WEBSITE PRIVACY NOTICE

Thank you so much for choosing to find out more about us by visiting our website! Here at SaaSLeads.io, we’re an interesting bunch that are on a mission to do something great in the sales world while having fun at the same time. We also believe that its super important to comply with legal and compliance requirements and we hope that we’ve managed to show you this in our approach to data privacy through this Privacy Notice. If for any reason though, you would like more information on our approach to data privacy, please do get in touch with our Legal & Compliance Team on legal@saasleads.io as we’d welcome the opportunity to share more information on our practices with you. The sales industry is to do with people and trust, and we appreciate that all of those that engage with us trust us, and we are committed to maintaining that trust by looking after their data.
1. TRAINING SUPERSTAR SALES PROFESSIONALS

We hire and train future sales stars, known as Sales Development Representatives (“SDRs”), for some of the most innovative companies around the universe. We are focused on helping everyone have a successful start to their sales career and believe that everyone deserves to find a job that they love and have the skills to build their future.
We run our awesome business out of SaaSleads.io Ltd which is incorporated in England & Wales and has the registration number of 11662391 and registered address of The Workshop, Tontine Street, Folkestone, Kent, England, CT20 1JU, United Kingdom, Planet Earth.
2. SOME IMPORTANT BITS & BOBS

This Privacy Notice applies to all of our website users, applicants (SDRs and internal staff), prospective and existing customers, suppliers and partners that engage with us. As we know that everyone’s not a legal bod, we’ve pulled together a little legal dictionary below which explains some key data privacy terms (including ones that we’ve used by capitalising the first letter in a word in this Privacy Notice).
Our Legal & Compliance Team take Data Protection Laws really seriously and this Privacy
Notice is kept regularly under review and was last updated in January 2022.
3. LEGAL DICTIONARY

Consent refers to when an individual gives agreement which is freely given, specific, informed and is an unambiguous indication of their wishes. It is done by a statement or by a clear positive action in respect of the Processing of any Personal Data relating to them. Criminal Convictions Data refers to Personal Data relating to criminal convictions and offences and includes Personal Data relating to criminal allegations and proceedings.
Data Controller refers to an organisation that determines when, why and how to Process Personal Data. It is responsible for establishing policies and procedures in line with Data Protection Laws.
Data Protection Laws  refers to the European Union’s General Data Protection Regulation 2016/679 and the UK GDPR”. The UK GDPR is the UK’s version of the EU GDPR and comprises of the Data Protection Act 2018 and the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (SI 2019/419)).

Data Processor refers to an organisation that Processes Personal Data on behalf of a Data Controller. It is responsible for establishing policies and procedures in line with Data Protection Laws and also its contractual obligations with Data Controllers.
European Economic Area (“EEA”) refers to the 27 countries in the European Union, Iceland, Liechtenstein and Norway.
Legitimate Interest  refers to when an organisation’s interests are legitimate (as they need to do something to operate) and these interests do not override an individual’s interests or fundamental rights and freedoms.
Personal Data  refers to any information identifying an individual or information relating to an individual that an organisation can identify (directly or indirectly) from that data alone or in combination with other identifiers that it Processes. Personal Data includes Special Category Personal Data, Criminal Convictions Data and pseudonymised Personal Data. Further examples of Personal Data are included in section 5 of this Privacy Notice. Personal Data excludes anonymous data or data that has had the identity of an individual permanently
removed.
Process or Processing refers to any activity that involves the use of Personal Data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transmitting or transferring Personal Data to third parties.

Special Category Personal Datarefers to information revealing racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, sexual life, sexual orientation, biometric or genetic data of an individual.
4. OUR DATA PROTECTION STATUS

Data Protection Laws have created the concepts of a Data Controller and a Data Processor and SaaSLeads.io fits into each concept albeit in different circumstances. For example, we are a Data Controller when applicants are applying to join us, and we are a Data Processor when
we are performing some of our services for our customers. To keep us (and all other organisations) in check, we are supervised by the Information Commissioner’s Office (“ICO”) which is the data protection supervisory authority in England & Wales. Our registration
identification with the ICO is ZB045529.

5. A SUMMARY OF DIFFERENT TYPES OF PERSONAL DATA

We collect, use, store and transfer different kinds of Personal Data depending on our relationship with you. In general, we collect the following types:
Identity Data (e.g., first name, maidan name, last name, title, data of birth).
Contact Data (e.g., phone number, email address, business address and billing address).
Communications & Marketing Data (e.g., your preferences in respect of cookies and
marketing).
Financial Data (e.g., bank account details, value added tax numbers).
Profile Data (e.g., information about your professional background/organisation,
agreements you have entered into with us such as our terms and conditions).
Transaction Data (e.g., invoices, payment details).
Technical Data (e.g., internet protocol addresses, browser type and version, time zone
settings and location).
Usage Data (e.g., information about how you use our website).
We also collect, use and share “Aggregated Data” such as statistical or demographic data for other purposes including research and analysis. Aggregated Data could be derived from your Personal Data but is not considered Personal Data under Data Protection Laws as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Notice.
We occasionally collect some Special Category Personal Data about you (such as information about your health where you are an applicant, and we are required to put in place reasonable adjustment for your interview). We only collect this type of Personal Data when we have a
legal ground in which to do so (i.e., you have given us your Consent and chosen to provide us with this data). We do not collect any Criminal Convictions Data except in the employment context and where we are permitted by law to do so when completing background checks.

6. YOU ARE A WEBSITE USER ( HURRAY ! )

Thanks a million for checking us out. If you like what you see and want to find out more, drop us a message on info@saasleads.io as we love when people get in touch. Also, if you really like what you see, keep up to date with our news by following us on LinkedIn and Facebook to be the first in the know-how on our updates.
What do we collect? We collect Technical Data and Usage Data (for tracking purposes). We also collect Identity Data, Contact Data and Communications & Marketing Data (if you decide to get in touch with us).
How do we collect this? As you interact with our website, we automatically collect this data about you by using cookies and similar technologies (check out our Cookies Notice here). We also collect this data through our direct interactions with you such as when you contact us through our website.
What’s our legal ground(s) for Processing? One or more of the following apply:
Consent (i.e., in that you are choosing to provide us with your details so that we can
contact you).
Legitimate Interests (i.e., its necessary for our Legitimate Interests in running and
developing our business including our marketing strategy).
Legal obligation (i.e., its necessary for us to comply with a legal obligation such as in the
instance where you no longer wish to be contacted for direct marketing purposes).

7. YOU ARE APPLYING TO BE A SDR OR TO JOIN OUR INTERNAL TEAM ( Hi-FIVE ! )

Thanks a million for considering us as your new training ground and/or workplace. We’re always on the look-out for potential SDRs to join our Academy that have a keen interest in technology, a desire to learn about sales, a high-level of curiosity and emotional intelligence and are prepared to go the extra mile. As a fast-growing start-up, we’re also keen for new people to join us on our mission and we offer some brilliant benefitsWhat do we collect? We collect Technical Data and Usage Data (for tracking purposes). We also collect Identity Data, Contact Data and Communications & Marketing Data (such as information submitted as part of your application to join us). How do we collect this? As you interact with our website, we automatically collect this data about you by using cookies and similar technologies (check out our Cookies Notice here). We also collect this data through our direct interactions with you and third parties (such as our university partners and/or your references).
What’s our legal ground(s) for Processing? One or more of the following apply:
Consent (i.e., in that you are choosing to provide us with your details so that we can
contact you about a vacancy).
Contract (i.e., in that we need this information to potentially enter into a contract with
you).

8. YOU ARE A POTENTIAL OR EXISTING CUSTOMER ( KUDOS ! )

Thanks a million for considering us or already giving us a chance to offer our services to you. We’re chuffed to have been able to help our exceptional customers  What do we collect? We collect Technical Data and Usage Data (for tracking purposes). We also collect Identity Data, Contact Data, Financial Data, Transaction Data, Profile Data and Communications & Marketing Data (for when you enter into our terms and conditions for services).

How do we collect this? As you interact with our website, we automatically collect this data about you by using cookies and similar technologies (check out our Cookies Notice here). We also collect this data through our direct interactions with you and third parties.

What’s our legal ground(s) for Processing? One or more of the following apply:
Contract (i.e., in that we need this information to enter into or perform a contract with
you).
Legitimate Interests (i.e., its necessary for our Legitimate Interests in recovering debts due
to us from you).
Legal obligation (i.e., its necessary for us to comply with a legal obligation such as in
respect to our financial, tax and legal affairs).

9. YOU ARE A POTENTIAL OR EXISTING SUPPLIER ( YAY ! )

Thanks a million for considering working with us or for already providing us with your services. We are grateful for all of the external support that we receive which help us to achieve our mission. What do we collect? We collect Technical Data and Usage Data (for tracking purposes). We also collect Identity Data, Contact Data, Financial Data, Transaction Data and Profile Data (for when we are engaging you for your services). How do we collect this? As you interact with our website, we automatically collect this data about you by using cookies and similar technologies (check out our Cookies Notice here). We also collect this data through our direct interactions with you (i.e., we will hold Personal Data on your staff that have engaged with us).
What’s our legal ground(s) for Processing? One or more of the following apply:
Contract (i.e., in that we need this information to enter into or perform a contract with
you).
Legitimate Interests (i.e., its necessary for our Legitimate Interests in keeping records to
develop our business strategy).
Legal obligation (i.e., its necessary for us to comply with a legal obligation such as in
respect to our financial, tax and legal affairs).

10. YOU ARE A POTENTIAL OR EXISTING PARTNER ( WOHOO ! )

Thanks a million for being a part of our journey. We couldn’t do this without you and definitely consider that you play a sparkling part in our success, especially our university partners and inspirational guest speakers. What do we collect? We collect Technical Data and Usage Data (for tracking purposes). We also collect Identity Data, Contact Data, Financial Data, Transaction Data and Profile Data (for
when we are collaborating with you). How do we collect this? As you interact with our website, we automatically collect this data about you by using cookies and similar technologies (check out our Cookies Notice here). We also collect this data through our direct interactions with you (i.e., we will hold Personal Data on your staff that have engaged with us).
What’s our legal ground(s) for Processing? One or more of the following apply:
Contract (i.e., in that we need this information to enter into or perform a contract with you
such as our terms of collaboration).
Legitimate Interests (i.e., its necessary for our Legitimate Interests in keeping records to
develop our business strategy).
Legal obligation (i.e., its necessary for us to comply with a legal obligation such as in
respect to our financial, tax and legal affairs).

11. SHARING YOUR PERSONAL DATA

We will only share your Personal Data when necessary and have outlined examples of the types of organisations with whom we would share it with:
Technology companies that provide us with desktop and cloud-based products (e.g., Google and Zoom) – for us to conduct our business and back-up data whilst you are reviewing our website, applying to be our customer, applying for a role with us or acting as one of our suppliers or partners.
Potential and existing customer insight, tracking and engagement providers (e.g., LinkedIn, HubSpot and Salesloft) – for us to be able to track our engagement with potential and existing customers as well as be able to communicate with them through different methods.
Applicant sourcing, tracking and background screening organisations (e.g., Workable and Gradfuel) – for us to manage applicants that are applying for roles as SDRs or to join our internal team.
Professional advisers such as law firms, banks, and accountancy firms (e.g., Aria Grace Law and Spondoo) – which we need to engage with for the purposes of our business and may need to provide data.
Regulators and other governmental authorities (e.g., Companies House and HMRC) – which we need to engage with for the purposes of our business and may need to provide data. Third parties to whom we may be in contact with to sell, transfer or merge parts of our
business or assets, or to attempt to acquire or merge with other companies. We require all third parties to respect the security of your Personal Data and to treat it in accordance with Data Protection Laws. We enter into contractual agreements with all of our third parties (with the exception of regulators and governmental authorities) which include the appropriate data protection clauses.
12. A DIGITAL UNIVERSE WHERE DATA CAN NOW TRAVEL FASTER THAN A SHOOTING STAR
As we are in a digital era, the speed at which Personal Data can travel is exponential. However, we really want you to know that we make sure that your Personal Data flies safely and securely at all times. Whenever your Personal Data travels outside of the UK and/or the
EEA, we ensure that it’s protected by putting in one of the following safeguards:
We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission (and subsequently the ICO)
We will only transfer your Personal Data where we have entered into specific contracts with an organisation outside of the UK and/or the EEA which states that they will ensure that your Personal Data has the same level of protection as if it were in the UK and/or the
EEA. If you want to find out the specific mechanism used when transferring your Personal Data out of the UK and/or the EEA, please contact our Legal & Compliance Team.

13. TECHNICAL AND ORGANISATIONAL SECURITY MEASURES IN OUR WORLD

We have put in place appropriate technical and organisational security measures (such as multi-factor authentication and encryption) to prevent your Personal Data from being accidentally lost, falsified, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, contractors and other third parties who have a business need to know. We have put in place policies, plans and procedures to deal with any suspected or actual personal data breaches (although we hope not to ever be in that position).

14. WE ONLY KEEP DATA FOR AS LONG AS IS NECESSARY

We will only keep your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you (although, of course, we really don’t want to be in that situation). To determine the appropriate retention period for Personal Data, we consider the amount,
nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we Process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. As a note, in some circumstances we will anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information without further notice to you.

15. YOUR DATA, YOUR RIGHTS

Under certain circumstances, you have specific rights in respect of the Personal Data that we Process about you.Your rights include:
Right of access to information and examples of copies of the Personal Data that we hold
about you.
Right to rectify (i.e., correct) your Personal Data where it is inaccurate or incomplete.
Right to delete your Personal Data, but only in specific circumstances, for example where the Personal Data is no longer necessary in relation to the purpose for which it was originally collected or Processed. It may not therefore always be possible for us to delete
all of the information we hold about you if you request this, for example, if we have an ongoing contractual relationship with you.
Right to restrict Processing in specific circumstances, for example while we are reviewing the accuracy or completeness of data or deciding on whether any request for erasure is valid.
Right to object to Processing in cases where Processing is based upon our Legitimate Interests or where Processing is for direct marketing purposes (including profiling).
Right to data portability which means the right to receive, move, copy or transfer your Personal Data to another Data Controller. You have the right to this when we are
Processing your Personal Data based on Consent or on a contract and the Processing is carried out by automated means.
If you wish to exercise any of the rights set out above, please contact our Legal & Compliance Team on legal@saasleads.io. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request
is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity. This is a security measure also in your own interest to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further
information in relation to your request to speed up our response. We try to respond to all legitimate requests within 1 month. Occasionally it could take us longer than 1 month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. We also need to let you know that if you have any concerns and/or you’re not happy with our
approach, you have the right to make a complaint to the ICO which can be contacted on www.ico.org.uk . Data Protection Laws are constantly evolving, and we endeavour to maintain best practice. However, we recognise that we may not always get it right and if you are not satisfied in the way we handle your Personal Data, or you wish to discuss our processes then we would really like to hear from you and request that you contact us in the first instance.

16. THIRD-PARTY LINKS AND SOCIAL PLUGINS

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy documentation of every website you visit.

17. MARKETING

We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising. We may use your Identity Data, Contact Data, Technical Data, Usage Data and Profile Data to form a view on what we think you may want or need, or
what may be of interest to you. You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing. We will get your express opt-in Consent before we share your Personal Data with any third-party for marketing purposes. You can ask us or third parties to stop sending you marketing messages at any time by contacting our Legal & Compliance Team and withdrawing your Consent. Where you opt out of receiving these marketing messages, this will not apply to messages that we need to send you a result of performing a contract that we have with you (e.g., as we may be required to contact you about a payment due).
18. ANY QUESTIONS? GET IN TOUCH

To contact our Legal & Compliance Team, please contact us on legal@saasleads.io.