Privacy Policy

AGENT3 Privacy Notice – July 2021 

This section of our website is designed to help you understand what we do with information about people, referred to as “personal data”.

We are Agent3, a Business to Business (B2B) marketing services and software business that works with some of the world’s leading sales and marketing executives to better market and sell to their key and named accounts. 

The controller of your personal data is Agent3 Limited (company number 08331678) of 75 Bermondsey Street, London SE1 3XF. We also have entities in Australia, the US and throughout Europe. A list of these can be found here.

We take your privacy very seriously. Please read this privacy notice carefully as it contains important information on who we are and how and why we collect, store, use and share personal data in connection with your use of our website and when we deliver services to our clients. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint. 

When we collect, use and otherwise process personal data about you, we are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to services we offer and our wider operations in the European Economic Area (EEA). We may also be subject to other data protection laws where we provide services outside of both the UK and the EEA.

In summary, we use personal data:

  • to help our clients to better market to and sell to their customers and prospective customers; 
  • to run and promote our business and manage our relationships with the people we work with; and
  • for recruitment.

This page is divided into sections reflecting those different activities.  You can click the links below to get to the information you want quickly.

If you have any questions or concerns about the information on this page, or about what we do with personal data, you should email us at privacy@agent3.com, or write to us at the above address, for the attention of the data protection team.

Given the nature of our website and our services, we do not expect to collect the personal data of anyone under 18 years old. If you are aware that any personal data of anyone under 18 years old has been shared with us please let us know so that we can delete that data.

What would you like to know about?

What this notice applies to

This privacy notice relates to your use of our website and where we collect and process personal information about you in order to provide services to you and our clients. 

Agent3 offers a service to our clients that captures and collates information on individuals, related to their professional roles. This specifically excludes information like personal email or home address. In providing this service, we are responsible for why and how we collect personal data about you and for how we share it with our clients. Our clients will use the information we pass to them in accordance with their own privacy policies and we are not responsible for how our clients use the information we provide to them. We work with our clients, however, to ensure that we are processing the personal information and passing it through to them in accordance with data protection law.  

Throughout our website we may link to other websites owned and operated by certain trusted third parties to make additional products and services available to you. Those third party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to those third party websites, please consult their privacy policies as appropriate.

How we use personal data to help our clients better market to and sell to their customers and prospective customers

B2B enterprises need to make informed purchases of products and services from an ever wider vendor landscape. Buyers need to know about solutions and innovations that will help them to stay competitive and they expect responsible vendors to proactively communicate in informed and relevant ways. For companies to grow, they need to connect with individuals who will find their offer relevant. The best vendors also look to build reputation and relationships with prospects by helping them to build their knowledge and skills.

As a B2B marketing services and software provider, Agent3 is committed to enhancing the experience its clients provide to their customers and prospects. To enable this and to ensure communication is contextual and appropriate, we collect and use data on individuals, as described in this privacy notice. We use this professional data to help our clients better understand the organizations and individuals they are selling to and build more relevant content and engagement campaigns. The data we collect and use has been deliberately and publicly shared by the individuals via channels such as websites and social media or (where consent is obtained) as part of an opt-in database.

The personal data we collect

In order for us to provide our services and to help our clients better market to and sell to their customers and prospective customers, we will collect and use the following personal data about you:

  • your name, business address and contact information, including business email address and telephone number and company details;
  • your social media handles;
  • location data as it relates to professional activities, for example the office location you mainly work at, or the location of a professional event you attended;
  • your activities on, and use of, our website;
  • your personal or professional interests;
  • your professional and personal online presence (for example, your LinkedIn or Twitter profiles);
  • professional content creation (for example, posts you make on blogs or social media in relation to professional activities); and
  • mentions of you in the media and on social media (in relation to your professional interests and activities).

If we hold your personal data for this purpose you can be assured that it only relates to your professional business activities and that we identified you as likely to find the commercial offerings of one of our clients relevant to you. Furthermore, if you have opted-out of communications from us or one of our clients or partners, we will have taken steps to make sure you are removed from any communications we control. 

If you do not provide personal data we ask for, it may delay or prevent us from providing our services.

How we get the personal data

Information you give to us (direct)

When you complete a form or volunteer your details in some other way, we typically collect the following information about you: your name, company name, email address, telephone number, social media handles and any associated areas of interest you have explicitly shared with us.

Information we collect indirectly – the use of ‘’information in the public domain’

When we refer to “information in the public domain”, we are talking about websites that can be accessed without any special login or subscription or sites that require free login (not subject to any special terms or conditions). 

For example:

  • LinkedIn; 
  • Twitter;
  • Facebook; 
  • free-to-access business aggregation based sites (for example, Crunchbase.com and theorg.com);
  • blog posts;
  • news sites that discuss B2B topics and include mentions of individuals; and     
  • events sites that list speakers and attendees. 

When providing services to clients, we will collect your name, business address and contact information, including business email address and telephone number and company details, together with your personal and professional interests and information relating to your professional and personal online presence. 

If you have publically shared a non-work email address we may capture and store it for the purpose of including it in an anonymised “matched audience”. We will only send email to personal addresses if you have given us your consent to do so. 

Information we collect from third party partners

Our third party data providers will have built their own pictures about you in the same way we have described above. 

We may purchase this data from them to facilitate contact with you in connection with the services we offer, as a legitimate business interest of ourselves and our customers. 

When using digital advertising audiences, for example via Google Ad Network or LinkedIn, we use pre-created audiences (i.e. lists of device IDs inferred to be used by people with specific characteristics). These audiences are matched against a criteria such as, for example, people who work for a list of companies with specific roles, or individuals who are matched from a list of email addresses. In these cases we are never able to identify individuals within the anonymised audience.    

How we use the personal data

Under data protection law, we can only use your personal data if we have a proper reason, for example:

  • where you have given consent;
  • to comply with our legal and regulatory obligations, or
  • for our legitimate interests or those of a third party. 

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests to balance our interests against your own.

We regularly update the personal data we collect to make sure it is tested and verified to be valid and accurate, along with providing opt-out mechanisms which allows you to inform us and our clients that you do not wish to be contacted. This ensures our communications and those of our clients and partners reach individuals which have an interest in the communication or to whom the communication might be relevant. We want to ensure that communications individuals receive are as relevant and valuable as possible. Much of the data we collect is used to confirm that an offer is not likely to be of interest or relevance to an individual and as such no contact takes place.

We will not keep your personal data for longer than we need it for the purpose for which it is used. For example, if a customer asks us to build a list of prospects who may be interested in a new product offer and run a campaign to those prospects, we will collect and maintain that data for as long as it is required to build and run and report on the marketing campaign. Once the campaign is complete, we will review all collected data and delete any that does not have a legitimate reason for being retained. We may retain some data where you have opted-in to receiving marketing communications from us or have specifically opted-out and we need to retain your email address (for example) to ensure you are not contacted in the future.       

Different retention periods apply for different types of personal data. Publicly available professional profile data is stored (not including professional email, telephone or address) indefinitely, but is validated and refreshed before any future supply to our clients. Information we have gathered for contact lists and supplied to customers are deleted from our systems six months after creation. 

Following the end of the relevant retention period, we will delete or anonymise your personal data, or otherwise put the data beyond use so that we or a third party cannot access it.

Our clients will keep the personal data we collect about you and pass onto them in accordance with their own retention periods and subject to their own privacy policies. 

Providing services to our clients

We use the personal data we collect to provide services to our clients. These services include: 

  • building a list of executive contacts (this is our Stakeholder ID Service); and
  • identifying and analysing posts that individuals have voluntarily put in the public domain, with the objective of informing others of their interests and needs in relation to their business activities (this is our ABM Social Media Monitoring / Social Relationship Development Service).

We do this because we have a legitimate interest to collect and share this personal data with our clients to help them identify and engage with individuals who, based on previous evidence or research:

  • would be a good fit for their products or service; and/or 
  • who are the senior business leads of customers and prospects and, therefore, dictate the needs and expectations of their business in relation to commercial engagement.
Fraud prevention and brand safety

We and our technology partners process personal data in order to meet industry standards of “brand safety” (preventing a brand’s ads from appearing in inappropriate places) and fraud prevention.

We have a legitimate interest to do this, i.e. to minimise fraud that could be damaging for you and/or us and our clients.

Third parties we work with to provide services to our clients

  • We only share your personal information with trusted third party data processors (like software platforms used to coordinate projects, communications systems providers such as SMS and email delivery platforms) where we have retained them to provide services that you or our clients have requested. These third parties comply with similar and equally stringent undertakings of privacy and confidentiality. We only allow those organisations to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We routinely share personal data with:
    • our clients to whom we are providing our services to (this specifically excludes information like personal email or home address);
    • other third parties we use to help us collect personal data, such as contact data providers, market research agencies and website analytics providers; and
    • other third parties who help us to engage with audiences, such as ad and social networks, publishers and tele-qualification providers.

    We or the third parties mentioned above may occasionally also need to share personal data with:

    • external auditors, e.g. in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations;
    • professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
    • law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations; and
    • other parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency. Usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.


How we use personal data to run our business and manage our relationships with the people we work with

Day to day business interactions and general administration

Where we work with other businesses and organisations, such as our clients, we will have the business contact details of the relevant people who work there, and we will use them to manage our relationship with that business and carry out the usual sorts of business administration tasks.

We will share this information with our parent company, Next Fifteen Communications Group PLC, because it operates a number of our “back office” functions for us, and with our and their technology suppliers (to the extent necessary for them to perform their functions).

We also operate a group-wide Customer Relationship Manager (CRM) which allows us to organise and optimise our client relationships. Each of our company group members has access to this CRM. Any personal data which is inserted or otherwise uploaded into the CRM will, therefore, be accessible by our company group, but only for legitimate business purposes such as administrative functions, or to leverage existing relationships to offer complimentary services or additional services offered by our wider group. 

We keep information about people working at clients or suppliers for as long as the relevant businesses are customers or suppliers (as applicable), and for up to 10 years afterwards, in case of issues or disputes.

We do this on the basis of our legitimate interest in operating our business. We have considered our legitimate interests carefully and have balanced our legitimate interests against your rights under data protection law. We consider this use is proportionate because it is appropriate to our relationship with you, we only use your business contact details and it is in your reasonable expectation that we would need to use your personal data to contact you in this way.

We may also need to use your information to enforce our legal rights or defend or undertake legal proceedings, or in connection with disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our business. Depending on the circumstances, we will do this to comply with our legal and regulatory obligations or, in other cases, because we have a legitimate interest to protect our business, interests and rights or those of others. 

There may be circumstances in which we need to share your personal data with members of our group (including Next Fifteen Communications Group PLC) and third parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency. In such cases information will be anonymised where possible and only shared where necessary.

Protecting the security of our systems and data

We may use your personal data to ensure the security of systems and data to a standard that goes beyond our legal obligations and, in those cases, our reasons are for our legitimate interests or those of a third party, i.e. to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us.

Website activity

When you visit our website we may collect, retain and evaluate information on your recent visits to our website and how you move around different sections of our website for analytics purposes. This helps us to understand how people use our website so that we can make it more intuitive or to check our website is working as intended. We may also customise our website and its content to your particular preferences based on your use of our website. 

Depending on the circumstances, we will do this on the basis of your consent as gathered by the separate cookies tool on our website or, where we are not required to obtain your consent and do not do so, for our legitimate interests so that we can deliver the best website experience to you. 

Please see the ‘Cookies’ section below for more information.

Marketing and promoting our services

We have a legitimate interest in using your personal data for marketing purposes to promote and develop our business to our existing customers. This means we do not usually need your consent to send you marketing information. However, where consent is needed, we will ask for this separately and clearly. We have considered our legitimate interests carefully and have balanced our legitimate interests against your rights under applicable data protection law. We will only contact you in relation to the same or similar services and you can contact us at any time to ask us to stop sending marketing to you at the contact information provided below or by updating your marketing preferences on our preference centre.

If you are an individual in a business that we work with we will use your personal data to send you information about our products, services, events or anything that we think you might be interested in. 

If we have identified you as a potential prospect, we may send you initial contact emails and (unless you or your business become a client or we establish a relationship with you or your business) we will then only send you marketing emails if you opt-in to receiving them. 

We keep information about people working at prospective clients for as long as that business is a realistic prospect, and for up to 10 years afterwards, in case of issues or disputes.

We may ask you to confirm or update your marketing preferences if you ask us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.

We will always treat your personal data with the utmost respect and never sell or share it with other organisations outside of our group for marketing purposes, except where we share such information with third parties for suppression list purposes (so they know not to send you marketing communications) or to avoid double contact situations from us and our partners.      

For more information on your right to object at any time to your personal data being used for marketing purposes, see ‘Your rights and how to exercise them’ below.

Third parties we may share your personal data with

We only share your personal information with trusted third party data processors if we are satisfied they take appropriate measures to protect your personal data. 

We routinely share personal data with:

  • third parties we use to help us run our business, e.g. payment service providers, website hosts and website analytics providers; and
  • telemarketing services providers, who help us to reach prospects and understand their needs and interests. 

We or the third parties mentioned above may occasionally also need to share personal data with:

  • external auditors, e.g. in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations;
  • professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
  • law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations; and
  • other parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency. Usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.

If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).

How we use personal data for recruitment

Generally, if you apply for a job with us, we will receive the personal data that you provide when you apply. We will use that data to process and consider your application.

We keep information about job applicants for the duration of the recruitment process and for 24      months from the date you apply for a role or the date we collected information from other sources (see below), in case of issues or disputes, or where you might be right for a future role with us.

If you don’t provide the personal data when we ask for it we may not be able to process your application or contact you in relation to your application. If you have any concerns about whether you need to provide the personal data please contact us (see ‘How to contact us’ below). 

Information you give to us (direct)

When you see a job opening posted on our website at https://www.agent3.com/join-us/, you will see a standard form to apply for the post. You can also apply directly by emailing us at careers@agent3.com. We may collect and process the following types of information from you in our recruitment process:

  • information that you provide when you apply for a role through our website, via email, in person at interviews and/or by any other method used in the recruitment process;
  • a record of your correspondence with us; and
  • a record of your progress though the hiring process.

When you submit a job application, we rely on our legitimate interests to process the information you provide to us or our service providers involved in our recruitment process, such as background check providers. Any service providers we use will process your personal data in accordance with our instructions and the recruitment process.

When you apply for a job opening on a third-party job site or similar online service provider, you should note that the provider may collect and retain your personal data in addition to what has been outlined here for their own internal business purposes and will be subject to their privacy notice.

Information we collect from other sources (indirect)

We may additionally collect information from other sources. These include:

  • publicly available sources, such as LinkedIn;
  • where we ask for a reference from a supplied referee; 
  • when we conduct a background check on you before joining, in the case of US employees – we would always obtain your consent on this before initiating this with a third-party; and 
  • where a third party recommends you as a candidate.

Where we are collecting information from these sources (and not directly from you), we are relying on legitimate interest as the lawful basis on which we collect and use your personal data. Our legitimate interest here is the recruitment of staff for our business.

Automated decision-making and profiling

We may use technology solutions to select appropriate candidates for us to consider based on criteria expressly identified by us, or criteria which are typical in relation to the role for which you have applied. This type of process to find suitable candidates is automated, however, any decision as to who we will engage to fill the job opening will be made by our staff.

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. When we share data with our third party clients, data is sent in an encrypted format. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

When we transfer personal data abroad, and how your rights are protected 

The EEA, UK and other countries outside the EEA and the UK have differing data protection laws, some of which may provide lower levels of protection of privacy. 

Due to the global nature of our business It is sometimes necessary for us to share your personal data to countries outside the UK and EEA, such as the US and Australia. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data. 

For example, we may transfer your personal data to:

  • recruiters who are recruiting for or based in other markets; 
  • recruitment systems and platforms, which store data in other jurisdictions; and
  • our global group companies to facilitate our business activities.

Under UK and EU data protection laws, we can only transfer your personal data to a country outside the UK/EEA where there is a transfer mechanism approved by the UK government or the European Commission, or where there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or where a specific exception applies under relevant data protection law.

If you would like further details about these data transfers please contact us (see ‘How to contact us’ below).

Cookies

A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our website. We use cookies on our website with the goal of providing a better service to you by understanding how you use our website.

For further information on cookies, our use of them, when we will request your consent before placing them and how to disable them, please see our cookie policy https://www.agent3.com/cookies for more details.

Your rights and how to exercise them – individuals in the United Kingdom, Switzerland, the European Economic Area and Canada 

If your personal data is subject to UK or EU data protection laws, then you have certain rights under the UK GDPR and the EU GDPR which we summarise below. If you are based in Canada and your personal data is subject to Canadian data protection laws, you broadly have the same rights as individuals whose personal data is subject to UK or EU data protection laws (although such rights will be subject to applicable Canadian law).  

Access

With some exceptions designed to protect the rights of others or in respect of airport security, you have the right to a copy of the personal data that we hold about you. We may make a reasonable charge for additional copies of that data beyond the first copy, based on our administrative costs. Where the data is data that you have given to us, you have the right to receive your copy of it in a common electronic format, and to provide copies of it to other people if you wish.

Correction

You have the right to have the personal data we hold about you corrected if it is factually inaccurate. This right does not extend to matters of opinion.

Deletion

In some limited circumstances, you have the right to have personal data that we hold about you erased (“the right to be forgotten”). This right is not generally available where we still have a valid legal reason to keep the data (for example, for fraud prevention or because we are obliged to do so by law).

Objection

You have the right to object to our processing of your personal data where we rely on “legitimate interests” as our legal basis for processing, but we may be able to continue processing if our interest outweighs your objection.

Opting out of marketing

You have the right to require us to stop using your personal data to send you marketing information. If you want us to stop sending you marketing information, the quickest and most efficient way is to use the provided “unsubscribe” links in our communications (although you can contact us direct if you prefer).

Temporary restriction

You also have the right in some circumstances to request that temporary restrictions are placed on how we process your personal data, for example if you contest its accuracy or where we are processing it on the basis of our legitimate interest and you contest our assessment that our interest overrides your rights.

Withdrawing consent

If we are processing your personal data on the basis of your consent, you have the right to withdraw that consent at any time, in which case we will stop that processing unless we have another legal basis on which to continue.

Further information

For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to exercise your rights’ below). You may also find it helpful to refer to the guidance from the UK’s Information Commissioner on your rights under the UK GDPR.

How to exercise your rights

The easiest method of exercising your rights is to:

  • email our data protection team on privacy@agent3.com; or
  • write to us at Agent3, 75 Bermondsey Street, London, SE1 3XF, United Kingdom, marked for the attention of the data protection team.

In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to a request you have made.

Your rights and how to exercise them – individuals in California 

If your personal data (called “personally identifiable information” for the purposes of California law) is subject to California law, then you have certain rights under the California Consumer Privacy Act (CCPA). 

Opt-out of sale

With some exceptions, California residents have the right to opt out of any sale of their personal information. You may enforce this right by clicking this link: [“Do Not Sell My Personal Information”]. You may also contact us at +1 510-394-2713. California residents may designate authorized agents to make such requests on their behalf. We must wait at least 12 months before asking you to opt back in to the sale of your personal information, where you have previously opted-out.

Disclosure (“right to know”)

With some exceptions, California residents may request that we disclose to you what personal information we have collected, used, shared or sold about you, and why we collected, used, shared or sold that information. You may obtain this information from us free of charge. The information provided will be for the 12-month period preceding your request.

Deletion

In some limited circumstances, you have the right to have personal data that we hold about you erased. This right is not generally available where we still have a valid legal reason to keep the data (for example, for fraud prevention or because we are obliged to do so by law).

Non-discrimination

We cannot deny services, charge you a different price, or provide a different level or quality of services just because you exercised your rights under the CCPA. However, if you refuse to provide your personal information to us or ask us to delete or stop selling your personal information, and that personal information or sale is necessary for us to provide you with services, we may not be able to complete that transaction.

How to exercise your rights

The easiest method of exercising your rights is to:

  • fill out the form located at the following link: [“Do Not Sell My Personal Information”];
  • email our data protection team on privacy@agent3.com; or
  • contact us at +1 510-394-2713

In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to a request you have made.

How to complain 

Please contact us if you have any queries or concerns about our use of your information (see above contact information). We hope we will be able to resolve any issues you may have.

If your personal data is subject to UK or EU data protection laws, then you have the right to lodge a complaint about our handling of your personal data with your local supervisory authority, although we do ask that you raise any concerns with us first as we can probably address them much more efficiently. 

In the United Kingdom, the Information Commissioner’s Office is your local supervisory authority.  The UK’s Information Commissioner may be contacted at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113.  You can find a list of the supervisory authorities for EU member states here.

Changes to this privacy notice

We will keep our privacy notice under regular review and changes we make to our privacy notice in the future will be posted on this page and if the changes will have an effect on you or the way we use your personal data we will bring them to your attention where appropriate (e.g. if we have your email address as part of our relationship with you).

How to contact us 

You can contact us by post, email or telephone if you have any questions about this privacy notice or the information we hold about you, to exercise a right under data protection law or to make a complaint.

Our contact details are shown below:

  • Email: privacy@agent3.com
  • Address: Agent3, 75 Bermondsey Street, London SE1 3XF, United Kingdom – Attn. data protection team
  • Telephone: +44 (0) 207 127 0706

Do you need extra help? 

If you would like this notice in another format (for example audio, large print, braille) please contact us using one of the methods below:      

  • By email: privacy@agent3.com
  • By post: Agent3, 75 Bermondsey Street, London SE1 3XF, United Kingdom – Attn. data protection team
  • By telephone: +44 (0) 207 127 0706