Privacy Policy

Protecting your personal details on our website.

Last updated: May 2022

The Website is brought to you by Verb Brands Limited. Verb Brands Limited adheres to the standards set out within the General Data Protection Regulation (2016) and the Data Protection Act (2018). This notice describes our privacy policy and forms part of our website terms and conditions (‘Website Terms’). 

Verb Brands Limited is the Data Controller of your personal data processed on this website and in any instances where you may have engaged our various professional services. Where it is contractually agreed, Verb Brands Limited may in some instances also act in the capacity of a Data Processor for the services we provide. 

We respect your rights to privacy and to personal data protection, and we are committed to protecting these through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website located at verbbrands.com (“Website”) and our practices for collecting, using, keeping, protecting, and disclosing that information. You should read this policy in conjunction with the Website Terms. 

This Privacy Notice explains: 

  1. Who are Verb?
  2. Personal data Verb collects
  3. Verb’s legal basis for processing
  4. Data Sharing: Who Verb may share information with and why 5. Data Transfers: Where Verb may transfer data to
  5. Data Transfer and Security Protocols
  6. Data Security: How verb keep information secure and deal with security incidents
  7. Data Retention: How long Verb may keep your data for
  8. Your Data Privacy rights

10.Queries and Complaints: How to contact our DPO and the ICO

1.Who are Verb? 

Verb Brands Limited forms part of ‘The Croud Group’ and has global reach, providing a diverse range of affluent clientele audiences with access to innovative digital marketing and brand enhancement strategy services through data, creative and media. When providing these services, we take our responsibilities regarding Data Protection very seriously and we abide by all applicable Data Protection laws in respect of the handling, processing and collection of data. All Verb Brands employees who handle and process personal or business data are fully trained to ensure that the data is kept secure and we follow the principles of ‘data privacy by design’ within our workforce cultures. 

  1. Personal data Verb collects 

The type and frequency of any personal data collected will always depend on how our website and services are used. If you do not wish to provide us with certain categories of personal data, you may not be able to use our services in their entirety. 

Please refer to the table below for a description of the different circumstances in which we may process data. 

When you provide us with data: 
We use electronic online contact forms and may utilise live chat facilities across our 
websites. These forms will prompt users to input basic contact details so we can 
generate service quotes, provide surveys and newsletter updates and respond to 
enquiries. You may also provide data to us when registering for an event, webinar, 
professional vacancy or when corresponding with us by phone, email, letter or social
When we collect your data:We will also collect personal data from you when you agree to take a service or product
from us, in which case this may include your contact details, date of birth, how you will
pay for the product or service and your bank details. We may also collect additional
data from you as part of our recruitment process, during your employment or when
you visit our offices via CCTV. We may also ask to verify your identity in limited
circumstances by providing valid photographic identification or other identification and
verification documentation that would validate your role within a company. We may
also need details of your business, business dealings and operations, and a record of
the communications and meetings you’ve had with Verb. We may use the data you give
to us to help administer and contact you about improved administration of any
accounts, services and products we have provided before, do provide now or will or
may provide in the future. The data we collect from you may subsequently be used to
allow us to carry out marketing analysis and customer profiling (including with
transactional information), conduct research, including creating statistical and testing
information. We may monitor and record communications with you (including phone
conversations and emails) for quality assurance and compliance.
When other sources pass
your data to us:
We may receive information about you and/or your company from specific third parties
such as business partners, sub-contractors, advertising networks, analytics providers,
hosting providers and search information providers. Verb may also receive referrals
from other clients and we utilise third party companies to assist with our in-house
marketing activities, therefore, we may obtain your data from another source or
company. We will always inform you of when this the case at first point of contact. We
may also obtain data relating to you and any related company from sources enlisted
within the public domain, such as the electoral register. The data we may collect from
other sources may allow us to contact you in any way (including mail, email, telephone,
visit, text or multimedia messages) about products and services offered by us and
selected partners unless you have previously asked us not to do so.
When we may collect
Special Categories of
Data:
As we offer a business to business service, we will not typically collect data known as
‘Special Category Data’ as we will not require this data type for the provision of Verb’s
services, however, there may be instances where we encounter categories of Special
Category Data provided by you or other users of our services during the lifetime of a
contractual agreement or during a service enquiry; usually where we act as a Data
Processor. Special category data is a more sensitive type of data which reveals insights
about a person’s racial or ethnic origin, political opinions, religious or philosophical
beliefs, trade union membership, genetic data, biometric data, health data, sex life, or
sexual orientation. Sensitive data collection will only take place where it is applicable to
the provision of the services that we are contracted to provide. The fundamental rights
of the data subjects are always assessed to ensure that the processing is fair,
transparent and lawful.
In some cases, where the processing is deemed high risk or highly sensitive, we may ask
for your ‘consent’ before we undertake the processing. For example, when providing
information on reasonable adjustments before an interview
Data relating to Minors
and Children:
As we offer a business to business service, Verb Brands does not collect data relating to
children or minors and we do not target our products and services at them. This
website is not intended for individuals under the age of 16. We do not intentionally
collect Personal Information from children. If you are the parent or guardian and
believe your child has provided us with Personal Information, please contact us at the
address specified below to request deletion. Clients we service in a Data Processor
capacity for some products and services may enable us to view data relating to minors,
however, we would not make further use of that data conditional to the provision of
any of our services. Any indirect data processing we undertake for data relating to
minors and children will be defined by agreed contractual terms and mechanisms
where necessary to ensure appropriate safeguards are in place.
When you apply for a job
vacancy at Verb:
You provide several pieces of data to us directly during the recruitment exercise. Should
you be successful in your job application, we will gather further information from you,
for example, your bank details and next of kin details, once your employment begins.
We have a Legal Obligation to ensure you have a right to work in the UK and make
reasonable adjustments for you if you have a disability. The ongoing lawful basis we
rely on to process your data will be under our legal obligations or legitimate interests
which may include assessments made on salary.
Online Identifiers:As you navigate through and interact with our Website, we may use automatic data
collection technologies to collect certain information about your equipment, browsing
actions and patterns, including: Details of your visits to our Website, including traffic
data, location data, logs, and other communication data and the resources that you
access and use on the Website. Information about your computer and internet
connection, including your IP address, operating system, and browser type. We also
may use these technologies to collect information about your online activities over
time and across third-party websites or other online services.
The technologies we use for this automatic data collection may include: cookies or
other local storage and web beacons (or “pixels,” on the Website and including in our
emails).
We have the ability to collect data which you may be pseudonymously identified from,
including the values of web cookies and mobile device identifiers.
We retain data relating to your usage of the Website, including the pages that you view
and in some cases information about how you clicked to visit the Website. about your
internet connection, and the software or equipment that you use to access our
Website.
When you visit our website, a record of your device’s IP address is retained which is
used pseudonymously in order to determine website and page visitors. For more
information on how we use online identifiers or cookies please visit our cookies policy

Automatic data collection for operating the website

The information wedo this by emailing us at [email protected] or writing to us at the address noted above.

Rights for Data Subjects in the European Union

If you are an EEA Resident and would like to make enquiries about your rights or this Privacy Policy, please contact our EU Representative at [email protected]. Alternatively, they can be reached by post (The DPO Centre, Alexandra House, 3 Ballsbridge Park, Dublin, D04C 7H2) or +353 1 631 9460. www.dpocentre.com.

10. Queries and Complaints

Verb Brands Limited has a dedicated representative who can be approached for any questions, comments and requests regarding this privacy policy or our Data Privacy Management System. Our Group Data Protection Officer welcomes communication around our policies and practices at [email protected]. If you’re not satisfied with our response, or believe we’re not processing your personal data in accordance with the law, you can approach the UK regulator for further guidance at www.ico.org.uk/concerns.

This Privacy Policy applies to all personally identifiable Data Verb Brands Limited processes. By using the Website and our services, your information may be transferred to, stored, and processed in and between the United Kingdom, the United States of America, the European Union and any other country or region of the World. The Website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of those other sites. We encourage our users to be aware when they leave our Web collect automatically is grouped by its purpose into one of three categories, either:

Operating the Website includes for the purposes of

Automatic data collection for measurement

Measurement includes for the purposes of:

3. Verb’s Legal Basis for Processing

Before processing any personal data, we ensure that at least one lawful basis under GDPR is met. We will not disclose personal data for any purpose other than what the data was originally collected for; unless there is an overriding legal basis that enables this processing.

We may collect, hold, use and disclose the information collected to compile statistical data and to maintain our database; to develop or improve our website; respond to any queries; notify you of any upcoming marketing, training or other events that we think may be of interest to you; provide you with publications; manage quality control and compliance issues; manage systems administration; provide you or your organisation with advice; notify you about important changes or developments to our services; contact you for your views on our services or to determine the suitability for employment.

We may also process your personal data in the following circumstances:

To Perform Our Service Under the Contract:We use ‘performance of a contract’ to process information in order to support and
maintain our existing or potential contractual relationships and our internal
employee data. We may process personal data in order to provide various
supporting client services, take payments and to make improvements to our
website.
As part of our Legitimate
interests:
The lawful basis which we often rely on to process data for the duration of servicing on
your account and for the decision to enter an initial or any subsequent contract is under
our ‘legitimate interests’. Ensuring our administrative functions and IT systems are
secure and robust against unauthorised access also falls under this basis. We may record
calls made to our staff members including internal, inbound or outbound calls using this
lawful basis. We have a ‘legitimate interest’ to process data which may assist us with the
establishment, exercise or defence of legal claims. In some cases, and to facilitate our
‘Legitimate Interests’ we will collect data about you from third parties, such as
employment agencies, DVLA, government bodies and former employers when gathering
references or data from Credit Reference Agencies.
Legal Obligations:Due to the products we offer to companies, we also have a ‘legal obligation’ to validate
the status of companies we work with which may involve identifying and verifying
individual data subjects as part of our ‘legitimate interests’ to safeguard against criminal
or fraudulent activities. We also need to ensure that VAT and premium tax is paid. For
more information on how we run checks on companies we do business with, please
refer to the below
Consent:Where we have obtained your consent, we may target additional marketing towards you
for certain products and services. We also may share our data with certain suppliers and
third parties by asking for your consent. Where consent is used as the lawful basis for
the processing, you will be entitled to withdraw that consent at any time as well as
exercise your data privacy rights

4. Data Sharing: Who Verb may share information with and why

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We will not disclose your Personal Data to any third party except in accordance with this Privacy Policy, however, we may allow other people and organisations to use Personal Data we hold about you in the following circumstances:

Verb’s Data Processors

Verb uses these data processors to assist with the safeguarding, storage and processing your personal data.

Relationships with our clients and customers

Measurement

Advertising

5. Data Transfers: Where Verb may Transfer your Data to

Personal data will only be disclosed on a confidential basis to external service providers so that they can provide services such as financial, technological or administrative assistance. When we share data with an external third party; these operations are governed by a Data Processing Agreement (DPA) or other relevant contractual terms and we perform regular due diligence on any external companies we work with to ensure that high levels of data integrity are maintained.

Any transfers taking place outside the EEA are only permitted with the provision of an Adequacy decision, Standard Contractual Clauses (SCC’s/IDTA’s) or any other lawful transfer mechanism. Where necessary, we may need to share data with external organisations such as law enforcement, regulatory bodies, fraud prevention agencies, partners or advisors. Before any data is shared, we ensure that all technical and organisational controls are firmly in place and a Data Protection Impact Assessment is undertaken, where applicable, if the sharing or transfer is considered high risk. We do not sell your data to any third parties.

6. Data Security: Data Transfers and Security Protocols

We have a dedicated Information Security team who are in place to offer protection across all our networks and IT assets to assist with data security and data loss prevention. All our systems are robustly secured and follow industry standards that champion safe information security processes in business. We also have a specialised Incident Response Team on hand to respond quickly to any data related issues including the prevention and detection of cyber criminals. For our UK and Irish clients, cloud providers we use have servers based within the UK and EEA jurisdictions. As a company we promote a ‘paperless’ culture where possible.

We have strict security measures to protect Personal Data. We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.

We maintain physical, electronic and procedural safeguards about the collection, storage and disclosure of personally identifiable customer information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.

If you communicate with us using the internet, we may occasionally email you about our services and products. When you first give us Personal Data through the Website, we will normally give you the opportunity to say whether you would prefer us not to contact you by email. You can also always send us an email (at the address set out below) at any time if you change your mind.

Please remember that communications over the internet, such as emails and web mails (messages sent through a website), are not secure unless they have been encrypted. Your communications may go through several countries before they are delivered – this is the nature of the internet. We cannot accept responsibility for any unauthorised access or loss of Personal Data that is beyond our control.

These third-party websites and advertisers, or internet advertising companies working on their behalf, sometimes use technology to send (or ‘serve’) the advertisements that appear on the Website directly to your browser. They automatically receive your IP address when this happens. They may also use cookies, JavaScript, web beacons (also known as action tags or single-pixel gifs), and other technologies to measure the effectiveness of their ads and to personalise advertising content. We do not have access to or control over cookies or other features that they may use, and the information practices of these advertisers and third-party websites are not covered by this Privacy Policy. Please contact them directly for more information about their privacy practices. In addition, the Network Advertising Initiative offers useful information about internet advertising companies (also called ‘ad networks’ or ‘network advertisers’), including information about how to opt-out of their information collection.

We exclude all liability for loss that you may incur when using these third-party websites.

7. Data Security: How verb keep information secure and deal with security incidents

Group only keep your data for as long as necessary, unless there is an overriding legal ground. We will not retain data if it is deemed unlawful to do so. Data may be held for purposes relating to the establishment, exercise or defence of legal claims which the group or our clients may face. Where we represent you in any legal case, we retain the data for seven years from the conclusion of the litigation case. We will also typically keep data concerning your account for at least seven years from the date you end your contract with us. Some data may be deleted before this time depending on the category of that data in line with our commercial legitimate interests and retention schedule, for example, data provided to us during an unsuccessful job application will be retained no longer than 12 months after the recruitment exercise. Personal data that is no longer necessary is deleted securely in line with Verb’s Data Disposal Policy. Our Data Retention and Data Disposal policies are available upon request.

8. Data Retention: How long Verb may keep your data for

Verb adheres to the retention periods set out at Group level (Croud Group) and will only keep your data for as long as necessary, unless there is an overriding legal ground. We will not retain data if it is deemed unlawful to do so. Data may be held for purposes relating to the establishment, exercise or defence of legal claims which the group or our clients may face. We will also typically keep data concerning your account for at least seven years from the date you end your contract with us. Some data may be deleted before this time depending on the category of that data in line with our commercial legitimate interests and retention schedule, for example, data provided to us in the course of an unsuccessful job application will be retained no longer than 12 months after the recruitment exercise. Personal data that is no longer necessary is deleted securely in line with Verb’s Data Disposal Policy. Our Data Retention and Data Disposal policies are available upon request.

9. Your Data Privacy Rights All data subjects have individual rights.

On a case by case basis, you have the following rights in relation to your personal data processed by Verb Brands Limited:

Please be aware that the rights listed in this section only apply to individuals and cannot be used to request data relating to business entities. Please be aware that your rights of access do not automatically entitle you to physical or digital copies of any documentation we hold.

Verb Brands is part of the ‘Croud Group’ and we refer all Data Privacy matters our Data Protection Officer (DPO) at group level. Please head to the footer of this notice for further information on Croud. You can ask us for a copy of this Privacy Policy and of any amended Privacy Policy by writing to the above address or by emailing us at [email protected]. If you would like access to the Personal Data that we hold about you, you can site and to read the privacy statements of any other site that collects personal data.

Verb Brands Limited is registered under company number 07828770. Our registered office is at Cannon Place, 78, Cannon Street, London, EC4N 6AF.

Verb Brands Limited forms part of the ‘Croud Group’ also known as Croud Inc Ltd, Croud Inc. and Croud Australia Pty. Ltd. (“Croud”). Croud Inc Ltd is registered under company number 07542498 with registered offices at Cannon Place, 78, Cannon Street, London, EC4N 6AF. You can access Croud’s privacy policy here.

We may amend this Privacy Policy from time to time without notice to you, in which case, we will publish the amended version on the Website. You confirm that we shall not be liable to you or any third party for any change to this Privacy Policy from time to time. It is your responsibility to check regularly to determine whether this Privacy Policy has changed.

For EEA Residents: Please contact our EU Representative at [email protected]. Alternatively, they can be reached by post (The DPO Centre, Alexandra House, 3 Ballsbridge Park, Dublin, D04C 7H2) or +353 1 631 9460. www.dpocentre.com

©Verb Brands Limited 2022

Work With Us

Speak to a digital consultant.

GET IN TOUCH