Privacy Policy

This Privacy Policy explains how and why we, Business Navigation Services, process any personal data we collect about you when you:

  • interact with us;
  • use our public website. and any Business Navigation Services cloud website set up for your use of our services supplied to you (collectively, “Our Sites”);
  • receive our services or publications (“Services”); or otherwise (including in those ways described throughout this Privacy Policy).

Our privacy practices reflect applicable legal requirements, including the General Data Protection Regulation, or the GDPR (“Applicable Data Protection Law”).

Please read this Privacy Policy together with any other privacy policy that we may provide on specific occasions when we are collecting or processing personal data about you, so that you are aware of how and why we are using your personal data. This Privacy Policy supplements the other notices and is not intended to override them.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us using the details set out in the “How To Contact Us” section below.

Please note, we reserve the right to amend this Privacy Policy at any time, normally by posting an updated Policy on our website and, where appropriate, notifying to you by e-mail. Please check back frequently to see any updates or changes to this Privacy Policy.

Who we are

Business Navigation Services (collectively referred to as “BNS”, “we”, “us” or “our” in this Privacy Policy) is the controller responsible for the personal data we process about you in accordance with this Privacy Policy.

If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us using the details set out in the “How To Contact Us” section below.

What is personal data?

Personal data is information that relates to an identified or identifiable natural person, this means a human being. Anonymous information, where you cannot find out who the data relates to, is not personal data.

What personal data do we collect about you?

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

Identity Data includes first name, last name, username or similar identifier, title, date of birth.

Contact Data includes billing address, delivery address, email address and telephone numbers.

Financial Data includes bank account and payment card details.

Transactional Data includes details about payments to and from you and other details of products and services you have purchased from us.

Profile Data includes your username and password, purchases or orders made by you, feedback and survey responses.

Usage Data includes information about how you use our website and, products and services.

Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.

This information may be collected either online or offline.

We may collect, use, store and transfer different kinds of personal data about you as set out below:

Information you give us: The information you give us may include your Identity, Contact and Financial Data by filling in forms or corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • apply for our products or services;
  • create an account on any of our Sites;
  • subscribe to our service or publications;
  • request marketing to be sent to you;
  • give us feedback or contact us.

Information we collect about you: With regard to each of your visits to any of Our Sites, we may automatically collect the following information:

  • technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
  • information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website, and Our Sites, (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

What personal data do we collect about you?

We use the personal data we collect about you to:

  1. manage our relationship with you;
  2. to communicate with you in response to enquiries;
  3. to provide you with information about us and our Services,
  4. to provide the Services to you on request, and to fulfil our obligations in respect of the same;
  5. to maintain and administer Our Sites, and for internal operations, including troubleshooting, data analysis and testing purposes;
  6. to improve Our Sites, to ensure that content is presented in the most effective manner for you and for your computer or device;
  7. as part of our efforts to keep Our Sites safe and secure and to prevent fraud;
  8. to personalise your repeat visits to our website.

We do not collect any special categories of personal data about you (which includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  1. Where the processing is necessary for the performance of a request you have made (including a request for one of our Services);
  2. Where we need to comply with a legal or regulatory obligations: (i) to assist the police or other public authority or criminal investigation body (ii) to identify you when you contact us (iii) to verify the accuracy of data we hold about you;
  3. Where the processing is necessary for our legitimate interests and your interests and fundamental rights do not override those interests. Such legitimate interests may include: to correspond or communicate with you i.e. keeping you up-to-date on the latest announcements, updates, developments, market analysis, regulatory compliance, statistical reports, bulletins and information; improving our member, and non-member, relations as well as enhancing and developing our Services, IT systems and processes used to support our Services; to comply with a request from you in connection with the exercise of your rights; for the management of queries, complaints or claims; and for the establishment and defence of our legal rights. 

Please note that we may process your personal data using more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us using the details set out in the “How To Contact Us” section below if you need details about the specific legal ground we are relying on to process your personal data on any given occasion.

Given the specific purposes for which we envisage using your personal data, under the provisions of Applicable Data Protection Law we do not anticipate being required to obtain your consent to do so, save for where we wish to use your personal data to provide you with marketing or information about products and services which may be of interest to you, and we are required by Applicable Data Protection Law to seek your consent before we do so. For more information on this please see the “Marketing” section below.

Should we wish to use your personal data for other specific purposes that require your consent, we will contact you to request this.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by Applicable Data Protection Law.

Cookie Policy

Our website uses cookies to better the users experience while visiting the website. As required by legislation, where applicable this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer / device. 

What are cookies? Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website. 
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit. 

Website Visitor Tracking 

This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. 

Adverts and Sponsored Links 

This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve. 

Clicking on any such adverts will send you to the advertisers website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computers hard drive. Users should therefore note they click on sponsored external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned. 

Downloads & Media Files 

Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti virus software or similar applications. 
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti virus software or similar applications. 

Contact & Communication With us 

Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use. 

Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above. 

Email Mailing List & Marketing Messages 

We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages or unsubscribe from all Mailchimp lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription. 

Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data. 

Our EMS (email marketing service) provider is; [Hubspot] and you can read their privacy policy in the resources section. 

Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media. Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding. 


If you provide your prior consent, or where we are otherwise permitted to do so under Applicable Data Protection Law, we may also use your personal data to contact you by email and mail with details of other products, services, publications and related materials we think may be of interest to you.

You have a right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please contact us using the details set out in the “How To Contact Us” section below.

Please note that where you opt out of receiving these marketing messages, this will not delete any personal data provided to us as a result of another transaction or interaction.

Disclosures of your personal data 

We will not transfer, disclose, sell or distribute your personal data to third parties other than as set out in this Privacy Policy, unless we have your consent or are otherwise required or permitted to do so by Applicable Data Protection Law.

We may disclose your personal data:

  • to third parties, as required for our every day business purposes, to provide you with the Services you request;
  • to analytics and search engine providers that assist us in the improvement and optimisation of the Sites;
  • to third parties in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if Business Navigation Services or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
  • to competent authorities (including tax authorities), courts and bodies as required by law; or
  • to protect the rights, property, or safety of Business Navigation Services and our members and non-members, or for internal investigations and reporting. This may include exchanging information with other companies and organisations for the purposes of fraud protection.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

International transfers

If we are required to transfer your personal data out of the European Economic Area (“EEA”), we will ensure a similar degree of protection is afforded to it by ensuring appropriate safeguards are implemented in accordance with Applicable Data Protection Law, which may include that:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • We will undertake the transfer on the basis of a specific contract approved by the European Commission which gives personal data the same protection it has in Europe (“Model Form Clauses”). For further details, and a copy of the text of these Model Form Clauses see; or
  • Where we use service providers based in the US, we may transfer personal data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

Please contact us using the details set out in the “How To Contact Us” section below if you want further information about the specific mechanisms we use when transferring your personal data outside of the EEA in a given circumstance.

How long will you use my personal data for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

For further information as to any specific retention periods that might apply to personal data we hold about you, please contact us using the details set out in the “How to Contact Us” section.

In some circumstances you can ask us to delete your personal data: see the “Your Legal Rights” section below for further information.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes. If we do that, we may use this information indefinitely without further notice to you. 

Third party websites

Our Sites may contain links to other websites which are operated by third parties and not by Business Navigation Services. We are not responsible or liable for any content on these websites or for any interaction you have with them. This Privacy Policy only applies to our Sites so when you link to other websites you should read their own privacy policies.

Your Legal Rights

In certain circumstances, you have rights under Applicable Data Protection Law in relation to your personal data. You may have the right to:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new information you provide to us.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the personal data’s accuracy; (b) where our use of the personal data is unlawful but you do not want us to erase it; (c) where you need us to hold the personal data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your personal data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain Services to you and we may need to suspend or terminate your access to Our Sites. We will advise you if this is the case at the time you withdraw your consent. 
  • Complaining to the UK data protection regulator if you are concerned about the way we have processed your personal data. The Information Commissioner’s Office (“ICO”) website sets out further details about how to initiate a complaint.

To exercise certain rights we may ask you to confirm your identity and where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within one month from either (i) the date that we have confirmed your identity or (ii) where we do not need to do this because we already have this information, from the date we received your request.

If you wish to exercise any of the rights set out above, please contact us using the details set out in the “How To Contact Us” section below.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Changes to our Privacy Policy

We keep our Privacy Policy under regular review and we will place any updates on this webpage. This Privacy Policy was last updated on 18th March 2021.

How to contact us

Please contact us if you have any questions about our Privacy Policy or information we hold about you:

by email:

or write to us at: Building LO14, University of Reading, London Road, Reading, Berks RG1 5AQ

Telephone +44 (0)330 223 4329