Our country pages
Africa
South Africa
Europe
Albania | Shqipëria
Austria | Österreich
Belgium | BelgiqueBelgium | België
Bosnia and Herzegovina |
Bosna i Hercegovina
Bulgaria | България
Croatia | Hrvatska
Czechia | Česko
Denmark | Danmark
Estonia | Eesti
Finland | Suomi
France
Germany | Deutschland
Hungary | Magyarország
Ireland | Éire
Italy | Italia
Latvia | Latvija
Lithuania | Lietuva
Netherlands | Nederland
Norway | Norge
Poland | Polska
Portugal
Romania | România
Serbia | Srbija
Slovakia | Slovensko
Slovenia | Slovenija
Spain | España
Sweden | Sverige
Switzerland | SchweizSwitzerland | Suisse
Turkey | Türkiye
United KingdomSearch
Third party site privacy notice
1. Purpose and scope of this privacy notice
BMI Group Management UK Limited and its affiliated legal entities (together, “BMI Group” or the “Company”) operate in countries around the world, including in the European Union (“EU”). On 25 May 2018, the EU General Data Protection Regulation (“GDPR”) became effective. One goal of GDPR is to create greater transparency for individuals about what happens with their personal data.
This privacy notice describes how BMI Group (“we” or “us”) collects, uses, shares and retains the personal data you provide during and after your engagement or relationship with us. We are committed to ensuring that any personal data we receive is protected and handled in accordance with applicable data protection laws.
This privacy notice applies to all external parties who share personal data with BMI Group including but not limited to customers, suppliers, their respective personnel and end-users (collectively, “you”).
2. Information we hold and process about you
Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (that is, anonymous data).
We will collect, store, and use certain categories of personal information about you which is in the context of our engagement or relationship with you. This may include your name, email address, phone number, postal address, work title and employee information, credit card information, your preferences in receiving marketing from us and your communication preferences, details about products which you have enquired, or purchased from us. This information is set out in more detail in Schedule 1 and Schedule 2 below.
We will collect this information either directly from your employer or from a third party intermediary in our sales process. Information we collect directly from you may include you signing up to our newsletter or other marketing communications, through feedback processes about our service or products, or in the course of your direct dealings with us.
2.1 Recruitment
You may apply for employment or training positions offered by BMI Group and its affiliates, or sign up to job alerts, online via our websites or by email. For such online alerts and applications, this privacy notice applies in addition to other legal requirements.
When applying to BMI Group and its affiliate companies online or via email you provide BMI Group with personal data such as name, postal and email address as well as information regarding your education and professional qualifications, certificates and other information and documents commonly used when applying for a job and copies of right to work documentation. You should only disclose special categories of personal data (such as ethnic background, political opinion, membership in a trade union, physical and mental health, or religious or philosophical belief, collectively “Sensitive Data”, Article 9(1) GDPR) that you expressly wish us to receive. We do not expect you to submit nor request you to send such Sensitive Data. We may also collect other information about your employment history such as previous job titles, experience, training records and professional memberships.
On the basis of an online application initiated by you, we process the personal data you provide to BMI Group electronically for the purpose of the application. Such processing is necessary in order to take steps at your request prior to entering into a contract (Article 6(1)(b) GDPR). Please consider this privacy notice before you send us your personal data.
This information is set out in more detail in Schedule 3 below.
2.2 LEGAL BASIS AND PURPOSE FOR PROCESSING YOUR PERSONAL DATA
In most cases, our use of your personal data is necessary in order:
for us to carry out a contract with you;
so that we can comply with our legal obligations, and/or cooperate with regulators and other authorities; or
for a legitimate interest, such as providing you with marketing material where you have requested, to manage and improve our business and customer engagements and relationships, business development and analysis purposes, to monitor and evaluate theuse of our products.
We will process your personal data only for purposes permitted by law. This includes the following general purposes:
fulfilling legal obligations;
protecting legitimate interests;
fulfilling duties and exercising our specific company rights;
enforcing, exercising or defending legal claims; and• other legal legitimate purposes.
Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information. The legal basis and purpose for processing your personal data is described in more detail in the Schedules below.
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you or we may be prevented from complying with our legal obligations.
3. Retention and transfers of your personal data
3.1 HOW LONG WE KEEP YOUR PERSONAL DATA
We will retain your personal data for as long as is reasonably necessary to fulfil the relevant purposes set out in this privacy notice and during the period required or permitted by law. The retention period will primarily be determined by relevant legal and regulatory obligation and/or duration of our business relationship with you. We will securely delete or erase your personal data if there is no valid business reason for retaining your data.
3.2 WHERE PERSONAL DATA IS STORED
The BMI Group stores your personal data in controlled-access, centralised databases, and secure paper and electronic file in the countries in which the BMI Group is located and countries where our service providers are located. The access is limited to authorised users subject to a confidentiality duty, such as the accounting department, the human resources department, or the service providers’ personnel, on a need to know basis
3.3 Data sharing
Transfers to third parties
We will share your personal data with third parties where required by law, where it is necessary to administer the relationship or complete our obligations under a contract with you or where we have another legitimate interest in doing so. All our third-party providers are required to take appropriate security measures to protect your personal information. We only permit third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
We may also share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. In this situation we will, so far as possible, share anonymised data with the other parties before the transaction completes. Once the transaction is completed, we will share your personal data with the other parties if and to the extent required under the terms of the transaction.
We may need to share your personal data with a regulator or to otherwise comply with the law.
Transfers to other BMI Group entities
We may also share your personal data with other entities in the BMI Group, as and where required, as part of our reporting activities, in the context of a business reorganisation or group restructuring exercise, for system maintenance support, and for data hosting purposes. We may also share it within the BMI Group to offer you other products or services that we think may be of interest to you based on your interactions with us.
Transferring information outside of the EU
We may transfer the personal data we collect about you to third parties and other BMI Group entities who are outside the EU. To ensure that your personal data receives an adequate level of protection we seek to ensure that your personal data is treated by those third parties and entities outside the EU in a way that is consistent with and which respects the EU laws on data protection, for example have by entering into contractual agreements based on the EU Commission’s standard contractual clauses.
4. Data breaches
BMI Group takes the threat of data breaches extremely seriously and has in place internal policies and procedures to require its personnel to report any suspected data security breach. In the event of any breach involving your personal data, you will be notified and informed of the steps which have been taken by BMI Group to deal with the breach.
5. Your rights
You have specific legal rights related to BMI Group’s processing of your personal data. The following list contains information on your rights arising from applicable data protection laws:
Right to rectification: You have the right to obtain from BMI Group rectification of personal data concerning you. We must make reasonable efforts to keep your personal data in our possession or control accurate, complete, current and relevant, based on the most recent information available to us.
Right to restriction: You have the right to restrict BMI Group’s processing of your personal data, if:
you contest the accuracy of the personal data for the period we needs to verify its accuracy;
the processing is unlawful and you request the restriction of processing rather than erasure of your personal data;
we no longer need your personal data but you require the same for the establishment, exercise or defence of legal claims; or
you object to the processing of your data while BMI Group verifies whether it’s legitimate grounds override yours.
Right to access: You have the right to receive information regarding the personal data BMI Group holds about you, including information as to which categories of personal data BMI Group has in its possession or control, what the data is being used for, where BMI Group collected the data, if not from you directly, and to whom the data has been disclosed, if applicable. You have the right to obtain from BMI Group one copy, free of charge, of personal data we hold about you.
Right to portability: At your request, we must transfer your personal data to another controller, where technically feasible, provided that the processing is based on your consent or is necessary for the performance of a contract. Rather than receiving a copy of the personal data, you have the right to request that we transfer the data to another controller you specify directly.
Right to erasure: You have the right to demand we erase your data, where:
the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
you have a right to object to further processing of your personal data (see below), and you execute this right; or
the personal data has been unlawfully processed, unless the processing is necessary:
for compliance with a legal obligation which requires processing by us;
for statutory data retention requirements; or
for the establishment, exercise or defence of legal claims.
Right to object: You have the right to object – at any time – to the processing of your personal data due to your particular situation, provided that the processing is not based on your consent but on BMI Group's legitimate interests or those of a third party. In this event, we shall no longer process your personal data, unless we can demonstrate compelling legitimate grounds and an overriding interest for the processing or for the establishment, exercise or defence of legal claims. If you object to the processing, you must specify if you wish the erasure of the personal data or the restriction of its processing by us.
Should you wish to invoke these rights, please contact us at privacy@bmigroup.com
6. Website information and cookies
Please refer to the BMI Group's Website Policy for information about how we use any personal data provided via our website and cookies. This policy can be found here at bmigroup.com and on the local websites of other companies within the BMI Group.
7. Data Protection Officer
BMI Group has appointed a data protection officer, Sebastian Kraska. You can contact him directly at BMIGroup@iitr.de or privacy@bmigroup.com.
8. Changes to this privacy notice
This privacy notice does not form part of any contract with you and we reserve the right to update this privacy notice at any time. We will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.
9. Contact
If you have any questions regarding this privacy notice or the way we handle or process your personal data, you can contact us at privacy@bmigroup.com
Schedule 1 - Customers
| Purpose | Categories of personal data | Legal basis | Storage time |
|---|---|---|---|
| To register you as the customer’s contact person | Name Position Company E-mail Telephone number | Completion of a contract Legitimate interest | specific position which is relevant for the communication, or as long as the contract for which you are the registered contact, is valid. |
| To communicate with you regarding your contract or potential contract with us, including promoting new products or services within the BMI Group. | Name Email Telephone number | Completion of a contract | As long as you hold the specific position which is relevant for the communication, or as long as the contract for which we are communicating with you, is valid. Your personal data will be stored as long as needed if required as proof during any guarantee period of a sale or under a contract. |
| To facilitate customer support and handle issues or questions. | support and handle issues or questions. Name Company Email Telephone number | Completion of a contract Legitimate interest | As long as you hold the specific position which is relevant for the communication, or as long as the contract is valid. Your personal data will be stored as long as needed if required as proof during any guarantee period of a sale or under a contract. |
| To execute and send invoices on which you are the contact person | Name Company Email Telephone number | Completion of a contract Legitimate interest Legal obligation | As long as you hold the specific position which is relevant for the communication, or as long as the contract is valid. Your personal data will be stored as long as needed if required as proof during any guarantee period of a sale or under a contract. Further, your personal data may be stored for longer periods if required for us to satisfy our legal obligations. |
| To send invites to events | Name Position Company Email | Legitimate interest Legal obligation Consent | Until the event you have registered for. |
| To conduct market surveys, send you our newsletter and other communications, and for other related marketing purposes | Name Position Company Email | Legitimate interest Consent | As long as the personal data is of relevance, for as long as your consent remains valid, and provided you have not denied the processing or opted-out. |
| To send invoices to sole proprietors | Name Position Postal address E-mail Telephone number Payment details | Completion of a contract Consent Legal obligation | During the time our customer relationship is ongoing and in accordance with your contract for sale with us. |
Schedule 2 - Suppliers
| Purpose | Categories of personal data | Legal basis | Storage time` |
|---|---|---|---|
| To register you as the supplier’s contact person | Name Position Company E-mail Telephone number | Completion of a contract Legitimate interest | As long as you hold the specific position which is relevant for the communication, or as long as the contract for which you are the registered contact, is valid. |
| To communicate with you regarding your contract or potential contract with us including promoting new products or services within the BMI Group. | Name Email Telephone number | Completion of a contract | As long as you hold the specific position which is relevant for the communication, or as long as the contract for which we are communicating with you, is valid. Your personal data will be stored as long as needed if required as proof during any guarantee period of a sale or under a contract. |
| To facilitate supplier support and handle issues or questions. | Name Company Email Telephone number | Completion of a contract Legitimate interest | As long as you hold the specific position which is relevant for the communication, or as long as the contract is valid. Your personal data will be stored as long as needed if required as proof during any guarantee period of a sale or under a contract. |
| To execute and send invoices on which you are the contact person | Name Company Email Telephone number | Completion of a contract Legitimate interest Legal obligation | As long as you hold the specific position which is relevant for the communication, or as long as the contract is valid. Your personal data will be stored as long as needed if required as proof during any guarantee period of a sale or under a contract. Further, your personal data may be stored for longer periods if required for us to satisfy our legal obligations. |
| To send invites to events | Name Position Company Email | Legitimate interest Legal obligation Consent | Until the event you have registered for. |
| To conduct market surveys, send you our newsletter and other communications, and for other related marketing purposes | Name Position Company Email | Completion of a contract Consent Legal obligation | During the time our customer relation is ongoing and in accordance with your contract for sale with us. |
| To send or pay invoices to sole proprietors | Name Position Postal address E-mail Telephone number Payment details | Completion of a contract Consent Legal Obligation | During the time our customer relation is ongoing and in accordance with your contract for sale with us. |