Privacy Policy

BAYES PRICE PRIVACY POLICY

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal information. It also explains your rights in relation to your personal information and how to contact us.

We collect, use and are responsible for certain personal information about you as set out in this policy. When we do so we are subject to the UK General Data Protection Regulation and we are responsible as the ‘controller’ of that personal information.

Key terms

It would be helpful to start by explaining some key terms used in this policy:

We, us, our | Bayesprice Limited, is a company registered in England and Wales with company number 12267037. Our registered offices are at 127-131 Raleigh Road, Bristol, England, BS3 1QU.

Personal information | Personal data including any information relating to an identified or identifiable individual.

Our Services

We are a data science company specialising in market research survey data. In addition to our software offering (which is subject to a separate Software User Privacy Notice), we offer the following services to our clients:

Processing clients’ existing research data to deliver rapid, customisable outputs—from standard tabulations to automated PowerPoint reports—alongside an interactive visualisation portal that empowers clients to explore their own lines of enquiry;
Online client survey hosting, to facilitate the collection of online research data.

Personal information we collect about you

We may collect and use the following personal information about you (and/or your staff) when you: (i) use our services to conduct research, (ii) when you contact us, or (iii) when you use our website at bayesprice.com and any of its subdomains (the Website):

Contact Data: your contact information, including email address and telephone number, job title and company details;
Identity Data: information to enable us to check and verify your identity, eg your name, your date of birth, and your gender information (if you choose to give this to us);
Profile Data: regarding your personal or professional interests and the industry/sector you work in and the company you work for;
Technical Data: including your internet protocol (IP) address, your user login data, browser type and version, time zone setting and location (if you choose to provide this), browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access this website.
Usage Data includes information about how you interact with and use our website, products and services.
Marketing and Communications Data: including [your preferences in receiving marketing from us and our third parties and your communication preferences] and your responses to surveys;

We also collect, use and share aggregated data such as statistical or demographic data which is not personal information as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals' Usage Data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our service offering.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

How your personal information is collected

We collect most of this personal information directly from you – in person, by telephone, text or email, or via our website.

However, we may also collect information about you from third parties including:

From your employer if they are a client of ours and, for example, they need to allocate you a user licence;
Where you have consented to a third party sharing it with us (for example when you use our third-party support help-desk system);
Analytics providers; and
Public sources such as Companies House.

As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal information by using cookies, server logs and other similar technologies. Please see our cookie policy for further details.

How and why we use your personal information

Under data protection law, we can only use your personal information if we have a proper reason for doing so, in particular where it is:

necessary for us to comply with our legal and regulatory obligations;
necessary for the performance of our contract with you or to take steps at your request before entering into a contract;
for the pursuit of our legitimate interests or those of a third party. This would arise where we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests; or
where you have given your consent to that use.

Purposes for which we will use your personal data

At the bottom of this policy we have set out, in a table format, a description of all the ways we plan to use the various categories of your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

The personal information we collect during a research project will be combined with the responses, views and opinions of other individuals who participate in the same research. Our research is collected and a response provided to our client who has engaged us to undertake the research. The report to our client will not include your personal information as each individual who has been included will be anonymised, unless you have consented to us sharing your identifying information and individual responses to our client.

The personal information we collect via our website or from our clients directly will be used to provide our services to you.

Direct marketing

When your personal information is collected, you will be asked to indicate your preferences for receiving direct marketing communications via email, telephone or post.

We may also analyse your Identity, Contact, Technical, Usage and Profile Data to form a view about which products, services and offers may be of interest to you so that we can then send you relevant marketing communications.

Opting out of marketing

You can ask to stop sending you marketing communications at any time by following the opt-out links within any marketing communication sent to you or by contacting us.

If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes for example relating to updates to our Terms and Conditions or checking that your contact details are correct.

For more information about the cookies we use and how to change your cookie preferences, please see our cookie policy on our website.

Who we share your personal information with

We may share your personal information where necessary with the parties set out below for the purposes set out in the table above.

Where we have engaged other organisations or individuals to perform functions or services on our behalf, including IT Service Providers such as:
- our cloud computing and data storage provider based in the UK and elsewhere;
- our customer relationship management software based in the EU;
- our survey design and hosting platform provider based in the EU; and
- other service providers related to security, finance and software development and support, and error monitoring based in the UK, EU and elsewhere.
We might also share your name with potential customers where you have agreed to provide a reference.
We may disclose and exchange information with our professional advisors (legal, accounting etc) and with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations or to establish, exercise or defend our legal rights.
We may also need to share some personal information with potential buyers of some or all of our business or during a re-structuring. Usually, information would be anonymised in that situation but this may not always be possible. The recipient of any personal information will be bound by confidentiality obligations.

We only allow third parties to handle your personal information if we are satisfied they take appropriate measures to protect your personal information and treat it in accordance with the law. We also impose contractual obligations on third parties relating to ensure they can only use your personal information to provide services to us and to you.

International Transfers

Our servers are located in the United Kingdom.

As discussed in the previous section, we may transfer your personal information to service providers who carry out certain functions on our behalf. This can involve transferring personal information outside the UK, sometimes to countries which have laws that do not provide the same level of data protection as the UK law.

Whenever we transfer your personal information out of the UK, we will ensure a similar degree of protection is afforded to it by ensuring that the following safeguards are in place:

By transferring your personal information to countries that have been deemed to provide an adequate level of protection for personal data, including members of the EEA or to certain companies in the US registered to the US-EU-UK Privacy Framework.
Where there is no adequacy regulation in place, we may use specific standard contractual terms approved for use in the UK which give the transferred personal information the same protection as it has in the UK, namely the International Data Transfer Agreement or International Data Transfer Addendum to the European Commission’s standard contractual clauses for such transfers.
In some very narrow circumstances, we may need to rely on specific exemptions which apply under data protection law but we would inform you if such a need were to arise.

Keeping your personal information secure

We have appropriate security measures to prevent personal information from being accidentally lost, or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How long your personal information will be kept

We will keep your personal information whilst we are conducting our research. Thereafter, we will only keep your personal information for as long as is necessary:

to respond to any questions, complaints or claims made by you or on your behalf;
to show that we treated you fairly;
to keep records required by law.

To determine the appropriate retention period for personal information, we also consider the amount, nature and sensitivity of the information, the potential risk of harm from its unauthorised use or disclosure, the purposes for which we process your personal information and whether we can achieve those purposes through other means, as well as the applicable legal, regulatory, tax, accounting or other requirements.

When it is no longer necessary to retain your personal information, we will delete or anonymise it.

Your rights

You have the following rights, which you can exercise free of charge:

Access | The right to be provided with a copy of your personal information and check that we are processing it lawfully (commonly known as a subject access request).
Rectification | The right to require us to correct any mistakes in your personal information.
To be forgotten | The right to require us to delete your personal information in certain situations, for example where there is no good reason for us continuing to process it, where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
Restriction of processing | The right to require us to restrict processing of your personal information – in certain circumstances, eg if you contest the accuracy of the data.
Data portability | The right to request the transfer of the personal information you provided to us, in a structured, commonly used and machine-readable format to a third party. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
To object | The right to object at any time to your personal information being processed for direct marketing (including profiling); or in certain other situations to our continued processing of your personal information on the basis of our legitimate interests.
To withdraw consent | The right to withdraw your consent at any time where we are relying on it to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Not to be subject to automated individual decision making | The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.

If you would like to exercise any of those rights, please contact us. In order to help us deal with your query as efficiently as possible please also:

provide enough information to allow us to identify you (eg your full name and address; and
let us know what right you want to exercise and the information to which your request relates.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (“ICO”) on individuals’ rights under the General Data Protection Regulation.

Complaints

We hope that we can resolve any query or concern you may raise about our use of your information.

You have the right to lodge a complaint with the Information Commissioner’s Office, the UK regulator for data protection issues (https://ico.org.uk/concerns or telephone: 0303 123 1113). Alternatively, if you normally live or work in the EEA, you may complain to your local supervisory authority.

Changes to this privacy policy

We may update this privacy notice from time to time – when we do we will inform you via our website or by email.

This privacy notice was last updated in January 2025.

Third Party Links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

How to contact us

Please contact us if you have any questions about this privacy policy or the information we hold about you or want to exercise your privacy rights. You can do so in the following ways:

By Email: info@bayesprice.com

By Post: 127-131 Raleigh Road, Southville, Bristol, BS3 1 QU

If you are based in the EEA and wish to contact us for our EU GDPR Representative, please email info@bayesprice.com

Purpose/Use	Type of data	Legal basis
To register you and/or your company as a customer / user of our services/software	(a) Identity (b) Contact (c) Profile	Performance of a contract with you
To process and deliver our software and services in accordance with your instructions, including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us	(a) Identity (b) Contact (c) Marketing and Communications	(a) Performance of a contract with you (b) Necessary for our legitimate interests (to recover debts due to us)
To manage our relationship with you which will include: (a) Corresponding with you and notifying you about changes to our terms or privacy policy (b) Dealing with your requests, complaints and queries and generally support your use of our software and our services.	(a) Identity (b) Contact (c) Profile (d) Marketing and Communications	(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and manage our relationship with you)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	(a) Identity (b) Contact (c) Technical	(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation
To deliver relevant website content and online advertisements to you and measure or understand the effectiveness of the advertising we serve to you	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical	Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, customer relationships and experiences and to measure the effectiveness of our communications and marketing	(a) Technical (b) Usage	(a) Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) (b) Your consent (to certain types of cookies on our website)
To send you relevant marketing communications and make personalised suggestions and recommendations to you about goods or services that may be of interest to you based on your Profile Data	(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile (f) Marketing and Communications	Consent, having obtained your prior consent to receiving direct marketing communications. You can withdraw your consent at any time.
To carry out market research about our own services through your voluntary participation in surveys	(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile (f) Marketing and Communications	(a) When contacting you to invite you to participate in surveys this is necessary for our legitimate interests (to study how customers use our products/services and to help us improve and develop our products and services). (b) The information you input into our surveys would be processed on the basis of your consent. You can withdraw your consent at any time.