The Website is brought to you by Verb Brands Limited. Verb Brands Limited adheres to the standards set out within the General Data Protection Regulation (2016) and the Data Protection Act (2018). This notice describes our privacy policy and forms part of our website terms and conditions (‘Website Terms’).
Verb Brands Limited is the Data Controller of your personal data processed on this website and in any instances where you may have engaged our various professional services. Where it is contractually agreed, Verb Brands Limited may in some instances also act in the capacity of a Data Processor for the services we provide.
We respect your rights to privacy and to personal data protection, and we are committed to protecting these through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website located at verbbrands.com (“Website”) and our practices for collecting, using, keeping, protecting, and disclosing that information. You should read this policy in conjunction with the Website Terms.
This Privacy Notice explains:
- Who are Verb?
- Personal data Verb collects
- Verb’s legal basis for processing
- Data Sharing: Who Verb may share information with and why 5. Data Transfers: Where Verb may transfer data to
- Data Transfer and Security Protocols
- Data Security: How verb keep information secure and deal with security incidents
- Data Retention: How long Verb may keep your data for
- Your Data Privacy rights
10.Queries and Complaints: How to contact our DPO and the ICO
1.Who are Verb?
Verb Brands Limited forms part of ‘The Croud Group’ and has global reach, providing a diverse range of affluent clientele audiences with access to innovative digital marketing and brand enhancement strategy services through data, creative and media. When providing these services, we take our responsibilities regarding Data Protection very seriously and we abide by all applicable Data Protection laws in respect of the handling, processing and collection of data. All Verb Brands employees who handle and process personal or business data are fully trained to ensure that the data is kept secure and we follow the principles of ‘data privacy by design’ within our workforce cultures.
- Personal data Verb collects
The type and frequency of any personal data collected will always depend on how our website and services are used. If you do not wish to provide us with certain categories of personal data, you may not be able to use our services in their entirety.
Please refer to the table below for a description of the different circumstances in which we may process data.
When you provide us with data: | We use electronic online contact forms and may utilise live chat facilities across our websites. These forms will prompt users to input basic contact details so we can generate service quotes, provide surveys and newsletter updates and respond to enquiries. You may also provide data to us when registering for an event, webinar, professional vacancy or when corresponding with us by phone, email, letter or social |
When we collect your data: | We will also collect personal data from you when you agree to take a service or product from us, in which case this may include your contact details, date of birth, how you will pay for the product or service and your bank details. We may also collect additional data from you as part of our recruitment process, during your employment or when you visit our offices via CCTV. We may also ask to verify your identity in limited circumstances by providing valid photographic identification or other identification and verification documentation that would validate your role within a company. We may also need details of your business, business dealings and operations, and a record of the communications and meetings you’ve had with Verb. We may use the data you give to us to help administer and contact you about improved administration of any accounts, services and products we have provided before, do provide now or will or may provide in the future. The data we collect from you may subsequently be used to allow us to carry out marketing analysis and customer profiling (including with transactional information), conduct research, including creating statistical and testing information. We may monitor and record communications with you (including phone conversations and emails) for quality assurance and compliance. |
When other sources pass your data to us: | We may receive information about you and/or your company from specific third parties such as business partners, sub-contractors, advertising networks, analytics providers, hosting providers and search information providers. Verb may also receive referrals from other clients and we utilise third party companies to assist with our in-house marketing activities, therefore, we may obtain your data from another source or company. We will always inform you of when this the case at first point of contact. We may also obtain data relating to you and any related company from sources enlisted within the public domain, such as the electoral register. The data we may collect from other sources may allow us to contact you in any way (including mail, email, telephone, visit, text or multimedia messages) about products and services offered by us and selected partners unless you have previously asked us not to do so. |
When we may collect Special Categories of Data: | As we offer a business to business service, we will not typically collect data known as ‘Special Category Data’ as we will not require this data type for the provision of Verb’s services, however, there may be instances where we encounter categories of Special Category Data provided by you or other users of our services during the lifetime of a contractual agreement or during a service enquiry; usually where we act as a Data Processor. Special category data is a more sensitive type of data which reveals insights about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, sex life, or sexual orientation. Sensitive data collection will only take place where it is applicable to the provision of the services that we are contracted to provide. The fundamental rights of the data subjects are always assessed to ensure that the processing is fair, transparent and lawful. In some cases, where the processing is deemed high risk or highly sensitive, we may ask for your ‘consent’ before we undertake the processing. For example, when providing information on reasonable adjustments before an interview |
Data relating to Minors and Children: | As we offer a business to business service, Verb Brands does not collect data relating to children or minors and we do not target our products and services at them. This website is not intended for individuals under the age of 16. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address specified below to request deletion. Clients we service in a Data Processor capacity for some products and services may enable us to view data relating to minors, however, we would not make further use of that data conditional to the provision of any of our services. Any indirect data processing we undertake for data relating to minors and children will be defined by agreed contractual terms and mechanisms where necessary to ensure appropriate safeguards are in place. |
When you apply for a job vacancy at Verb: | You provide several pieces of data to us directly during the recruitment exercise. Should you be successful in your job application, we will gather further information from you, for example, your bank details and next of kin details, once your employment begins. We have a Legal Obligation to ensure you have a right to work in the UK and make reasonable adjustments for you if you have a disability. The ongoing lawful basis we rely on to process your data will be under our legal obligations or legitimate interests which may include assessments made on salary. |
Online Identifiers: | As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including: Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website. Information about your computer and internet connection, including your IP address, operating system, and browser type. We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services. The technologies we use for this automatic data collection may include: cookies or other local storage and web beacons (or “pixels,” on the Website and including in our emails). We have the ability to collect data which you may be pseudonymously identified from, including the values of web cookies and mobile device identifiers. We retain data relating to your usage of the Website, including the pages that you view and in some cases information about how you clicked to visit the Website. about your internet connection, and the software or equipment that you use to access our Website. When you visit our website, a record of your device’s IP address is retained which is used pseudonymously in order to determine website and page visitors. For more information on how we use online identifiers or cookies please visit our cookies policy |
Automatic data collection for operating the website
The information wedo this by emailing us at [email protected] or writing to us at the address noted above.
Rights for Data Subjects in the European Union
If you are an EEA Resident and would like to make enquiries about your rights or this Privacy Policy, please contact our EU Representative at [email protected] Alternatively, they can be reached by post (The DPO Centre, Alexandra House, 3 Ballsbridge Park, Dublin, D04C 7H2) or +353 1 631 9460. www.dpocentre.com.
10. Queries and Complaints
Verb Brands Limited has a dedicated representative who can be approached for any questions, comments and requests regarding this privacy policy or our Data Privacy Management System. Our Group Data Protection Officer welcomes communication around our policies and practices at [email protected] If you’re not satisfied with our response, or believe we’re not processing your personal data in accordance with the law, you can approach the UK regulator for further guidance at www.ico.org.uk/concerns.
This Privacy Policy applies to all personally identifiable Data Verb Brands Limited processes. By using the Website and our services, your information may be transferred to, stored, and processed in and between the United Kingdom, the United States of America, the European Union and any other country or region of the World. The Website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of those other sites. We encourage our users to be aware when they leave our Web collect automatically is grouped by its purpose into one of three categories, either:
Operating the Website includes for the purposes of
- delivering its pages;
- allowing you to participate in any interactive features on our Website;
- processing and logging your requests;
- maintaining the Website and resolving any technical issues that may occur in its operation;
- investigating and preventing illegal activities; and may include
- personalising the Website for you including by processing and recording the pages you request as you land on them and navigate between them;
- logging information about the software and equipment you use to request pages;
- storing information about your preferences, thus allowing us to customise the Website according to your individual interests; and
- recognising you when you return to our Website.
Automatic data collection for measurement
Measurement includes for the purposes of:
- improving our Website’s technical performance (for example, the speed with which its pages are loading for its visitors);
- improving its content performance (for example, where unpopular content may be revealed as having been produced poorly than normal, or reflect the changing needs of our visitors);
- testing new versions of the Website (wholly or partially) on a sample of its audience, and measuring the differences in performance between the versions. This involves the storage of information about which version of the website you’ve seen. Measurement rarely involves the study of any individual, but statistical techniques in measurement do rely on personal data. Automatic data collection for advertising Advertising includes for the purposes of collecting information about your online activities on the Website and across third-party websites or other online services so that:
- Verb can notify you about changes to any products or services we offer or provide;
- Verb can show advertising;
- this advertising may be shown to you and personalised in relation to your previous behaviour;
- Verb can measure the delivery and performance of the advertising it places; and
- Verb can use reporting on the Website’s visitors, including using data collected from across third-party websites, to inform marketing plans and decisions.
3. Verb’s Legal Basis for Processing
Before processing any personal data, we ensure that at least one lawful basis under GDPR is met. We will not disclose personal data for any purpose other than what the data was originally collected for; unless there is an overriding legal basis that enables this processing.
We may collect, hold, use and disclose the information collected to compile statistical data and to maintain our database; to develop or improve our website; respond to any queries; notify you of any upcoming marketing, training or other events that we think may be of interest to you; provide you with publications; manage quality control and compliance issues; manage systems administration; provide you or your organisation with advice; notify you about important changes or developments to our services; contact you for your views on our services or to determine the suitability for employment.
We may also process your personal data in the following circumstances:
To Perform Our Service Under the Contract: | We use ‘performance of a contract’ to process information in order to support and maintain our existing or potential contractual relationships and our internal employee data. We may process personal data in order to provide various supporting client services, take payments and to make improvements to our website. |
As part of our Legitimate interests: | The lawful basis which we often rely on to process data for the duration of servicing on your account and for the decision to enter an initial or any subsequent contract is under our ‘legitimate interests’. Ensuring our administrative functions and IT systems are secure and robust against unauthorised access also falls under this basis. We may record calls made to our staff members including internal, inbound or outbound calls using this lawful basis. We have a ‘legitimate interest’ to process data which may assist us with the establishment, exercise or defence of legal claims. In some cases, and to facilitate our ‘Legitimate Interests’ we will collect data about you from third parties, such as employment agencies, DVLA, government bodies and former employers when gathering references or data from Credit Reference Agencies. |
Legal Obligations: | Due to the products we offer to companies, we also have a ‘legal obligation’ to validate the status of companies we work with which may involve identifying and verifying individual data subjects as part of our ‘legitimate interests’ to safeguard against criminal or fraudulent activities. We also need to ensure that VAT and premium tax is paid. For more information on how we run checks on companies we do business with, please refer to the below |
Consent: | Where we have obtained your consent, we may target additional marketing towards you for certain products and services. We also may share our data with certain suppliers and third parties by asking for your consent. Where consent is used as the lawful basis for the processing, you will be entitled to withdraw that consent at any time as well as exercise your data privacy rights |
4. Data Sharing: Who Verb may share information with and why
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We will not disclose your Personal Data to any third party except in accordance with this Privacy Policy, however, we may allow other people and organisations to use Personal Data we hold about you in the following circumstances:
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all of our assets, whether as a going concerning or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred. If we, or substantially all of our assets, are acquired or are in the process of being acquired by a third party, in which case Personal Data held by us, about our customers, will be one of the transferred assets.
- To third parties to market their products or services to you if you have not opted out of these disclosures. We contractually require these third parties to keep personal information confidential and use it only for the purposes for which we disclose it to them. For more information, see “What choices do you have about how we use and disclose your information?”. We employ companies and individuals to perform functions on our behalf and we may disclose your Personal Data to these parties for the purposes, for example, for fulfilling orders, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analysing data, providing marketing assistance, providing search results and links (including paid listings and links) and providing customer service. Those parties are bound by strict contractual provisions with us and only have access to Personal Data needed to perform their functions, and may not use it for other purposes. Further, they must process the Personal Data in accordance with this Privacy Policy and as permitted by the General Data Protection Regulation (2016) and the Data Protection Act (2018).
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
- If we have been legitimately asked to provide information for legal or regulatory purposes or as part of legal proceedings or prospective legal proceedings.
- From time to time, these other people and organisations (Verb suppliers) to whom we may pass your Personal Data may be outside the European Economic Area. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy and the General Data Protection Regulation (2016) and the Data Protection Act (2018).
Verb’s Data Processors
Verb uses these data processors to assist with the safeguarding, storage and processing your personal data.
Relationships with our clients and customers
- HubSpot
- GSuite
- Office 365
- Amazon Web Services
- Google Cloud Platform
Measurement
- Google Tag Manager
- Google Analytics (but not its “Advertising Features”)
Advertising
- Google Analytics (including its “Advertising Features”)
- Google AdWords
- DoubleClick
5. Data Transfers: Where Verb may Transfer your Data to
Personal data will only be disclosed on a confidential basis to external service providers so that they can provide services such as financial, technological or administrative assistance. When we share data with an external third party; these operations are governed by a Data Processing Agreement (DPA) or other relevant contractual terms and we perform regular due diligence on any external companies we work with to ensure that high levels of data integrity are maintained.
Any transfers taking place outside the EEA are only permitted with the provision of an Adequacy decision, Standard Contractual Clauses (SCC’s/IDTA’s) or any other lawful transfer mechanism. Where necessary, we may need to share data with external organisations such as law enforcement, regulatory bodies, fraud prevention agencies, partners or advisors. Before any data is shared, we ensure that all technical and organisational controls are firmly in place and a Data Protection Impact Assessment is undertaken, where applicable, if the sharing or transfer is considered high risk. We do not sell your data to any third parties.
6. Data Security: Data Transfers and Security Protocols
We have a dedicated Information Security team who are in place to offer protection across all our networks and IT assets to assist with data security and data loss prevention. All our systems are robustly secured and follow industry standards that champion safe information security processes in business. We also have a specialised Incident Response Team on hand to respond quickly to any data related issues including the prevention and detection of cyber criminals. For our UK and Irish clients, cloud providers we use have servers based within the UK and EEA jurisdictions. As a company we promote a ‘paperless’ culture where possible.
We have strict security measures to protect Personal Data. We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.
We maintain physical, electronic and procedural safeguards about the collection, storage and disclosure of personally identifiable customer information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
If you communicate with us using the internet, we may occasionally email you about our services and products. When you first give us Personal Data through the Website, we will normally give you the opportunity to say whether you would prefer us not to contact you by email. You can also always send us an email (at the address set out below) at any time if you change your mind.
Please remember that communications over the internet, such as emails and web mails (messages sent through a website), are not secure unless they have been encrypted. Your communications may go through several countries before they are delivered – this is the nature of the internet. We cannot accept responsibility for any unauthorised access or loss of Personal Data that is beyond our control.
These third-party websites and advertisers, or internet advertising companies working on their behalf, sometimes use technology to send (or ‘serve’) the advertisements that appear on the Website directly to your browser. They automatically receive your IP address when this happens. They may also use cookies, JavaScript, web beacons (also known as action tags or single-pixel gifs), and other technologies to measure the effectiveness of their ads and to personalise advertising content. We do not have access to or control over cookies or other features that they may use, and the information practices of these advertisers and third-party websites are not covered by this Privacy Policy. Please contact them directly for more information about their privacy practices. In addition, the Network Advertising Initiative offers useful information about internet advertising companies (also called ‘ad networks’ or ‘network advertisers’), including information about how to opt-out of their information collection.
We exclude all liability for loss that you may incur when using these third-party websites.
7. Data Security: How verb keep information secure and deal with security incidents
Group only keep your data for as long as necessary, unless there is an overriding legal ground. We will not retain data if it is deemed unlawful to do so. Data may be held for purposes relating to the establishment, exercise or defence of legal claims which the group or our clients may face. Where we represent you in any legal case, we retain the data for seven years from the conclusion of the litigation case. We will also typically keep data concerning your account for at least seven years from the date you end your contract with us. Some data may be deleted before this time depending on the category of that data in line with our commercial legitimate interests and retention schedule, for example, data provided to us during an unsuccessful job application will be retained no longer than 12 months after the recruitment exercise. Personal data that is no longer necessary is deleted securely in line with Verb’s Data Disposal Policy. Our Data Retention and Data Disposal policies are available upon request.
8. Data Retention: How long Verb may keep your data for
Verb adheres to the retention periods set out at Group level (Croud Group) and will only keep your data for as long as necessary, unless there is an overriding legal ground. We will not retain data if it is deemed unlawful to do so. Data may be held for purposes relating to the establishment, exercise or defence of legal claims which the group or our clients may face. We will also typically keep data concerning your account for at least seven years from the date you end your contract with us. Some data may be deleted before this time depending on the category of that data in line with our commercial legitimate interests and retention schedule, for example, data provided to us in the course of an unsuccessful job application will be retained no longer than 12 months after the recruitment exercise. Personal data that is no longer necessary is deleted securely in line with Verb’s Data Disposal Policy. Our Data Retention and Data Disposal policies are available upon request.
9. Your Data Privacy Rights All data subjects have individual rights.
On a case by case basis, you have the following rights in relation to your personal data processed by Verb Brands Limited:
- The right to be informed about how your personal data is collected and used
- The right to request access to a copy of any personal data that we hold about you
- The right to rectify personal data we may hold which is identified as incorrect or misleading
- The right to erasure of any personal data; also known as ‘the right to be forgotten’
- The right to restrict further processing of your personal data
- The right to data portability where technology allows us to send personal data onto a new controller
- The right to object to the processing or certain processing activities
- Rights in relation to automated decision-making including profiling.
Please be aware that the rights listed in this section only apply to individuals and cannot be used to request data relating to business entities. Please be aware that your rights of access do not automatically entitle you to physical or digital copies of any documentation we hold.
Verb Brands is part of the ‘Croud Group’ and we refer all Data Privacy matters our Data Protection Officer (DPO) at group level. Please head to the footer of this notice for further information on Croud. You can ask us for a copy of this Privacy Policy and of any amended Privacy Policy by writing to the above address or by emailing us at [email protected] If you would like access to the Personal Data that we hold about you, you can site and to read the privacy statements of any other site that collects personal data.
Verb Brands Limited is registered under company number 07828770. Our registered office is at Cannon Place, 78, Cannon Street, London, EC4N 6AF.
Verb Brands Limited forms part of the ‘Croud Group’ also known as Croud Inc Ltd, Croud Inc. and Croud Australia Pty. Ltd. (“Croud”). Croud Inc Ltd is registered under company number 07542498 with registered offices at Cannon Place, 78, Cannon Street, London, EC4N 6AF. You can access Croud’s privacy policy here.
We may amend this Privacy Policy from time to time without notice to you, in which case, we will publish the amended version on the Website. You confirm that we shall not be liable to you or any third party for any change to this Privacy Policy from time to time. It is your responsibility to check regularly to determine whether this Privacy Policy has changed.
For EEA Residents: Please contact our EU Representative at [email protected]. Alternativ
©Verb Brands Limited 2022