Clear Review has joined Advanced - Discover our full suite of powerful and innovative people management solutions

Find out more
Get Started

Privacy Information

Protecting your personal details on our website

  • What Personal Data we collect and process
  • Lawful Basis for Processing Personal Data
  • Sharing Personal Data
  • Protecting Information
  • The Internet
  • Control Over Your Personal Data and How to Exercise Your Rights
  • Applying to Work at Clear Review
  • Cookies
  • Links

Last updated: October 2021

Clear Review Ltd values and respect the privacy of those who share their Personal Data with us. This privacy policy (the “Policy”) describes what, how and why we collect, store and use Personal Data, and includes information about individuals’ rights.

Clear Review is part of the Advanced group. The privacy notice for Advanced can be viewed here: https://www.oneadvanced.com/pr...

This policy also describes some of the security measures we take to protect your Personal Data and tells you certain things we will do and not do.

This notice also describes our privacy and cookie policy and forms part of our Website Terms of Use (‘Website Terms’).

Clear Review Limited believes in the importance of protecting your Personal Data (as defined in the UK’s Data Protection Act and the EU General Data Protection Regulation, the GDPR) and we are committed to provide you with services that meet your and your organisation’s needs whilst protecting your privacy.

When we first obtain Personal Data from you, we will give you the opportunity to tell us if you do or do not want to receive information from us about other services, events and updates in the performance management and professional development field.

You can do this by ticking a box on an application form or contract. You may change your mind at any time by emailing us at the address at the bottom of this page or by unsubscribing directly from links within the emails we send to share information with you.

What Personal Data we collect and process

We aim to be transparent about why and how we process Personal Data. Here are the categories for which we process Personal Data:

Business contacts

We process Personal Data about business contacts using a client relationship management tool (“Salesforce”). The use of Salesforce is supplemneted by Marketo, an engagement automation tool. Personal Data is added to Salesforce via Marketo directly by site visitors or indirectly by our by our employees; in both cases, you can always opt out from the process. Personal Data we process includes name, business email address, job title, telephone number, area of business, job role and organisation’s name. Personal Data of business contacts may also be collected by virtue of us providing our services to you through a contract or by you attending a networking event or a webinar.

Personal Data, including name, email address, telephone number and other business contact information, may be purchased and collected from HR Grapevine, a 3rd party provider, for the purpose of sharing industry relevant and marketing information.

Links to tools that we use to process your Personal Data and their privacy notices for the purpose of marketing activities:

Data Transfers:

Salesforce is a global company offering a platform with data centres in Europe and the UK. Salesforce may operate international transfers under Binding Corporate Rules and EU Standard Contractual Clauses

Our USA-based operation may also access information on Salesforce. This activity is carried out under EU Standard Contractual Clauses in place between Clear Review Ltd (UK) and our subsidiary, Clear Review Inc (USA).

How we use your data

  • For contact and communication purposes: we use your contact details to share industry updates, white papers, case studies, webinars, invites to events and / or other information about us and the services that we provide that we believe are of interest to you. You can unsubscribe from these communications by clicking on a link on each email or by writing to the Data Protection Manager at the address below.
  • Making contact details available to Clear Review staff as required by their role.
  • Performing aggregated analytics – such as trends, sales intelligence, marketing effectiveness (such as click and open rates) uptake and progress.

Retention

Marketing

Personal Data is retained on Salesforce for as long as it is necessary for the purposes set out below:

Existing Customers:

Personal Data will be processed for the duration of the contract. You may opt out to receive marketing communications at any time

Prospective Customers and Subscribers to Clear Review’s communications:

If your data was provided by a third party, we will process it for one year or the duration of contract with the data provider. You can opt out from receiving marketing communications at any time.

If you provided your data directly to us, we’ll process it until you opt out.

If a business contact opts out from receiving marketing materials, their details will still be retained in a Suppression List to prevent communications to be sent.

Clients and Personal Data associated with clients

We request that our clients only provide Personal Data that is necessary for us to carry out our services. The Clear Review platform by Clear Review Ltd operates on the principle of Data Minimisation.

When processing Personal Data in respect of individuals associated with clients, e.g. employees for the provision of our services through the Clear Review platform, our clients are the Data Controller and Clear Review Ltd the Data Processor.

When processing Personal Data in the context of providing support, customer success and administer the business relationship, Clear Review Ltd is the Data Controller. To benefit the increasingly global nature of our clients, we extended our Customer Success’ service hours with resources located in the USA’s East Coast The USA support activity is governed by EU Standard Contractual Clauses with Clear Review Inc.

We also leverage the Planhat platform to provide a customer success service and Amplitude to collate anonymised, aggregated analytics to enhance the platform’s functionality and features.

JIRA from Atlassian complements the technical support systems.

Clients who have registered an interest to attend events or receive information relevant to their business sector will also be processed with the Salesforce and Marketo platforms. Please refer to the Business Contacts’ section above for details.

Some commercial documents will be securely stored in Box hosted within the EU.

Links to tools that we use to process your Personal Data as a client and related privacy policies:

  • Box https://www.box.com/en-gb/legal/privacypolicy
  • We collect information on a general and aggregate basis, such as IP addresses, in order to analyse the performance of our sites or applications. This data is used completely anonymously in order to determine the amount of people who visit our sites and the most frequently used sections of our sites or applications. This enables us to continually update and refine our platform to ensure it provides you with a successful experience.

Data Transfers:

Whereby most of the platforms listed above will opt to process Personal Data within the EEA where possible, some services may require data transfers outside the EEA. These transfers are carried out under one or more of the following 2 legal mechanisms:

  • EU Standard Contract Clauses
  • Processing in a country which been granted an Adequacy Decision for protecting Personal Data.

How we use it

Provision of software as a service (SaaS): we will use Personal Data in such a manner as we believe is reasonably necessary to provide our services, for example to train and support your staff, enabling customer success, augmenting organisational performance and resolving technical support queries.

Customer Success: to benefit the increasingly global nature of our clients, we extended our Customer Success’ service hours with resources located in the USA’s East Coast. These resources may access Planhat and Salesforce to support our clients. The USA support activity is governed by EU Standard Contractual Clauses in place with Clear Review Inc. and the same security requirements adopted in Europe are imposed on the USA entity.

Administration: to collect our fees or costs in connection with our services, managing contracts.

Managing client relationships: providing clients with information on our services and business updates that we consider may be relevant to them; arranging and hosting events; and identifying where we may make improvements in customer success.

Client engagement: to ensure our clients make full use of our SaaS platform and derive maximum benefits

Produce aggregated analytics to enhance the Clear Review platform and add value to our clients

Compliance with anti-money laundering regulation: we may use your Personal Data (e.g. evidence of your identity) in order to fulfil our obligations to check the identity of our clients in compliance with anti-money laundering law and regulations, this information will be shared with any relevant OC Member Firm required to support that instruction.

Retention

Our general retention period for documentation created for the purpose of providing services is aligned with the retention of accounting and financial records, which in the UK is 6 years plus current financial period.

Clients for whom we process employees’ Personal Data as part of the Clear Review platform’s licence: all data, including Personal Data, is permanently erased one month after the contractual agreement ends. Transactional data is anonymised and aggregated and processed for statistical purpose.

Suppliers (including individual contractors)

Personal Data, including name, email address, telephone number and other business contact information, is collected to receive services from suppliers, to manage the relationship with the supplier, and for the provision of services to our clients. This purpose of this processing activity is to manage and perform contracts.

How we use it

  • To receive and manage services from our suppliers.
  • Services to clients: if a supplier is assisting us in delivering services to our clients, we will process Personal Data to manage that relationship.
  • Administration: to agree payment arrangements with our suppliers, and to make payments to them.

Retention

Our general retention period for documentation created for the purpose of providing services is aligned with the retention of accounting and financial records, 6 years + current.

Visitors to the Clear Review website

Personal Data will be collected if you sign up to attend any of our events and/or to receive our marketing literature.

How we use it

Business contacts: if you have signed up to attend one of our events or to receive our marketing literature please see the paragraph above headed ‘Business contacts’.

Google Analytics: to track and understand usage and performance of our website. More detail is available in the Cookies’ section of this policy.

Aggregate information about visitors to our website

Use of Outlook plugin

The Outlook plugin will be used to collect and request feedback within an organisation and associate the action against a user.

How we use it

Request feedback: if you have requested feedback this action is associated against all users that you have selected

Give feedback: if you have given feedback this action is associated against the user you have provided the feedback on

Aggregate information about visitors to our website

  • We collect information on a general and aggregate basis, such as IP addresses, in order to analyse the performance of our sites or applications. This data is used completely anonymously in order to determine the amount of people who visit our sites and the most frequently used sections of our sites or applications. This enables us to continually update and refine our platform to ensure it provides you with a successful experience.

Lawful Basis for Processing Personal Data

We will only process Personal Data where we have a lawful reason for doing so. The lawful basis for processing Personal Data by us will be one of the following:

  • the processing is necessary for the performance of a contract you or your organization are party to or in order to take steps at your request prior to you entering into a contract;
  • the processing is necessary in order for us to comply with our legal obligations (such as compliance with anti-money laundering legislation or counter fraud measures);
  • the processing is necessary for the pursuit of our legitimate business interests (including that of the delivery and the promotion of our services); and
  • you have provided consent for us to process your Personal Data.

Sharing Personal Data

We will not disclose your Personal Data to any third party except in accordance with this Privacy Notice.

We may allow other organisations to process Personal Data we hold about you in the following circumstances:

  • If we, or substantially all of our assets, are acquired or are in the process of being acquired by a third party, in which case Personal Data held by us, about our customers, will be one of the transferred assets.
  • If we have been legitimately asked to provide information for legal or regulatory purposes or as part of legal proceedings or prospective legal proceedings.
  • For the prevention of crime, as may be required by law enforcement agencies and as prescribed by the UK’s Data Protection Act and EU GDPR.
  • We employ companies and individuals to perform functions on our behalf. Those parties are bound by strict contractual provisions with us and only have access to Personal Data needed to perform their functions and may not use it for other purposes. Further, they must process the Personal Data in accordance with this Privacy Policy and as permitted by the UK’s Data Protection Act and the EU GDPR.
  • Where you give us Personal Data on behalf of someone else, you confirm that you have provided them with the information set out in this Privacy Policy and that they have not objected to such use of their Personal Data. We reserve the right to verify the legitimacy of this aspect with periodic audits.

Protecting Information

We have strict security measures to protect Personal Data.

  • We work to protect the security of your information during transmission by using secure encryption
  • We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information. Our security procedures mean that we may occasionally request proof of identity before we disclose Personal Data to you.
  • It is important for you to protect against unauthorised access to your password and to your computer. Be sure to sign off when you finish using a shared computer.
  • We are ISO27001 accredited and undergo an annual external audit by an independent party in order to retain our certification
  • Our third-party technology providers are vetted for state of the art technical and organisational measures which conform to ISO27001 information security standards

The Internet

  • If you communicate with us using the internet, we will occasionally email you about business innovation in the performance and professional development field and how it is supported by our services and products. When you first give us Personal Data through the Website, we will give you the opportunity to say whether you would prefer us not to contact you by email. You can also always unsubscribe from receiving emails or send us an email (at the address set out below) to exercise your rights.
  • Please remember that communications over the internet, such as emails and webmails (messages sent through a website), are not secure unless they have been encrypted. Your communications may go through a number of countries before they are delivered, as this is how the internet works.

We cannot accept responsibility for any unauthorised access or loss of Personal Data that is beyond our control.

Control Over Your Personal Data and How to Exercise Your Rights

Under certain circumstances you have the following rights:

  • the right to ask us to provide you with copies of the Personal Data we hold about you at any time and to be informed of the contents and origin, verify its accuracy, or else request that such information be supplemented, updated or rectified according to the provisions of Data Protection law;
  • the right to request erasure, anonymisation or blocking of your Personal Data that is processed, if in breach of the law;
  • the right to object on legitimate grounds to the processing of your Personal Data. In certain circumstances we may not be able to stop using your Personal Data, if that is the case, we’ll let you know why and inform you of your appeal rights;
  • withdrawal of consent – while we do not always process Personal Data on the basis of consent, when Personal Data is processed on the basis of consent an individual may withdraw consent at any time. In the event that you no longer want to receive any marketing material, case studies or invites to events from us, please use the unsubscribe option (which is in all of our marketing emails to you), or contact the Data Protection manager as set below.

To exercise the above rights (bar withdrawing from marketing emails – as described) and if you have any questions about how we collect, store and use Personal Data, then please contact us using the details as set out in the “Data Controller contact information” section below.

Applying to Work at Clear Review

Clear Review is committed to protecting the privacy of individuals wanting to work for us.

We’ll process Personal Data including, name, address, contact details, career and academic history for the purpose of recruitment and selection.

This processing activity is carried out as entering steps to perform an employment contract.

If successfully selected, we’ll carry out vetting checks at conditional offer stage; the nature of Personal Data will vary in relation to the role but the data categories may include: former employers’ references and right to work in the UK.

Cookies

When we provide services, we want to make them easy, useful and reliable. This sometimes involves placing small amounts of information on your computer. These are called ‘cookies’.

These cookies cannot be used to identify you personally and are used to improve services for you, for example through:

Letting you navigate between pages efficiently

Enabling a service to recognise your computer so you don’t have to give the same information during one task

Measuring how many people are using services, so they can be made easier to use and that there is enough capacity to ensure they are fast

To learn more about cookies, see:

Users have the opportunity to set their browser to accept all or some cookies, to notify them when a cookie is issued, or not to receive cookies at any time. The last of these options, of course, means that personalised services cannot be provided and the user may not be able to take full advantage of all of a website’s features. Refer to your browser’s Help section for specific guidance on how it allows you to manage cookies and how you may delete cookies you wish to remove from your computer.

Multiple cookies may be found in a single file depending on which browser you use.

The cookies used on this website have been categorised based on the categories found in the Cookiepedia guide, as follows:

Category 2: performance cookies

These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.

Category 4: targeting cookies or advertising cookies

These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation.

If you have any queries about our use of cookies, or would like more information, please contact our privacy function at:

Data Protection Office
Security & Compliance Team
The Mailbox
101 Wharfside Street
Birmingham
B1 1RF

or email us at dataprotection@oneadvanced.com

You can allow or block cookies by clicking on “Cookie Settings” on the related banner appearing on the footer of the website

Links

The Website may include links to other websites. We do not provide any personally identifiable customer Personal Data to these third-party websites.

We exclude all liability for loss that you may incur when using these third party websites.

Contacting Us

If you would like any more information or you have any comments about our Privacy & Cookie Policy, please either write to us using the contact details below:

Data Controller and contact details for the Data Protection Manager.

Clear Review Limited

Company number 088516632.

Registered at

Ditton Park, Riding Court Road, Datchet, Berkshire, United Kingdom, SL3 9LL

All data protection enquiries to be addressed to: privacymanager@clearreview.com.

  • We may amend this Policy from time to time and if you are in our mailing database, we will notify you of any changes in addition to publish the amended version on the Website.
  • If you have not registered to receive communications from us, it is not possible to proactively keep you informed, so please check back regularly to keep informed of updates to this Policy.
  • You can ask us for a copy of this Privacy & Cookie Policy and of any amended Policy by writing to the above address or by emailing us at privacymanager@clearreview.com.
  • This Policy applies to Personal Data we hold about individuals. It does not apply to information we hold about companies and other organisations.
  • If you would like access to the Personal Data that we hold about you, you can do this by emailing us at privacymanager@clearreview.com or writing to us at the address noted above.
  • We aim to keep the Personal Data we hold about you accurate and up to date. If you tell us that we are holding any inaccurate Personal Data about you, we will delete it or correct it promptly. Please email us at privacymanager@clearreview.com or write to us at the address above to update your Personal Data.