Brainomix Privacy Statement for Business Contacts and Visitors to its Website


Please note that this Privacy Statement does not apply to job applicants or patients whose personal data we process. You will find a link to a Privacy Statement for job applicants at the end of this Statement.

This Privacy Statement explains the types of personal data we may collect about you when you interact with us or when your organisation or employer contracts or is contemplating entering into a contract with us. It also explains how we store and handle that data and keep it safe.

How we use your personal data

How we use your personal data depends on whether you are a business contact or a visitor to our website. We use your personal data for the following purposes:

  • Managing our business, for instance, dealing with our customers' staff and invoicing for our services.
  • With your consent, sending you emails about our products and services.
  • Computing statistical information about our website users.

Our legal bases

The legal bases for our processing of your personal data are:

Legitimate Interests

We process your personal data when it is necessary for our legitimate interests in running our business, e.g. for (with your permission) marketing, operating our website, and entering into, performing and managing contracts with your organisation or employer.

We process your personal data when it is necessary for the legitimate interests of your organisation or employer, e.g. instance in entering into a contract with us or receiving our products and services.

Examples of when we collect your personal data

  • When you visit our website.
  • When you register on our website.
  • When you engage with us on social media.
  • When your organisation or employer purchases any of our products and services.
  • When you contact us with queries or complaints.
  • When you ask for information about our products or services.
  • When you complete any surveys we send you.
  • When you complete the contact form on our website.
  • When you enter into any of our competitions.

We usually collect your personal data directly from you, but sometimes we obtain your personal data from one of our distributors or customers. Sometimes your organisation or employer may provide your personal data to us.

You are not obliged to provide any personal data to us.

What personal data we collect and use

We collect and use the following kinds of personal data:

  • Information about your computer and visits to our website, including but not limited to your IP address, browser type, and operating system.
  • Personal data that you provide when registering with us, including your name and email address.
  • Personal data that you or your organisation or employer provide for the purposes of communication, including your name, role, email address and telephone numbers.
  • Personal data contained in or relating to any communications that you send to us, either through our website or otherwise.

Your rights


You can ask us to confirm whether we hold or use your personal data. If we do, you can ask for a copy of it.


You can have incomplete or inaccurate personal data corrected. We may need to check the accuracy of any new data you provide.

Erasure (the right to be forgotten)

You can ask for your personal data to be deleted if there is no good reason to continue using it.

You can also ask for your personal data to be deleted if:

  • you have objected to its use (see below);
  • it is being used illegally; or
  • it must be deleted to comply with the law.


You can ask for the use of your personal data to be suspended in the following circumstances:

  • if you want the data's accuracy to be established;
  • if the use of your personal data is illegal, but you do not want it deleted;
  • if you need the data to be held in connection with a legal claim, but we do not need it; or
  • you have objected to the use of your personal data but we need to check whether it has overriding legitimate reasons to use it.


If the legal basis for our using your personal data is legitimate interests, and you think that affects your rights, you can object to the use of your personal data.

In some cases, we may have compelling legitimate grounds to use your personal data and those grounds may override your rights.

Object to direct marketing

You can object if we use your personal data for direct marketing purposes.

Withdraw consent

If you have given consent to the processing of your personal data, you can withdraw that consent at any time.

If you withdraw consent, that will not affect the earlier use of your data with your consent.

Transfer of data (data portability)

If you provided your personal data and:

  • you consented to its use; or
  • it was used to perform a contract with you

and it is processed electronically, you can ask that your personal data be sent to you or to someone else.

If you wish to exercise any of your rights please contact our data protection officer at: Telephone number: 01865 582730

Complaints to the Information Commissioner's Office

You always have the right to lodge a complaint with the Information Commissioners Office about how we handle your personal data, but please contact us first to see if we can resolve your issue.

Disclosing your personal data

We may disclose your personal data to:

  • Someone who wants to buy or buys our company or business.
    If our business assets are sold, personal data will be one of the assets transferred to the buyer.
  • Any business we merge with.
  • Any company or business we buy.
  • Anyone we use to process personal data for us, such as the provider of our IT systems.
    That person will be obliged to:
    • use personal data only for our purposes;
    • process it only on our instructions; and
    • have appropriate security measures in place to protect the data.
  • Our professional advisers. They are obliged to keep it confidential.
  • To the police and other law enforcement agencies.
  • Anyone else if the law means that we must disclose data to them.
  • Anyone else to protect our rights and property or to protect the rights or property of someone else.

Transfers of personal data outside the EEA

We do not intend to transfer personal data outside the European Economic Area, but if we change our mind about that we will let you know (by posting a notice on our website or sending you an email):

  • details of the intended transfer; and
  • whether the country is considered to have adequate protection for personal data; or
  • about the steps we take to protect the data.

Our staff may access personal data when they are outside the EEA, but the same safeguards apply as if our staff were accessing personal data from within the UK.

How long we keep your personal data

We retain your personal data only for as long as is necessary for the purpose for which we collected it.

We retain personal data used for marketing purposes for more than 18 months from when we collected it. If you ask us to stop sending you marketing, we will keep your name and email address and mark them so that they are no longer used for marketing.

Personal data relating to visitors to our website is retained for 7 years.

Personal data relating to contacts at our customers is retained for 7 years.

Personal data relating to other business contacts is retained for 7 years.

At the end of the retention period personal data is either securely deleted or anonymised, except any personal data that we need to retain to show that we have complied with data protection law, or unless the law requires us to keep it for longer, or we need it to exercise our legal rights.

If we anonymise your personal data, it will no longer be personal data and we may keep and use it for longer.

How we protect your personal data

The security of your personal data is important to us. We have appropriate technical and organisational measures to prevent the accidental loss, misuse, unauthorised access to or unauthorised alteration or disclosure of your personal data.

Access to your personal data is given only to those who have a need to know and are subject to a duty of confidence, via authenticated access only, controlled by our technical administrative staff

All personal data is encrypted at rest and in flight.

We cannot guarantee the security of all data sent over the internet, unless the transport protocols are of a secure nature (encrypted in flight).

Other websites

Our website may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow someone else to collect or share data about you.

We do not control other people's websites and we are not responsible for their privacy policies or their or privacy notices/statements.

This Privacy Statement does not apply to any website operated by anyone else. If you visit a website operated by someone else, please read its Privacy Notice (or privacy policy or statement) to find out how it uses your personal data.


Our website uses persistent cookies from Google Analytics to collect statistics on site visitors. These track your visit, and are used to allow us to improve our website based on how users use it.

Our website uses persistent cookies from Twitter to enable viewing of the Twitter timeline.

Except for essential cookies, we set cookies only if you have agreed to allow that cookie. If you do not want to allow a cookie, some website functionality may suffer.

If you have allowed a cookie, you may change your preference by selecting the “Cookie preferences” button in the bottom right of the website and adjusting your selection appropriately.

You may delete it at any time through your browser, typically on the browser's privacy or security options page.

Brainomix's details

This website is owned and operated by Brainomix Limited. Brainomix is the controller of your personal data. Brainomix is a company registered in England and Wales with the registration number 07426406. Our registered office is at Suffolk House Suites 11-14, 263 Banbury Road, Oxford, OX2 7HN. To contact us, please go to the Contact Us page.

We are registered with the UK Information Commissioner's office with the reference ZA053494.

Changes to this Privacy Statement

This Privacy Statement was last updated on 4th February 2020.

If we change how we use your personal data, we will let you know, either by posting a notice on our website or sending you an email.

If you don't agree to the changes, you can stop using our services and stop giving us personal data and, if you are registered with us, cancel your registration.

Job applicant privacy notice

Download the job applicant privacy notice.


Our Partners