Introduction

At Brook Intelligence Centre we are committed to protecting personal data and to fair and transparent processing.

Unless we specifically request for information to comply with applicable laws, we ask users to not send or disclose to us any sensitive personal information (e.g. social security numbers, passport numbers, racial or ethnic origin, political opinions, religious or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through this website or otherwise to us.

We may share users’ personal information with our appointed third parties.

We may obtain contact information from public sources such as freely or paid databases, including public content on social media websites, as part of our research services and to make initial contact with a relevant individual at a client or other company.

We will not share personal information outside Brook Intelligence Centre for marketing purposes.

We reserve the right to transfer information, including personal information, to a third party in the event of the sale, merger, liquidation, receivership, or transfer of all or substantially all of our assets, provided the third party agrees to adhere to the terms of this privacy policy and only uses personal information for the purpose that users have provided it to us. Users will be notified in the event of any such transfer and will be allowed to opt-out.

We regularly review this privacy statement and may make changes at any time without giving notice.

Who we are

Brook Intelligence Centre Limited is registered in England with registration number 06449445. Our registered office is Brook Intelligence Centre, Office 4.07 Uncommon - Borough, 1 Long Lane, London, England, SE1 4PG.

How we keep data secure

While no data transmission over the internet or any other network can be guaranteed as 100% secure, we take all reasonable steps to safeguard the personal data we hold and we have in place appropriate technical and organisational measures. These include detailed policies, procedures and training of our people relating to data protection, confidentiality, and information security.

Who we share data with

Law enforcement or other government and regulatory agencies or to other third parties, where we are required by law, the courts or any legal or regulatory authority we are subject to. We will only provide personal data in these circumstances where permitted or there is a legal requirement. While we store personal data on servers within the UK, in line with the above, we may need to transfer personal data outside the UK. This includes to countries that are not recognised by the Government of the UK as providing an equivalent level of protection for personal data as in the UK (also known as having adequacy). Where we do so, we ensure that appropriate measures are in place to comply with our obligations under data protection legislation.

You have a right to:

  • access – you can ask us for a copy of the personal data that we hold on you
  • rectification – if you become aware of any errors or inaccuracies concerning your personal data, please let us know by contacting your point of contact
  • withdraw consent – where we process personal data based on consent, you have a right to withdraw consent at any time. To stop receiving direct marketing emails from us, please click on the unsubscribe link. For any other withdrawals of consent please contact us
  • erasure/deletion – you can ask us to erase or delete your personal data when we no longer need it for the purposes it was obtained
  • data portability – you can ask for your personal data to be sent to you or to another organisation
  • restrict or object to our processing - you can ask to restrict or object to our processing of your personal data (e.g. removal from a marketing subscription list).

If you wish to exercise any of your rights, please contact us.

Who to contact

If you have any questions about this privacy statement, wish to complain about our use of personal data or exercise one of your rights, please send your correspondence to: info@brookic.com.

You also have the right to report concerns or make complaints to the Information Commissioner's Office (ICO). For more information on your rights and how to contact the ICO, please refer to their website.

How and why we may process personal data

Business clients (and individuals associated with them)

We only ask our clients to share personal data with us where it is necessary in order to provide our services or other agreed purposes. We rely on our clients providing any necessary information to the individuals whose data is shared with us regarding its use.

Generally for our services we do not expect our corporate and business clients to share special categories of personal data (defined as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sex life or sexual orientation) and criminal records. Where this is the case, we rely on our clients having gained the explicit consent of individuals, it being a legal obligation or other lawful basis.

Typically, we collect personal data directly from our clients or from third parties acting on their instructions (e.g. their name, current and past employers, date of birth, and country of domicile). 

We use such personal data collected for the following purposes:

  • Providing professional services - we offer many different services to our clients (e.g. profiling a company and its key contacts) and many of these services require us to process personal data to give advice and deliver reports to our clients, including for producing biographies and running press news, including adverse press checks but which are all sourced from publicly available data sources, including media databases, and internet searches.
  • Managing our business - in order to run our business effectively we will need to process personal data for multiple reasons, including managing our client relationships, developing our business and services, hosting events, and to manage and administer our website, IT systems and applications.
  • Providing information about our services - we will use business contact details to provide information about us, our services and activities, including events that we believe will be of interest.

Suppliers (and individuals associated with our suppliers)

We only process personal data about our suppliers (this includes subcontractors and any individuals associated with them) where it is necessary for us to receive goods and services, contract, manage our relationship and help provide services to our clients (where relevant).

We use personal data in these circumstances for the following purposes:

  • Providing professional services - where a supplier helps us to deliver services to our clients, we process the personal data of its people involved to help manage our relationship and to deliver those services to our clients.
  • Managing our business - in order to run our business effectively we will need to process personal data for multiple reasons, including managing our client relationships, developing our business and services, hosting events, and to manage and administer our website, IT systems and applications.
  • Quality, risk and security management systems: to protect our information and our clients’ information (including personal data), we use security measures (e.g. automated scanning of emails to identify threats). We monitor the services we provide to our clients for quality purposes this involves processing personal data held on the relevant client file. As a part of our supplier and third party take-on procedures we will process personal data obtained from publicly available sources (e.g. adverse media databases, and internet searches) to identify any risks relating to organisations and associated individuals that may prevent us from engaging with a supplier or third party.

Client or prospective client contacts

Using a customer relationship management system (CRM) we process personal data about contacts, these are existing clients, prospective clients and individuals connected with them. This personal data includes name, employer identity, job title and business contact details.

Typically, we collect the personal data directly from the individuals themselves or from public sources such as public registers, social media and professional networking sites, news articles and internet searches.

Such personal data will be accessible to our people and used for the following purposes:

  • Developing, managing, and administering our business
  • Providing information about us and the services we provide
  • Identifying the business needs of our clients or prospective clients

Our people

Employees – we will process personal data about you during and after your employment with the company in line with our legal and regulatory obligations and our contract with you. For more information please refer to your employment contract.

Temporary workers – we will process personal data about you during and after the period you work for the company in line with our legal and regulatory obligations and our agreement with you or your agency. For more information please refer to your agreement.

Contractors

Contractors – we will process personal data about you during and after the period you provide the services to the company in line with our legal and regulatory obligations and our services agreement with you or your employer. For more information please refer to your services agreement.

Recruitment

For the purpose of Brook Intelligence Centre’s recruitment activities, we will collect the following personal data about you:

  • Contact details (name, address, email, telephone number)
  • Details of your qualifications, skills, experience, employment history
  • Information about your expectations and eligibility to work in the UK

We may ask for additional personal data (including special categories of personal data and criminal records) during your application or after we have made an offer, we will explain why and how it will be processed when we request the information.

Most of the personal information we collect will be provided directly by you, however, we may also collect personal data about you from third parties including:

  • Publicly available data (e.g. LinkedIn)
  • References
  • Background screening checks
  • Recruitment agencies

We use your personal data for the following purposes:

  • to potentially enter into an employment contract with you
  • provide information to you about other employment opportunities with us
  • using publicly available data (e.g. LinkedIn, job websites) to conduct market research and identify talent
  • manage the recruitment process, assess and confirm suitability for employment
  • comply with legal obligations

Marketing information

Personal information that we may collect from users (without limitation), include identifiers such as name, other online identifiers (email address, etc.), or mobile number if used for direct marketing.

We collect personal information which users provide when they use the website to subscribe to the services offered by us. When a user sends us an email, we may collect personal information that he / she freely supplies to us. We may also collect personal information that users post publicly on our website.