We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share any information relating to you (your personal data) in connection with your use of our website, application or online platform or facility on or through which you access and/or use our products, services or information (“Platform”). It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint.
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to goods and services we offer to individuals and our wider operations in the European Economic Area (EEA).
This privacy policy is divided into the following sections. If you click on each heading you will be taken to the relevant section.
https://ebi.ai/ (our ‘website’) is provided by Offshorly trading as EBI.AI (‘we’, ‘our’ or ‘us’). We are the controller of personal data obtained via our Platform, meaning we are the organisation legally responsible for deciding how and for what purposes it is used. This privacy policy relates to your use of our Platform.
Throughout our Platform we may link to other websites owned and operated by certain trusted third parties to make additional products and services available to you as highlighted under the heading “Who we share your personal data with”. Those third party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to those third party websites, please consult their privacy policies as appropriate.
We may change this privacy policy from time to time—when we make significant changes we will take steps to inform you.
You can contact our data protection officer (‘DPO’) by email if you have any questions about this privacy policy or the information we hold about you, to exercise a right under data protection law or to make a complaint.
Our DPO’s email address is: cathrine@ebi.ai
Please contact us if you have any queries or concerns about our use of your personal data. We hope we will be able to resolve any issues you may have.
You also have the right to lodge a complaint with the UK Information Commissioner. The UK’s Information Commissioner may be contacted using the details at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113.
The personal data we collect about you depends on the particular activities carried out through our Platform . If you do not provide personal data we ask for where it is indicated to be ‘required’ at the point of collection, it may delay or prevent us from providing services to you.
We may collect and use any combination of the following types of personal data about you:
Identity data | Includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, your spoken language, gender, job title and company details. |
---|---|
Contact data | Includes billing address, delivery address, email address and telephone numbers. |
Financial data | Includes bank account, billing information and payment card details. |
Transaction data | Includes details about payments to and from you and other details of products and services you have purchased from us. |
Technical data | Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Platform. |
Profile data | Includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses (via telephone, email, social media or post). |
Usage data | Includes information about how you use our Platform (including anonymised chat transcripts), products, technology systems and services |
Marketing and communication data | Includes your preferences in receiving marketing from us and our third parties and your communication preferences. |
Identity data
Includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, your spoken language, gender, job title and company details. |
Contact data
Includes billing address, delivery address, email address and telephone numbers. |
Financial data
Includes bank account, billing information and payment card details. |
Transaction data
Includes details about payments to and from you and other details of products and services you have purchased from us. |
Technical data
Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Platform. |
Profile data
Includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses (via telephone, email, social media or post). |
Usage data
Includes information about how you use our Platform (including anonymised chat transcripts), products, technology systems and services |
Marketing and communication data
Includes your preferences in receiving marketing from us and our third parties and your communication preferences. |
Under data protection law, we can only use your personal data if we have a proper reason. The table below explains what we use your personal data for and why.
More details about how we use your personal data and why are set out in the table below.
What we use your personal data for
|
Data type
|
Legal basis for using your data under UK GDPR or otherwise (references are to articles in the UK GDPR)
|
---|---|---|
Create, update and manage your account with us |
|
|
Providing services to you (or your employers/supplier) and communicating any changes to you (or your |
|
|
Employers/suppliers). |
|
|
Conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or us |
|
|
To enforce legal rights or defend or undertake legal proceedings |
|
|
Customise our Platform and its content to your particular preferences based on a record of your selected preferences or on your use of our Platform |
|
|
Protecting the security of systems and data used to provide the service |
|
|
Statistical analysis to help us understand our customer base |
|
|
Disclosures and other activities to third parties where legally required to do so |
|
|
Marketing our services including offers and promotions to existing and former customers. See ‘Additional information about marketing’ below for further information |
|
|
Cookies See ‘Cookies’ below for further information |
|
|
The audit of data storage |
|
|
What we use your personal data for
|
Data type
|
---|---|
Create, update and manage your account with us |
|
Providing services to you (or your employers/supplier) and communicating any changes to you (or your |
|
Employers/suppliers). |
|
Conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or us |
|
To enforce legal rights or defend or undertake legal proceedings |
|
Customise our Platform and its content to your particular preferences based on a record of your selected preferences or on your use of our Platform |
|
Protecting the security of systems and data used to provide the service |
|
Statistical analysis to help us understand our customer base |
|
Disclosures and other activities to third parties where legally required to do so |
|
Marketing our services including offers and promotions to existing and former customers. See ‘Additional information about marketing’ below for further information |
|
Cookies See ‘Cookies’ below for further information |
|
The audit of data storage |
|
You have the right to opt out of receiving marketing communications at any time by:
1. contacting us by email to our DPO at cathrine@ebi.ai; or
2. using the ‘unsubscribe’ link in emails.
We may ask you to confirm or update your marketing preferences if you ask us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business. We may share your personal data with other organisations outside the EBI Solutions Limited group for marketing purposes but not without your consent.
Directly |
|
---|---|
Indirectly |
|
Third parties’ sources |
|
Directly
|
Indirectly
|
Third parties’ sources
|
Cookies
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the Platform and to compile statistical reports on Platform activity. Please see the below list of cookies we collect and why:
Cookie name
|
Owner
|
Purpose and use
|
---|---|---|
AEC |
google.co.uk |
This allows Google to analyse specific behaviour and interests of the user including traffic data, user asds interaction data and demographic data. |
APISID / SAPISID / HSID / |
google.co.uk |
These cookies enable Google to collect user information for videos hosted by YouTube. |
CONSENT |
google.co.uk |
This is used to ensure consent to cookie use |
NID / SID / 1P_JAR |
google.co.uk |
Google uses a unique ID to remember preferences such as prefefrred language and to display personalised advertisments based on search and pervious interactions. |
SEARCH_SAMESITE |
google.co.uk |
This is used to send data to Google |
__Secure-1PAPISID |
google.co.uk |
Used by Google to build a profile of the user to ensure relevant content and advertising. |
__Secure-1PSID |
google.co.uk |
Used by Google to build a profile of the user to ensure relevant content and advertising. |
__Secure-3PSID |
google.co.uk |
Used by Google for retargeting purposes. |
__cf_bm |
Cloudflare |
Cloudflare’s Bot Management service and helps manage incoming traffic that matches criteria associated with bots |
__cfruid |
Cloudflare |
Used to ensure rate limiting policies. |
__hssc |
HubSpot |
This cookie is used to keep track of session data |
__hssrc |
hubspot.com |
When HubSpot changes the session cookie, this cookie is also set to determine if the visitor has reset their browser. |
__hstc |
HubSpot |
It contains domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (current visit), and session number (increments with each subsequent session). |
_fbp |
Used to distinguish individual users |
|
_ga |
Google Analytics |
Used to understand when a user visits website for first time |
_gcl_au |
Google Analytics |
Used to measure conversion from Google Ads |
_gcl_aw |
Google Analytics |
Used to measure conversion from Google Ads |
_gid |
Google Analytics |
Used to understand how a user interacts with website from a paid ad |
_hjid |
Hotjar |
Used when a user first lands on a page using Hotjar |
cf_clearance |
Cloudflare |
Shows a successful pass |
cookieconsent_status |
ebi.ai |
Keeps track of users choices |
hs_c2l |
hubspot.com |
Ensures HubSpot authenticiation |
wordpress_test_cookie |
ebi.ai |
WordPress sets this cookie when a user navigates to the login page. The cookie is used to check whether the web browser is set to allow, or reject cookies. |
wp-settings-11 |
ebi.ai |
This cookie is used to personalise the admin and main site interface. |
wp_lang |
ebi.ai |
Used to store language prefernces for WordPress users, |
Cookie name
|
Owner
|
---|---|
AEC |
google.co.uk |
APISID / SAPISID / HSID / |
google.co.uk |
CONSENT |
google.co.uk |
NID / SID / 1P_JAR |
google.co.uk |
SEARCH_SAMESITE |
google.co.uk |
__Secure-1PAPISID |
google.co.uk |
__Secure-1PSID |
google.co.uk |
__Secure-3PSID |
google.co.uk |
__cf_bm |
Cloudflare |
__cfruid |
Cloudflare |
__hssc |
HubSpot |
__hssrc |
hubspot.com |
__hstc |
HubSpot |
_fbp |
|
_ga |
Google Analytics |
_gcl_au |
Google Analytics |
_gcl_aw |
Google Analytics |
_gid |
Google Analytics |
_hjid |
Hotjar |
cf_clearance |
Cloudflare |
cookieconsent_status |
ebi.ai |
hs_c2l |
hubspot.com |
wordpress_test_cookie |
ebi.ai |
wp-settings-11 |
ebi.ai |
wp_lang |
ebi.ai |
For more information about cookies, please visit the ICO website by clicking here
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser.
Following the end of the of the relevant retention period, we will delete or anonymise your personal data.
We only allow those organisations to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also include contractual obligations to ensure they can only use your personal data to provide services to us and/or to you, for example in data processing agreements (DPAs).
We or third parties occasionally also share personal data with:
1. Our and their external auditors, e.g., in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations;
2. Our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
3. Law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations; and
4. Other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations.
More details about who we may share your personal data with and why are set out in the table below.
Processing operation (use) by recipient
|
Recipients (Third parties)
|
Relevant categories of personal data transferred to recipient
|
---|---|---|
Companies that help us with data storage |
|
|
Reporting |
|
|
Account Emails |
|
|
Data Processing by third parties (where the third party is our supplier and processes data on our behalf). |
|
|
Data Processing for third parties (where we are processing data on behalf of third parties who are our customers/clients). |
|
|
Companies that help us with our project management services |
|
|
Processing data when using our chat service |
|
|
Marketing Services |
|
|
Processing operation (use) by recipient
|
Recipients (Third parties)
|
---|---|
Companies that help us with data storage |
|
Reporting |
|
Account Emails |
|
Data Processing by third parties (where the third party is our supplier and processes data on our behalf). |
|
Data Processing for third parties (where we are processing data on behalf of third parties who are our customers/clients). |
|
Companies that help us with our project management services |
|
Processing data when using our chat service |
|
Marketing Services |
|
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. We continually test our systems and processing to ensure that we meet the expectations of g industry standards for information security.
We also have procedures in place to deal with any suspected data security breach. We will report any unlawful data breach of this Platform’s database or the database(s) to all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
We will not keep your personal data for longer than we need it for the purpose for which it is used. We will retain your personal data for a maximum of two years from the date of our last communication, on the legal bases of legitimate interest. Different retention periods apply for different types of personal data.
If you no longer wish to keep your account with us we will delete it and all your data upon request.
Further details on this are available from the ICO’s website, see here, on retention of personal data.
You generally have the following rights, which you can usually exercise free of charge:
Access to a copy of your personal data | The right to be provided with a copy of your personal data. |
---|---|
Correction (also known as rectification) | The right to require us to correct any mistakes in your personal data. |
Erasure (also known as the right to be forgotten) | The right to require us to delete your personal data—in certain situations. |
Restriction of use | The right to require us to restrict use of your personal data in certain circumstances, e.g., if you contest the accuracy of the data. |
Data portability | The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations. |
To object to use | The right to object:
|
Not to be subject to decisions without human involvement |
|
The right to withdraw consents |
|
Access to a copy of your personal data
The right to be provided with a copy of your personal data. |
Correction (also known as rectification)
The right to require us to correct any mistakes in your personal data. |
Erasure (also known as the right to be forgotten)
The right to require us to delete your personal data—in certain situations. |
Restriction of use
The right to require us to restrict use of your personal data in certain circumstances, e.g., if you contest the accuracy of the data. |
Data portability
The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations. |
To object to use
The right to object:
|
Not to be subject to decisions without human involvement
|
The right to withdraw consents
|
For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to contact us’ below). You may also find it helpful to refer to the guidance published by the UK Information Commission on your rights under the UK GDPR. A more detailed explanation of the above rights is available here.
If you would like to exercise any of those rights, please email our Data Protection officer at cathrine@ebi.ai when contacting us please:
1. provide enough information to identify yourself (e.g., your full name, address and customer or matter reference number) and any additional identity information we may reasonably request from you, and
2. let us know which right(s) you want to exercise and the information to which your request relates.