Begini (referred to as “We, “Our” or “Us”), is committed to protecting the privacy and security of your personal information. We take care to protect the privacy of our clients and their staff/customers, our suppliers/partners and their staff, investors and all other users or parties that otherwise interact with us or use our website.
We have therefore developed this privacy notice to inform you of the data we collect, what we do with your information, what we do to keep it secure as well as the rights and choices you have over your personal information.
We may provide additional privacy notices to you at the time we collect your data. For example, we provide additional privacy information to prospective job applicants when they apply for a job with us. Such notices will govern how we process the information you provide at that time. Our recruitment notice can be found here:
Throughout this document we refer to Data Protection Legislation, which means the Data Protection Act 2018 (DPA 2018), United Kingdom General Data Protection Regulation (UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. Where data is processed by a controller or processor established in the European Union or comprises the data of people in the European Union, it also includes the EU General Data Protection Regulation (EU GDPR). This includes any replacement legislation coming into effect from time to time.
Depending on your location, additional legislation might also apply. Begini will process your personal data in accordance with Data Protection Legislation as defined above but will take account of local variations in the law where we are required to do so.
Begini is the controller for the personal information we process as identified in this privacy notice.
For the avoidance of doubt, this privacy notice does not apply to the extent that we process your personal data in the role of a processor or service provider for our partner or client organisations. For example, a financial institution may use our platform to carry out a credit assessment on you. While we will of course process your data in accordance with our usual high standards in security, technology and data protection by design and by default in such circumstances, our partner or client will be the controller and so you should refer to their privacy notices for details of how your data is processed. We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this notice.
We are registered with the Information Commissioner’s Office (ICO) with registration number ZB307789.
We have appointed a Data Protection Officer (DPO) as part of our wider Data Privacy Team, to help us monitor internal compliance, inform, and advise on data protection obligations, and act as a point of contact for you (data subjects) and the ICO.
For further details on how you can contact us and our DPO, please see the contact us section below.
We only collect personal information that we know we will genuinely use and in accordance with the Data Protection Legislation. The type of personal information that we will collect depends on the nature of the relationship that we have with you. We may collect the following:
We may also process performance data relating to customers’ transaction and repayment data, which helps indicate a customer’s compliance with or breach of the terms of the products or services that are provided by our client to the customer that have been enabled by our services. This data will be psuedonymised prior to being shared with us.
In most instances, you are under no statutory or contractual requirement or obligation to provide us with your personal information; however, we will often require elements of the information above in order to provide our services to you in an efficient and effective manner.
In most instances we collect personal information directly from you, for example through online forms, questionnaires, phone conversations, emails, in person (at conferences, workshops, seminars or events). In other instances, we may collect personal information indirectly from clients, partners and so . Alternatively, we may interact with you through third-party websites, such as LinkedIn.
We only process, store or transfer your personal information when we have a lawful basis for doing so. The legal bases we rely on to process the information identified in this notice are as follows:
We may use your data to:
|Processing activity||Lawful basis|
Contact you, following your enquiry, reply to any questions, suggestions, issues, or complaints you have contacted us about.
Communicate with you and send B2B marketing communications, including where you have attended events or webinars. See also section 7 of this notice.
|Meet our high security standards in managing your personal data, our systems and our website.|
|To enable us to improve our products and services|
|To provide appropriate levels of support to our clients.|
|To maintain comprehensive and up to date records and for general administrative purposes.|
Negotiate and/or enter into and/or fulfil a contract with you, or the organisation for which you work.
|Contractual Obligation (when the contract is with you) or Legitimate Interest (when the contract is with the organisation for which you work)|
|Fulfil pre-contractual steps, such as supplier questionnaires, as part of our onboarding process.|
Comply with applicable laws, lawful requests, and legal process, where appropriate/necessary.
Comply with regulatory monitoring and reporting obligations, where appropriate/necessary.
In our capacity as a controller, we do not actively collect for any of the purposes described in this policy. If for whatever reason we need to collect such data, you will be informed at the time of collection and it will only be done so with your explicit consent or in line with other lawful purposes under the Data Protection Legislation.
In addition, we may create anonymous, aggregated, or de-identified data from your personal information and other individuals whose personal information we collect. We do this by excluding information that makes the data personally identifiable to you and use that anonymous data for research purposes.
We may share your personal data with trusted third-party organisations and only where necessary to provide our services or to achieve the purposes outlined in this privacy notice. This may include:
We only share your data with data processors that can provide sufficient guarantees that they will process your data securely and in accordance with Data Protection Legislation. Our data processors cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors which must process your personal to the same high standards.
Begini is based in the UK. Whenever we transfer your personal information outside of the UK to countries not deemed by the ICO (and/or European Commission as relevant) to provide an adequate level of personal information protection, the transfer will be based on safeguards that allow us to conduct the transfer in accordance with the Data Protection Legislation, such as the specific contracts approved by the ICO (or European Commission as relevant) providing adequate protection of personal information.
This ensures that any data processed by our staff or third parties outside of the UK is still protected to the same high data privacy standards.
For more information regarding these transfers please contact us using the details below.
As a business contact, we will send you relevant news about our services in a number of ways including by email, but only if we have a legitimate interest to do so. Marketing communications will be sent from our own domain.
Each email communication will have an option to object to the processing, if you wish to amend your marketing preferences, you can do so by following the link in the email and updating your preferences or by contacting us using the details below.
We make every effort to ensure that we only send such communications to those acting in a business capacity and do not send such materials to consumers via personal email addresses if it is clear they are not acting in such a .
You have a number of rights with regard to the personal data that we hold about you and can contact us with regard to the following:
You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through this and other privacy notices. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.
You have the right to access the personal information that we hold about you by making a request. This is referred to as a ‘Data Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within one month from when your identity has been confirmed.
If any of the personal information we hold about you is inaccurate, incomplete, or out of date, you may ask us to correct it.
You have the right to object to us processing your personal information for particular purposes or have its processing restricted in certain circumstances.
You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.
The right to portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used, and machine-readable format. It also gives them the right to request that a controller transmits this data directly to another controller.
An automated decision is one that is made by our systems rather than a person. Under Data Protection Legislation, you have the right to express your concerns and object to a decision taken by purely automated means. You also have a right to request that a person review that decision. This right is unlikely to apply to Begini’s use of your data, as we in the capacity of a data controller. Any such processing that we do in a processor capacity includes human intervention which means decisions are not made automatically. If you would like to discuss this in further detail, please contact us as set out below or the data controller, as relevant.
If you would like to exercise any of your rights specified above, please email us using he contact details at the end of this notice. We may ask for proof of identity and sufficient information about your interactions with us so that we can locate your personal information.
We aim to respond to fulfil your request within one month from the date that it is made. If your request is complicated or if you have made a large number of requests, it may take us longer. We will let you know if we need longer than one month to respond. You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
The ICO regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as ourselves are available publicly. You can access them here https://ico.org.uk/for-the-public
You also have the right to make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first (using the contact details below). Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.
We will retain your personal information in order to provide you with a high-quality service, in accordance with Data Protection Legislation and for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means.
In some circumstances we may anonymise your personal information (so that it can no longer be associated with you).
When using our websites, you may be able to share information through social networks like and LinkedIn. For example, when you ‘like’, ‘share’ or review our Services. When doing this, your personal information may be visible to the providers of those social networks and/or their other users. Please remember it is your responsibility to set appropriate privacy settings on your social network accounts, so you are comfortable with how your information is used and shared on them.
Data security is of great importance to Begini and to protect your data we have put in place suitable physical, electronic, and managerial procedures to ensure it is safeguarded and secure.
While we do not wish to outline all of the intricacies involved in our security programme, for obvious reasons, we do take security measures to protect your information including:
For more information on how we manage your data securely, please contact us using the contact details below.
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy notice, be permitted to use that data only for the purposes for which it was originally collected by us.
We may change this privacy notice from time to time (for example, if the law changes). We recommend that you check this notice regularly to keep up to date.
Please be aware that the website may link to other websites that may be accessed by you. We are not responsible for the data policies, content or security of such sites. We do not have any control over any use of your data by third parties when you visit such sites or otherwise provide your data through these channels.
If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this notice or the way your personal information is processed, please contact us by one of the following means:
By email: privacy_at_begini.co
6.5 Kiln House,
Norwich NR2 1DX
Thank you for taking the time to read our privacy notice.
This notice was last updated on 26th May 2022