Privacy Policy

Acknowledgement of Our Privacy Statement

View the most recent articles, insights, and development experiences related to Digital Technologies, Businesses, software development , and Web Development.

1. Introduction and Overview

This Privacy Policy explains how Evident BD Ltd ("Evident BD", "we", "our", or "us"), registered in England and Wales (Company Registration No. 13017375) with its registered office at 620 London Road, Grays, RM20 3HX, United Kingdom, collects, uses, shares, and protects personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to all personal data processed through:

  • Our website (www.evidentbd.com)
  • Our business intelligence and analytics services
  • Our software development and IT services
  • Our client interactions and business operations

2. Data Controller Information

Evident BD Ltd acts as a data controller for personal data collected through our website and business operations, and as a data processor for client data processed through our business intelligence, analytics, and software development services.

  • Data Protection Officer Contact Information:
    • Data Protection

3. Categories of Personal Data We Process

3.1 Website Visitor Data
  • Technical Data: IP addresses, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
  • Usage Data: Page views, navigation paths, time spent on pages
  • Cookie Data: Session cookies, analytics cookies, functionality cookies
3.2 Business Intelligence and Analytics Services Data
  • Client Business Data: Business metrics, performance indicators, analytics data
  • End-User Behavioral Data: Usage patterns, interaction metrics, performance analytics
  • Technical Implementation Data: System configurations, user preferences, access logs
3.3 Software Development Services Data
  • Development Environment Data: Code repositories, testing data, deployment configurations
  • Client Application Data: User accounts, system logs, performance metrics
  • Technical Support Data: Issue tracking, maintenance logs, update records
3.4 Business Operations Data
  • Client Contact Information: Names, email addresses, phone numbers, job titles
  • Contract Information: Agreement details, service specifications, project requirements
  • Financial Data: Payment information, invoice details, transaction records

4. Legal Bases for Processing

We process personal data under the following legal bases:

4.1 Contractual Necessity
  • Providing contracted services
  • Managing client accounts
  • Delivering project deliverables
  • Processing payments
4.2 Legitimate Interests
  • Improving our services
  • Ensuring security of our systems
  • Marketing our services to business clients
  • Analyzing website performance
4.3 Legal Obligations
  • Complying with tax requirements
  • Maintaining business records
  • Meeting regulatory requirements
  • Responding to legal requests
4.4 Consent
  • Marketing communications
  • Optional cookies
  • Newsletter subscriptions
  • Feature optimization

5. Data Processing Practices

5.1 Data Collection Methods
  • Direct collection through website forms
  • Automated collection through analytics tools
  • Client provided data for service delivery
  • Business relationship management
5.2 Data Processing Purposes
  • Service delivery and optimization
  • Business intelligence and analytics
  • Software development and maintenance
  • Technical support and issue resolution
  • Security and fraud prevention
  • Regulatory compliance
  • Business development
5.3 Data Retention Periods
  • Website Data: 26 months
  • Service Delivery Data: Duration of service agreement plus 6 years
  • Business Records: 7 years
  • Technical Logs: 12 months

6. Technical and Organizational Security Measures

6.1 Data Security Infrastructure
  • Encryption at rest and in transit
  • Multi-factor authentication
  • Regular security audits
  • Penetration testing
  • Access control systems
  • Security monitoring and alerting
  • Incident response procedures
6.2 Development Security Practices
  • Secure development lifecycle
  • Code review processes
  • Security testing protocols
  • Vulnerability management
  • Patch management
  • Change control procedures
6.3 Operational Security
  • Staff security training
  • Data handling procedures
  • Clean desk policy
  • Device management
  • Network security
  • Physical security measures

7. International Data Transfers

7.1 Transfer Mechanisms
  • Standard Contractual Clauses
  • UK Adequacy Decisions
  • Binding Corporate Rules
  • Data Processing Agreements
7.2 Transfer Safeguards
  • Data minimization
  • Encryption requirements
  • Access controls
  • Audit rights
  • Sub-processor restrictions

8. Data Subject Rights

We facilitate the following rights under the UK GDPR:

8.1 Access Rights
  • Right to confirm processing
  • Right to access personal data
  • Right to processing information
  • Right to data portability
8.2 Control Rights
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to object to processing
  • Rights related to automated decision making
8.3 Exercise of Rights

Detailed procedures for exercising these rights are available through our Data Protection Officer. We aim to respond to all legitimate requests within one month.

9. Cookie Policy and Tracking Technologies

9.1 Essential Cookies
  • Session management
  • Security features
  • Technical functionality
9.2 Analytics Cookies
  • Performance measurement
  • User behavior analysis
  • Service optimization
9.3 Marketing Cookies
  • Requiring explicit consent
  • Preference management
  • Opt-out mechanisms

10. Third-Party Data Processors

10.1 Categories of Processors
  • Cloud service providers
  • Analytics providers
  • Payment processors
  • Communication services
  • Development tools
10.2 Processor Requirements
  • Data processing agreements
  • Security certifications
  • Compliance monitoring
  • Regular audits
  • Incident reporting

11. Data Breach Procedures

11.1 Internal Procedures
  • Incident detection
  • Impact assessment
  • Containment measures
  • Investigation protocols
  • Documentation requirements
11.2 External Notifications
  • Regulatory reporting
  • Data subject notifications
  • Law enforcement coordination
  • Client communications

12. Policy Updates and Changes

We reserve the right to update this Privacy Policy at any time. Material changes will be notified to affected parties through:

  • Website notifications
  • Email communications
  • Client updates
  • Service announcements

13. Contact Information

For inquiries regarding these policies:

  • Data Protection Officer Contact Information:
    • Data Protection

Last Updated: 17th February 2025