Handling statutory returns and ensuring safe working practices.
  • Marketing our services to existing and potential customers.
  • Conducting credit reference checks via external agencies.
  • Conducting external audits and quality checks.
Our reasons for using the information inclide:
  • Legal and regulatory compliance.
  • Contractual obligations.
  • Legitimate business interests.
  • Consent provided by you.

Please note that the above table does not pertain to special category personal information, which we process only with your explicit consent.

Promotional communications

We may utilize your personal information to provide you with updates regarding our services, conveyed through email, telephone, or postal communications. These updates may include exclusive offers, promotions, or details about new services we offer.

For promotional purposes requiring consent, we'll request your explicit approval separately and transparently. However, in certain instances, your consent may not be necessary as we have a legitimate interest in processing your personal information (as detailed in the section 'How and why we use your personal information' above).

We hold your personal information in the highest regard and never engage in selling or sharing it with other organizations for marketing endeavors. Should we rely on your consent as the legal basis for processing your Personal Information, you retain the right to withdraw that consent or opt out of receiving promotional communications at any time. You can exercise this right by reaching out to us through your preferred communication channels or using the contact details provided in this policy (refer to 'How to contact us' below).

Modification of Purpose

We will strictly adhere to the original purposes for which we collected your personal data. However, if we reasonably determine that there's a need to utilize it for another purpose, we'll ensure that the new purpose is compatible with the original one, lawful, and aligned with this policy.

In the event that we require utilizing your personal data for an unrelated purpose, we will promptly notify you and provide an explanation of the legal basis permitting us to do so. Please be aware that there are circumstances where we may process your personal data without your explicit knowledge or consent, as mandated by regulatory obligations or permitted by law.

Sharing Your Personal Information

In utilizing your Personal Information for the purposes outlined above, we may disclose it to:

  • Third-party service providers assisting in delivering our services, including specialist advisers, administrative support, IT, financial, compliance, insurance, and research entities.
  • Introducers, marketing agents, and affiliates with whom we maintain mutual relationships.
  • Courts, tribunals, and relevant regulatory authorities as mandated by law or agreed upon in our contractual arrangement with you.
  • Other third parties essential for our business operations, such as website hosts.
  • Credit reporting or reference agencies, as well as debt recovery agencies and crime prevention agencies.
  • Individuals authorized by you.

We ensure that our service providers handle your personal information with due care by satisfying ourselves that they implement appropriate measures to safeguard it. Moreover, we impose contractual obligations on each service provider, dictating that they can only utilize your personal information as directed by us, solely for the purpose of providing services to us and to you.

Personal information may also be shared with external auditors, particularly concerning the maintenance of our standards or audit of our accounts. Additionally, disclosure and exchange of information may occur with regulatory bodies and law enforcement agencies to fulfill our legal obligations. In certain circumstances, we may need to share some personal information with other parties, such as potential buyers of our business or during a restructuring process. While efforts will be made to anonymize such information, this may not always be feasible. However, any recipient of such information will be bound by equivalent data privacy, confidentiality, and security obligations.

Management of Personal Information

Personal information may be stored in our premises as well as those of third-party agencies, service providers, representatives, and agents, as detailed above.

In order to effectively provide our services to you, it may be necessary to transfer your personal information overseas, including:

  • To our service providers located outside the United Kingdom.
  • In the event that you are situated outside the United Kingdom.

We will ensure that any such transfer aligns with our obligations under data protection laws, and upholds the confidentiality, integrity, availability, and security of your personal information. Our standard protocol involves the use of standard data protection contract clauses.

Retention Period of Your Personal Information

Your personal information will be retained for the duration of your account with us or while we are providing information or services to you. Subsequently, we will retain your personal information for as long as it is deemed necessary:

  • To address any inquiries, complaints, or claims raised by you or on your behalf.
  • To demonstrate compliance with legal requirements.
  • To maintain records as mandated by law.

We will not hold onto your Personal Information for longer than necessary as outlined in this policy. Different retention periods may apply to various types of personal information. Upon reaching the point where retention is no longer necessary, we will either delete or anonymize your data.

If Personal Information is Not Provided

In instances where it is necessary to collect personal data either by law, as per the terms of a contractual agreement we hold with you, or in the process of initiating such an agreement, and you do not furnish the requested data, it may impede our ability to fulfill the terms of the contract or, in certain instances, limit the extent of services we can provide. It is possible that we may need to terminate the service you currently have with us, and we will promptly inform you if such action becomes necessary.

Children's Privacy

We do not knowingly collect or solicit personal information from minors and you represent and warrant that you are not providing any information about a minor.

Securing Your Personal Information

Ensuring the security of your personal information is paramount to us, regardless of how you engage with us—be it in person, over the phone, via email, post, internet, or any other electronic means. We adhere to stringent security procedures and protocols in handling the storage, processing, and disclosure of your information. This is done to prevent any accidental loss, unauthorized access, alteration, or disclosure of your personal data. Additionally, we have established procedures to address any suspected or actual data security breaches. In the event of a data security breach where legal requirements mandate, we will promptly notify you and relevant regulatory authorities.

When sharing your information with third parties, which we do in accordance with this privacy policy, we ensure that the security measures employed by these parties for storing and processing your information are as rigorous as our own. Continual review of our systems and adherence to best practice industry standards for information security are integral to our operations.

Technology Enhancements and Third-party Sites

We are committed to enhancing the functionality of our websites and applications through technological advancements. These improvements may necessitate changes in how personal information is collected or used. If necessary, we will update this policy accordingly to keep you informed of any changes that affect your privacy rights.

While we implement suitable technical and organizational measures to safeguard the personal information you provide, we cannot be held liable for intercepted communications by third parties or for communications that are incorrectly delivered or fail to reach us. Whenever possible, we recommend transferring information directly to us using the provided functionality.

Our websites may feature links to third-party websites. Please note that our privacy policy only applies to the personal information we collect, and we cannot be held responsible for personal information collected, stored, and used by third parties through their websites. It's advisable to review the privacy policy of each website you visit to understand how your usage may impact your privacy.

Policy updates

The latest revision of our website privacy policy was made on April 5th, 2024.

To ensure ongoing compliance with new obligations, technological advancements, changes in our operations or practices, and to ensure alignment with evolving regulatory requirements, our privacy policy undergoes periodic reviews.

Occasionally, we may make amendments to this privacy policy. When such changes occur, we will notify you through your preferred or regular method of communication, including email or highlighted banners on our website.

Contact For Any Privacy Concerns:

Brainbox Data Science LTD

  • Emailing to:
  • Writing to : 67 Fane Road, Peterborough, United Kingdom, PE4 6ER