Privacy and Cookies Policy
1.0 INTRODUCTION
1.1 Policy Review
This company policy will be reviewed every two years or when significant change occurs.
1.2 Policy Owner
This policy is approved and published on behalf of the Managing Director of the UBC Group of Companies.
2.0 THE PURPOSE OF THIS POLICY
This policy has been written to identify how we use Cookies on our website and provides full details about our Privacy Policy.
3.0 SCOPE
This policy applies to any person who visits our website.
4.0 RESPONSIBILITIES
4.1 Ultimate responsibility
The Managing Director has ultimate responsibility for ensuring we meet our legal obligations.
4.2 Employee responsibility
The Sales and Marketing Director is responsible for ensuring we meet our day-to-day legal requirements.
5.0 Cookies Policy
5.1 Introduction to Cookies
Cookies enable us to improve the website as they distinguish you from other users of the site, providing analytics about how visitors use the website. These cookies enable us to recognise and count the number of visitors to the site and to record how visitors navigate the site.
We do not use cookies to collect or record information such as your name, address, or payment details.
5.2 What are cookies?
A cookie is a small file of letters and numbers that is stored on your computer or mobile device when you access some websites. Cookies enable a website to recognise your device and help your browser navigate the site by allowing you to log in automatically and remember any settings you choose during previous visits.
Cookies do not harm your computer.
Low-Risk Cookies
In line with the Data (Use and Access) Act 2025, we may use certain low-risk cookies—such as analytics and functionality-enhancing cookies—without prior consent. These cookies help us understand website usage and improve user experience. You can opt out at any time via our Cookie Settings
5.3 Can you block cookies?
Unless you have adjusted your browser setting so that it will refuse cookies, our website system will issue cookies as soon as you visit the site. By using and browsing
this website, you consent to cookies being used in accordance with this Cookie Policy. If you do not consent, you must either disable cookies or refrain from using our website.
Most web browsers automatically accept cookies, but these can be blocked. This can be done by changing the setting on your browser that allows you to refuse the setting of all or some cookies. Bear in mind that if you change your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our website.
5.4 How to check browser settings for cookies
To check browser cookie settings, go to your browser's Settings or Preferences menu, find the Privacy and Security section, and then select Cookies or Site Permissions to view and manage them. For your cookie policy, clearly explain to users what cookies are, what types your site uses, why they are used, and get their consent, detailing cookie names, functions, and third-party providers.
- Open your browser: (Chrome, Edge, Firefox, etc.).
- Access the menu: by clicking the three-dot or gear icon, usually in the top-right corner.
- Navigate to Settings or Preferences .
- Find "Privacy and Security": in the left-hand menu.
- Select "Cookies": or a similar option to view, manage, or block cookies.
5.5 The following cookies are used on our site:
- Analytics cookies
These cookies enable Google Analytics and other software to take and analyse visitor information to help us improve the website and your visitor experience
The data stored by these cookies does not show personal details from which your individual identity can be established.
Use of Cookies and Tracking Technologies
- Site administration
We use cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and understand visitor behavior. This includes tools such as Leadoo, which may track user interactions to help us improve our services and marketing efforts.
These cookies enable the website to function and remember any details from previous visits
- Site Improvement Cookies
We regularly test new designs or site features on our website. We do this by showing slightly different versions of the website to different people and anonymously monitoring how the website visitors respond to these different versions. This helps us to offer you a better website.
- Payment Processing via Stripe
We use Stripe, a third-party payment processor, to securely handle transactions made through our website. When you make a payment, your personal data—including your name, contact details, payment method, and transaction information—may be shared with Stripe to process the payment, prevent fraud, and comply with legal obligations.
Stripe acts as a data processor on our behalf and processes your data in accordance with its own Privacy Policy.
Your data may be transferred outside the UK, including to the United States, under appropriate safeguards such as the UK Extension to the EU-U.S. Data Privacy Framework.
We rely on the lawful basis of performance of a contract under Article 6(1)(b) of the UK GDPR to process your payment data. Where sensitive data is involved (e.g., biometric verification), we rely on explicit consent under Article 9(2)(a).
We use Leadoo Chatbots on our website.
Leadoo may set cookies to:
- Track user interactions with the chatbot
- Identify returning visitors
- Improve bot performance and personalization
These cookies may include session identifiers, device information, and behavioral data.
Consent for Tracking
Tracking cookies used by Leadoo for analytics or marketing purposes are non-essential and require explicit user consent. You can manage your preferences via our [Cookie Settings].
Essential Cookies
Some Leadoo cookies are essential for chatbot functionality and do not require consent under PECR. These are used solely to maintain session integrity and provide requested services.
5.6 Where can I find out more information about cookies?
If you'd like to learn more about cookies in general and how to manage them, please visit www.aboutcookies.org – please note that this is an external website.
6.0 PRIVACY POLICY
6.1 Introduction
This is our privacy policy. It tells you how we collect, and process data received from you on our website.
If you have any comments on this privacy policy, please email them to DataOfficer@UBCUK.com.
You may access our website without providing any data at all. However, to use all features and functions available on the website you may be required to submit or allow for the collection of certain data.
6.2 Who We Are
Here are the details about us and our Data Controller that we should provide to you under the General Data Protection Regulation 2018.
The Company website address is: www.ubcuk.com The Company comprises the UBC Group of Companies including UBC Group, UBCUK, UBC Sentinel House, UBC Enterprise House, UBC Thursby House, UBC Blackwell House, Inigo Business Centres and Pantiles Chambers.
The Company registered address is: 1310 Solihull Parkway, Birmingham Business Park, Birmingham, B37 7YB
The nominated representative is Karen Osborne who can be contacted by email at DataOfficer@ubcuk.com
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
- you have given consent to the processing of your personal data for one or more specific purposes.
- processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract.
- processing is necessary for compliance with a legal obligation to which we are subject.
- processing is necessary to protect the vital interests of you or of another natural person.
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or
- processing is necessary for the purposes of the legitimate interests pursued by us or by a third party such as our credit card payment processing, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, where the data subject is a child.
- We may process personal data under recognised legitimate interests, such as for security, fraud prevention, or safeguarding purposes, without conducting a balancing test. This is permitted under the Data (Use and Access) Act 2025.
6.3 What we may collect
- Information you put into forms or surveys on our site at any time.
- Contact information such as email addresses and telephone numbers.
- A record of any correspondence between us.
- Details of transactions you carry out through our site.
- Details of your visits to our sites and the resources you use; and/or
- Information about your computer (e.g., your IP address, browser, operating- system, etc.) for statistical purposes
6.4 Cookies
We use cookies to distinguish users and improve our site. Please look at our Cookie Policy (refer to Section 5 of this policy).
Visitor Tracking and Personal Data
We use visitor tracking technologies, including Leadoo, to analyze user behavior and improve our website and services. These tools may collect data such as IP addresses, device information, and browsing patterns.
This data is processed in accordance with the UK GDPR. We act as the data controller, and Leadoo acts as our data processor. All data is stored securely and only retained for as long as necessary.
You have the right to access, correct, or delete your personal data. You may also withdraw your consent at any time by adjusting your cookie preferences or contacting us directly.
Payment Processing via Stripe
We use Stripe, a third-party payment processor, to securely handle transactions made through our website. When you make a payment, your personal data—including your name, contact details, payment method, and transaction information—may be shared with Stripe to process the payment, prevent fraud, and comply with legal obligations.
Stripe acts as a data processor on our behalf and processes your data in accordance with its own Privacy Policy.
Your data may be transferred outside the UK, including to the United States, under appropriate safeguards such as the UK Extension to the EU-U.S. Data Privacy Framework.
We rely on the lawful basis of performance of a contract under Article 6(1)(b) of the UK GDPR to process your payment data. Where sensitive data is involved (e.g., biometric verification), we rely on explicit consent under Article 9(2)(a).
7.0 HOW WE USE WHAT WE COLLECT
7.1 General
All personal data is stored securely in accordance with the EU General Data Protection Regulation (GDPR).
We use information about you to:
- Present site content effectively to you
- Provide information, products, and services that you request, or (with your consent) which we think may interest you
- Carry out our contracts with you
- Allow you to use our interactive services if you want to
- Tell you our charges
If you don't want to be contacted for marketing purposes, please contact us at any time by email: marketing@ubcuk.com
Please note: At present UBCUK Limited does not have any advertisers. If in the future we do have advertisers, we may give them aggregate information to help them reach their target audience, and we may use information we have collected to display advertisements to that audience. We will not, however, identify individuals to our advertisers.
7.2 Registering with us
If you register with us as a customer or enquire about the services we provide, we save the details you provide and use them to enable us to personalise the service we offer to you. You can update your information as necessary by contacting your UBC business centre directly or by emailing DataOfficer@ubcuk.com.
8.0 HOW AND WHERE WE STORE YOUR DATA
We may transfer your collected data to storage outside the European Economic Area (EEA). It may be processed outside the EEA to fulfil your order and deal with payment.
These may include payment processing, search engine facilities, advertising and marketing.
By providing your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.
Payment will be encrypted. If we provide a password, you must keep it confidential, please do not share it. Although we try to provide protection, we cannot guarantee complete security for your data, and you take the risk that any sending of that data turns out to be not secure despite our efforts.
We only keep your data for as long as we need it to use it as described above, and/or for as long as we have your permission to keep it. In any event, we will conduct an annual review to ascertain whether we need to keep your data. Your data will be deleted if we no longer need it in accordance with the terms of our Data Retention Policy.
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure data collected through our site.
Steps we take to secure and protect your data are contained in our Data Protection Policy.
Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting data to us via the internet.
9.0 DISCLOSING YOUR INFORMATION
9.1 General
- We are allowed to disclose your information in the following cases:
- We can disclose it to other businesses in our group
- We can disclose it if we have a legal obligation to do so, or to protect other people's property, safety or rights
- We can exchange information with others to protect against fraud or credit risks
We may contract with third parties to supply services to you on our behalf. These may include payment processing, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.
We may compile statistics about the use of our site including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymised and will not include any personally identifying information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners and advertisers. Data will only be shared and used within the bounds of the law.
9.2 If you are a UBC Limited customer
If you are a UBC customer, we may disclose information about you to approved third party suppliers who are required to fulfil your service requirements.
For people/companies who make enquiries that do not transfer to a service, your data will be deleted periodically or sooner by request. Any requests for data erasure should be emailed to DataOfficer@ubcuk.com.
9.3 If you are a visitor to our website or making an enquiry
If you are a visitor to our website making an enquiry or otherwise contacting us, we use information about you to tell you about other goods and services that might interest you.
For people/companies who make enquires that do not transfer to a service, your data will be deleted periodically or sooner by request. Any requests for data erasure should be emailed to DataOfficer@ubcuk.com.
10. YOUR RIGHTS AND CONTACTING US
Under the GDPR, you have:
- the right to request access to, deletion of or correction of your personal data held by
- the right to complain to a supervisory
- be informed of what data processing is taking
- the right to restrict
- the right to data
- the right to object to processing of your personal
- rights with respect to automated decision-making and profiling (see section 13 below).
You have the legal right to ask for a copy of any of your personal data held by us (where such data is held). Please contact us for more details email: DataOfficer@ubcuk.com.
You can ask us not to use your data for marketing. You can withdraw your consent to your personal data being processed. You can do this by contacting us at any time at email: marketing@ubcuk.com.
To enforce any of the foregoing rights or if you have any other questions about our site or this privacy policy, please contact us using the details set out above.
11. LINKS TO OTHER SITES
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our website. This Privacy Policy applies only to your use of our website. It does not extend to any websites that are linked to from our website (whether we provide those links or whether they are shared by other users). We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
12. CHANGES
If we change our Privacy Policy, we will post the changes on this page. If we decide to, we may also email you. We recommend that you check this page regularly to keep up to date.
13. AUTOMATED DECISION-MAKING AND PROFILING
13.1 Automated Decision-Making
If we use personal data for the purposes of automated decision-making and those decisions have a legal (or similarly significant effect) on you, you have the right to challenge to such decisions under GDPR, requesting human intervention, expressing your own point of view, and obtaining an explanation of the decision from us.
13.2 Automated Decision-Making Exceptions
The right described in section 13.1 does not apply in the following circumstances:
The decision is necessary for the entry into, or performance of, a contract between you and
The decision is authorised by law; or
You have given your explicit
13.3 Profiling
Where we use your personal data for profiling purposes, the following shall apply:
Clear information explaining the profiling will be provided, including its significance and the likely
Appropriate mathematical or statistical procedures will be
Technical and organisational measures necessary to minimise the risk of errors and to enable such errors to be easily corrected shall be implemented; and
All personal data processed for profiling purposes shall be secured to prevent discriminatory effects arising out of
Complaints
If you believe your personal data has been mishandled or your rights under UK GDPR have not been respected, please email us at dataofficer@ubcuk.com
Please include:
- Your full name and contact details
- A description of your concern
- Any relevant dates or reference numbers
We will acknowledge your complaint within 30 calendar days. Please read the above Privacy Policy for more information on how we handle personal data.
Updated 22nd August 2025