Privacy Policy

Our website address is: https://techoctopus.com

 1. Communications and updates

This section of our website is designed to help you understand what we do with information about people, referred to as “personal data”. 

We take your privacy very seriously. Please read this privacy notice carefully as it contains important information on who we are and how and why we collect, store, use and share personal data in connection with your use of our website and when we deliver services to our clients. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint.

Berne (UK) Limited (a company limited by guarantee, registered in England and Wales. Company registration number 06577006)) is the controller of your personal data. We’re an agency based in London, specialising in Demand Generation for Global B2B Brands. We’re led by our customer-first principles and a code of ethics. Berne (UK) Limited currently includes the following brands which operate within it: OneNineFive; TechOctopus; and Martech Tracker.

This Privacy Policy applies to personal data collected by Berne (UK) Limited and its UK brand TechOctopus (collectively referred to in this Privacy Policy as “we”, “us” or “our”) on websites (including mobile sites and apps) which link to this Privacy Policy, via registration forms, surveys, competition entries, at events (including awards),      if you contact us (online, by post, telephone or social media), and where we collect and process personal information about you in order to provide services to you and our clients.     

Our registered office address is at 60 Great Portland Street, London, United Kingdom, W1W 7RT

We have appointed an outsourced Data Protection Officer (DPO), if you have any questions or concerns about the information on this page, or about what we do with personal data, or otherwise wish to contact the DPO, please email us for the attention of the DPO at dpo-hub@next15.com, or write to us at the above address, for the attention of the DPO.     

Given the nature of our website and our services, we do not expect to collect the personal data of anyone under 18 years old. If you are aware that any personal data of anyone under 18 years old has been shared with us please let us know so that we can delete that data.

2. How we collect your personal data

We use different methods to collect data from and about you including through:

1. Information you give to us (direct): When you complete a form or volunteer your details in some other way, we typically collect the following information about you: your name, company name, email address, telephone number, social media handles and any associated areas of interest you have explicitly shared with us.

2. Information we collect indirectly – the use of ’information in the public domain’  When we refer to “information in the public domain”, we are talking about websites that can be accessed without any special login or subscription or sites that require free login (not subject to any special terms or conditions): For example:
   • LinkedIn; 
   • Twitter;
   • Facebook; 
   • free-to-access business aggregation based sites (for example, Crunchbase.com and theorg.com);
   • blog posts;
   • news sites that discuss B2B topics and include mentions of individuals; and     
   • events sites that list speakers and attendees. 

When providing services to clients, we will collect your name, business address and contact information, including business email address and telephone number and company details, together with your personal and professional interests and information relating to your professional and personal online presence. 

If you have publicly shared a non-work email address we may capture and store it for the purpose of including it in an anonymised “matched audience”. We will only send email to personal addresses if you have given us your consent to do so.

We may match your email address provided to us with publicly available personal data collected about you for the purposes of providing us with more information about you and to ensure that the data we hold on you is accurate and up-to-date.

3. Information we collect from third party partners:  Our third party data providers will have built their own pictures about you in the same way we have described above. 

• We may purchase this data from them to facilitate contact with you in connection with the services we offer, as a legitimate business interest of ourselves and our customers. 

• When using digital advertising audiences, for example via Google Ad Network or LinkedIn, we use pre-created audiences (i.e. lists of device IDs inferred to be used by people with specific characteristics). These audiences are matched against a criteria such as, for example, people who work for a list of companies with specific roles, or individuals who are matched from a list of email addresses. In these cases we are never able to identify individuals within the anonymised audience. 
• When using direct marketing audiences, including via telemarketing or email marketing, we use, and contact pre-created audience supplied by third-party partners. These audiences are matched against a criteria to ensure that the marketing is relevant for that person, such as by ensuring that the topic of interest relating to the content matches the job title of the individual.           

4.      Information we collect from our group:  We may also collect/share information from you from our group members, for example via our group-wide Customer Relationship Management system (CRM), which allows us to optimise our client relationships. Each of our company group members has access to this CRM. Any personal data which is inserted or otherwise uploaded into the CRM will, therefore, be accessible by our company group, but only for legitimate business purposes such as administrative functions, or to leverage existing relationships to offer complimentary services or additional services offered by our wider group

5. Automated technologies or interactions: As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.

3. The personal data we collect about you

In order for us to provide our services and to help our clients better market to and sell to their customers and prospective customers, we will collect and use the following personal data about you:

• your name, business address and contact information, including business email address and telephone number and company details;
• your social media handles;
• location data as it relates to professional activities, for example the office location you mainly work at, or the location of a professional event you attended;
• your activities on, and use of, our website;
• your personal or professional interests;
• your professional and personal online presence (for example, your LinkedIn or Twitter profiles);
• professional content creation (for example, posts you make on blogs or social media in relation to professional activities); and
• mentions of you in the media and on social media (in relation to your professional interests and activities).
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. 
• Usage Data includes information about how you use our website and services.

If we hold your personal data for this purpose you can be assured that it only relates to your professional business activities and that we identified you as likely to find the commercial offerings of one of our clients relevant to you. Furthermore, if you have opted-out of communications from us or one of our clients or partners, we will have taken steps to make sure you are removed from any communications we control. 

If you do not provide personal data we ask for, it may delay or prevent us from providing our services.

 4. Marketing Communications and updates

a. Own marketing:   We may use your personal data to send you details of products or services that we offer that we have identified as likely to be of interest to you. We will only send you information in line with the preferences you indicated when you provided the personal data and where you have provided your consent for us to do so.  We may also send you marketing information on our products and services on the basis of legitimate interests, where we believe you may have an interest in the marketing material shared with you based on your job title, function and area of expertise.

If at any point you would like to opt-out of receiving communications from us, would like to change the types of content or topics that you receive communications about, or     would like to change the channels (such as email or post) that we use to contact you, please contact us using the contact details above or click the unsubscribe link contained at the bottom of our email marketing communications.

b. Third party marketing:  From time to time you would like to send you offers about products and services by email from our group members and brands, including The Craft, Agent3       OneNineFive           or MarTech Tracker which we feel would be of interest to you, or other carefully selected third-parties, which we feel would be of interest to you based on your job title, function and area of expertise.  We will do this if you have opted in to third party marketing when you provided your personal data.  We may also send you such marketing information on the basis of legitimate interests, where we believe you may have an interest in the marketing material shared with you based on your job title, function and area of expertise.

We will only do this if you have opted in to third party marketing when you provided your personal data. You may at any time withdraw your consent by using the contact details above or click the unsubscribe link contained at the bottom of our email marketing communications

c. Third party sharing for marketing:  From time to time we would like to be able to pass your email address to relevant third-parties and sponsors.

We will only do this if you have opted in to third party marketing when you provided your personal data. You may at any time withdraw your consent by contacting using the contact details above     or click the unsubscribe link contained at the bottom of our email marketing communications. or martechtracker.com.

5. Legal basis 

Under data protection law, we can only use your personal data if we have a valid lawful basis for example 

 a)  Consent. This means that you have agreed to let us process your personal data, in the form of an opt-in or disclaimer, as explained at the point of data collection. You can change your mind at any time.

     You can change your mind and withdraw your consent by contacting us using the contact details above, or by writing to us at 60 Great Portland Street, London, United Kingdom, W1W 7RT     .

 b) Legitimate Interest: This is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests to balance our interests against your own.

c) Performance of a Contract: This means we need to process your data in relation to a contract between us and you (eg: the content download you submit your email address for).

d) Vital Interests: This is when we may need to contact you if there are any urgent safety notices to communicate to you or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you.

 e) Legal Obligation: This means that we have to process the personal data in order to comply with the law.

Details of the lawful basis we rely on is listed below: 

     6. How do we process your personal data 

Purpose of processing your personal data

Activity	Purpose of processing	Lawful basis
Commercial enquiries	Respond to customer requests and communicate with you Provide customers with information about our products and services      Management of queries, complaints, or claims.	Legitimate Interest
Direct marketing from data in the public domain	Provide marketing content that is useful to individuals based on their job title Connect brands with individuals that are interested in their product, only where those individuals have given consent to do so	Legitimate Interest
Direct marketing from customer data	Provide individuals with marketing content that is useful to them, based on their expressed topic interests only. Connect brands with individuals that have expressed interest in receiving marketing content related to their product	Consent Legitimate Interest
Contract management	To establish your eligibility to use our services, to deliver services and support to you	Performance of a contract
Provide services to our clients/ comply with our contract with our customers/clients	To provide services to our clients which may include, building a list of contacts; and identifying and analysing posts that individuals have put in the public domain with the objective of information others of their interests and needs in relation to their business activities	Legitimate Interest
Website management and activities	To assess and improve our services and website, for analysis to improve our services, and to enhance and personalise your user experience (including to improve the recommendations we make to you on our website),      To monitor usage of our site, record traffic flows, and to carry out research about its user demographics, interests and behaviour in order to better understand the users of our website. To carry out database and website administration	Legitimate Interest
Security and fraud prevention	For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access. For prevention of fraud and other criminal activities. For the establishment and defence of our legal rights	Legitimate Interest
Data Subject enquiries	To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request)	Legitimate Interest
Safety information.	To contact you if there are any urgent safety notices to communicate to you or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you	Vital interests
To comply with our legal obligations:	To assist any public authority or criminal investigation body. To identify you when you contact us,To verify the accuracy of data we hold about you	Legal requirement.

7. Sharing your personal data

We only share your personal information with trusted third party data processors (like software platforms used to coordinate projects, communications systems providers such as SMS, email delivery platforms, and telemarketing providers) where we have retained them to provide services that you or our clients have requested. These third parties comply with similar and equally stringent undertakings of privacy and confidentiality. We only allow those organisations to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.

7.1 We share your personal data with third parties for marketing purposes as detailed in point 4(c) above.

7.2 We may share your personal data with:

1. Any other trading arm of  Berne (UK) Ltd, as stated in the intro to this Privacy Notice and members of our wider group, including to our parent company Next Fifteen Communications Group plc for legitimate business purposes such as administrative functions, or to leverage existing relationships to offer complimentary services or additional services offered by our wider group.          
2. our clients to whom we are providing our services to (this specifically excludes information like personal email or home address) for the purposes of provision of our services;
3. other third parties we use to help us collect personal data, such as business partners, suppliers and sub-contractors, contact data providers, market research agencies and website analytics providers for the purposes of providing services directly to you or on our behalf;
4. other third parties who help us to engage with audiences, such as ad and social networks, publishers and tele-qualification providers for the purposes of providing services to you;
5. external auditors, e.g. in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations;
6. professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
7. law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations; and
8. other parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency. Usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.

7.3 In the case of personal data obtained via our websites:

a) analytics and search engine providers that assist us in monitoring usage of our websites, subject to our cookie notice below.

8. Disclosure of personal information

8.1 We may also share your information with third parties:

a) If we sell or buy assets, in which case we may disclose your personal information to the prospective buyer or seller, subject to the terms of this privacy notice.

b) If the assets of Berne (UK) Limited or any organisations which are part of Berne (UK) Limited are acquired by a third party and members and contacts are one of the transferred assets.

c) If we are legally required to share your personal data, or in order to enforce or apply our contractual terms and conditions with you.

d) To protect the rights, property, and safety of TechOctopus, our customers, and others. This includes sharing your personal information with other organisations for the purposes of fraud protection, credit risk reduction and preventing cybercrime.

9. Transfer of your personal data

The EEA, UK and other countries outside the EEA and the UK have differing data protection laws, some of which may provide lower levels of protection of privacy. 

Due to the global nature of our business It is sometimes necessary for us to share your personal data to countries outside the UK and EEA, such as the US and Australia. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data. 

For example, we may transfer your personal data to:

● clients who are based in other markets; 

● systems and platforms, which store data in other jurisdictions; and

● our global group companies to facilitate our business activities.

Under UK and EU data protection laws, we can only transfer your personal data to a country outside the UK/EEA where there is a transfer mechanism approved by the UK government or the European Commission, or where there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or where a specific exception applies under relevant data protection law.

If you would like further details about these data transfers please contact us using the details set out above.      

10. Retention period 

We won’t keep your personal data any longer than we need to and for the purposes for which it was collected and used.      

You can take a look at our data retention policy by contacting us using the contact details above     . 

In terms of personal data we use for marketing, we will keep this data for as long as we are able to market to you.  If you withdraw your consent, we will keep your details to make sure we don’t contact you again for marketing purposes, and for our own legal, regulatory, and accounting purposes.

Our clients will keep the personal data we collect about you and pass onto them in accordance with their own retention periods and subject to their own privacy policies.

11 Your data matters. Your rights as a data subject.     

Your rights and how to exercise them – individuals in the United Kingdom, Switzerland, the European Economic Area and Canada: 

If your personal data is subject to UK or EU data protection laws, then you have certain rights under the UK GDPR and the EU GDPR which we summarise below. If you are based in Canada and your personal data is subject to Canadian data protection laws, you broadly have the same rights as individuals whose personal data is subject to UK or EU data protection laws (although such rights will be subject to applicable Canadian law).  

1. Access: With some exceptions designed to protect the rights of others or in respect of airport security, you have the right to a copy of the personal data that we hold about you. We may make a reasonable charge for additional copies of that data beyond the first copy, based on our administrative costs. Where the data is data that you have given to us, you have the right to receive your copy of it in a common electronic format, and to provide copies of it to other people if you wish.
2. Correction: You have the right to have the personal data we hold about you corrected if it is factually inaccurate. This right does not extend to matters of opinion.
3. Deletion: In some limited circumstances, you have the right to have personal data that we hold about you erased (“the right to be forgotten”). This right is not generally available where we still have a valid legal reason to keep the data (for example, for fraud prevention or because we are obliged to do so by law).
4. Objection: You have the right to object to our processing of your personal data where we rely on “legitimate interests” as our legal basis for processing, but we may be able to continue processing if our interest outweighs your objection.
5. Opting out of marketing:  You have the right to require us to stop using your personal data to send you marketing information. If you want us to stop sending you marketing information, the quickest and most efficient way is to use the provided “unsubscribe” links in our communications (although you can contact us direct if you prefer).
6. Temporary restriction: You also have the right in some circumstances to request that temporary restrictions are placed on how we process your personal data, for example if you contest its accuracy or where we are processing it on the basis of our legitimate interest and you contest our assessment that our interest overrides your rights.
7. Withdrawing consent: If we are processing your personal data on the basis of your consent, you have the right to withdraw that consent at any time, in which case we will stop that processing unless we have another legal basis on which to continue.

Further information:  For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us using the information above. 

You may also find it helpful to refer to the guidance from the UK’s Information Commissioner on your rights under the UK GDPR. 

How to exercise your rights:  The easiest method of exercising your rights is to:

● email our data protection team on dpo-hub@next15; or

● write to us at TechOctopus, 60 Great Portland Street, London, United Kingdom, W1W 7RT United Kingdom, marked for the attention of the Data Protection Hub.

In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to a request you have made.

Your rights and how to exercise them – individuals in California 

If your personal data (called “personally identifiable information” for the purposes of California law) is subject to California law, then you have certain rights under the California Consumer Privacy Act (CCPA). 

1. Opt-out of sale: With some exceptions, California residents have the right to opt out of any sale of their personal information. You may enforce this right by clicking this link: [“Do Not Sell My Personal Information”]. You may also contact us at +1 510-394-2713. California residents may designate authorized agents to make such requests on their behalf. We must wait at least 12 months before asking you to opt back in to the sale of your personal information, where you have previously opted-out. 
2. Disclosure (“right to know”): With some exceptions, California residents may request that we disclose to you what personal information we have collected, used, shared or sold about you, and why we collected, used, shared or sold that information. You may obtain this information from us free of charge. The information provided will be for the 12-month period preceding your request.
3. Deletion: In some limited circumstances, you have the right to have personal data that we hold about you erased. This right is not generally available where we still have a valid legal reason to keep the data (for example, for fraud prevention or because we are obliged to do so by law).
4. Non-discrimination: We cannot deny services, charge you a different price, or provide a different level or quality of services just because you exercised your rights under the CCPA. However, if you refuse to provide your personal information to us or ask us to delete or stop selling your personal information, and that personal information or sale is necessary for us to provide you with services, we may not be able to complete that transaction.

How to exercise your rights:  The easiest method of exercising your rights is to:

• fill out the form located at the following link: https://www2.agent3.com/ccpa/;
• email our Data Protection Officer at dpo-hub@next15.com; or
• contact us at +1 510-394-2713

In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to a request you have made.

12. How to complain  

Please contact us if you have any queries or concerns about our use of your information (see above contact information). We hope we will be able to resolve any issues you may have.

If your personal data is subject to UK or EU data protection laws, then you have the right to lodge a complaint about our handling of your personal data with your local supervisory authority, although we do ask that you raise any concerns with us first as we can probably address them much more efficiently. 

In the United Kingdom, the Information Commissioner’s Office is your local supervisory authority.  The UK’s Information Commissioner may be contacted at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113.  You can find a list of the supervisory authorities for EU member states here [Link to https://edpb.europa.eu/about-edpb/board/members_en].                                                                                

13. Cookies

A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser.

Find out more about cookies on http://www.allaboutcookies.org/. 

We use cookies to identify you when you visit this website and to keep track of your browsing patterns and build up a demographic profile.

Our use of cookies also allows registered users to be presented with a personalised version of the site, carry out transactions and have access to information about their account.

14. Third Party websites and cookies and security 

Our website may contain links to other websites that are outside our control and are not covered by this Privacy Notice.

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. When we share data with our third party clients, data is sent in an encrypted format. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

 15. Changes to the Privacy Policy

This privacy notice is regularly reviewed and will be updated when necessary.

Any changes will be effective from the publication date.

This notice was last updated September 2022.