Privacy Policy
- Allow users to easily access and update their own data
Having accurate information about our users helps create a smooth customer experience.
We will provide mechanisms where we can to give our users access to information related to their account and other interactions with Smart Hippo. We want our customers and users to be able to easily correct that information if it is wrong or out of date.
Smart Hippo helps companies improve their business performance. working with global leaders in commercial data and analytics, we glean insight from data to enable our customers to connect with the prospects, suppliers, clients and partners that matter most. Companies of every size rely on Smart Hippo to help them manage risk and reveal opportunity Smart Hippo business database contains more business records. Some of the information we collect may be classified as “personal data” under European Union (EU) law as it is information relating to an individual (e.g. a sole trader, a partnership, a company director, a beneficial owner, a trustee, a professional contact etc). This privacy notice provides the information we are required to give in relation to the processing of personal data under EU law.
This privacy notice is produced in accordance with the General Data Protection Regulation 2016/679 and applies to all Smart Hippo companies registered in the EU and those outside the EU when they carry out business information activities on residents of the EU or offer goods or services to businesses in the EU. The Data Protection Officer for Smart Hippo can be contacted on info@smarthippo.org
What Information Do We Collect and Why?
Smart Hippo processes data so that it can supply commercial data about organisations to other organisations and individuals . The purpose of this processing is to enable businesses and individuals to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations and better understand organisations, industries and markets.
We also licence or sell professional business contact information for marketing and data management purposes.
Therefore we collect information on businesses and business professionals. This is our “Commercial Data” and includes the following examples:
- Company and business professional contact information, including name, job title, address, phone number, fax number, e-mail address, domain names, and trade associations;
- Detailed company profiles and statistics, including number of employees;
- Background information regarding company management, such as beneficial ownership/persons of significant control, the educational and career histories of company principals;
- Company operational histories, including territories, subsidiaries, affiliates, and lines of business;
- Detailed trade and business credit information, including payment histories and patterns;
- Business information regarding profitability, debts, assets, net worth, and business relationships;
- Business compliance information from public source government and professional records, media and business publications;
- Newspaper and media reports of criminal convictions
Smart Hippo does not seek to collect any information in relation to race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, genetic or biometric data.
Our data originates from:
- Organisations providing information directly to us
- Creditors and suppliers of an organisation
- Data vendors
- Governmental and administrative public records such as business registrations, company filings, court and bankruptcy filings
- Public sector information (e.g. Charity Commission, Company Registrars)
- Regulatory bodies and law enforcement agencies
- Smart Hippo World Wide Network Partners
Unless our customers have explicitly agreed otherwise, we do not obtain personal data from the data our customers supply us with in order to provide them with a service. Data that our customers have provided us with in order for us to provide a service to them is processed in accordance with the “Handling Customer’s Data” section below.
Who do we share this information with?
We share our Commercial Data (and that may include personal data) we collect with:
- Worldwide Network Partners – independent business information providers across the world with whom we have entered into commercial agreements to help achieve a leading competitive position internationally in providing business information.
- Customers – businesses and organisations with whom we enter into agreements to licence or access our data. Our customers enter into agreements or licences with us because they wish to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations, better understand organisations, industries and markets or carry out direct marketing.
- Resellers – we licence information to authorized resellers and third party businesses for reselling.
- Service providers – such as credit card processors, auditors, advisors, consultants, live help/chat providers and contractors, in order to support Smart Hippo websites and business operations. We contractually require these recipients to only use personal data for the intended purpose of the disclosure and that they destroy or return it when it is no longer needed.
We may also disclose personal data:
- As required or appropriate in order to protect our website, business operations or legal rights, or in connection with a sale or merger involving Smart Hippo assets or businesses. (In the event that Smart Hippo is purchased or sells parts or all of the business, the information collected will be considered an asset that can be transferred).
- To a court, tribunal administrative authority law enforcement agencies, regulatory authorities or government agencies. (If based in a country outside the our jurisdictions we would only comply with such a request if there was an international agreement (such as a mutual legal assistance treaty) in place.)
Profiling
We use the information we obtain in order to produce scores and ratings such as Smart Hippo’s Failure and Delinquency Scores, the Smart Hippo Rating, Smart Hippo’s Maximum Credit and the Smart Hippo Payment Score. We may also carry out customised profiles for our customers. We use highly developed scoring models and algorithms, based on previous similar circumstances, adverse events and economic forecasts to produce a score.
We recommend to our customers how to interpret and use our scores. Our customers may choose to use our scores alone or combine the scores with other information available to them. Their decision making will be based around whether to insure or market to, extend credit, acquire, trade or partner with a business. Our scores predict whether a business is likely to continue trading, pay its bills on time, receive credit, whether they would be likely to purchase a product or service, where they benchmark within their industry or whether they are subject to any specific risks. We do not make any decisions about an organisation – we do not hold blacklists and we do not tell our customers whether to trade with an organisation.
International transfers
We transfer personal data to recipients outside the EU and rely on adequacy decisions, data transfer agreements or other EU approved mechanisms for such transfers. Smart Hippo ensures all its customers agree to the Privacy Principles. If you require further information on this please contact the Data Protection Officer on info@smarthippo.org .
Data Retention
Personal data is stored for varying lengths depending on the nature and purpose for which it was collected. We store personal data in line with any applicable statutory minimum periods, and then review it periodically (usually annually) to ensure it is still necessary to be retained for the purpose for which it was collected. Where there is a statutory maximum for which data can be retained, such as County Court Judgements we will delete accordingly on expiration.
Grounds of Processing
In technical legal terms we process personal data under the ground of “legitimate interest”. Smart Hippo legitimate business interest is the supply of commercial data (and the marketing of our business). The purpose of this processing is to enable businesses to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations and better understand organisations, industries and markets. We also licence or sell professional business contact information to authorized resellers or organisations for marketing and data management purposes.
Data Subject Rights
You have the right to request from us confirmation of whether we are processing your personal data, and if so access to that information. Please see the links on the left for further information about how to request access to your information. This may take up to 28 days, however you may be able to obtain specific information about your personal data immediately by contacting Customer Services.
If any of your personal data is inaccurate you have a right to request rectification. We are very keen to ensure the data we hold is accurate and up to date. Please contact Customer Services.
You have the right to object to our processing and/or request it is deleted or restricted. In considering our response we undertake to ensure your interests, fundamental rights and freedoms are properly balanced against our legitimate interests. We will also look at whether it is still necessary to process your data for the purpose it was collected. Please contact Customer Services for more information.
Before we are able to provide you with any information or correct any inaccuracies we may ask you to verify your identity and to provide other details to help us identify you and respond to your request.
Objecting to receiving direct marketing:
We will always observe your objection to receiving either our Smart Hippo marketing or to us passing on your contact details to third parties for their direct marketing purposes: You can either contact Customer Services including the name, business name, address, telephone number and email address that you wish to have excluded, or you can do this yourself by following these links:
You are also able to contact Smart Hippo data protection officer at any time on EUDPO@dnb.com.
Additional rights In relation to credit reporting
Statutory Report
If your organisation is unincorporated (e.g you are a sole trader) or a small partnership (up to 3 partners) you can obtain a copy of your credit report based on the information we hold about you. Again we may ask you to provide certain information to allow us to identify your file. This privacy notice applies to how we collect and how we use the information you provide to process your application for a statutory credit report.
Notice of correction
Any organization can ask us to correct, remove or amend any information on their report by contacting Customer Services. We will contact you within 28 days of receiving your email to let you know that we have either removed or amended the entry, or taken no action. If we have amended the file, we will provide you with a copy of your amended entry.
Within 28 days of us contacting you, you may contact us again to ask us to add a notice of correction to your file (unless we have told you we have removed the incorrect entry from your file). If you want to do this, you will need to send us your notice of correction (up to 200 words). We will then confirm receipt and let you know that we will add the notice to the file. If you do not hear from us within 28 days, or we think it would be improper to publish the notice of correction (for example, because it is incorrect), then either you or we may apply to the Financial Authority (if you are a sole trader, small partnership or unincorporated association) or the Information Commissioner, (where the error relates to personal data about an individual) as appropriate, who may order as they see fit. There is a statutory fee and prescribed form for this.
Please click here for complaints relating to our credit scoring.
Handling our Customers’ data
Sometimes our customers provide us with their business data, such as their customer, supplier or prospect data – which may contain personal data – in order for us to provide them a service. In these instances we are the processor of any personal data contained in their data. Different parts of the GDPR apply when we act as a processor and we take these obligations very seriously. The above notice does not apply to our data received from our customers as this does not become Smart Hippo data (unless the customer has expressly agreed to this). We handle the data our customers provide us in strict accordance with the agreement found here – and only for the purposes of this agreement.
Updating this Privacy Notice
We strive for continuous improvement in our services, processes and protecting data subject rights. We will therefore update this privacy notice from time to time. Therefore, we advise you to check this notice on a regular basis, or if requested we will send it to you on a regular basis. We are also happy to provide previous versions of this Notice on request.
Complaints
All complaints or concerns and appropriate resolution relating to the practices of handling personal information will be logged. Any complaints of this nature should be made to Customer Services or the Data Protection Officer at info@smarthippo.org at:
You also have the right to lodge a complaint with a data protection supervisory authority.
For all other complaints, including complaints relating to credit scoring please see here https://www.dnb.co.uk/customer-complaints.html
2 August 2018
In General.
Who we are
We are a Business Directory Our website address is: https://smarthippo.org.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Industry regulatory disclosure requirements
ZICTA