Privacy Policy


This privacy notice explains what personal data we collect, why and how we collect it, what we do with it and how long we keep it for. 

We are committed to protecting your personal data and we only collect personal data which is relevant to the work being undertaken for you. 

We may change this policy from time to time.  You should check this page on our website to check whether you are happy with how we handle personal data.

This policy is effective from May 2018.

Who are we?

BIC Innovation Limited is a limited company registered in England & Wales under company number 05092027.  We work with businesses to help them achieve their growth potential.  We work with businesses either directly or through the delivery of public sector funded support programmes. 

This privacy policy applies to BIC Innovation Limited.

If you have any questions about this privacy policy, or any other data protection queries, please contact our Data Controller at

What is personal data?

Personal data is “any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”.  This means, any information about you that enables you to be identified.  It covers obvious information such as your name, email address, and contact details as well as other forms of data. 

What personal data do we collect?

  1. We collect, use, store, process and transfer basic data about you and your company in order to carry out our services and/or deliver public sector funded programmes relevant to your business.  The type of information we collect includes:
  2. Your name, job title, business email address, contact telephone numbers (landline and/or mobile), company name, company size, approximate annual turnover (including export turnover where relevant), industry sector, web address
  3. Payment details including bank details or credit card details for payment of services
  4. We may take photographs or film events so we may have your image in our records.  We always pre-warn delegates if we plan to photograph or film an event and attendees will be given the opportunity to give or refuse permission.  Webinars may be recorded. 
  5. As part of any recruitment activities, we may collect and use special categories of personal data as required in carrying out our obligations.  This may include information such as education and employment history, identity, background checks (including appropriate criminal and financial checks and confirmation of the right to work in the UK), references, health, racial origin, religious belief, and offences or alleged offences
  6. Information gathered by the use of cookies on our website – Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a great experience when you use our website and also allows us to improve our website.
    1. This collection of data is used for statistical analysis about our website. Any information shared will not identify who you are, but rather be mathematical data about our visitors and their use on our site. The data does not give out any personal details.
    2. Cookies may be used to gather this general internet data. When used, cookies are downloaded to your computer without prompting. The cookie file is stored on your hard drive, where files are transferred to.  This information helps us improve our site and services to you. All computers can block cookies by activating proper browser settings.  There is a place to enable you to decline cookies under the options menu.  Please note if you decline cookies you may experience limited access to certain areas of our site.
    3. On this website we use as few cookies as possible, store the smallest amount of information that we need, for as short a time as possible and try to only use cookies that are essential to providing you with the Services or to improve your user experience.

Sensitive personal data

We typically do not collect sensitive or special categories of personal data about individuals.  However, we may occasionally collect and process special categories of data such as:

  1. Dietary restrictions or access requirements when registering for events which may reveal religious beliefs or medical conditions/physical health
  2. Information provided to us by our clients in the course of a professional engagement
  3. Personal identification documents such as passport details which may reveal race or ethnic origin

Child data

Our services are not intended for children under 13 years old; therefore we do not knowingly collect information about or from individuals under 13 years of age.  If you become aware that we have been supplied with personal data about a child, please contact our Data Controller at datacontroller ( at )

How do we collect personal data?

  1. We collect personal data from and about you through a variety of sources, including:
  2. When you register for information or newsletters from our website
  3. Enquire, apply for or receive any of our services, including those services delivered on behalf of public-funded business support programmes
  4. Attend our events, webinars, meetings
  5. Request marketing information about our services and delivery programmes
  6. Complete a survey
  7. From third parties such as our public sector partners eg Welsh Government, Innovate UK
  8. When you provide it to us directly as part of our service delivery to you
  9. When you interact with us through social and professional networking sites such as LinkedIn, Twitter. 
  10. We collect information regarding your visits to our website and any resources you used. Information shared will not identify who you are, but rather be mathematical data about our visitors and their use on our site.

How do we use your personal data?

BIC Innovation delivers services directly to clients and deliver support programmes on behalf of public sector bodies.  The personal information you provide us will be used to:

  1. Send you relevant information about services, business support programmes which may be of interest to your business
  2. To ask you to participate in a relevant business survey
  3. Provide our services, advice and deliver reports
  4. Send invitations and provide appropriate access to guests attending our offices, events and webinars.  This includes any events or webinars we deliver on behalf of other parties such as Welsh Government
  5. To make travel arrangements on your behalf, including for example, travel arrangements to participate in overseas trade missions or study tours
  6. To deliver our contractual obligations under the public-sector funded programmes we manage
  7. For statistical analysis to allow us to improve our website.

Our legal basis for processing personal data

We may rely on the following lawful reasons when we collect and use personal data to operate our business and provide our services:

  1. Contract: we may process personal data in order to fulfil our contractual obligations to our clients and public-sector partners
  2. Consent: we may rely on your freely given consent at the time you provided your personal data to us
  3. Legitimate interests: we may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced and does not harm any of your rights and interests.  We would use legitimate interests as a lawful reason to carry out direct business to business marketing delivering industry news and specialist knowledge we believe is relevant and welcomed by our business clients who have interacted with us.  Where we rely on our legitimate interest as a basis for processing your personal data, you can ask us to stop; this includes unsubscribing to the newsletter we send out in the course of our service/programme delivery.  We must then do so, unless we believe we have a legitimate overriding reason to continue processing your personal data such as contractual obligations

Do we share personal data?

We may share personal data with trusted third parties to help us deliver efficient and quality services.  This includes our public sector partners such as Welsh Government, Innovate UK, Local Enterprise Partnerships, academic partners and other programme delivery partners

We may work in collaboration with other reputable third parties to help us deliver services and/or public sector funded programmes.  These third parties will receive the minimal amount of personal data in order for them to complete their part of the service/programme delivery. Our contracts and agreements with them will stipulate that your data should not be used for any other reason. 

We will share personal information with relevant agencies and authorities, and without notice, where requested to do so or where fraudulent/criminal activity is suspected. 

We may make credit checks with reputable agencies if we need to confirm your identity and your credit history.

Almost all of the data we hold about you is stored on secure servers within the European Economic Area (EEA). In the limited circumstances when your personal data may be transferred outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK.

We use Mailchimp to process our email alerts. Mailchimp has staff based outside the EEA, and stores your data in the USA. Mailchimp is certified under the EU-US Privacy Shield framework to ensure that any information you provide is treated just as safely and securely as it would be within the UK and under the General Data Protection Regulation (EU Regulation 2016/679).

Information derived from cookies are shared with Google and used for Google Analytics, which can be held by Google on servers within the EEA or the USA. All actions by Google in relation to the data of persons in the UK are subject to the GDPR and does not show who individual visitors are.

We never sell your personal data to other organisations such as direct marketing agencies. 

How long we will keep personal data?

We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected it, including contractual obligations, legal and reporting requirements. 

Links to other websites

This privacy policy does not cover links within this site linking to other websites.  We recommend you read the privacy notices on the other websites you visit before submitting any personal data on those sites. 

What are your rights?

Under GDPR, you have various rights, including:

  1. The right to be informed about our collection and use of your personal data
  2. The right to access the personal data we hold about you
  3. The right to rectify any inaccurate or incomplete data
  4. The right to erase the personal data we hold about you
  5. The right to restrict or prevent the processing of your personal data
  6. The right to object to the processing of your personal data based on legitimate interests
  7. The right to obtain and re-use your personal data for your own purposes


More information about individual rights under GDPR can be found on the Information Commissioner’s Office website

You can exercise your rights by contacting us on

How often will we change our privacy policy?

We will regularly review this privacy policy and post any updates on this webpage.  This privacy policy was last updated in May 2018.