CM Beyer Limited · Company No. 17009212 sales@cmbeyer.co.uk
Privacy Terms Support Contact
Home › Privacy Policy

Privacy Policy

CM Beyer Limited — Company No. 17009212

Effective: 3 February 2026
Website Terms of Use Articles of Association
In plain language: We collect the minimum data needed to provide our services, we don't sell your data, and you can ask us to delete it at any time by emailing privacy@cmbeyer.co.uk.
1

Who We Are

CM Beyer Limited ("we", "us", "our") is a marketing, advertising and business management consultancy providing direct-to-client marketing and sales services. We are the data controllerThe organisation that decides why and how personal data is processed. As data controller, CM Beyer is responsible for complying with data protection law. for the personal data described in this policy.

Data Controller Details
CompanyCM Beyer Limited
Company No.17009212
AddressSuite 53C Unimix House, Abbey Road, London NW10 7TR
Privacy Emailprivacy@cmbeyer.co.uk
Phone+44 7946 812112
ICO RegistrationPending
ICO registration. We are in the process of completing our registration with the Information Commissioner's Office (ICO). All organisations that process personal data in the UK are required to register under the Data Protection (Charges and Information) Regulations 2018. The annual fee for small organisations is £40. Our registration number will be published here once confirmed.
2

What Data We Collect

We collect personal data in the course of providing our services. The types of data we collect depend on how you interact with us:

Data Categories
Business contacts & clientsName, job title, company, email, phone, relationship records
Prospective clientsContact details from networking, referrals, enquiries, prospecting
Website visitorsIP address, browser type, pages visited, time on site, cookies
Suppliers & partnersContact details, contractual information
Job applicantsCV, cover letter, contact details, qualifications
We do not routinely collect special category dataSensitive personal data including racial origin, political opinions, religious beliefs, trade union membership, genetic/biometric data, health data, sex life, or sexual orientation. This data has extra legal protections under UK GDPR Article 9. (such as health information, racial or ethnic origin, or political opinions). If we ever need to, we will obtain your explicit consent first.
3

Why We Collect It

We use your personal data for the following purposes:

  • Responding to enquiries and providing our services
  • Managing client and supplier relationships
  • Fulfilling contractual and billing obligations
  • Carrying out marketing and sales activity, including B2B outreach
  • Conducting business development and market research
  • Operating and improving our website
  • Processing job applications
  • Complying with legal and regulatory obligations (tax, accounting, Companies Act)
  • Protecting our legitimate business interests and preventing fraud
5

Business-to-Business Marketing

Outreach to business contacts is central to what we do. Where we market to corporate contacts at their business email addresses, we rely on legitimate interests under UK GDPR and the PECRThe Privacy and Electronic Communications Regulations 2003 — UK law that sits alongside GDPR and governs electronic marketing, cookies, and telecommunications privacy. PECR allows unsolicited B2B marketing emails to corporate email addresses without prior consent. business-to-business provisions.

Under PECR Regulation 22(3), unsolicited marketing communications to corporate subscribers (business email addresses) are permitted without prior consent, provided the sender is identifiable and a valid opt-out mechanism is included.

You may opt out of B2B marketing at any time by contacting privacy@cmbeyer.co.uk or using the unsubscribe mechanism in any marketing communication.

6

Cookies

Our website uses cookies — small text files stored on your device — for the following purposes:

Cookie Types
Essential cookiesRequired for the website to function. Cannot be disabled.
Analytics cookiesHelp us understand how visitors use the site. Set only with consent.
Preference cookiesRemember your settings (e.g. cookie consent choice).

You can manage your cookie preferences through the cookie banner displayed on your first visit, or by adjusting your browser settings. Disabling essential cookies may affect website functionality.

We comply with the PECR requirement to obtain consent before setting non-essential cookies. Our cookie banner provides clear options to accept or reject non-essential cookies.
7

Who We Share Data With

We do not sell personal data. We may share personal data with the following categories of recipient:

  • Service providers — hosting providers, email services, analytics platforms, accounting software, and other tools used to deliver our services, all under appropriate data processing agreements
  • Clients — where sharing is necessary to deliver the services we have been engaged to provide
  • Professional advisers — accountants, lawyers, and auditors acting under professional obligations of confidentiality
  • Regulatory authorities — HMRC, the ICO, Companies House, and any other body where disclosure is required by law
  • Business acquirers — in the event of a sale, merger, or restructuring of the Company, subject to appropriate confidentiality protections
8

How Long We Keep It

We retain personal data only for as long as necessary for the purposes for which it was collected:

Retention Periods
Client records7 years from end of engagement
Prospective client dataReviewed annually; deleted if no longer relevant
Website analytics26 months
Financial & tax records6 years (Limitation Act 1980) / 7 years (HMRC)
Job applications6 months from decision, unless consent given to retain longer
Director's Resolutions10 years (per Articles of Association, Art. 6.5)
9

Your Rights

Under UK GDPR you have the following rights in relation to your personal data:

Data Subject Rights
Right of accessObtain a copy of data we hold about you
Right to rectificationCorrect inaccurate or incomplete data
Right to erasureRequest deletion ("right to be forgotten")
Right to restrictionLimit how we process your data
Right to objectObject to processing based on legitimate interests
Right to portabilityReceive your data in a structured, machine-readable format
Right to withdraw consentWhere consent is the lawful basis

To exercise any of these rights, contact privacy@cmbeyer.co.uk. We will respond within one calendar month. There is no charge for most requests, but we may charge a reasonable fee for manifestly unfounded or excessive requests.

10

Data Security

We maintain appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, or alteration. These include:

  • Encryption in transit (TLS/SSL) for all web traffic and email
  • Access controls limiting data access to authorised personnel
  • Regular security reviews of systems and processes
  • Secure hosting with EU-based data centres
  • Staff awareness of data protection obligations

In the event of a personal data breachA breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data. If a breach is likely to result in a risk to individuals, the ICO must be notified within 72 hours. that is likely to result in a risk to individuals' rights and freedoms, we will notify the ICO within 72 hours and affected individuals without undue delay.

11

International Transfers

We primarily process personal data within the UK and the European Economic Area. Where personal data is transferred to countries outside the UK (for example, through the use of cloud services), we ensure that appropriate safeguards are in place, such as Standard Contractual ClausesPre-approved contractual terms issued by the European Commission (and adopted by the UK) that provide safeguards for personal data transferred internationally. They impose data protection obligations on the data recipient. approved by the UK Government, or a determination that the receiving country provides an adequate level of data protection.

CM Beyer Australia Pty Ltd (ACN 694 721 992), our Australian subsidiary, may process limited personal data in connection with Australian operations. Australia has been recognised by the UK Government as providing an adequate level of data protection.

12

Children's Data

Our services are directed at businesses and business professionals. We do not knowingly collect personal data from children under 13. If we become aware that we have collected data from a child, we will delete it promptly. If you believe we hold data relating to a child, please contact privacy@cmbeyer.co.uk.

13

Changes to This Policy

We may update this policy as our business or the law changes. The effective date above reflects the current version. Where changes are significant, we will take reasonable steps to notify you — for example, by posting a notice on our website.

14

Complaints

If you have a concern about how we handle your personal data, please contact privacy@cmbeyer.co.uk first. We will do our best to resolve your concern.

You also have the right to complain to the Information Commissioner's OfficeThe UK's independent body set up to uphold information rights. The ICO can investigate complaints about organisations' data protection practices and has the power to issue fines and enforcement notices. (ICO):

ICO Contact Details
Websiteico.org.uk
Helpline0303 123 1113
AddressWycliffe House, Water Lane, Wilmslow, SK9 5AF
CM Beyer Limited · Company No. 17009212 · Trade Mark UK00004349102
VAT 515289678 · Suite 53C Unimix House, Abbey Road, London NW10 7TR

Support

Support Center Submit a Form Contact Page
Quick Message
Knowledge Base · Cookies · Privacy