• Call 0800 777 445 or complete this form. For customer support queries click here
  • This field is for validation purposes and should be left unchanged.
×

Privacy Policy

  1. Important notice
  2. About us
  3. What personal data we collect and why
  4. How we use your personal data
  5. Legal grounds for processing
  6. Who we share your personal data with and where it is stored by them
  7. How long we keep your personal data for
  8. Your rights
  9. How you can contact us
  10. Links to other websites
  11. Changes to this Privacy Policy

1. Important notice

This is the Privacy Policy for https://business.yell.com/. It describes who we are, how we obtain and use the personal data of representatives of our business customers, why we are allowed to do so by law, who has access to your personal data and what your rights are. Please review it carefully.

You have the right to object to us processing your personal data for our legitimate business interests or for direct marketing purposes (including any related profiling). For more information about your rights and how you can exercise them, please see the section Your rights.

2. About us

We are Yell Limited, a private limited company incorporated in (and subject to the laws of) England and Wales with registration number 4205228. Our registered address is at 3 Forbury Place, Forbury Road, Reading, Berkshire RG1 3YL.

We take your privacy seriously and use your personal data as further explained in this Privacy Policy. We are the “controller” of the personal data you provide to us.

3. What personal data we collect and why

Personal data is any information which identifies you personally whether directly (for example, your name) or indirectly (for example, information about your use of our products and services). This Privacy Policy is concerned with the personal data of representatives of our business customers, including staff of companies, partners in a partnership and sole traders.

We collect the following personal data from you:

  • Basic contact details: We collect your name, email address, postal address and telephone number so that we can contact you about your business listing on our directory and any other products and services that we have from time to time agreed to provide to your business;
  • Business details: We require you to provide the name of the business you represent and details of the goods and/or services your business offers so that we can publish your business listing on our directory and provide you with the best possible service that is tailored to your business’s needs. You may also choose to provide other information about you and your business. We do not require you to do this but if you do, we will process this other information for the purposes of publishing your business listing on our directory;
  • Payment details: We require your payment card details so that we can obtain payment for any paid-for products and services that we provide to your business; and
  • Credit score details: If you are a partner in a partnership, a sole trader or represent a business which is not a private or public limited company or LLP, if you have provided your consent to do so, we collect your name, job title, date of birth and residential address history dating back three years, so that we can obtain your credit score. We need to do this in order to establish the best possible payment terms we are able to offer to you.
  • Correspondence: We collect any additional personal data that you may provide to us from time to time if you contact us by email, letter or telephone, through our website or by any other means. If you contact us by telephone, we may also record the call and make notes in relation to your call for training and service improvement purposes, to comply with our legal obligations and to be able to deal with any dispute or defence of a claim which may arise in the course of us providing our products and services to you.

We also obtain information about you from other sources:

  • Cookies and similar technologies: : We track your use of our website through cookies and other similar technologies so that we can provide important features and functionality on our website, monitor its usage, and provide you with a more personalised experience. Our website measures conversations using visitor action pixels from Facebook. These allow us to track your behaviour after you click on a Facebook ad to reach our website. This allows us to analyse the effectiveness of Facebook advertisements for statistical and market research purposes and their future optimisation. The data collected is anonymous to us and we cannot use it to draw any conclusions about your identity. However, the data are stored and processed by Facebook, which may make a connection to your Facebook profile and which may use the data for targeting advertising purposes. This will allow Facebook to display ads both on Facebook and on third-party sites. Please see our Cookie Policy to find out more.
  • Third parties: We obtain personal data about you from third parties where you have given that third party consent to share such information with us. Details of these third parties, the type of personal data we obtain from them and why, are set out in the table below.
Type of data Source Nature of source (public / private) Location of source Why we need this information
Contact Name

Email Address

Business Name

Business Phone

Business Website

eMedia, part of Ziff Davis International Limited Private UK-based To comply with customer request
Contact Name

Email Address

Business Name

Business Phone

Business Website

e-location Limited Private UK-based To comply with customer request
Contact Name

Email Address

Business Name

Business Phone

Business Website

Vitesse Media plc Private UK-based To comply with customer request
Contact Name

Email Address

Business Name

Business Phone

Business Website

Post code

Marketing VF Limited Private UK-based To comply with customer request
Contact Name

Email Address

Business Name

Business Phone

Chat Transcript

The Chat Shop Ltd Private UK-based To comply with customer request
Contact Name

Email Address

Contact Phone Number

Business Name

Business Phone

Business Website

Silktide Ltd Private UK-based To comply with customer request

4. How we use your personal data

We use your personal data for the following purposes:

To publish your business listing on our directory and provide you with the products and services you have requested

We use your personal data to accept you as a new or returning customer, publish your business listing on our directory and provide you with the products and services you have requested in accordance with their terms (which will differ depending on the particular products and services you have requested and can be found here).

To advertise the identity, address and contact details of your business on third party search engines, social media sites and other relevant business websites on your behalf

If you have registered for this service, we share the identity, address and contact details of your business with third party search engines (such as Google), social media sites (such as Facebook) and other relevant business websites so that we can help promote your business to your target audience and drive potential customers to your own website.

To register a domain name on your behalf

If you have registered for this service, we may need to share your contact details with the registrar responsible for maintaining the relevant register of domain names in order to complete the registration of a domain name on your behalf.

To send you service communications, including in relation to changes to our contract terms

We use the contact details you have provided to us so that we can communicate with you about the products and services that we provide to your business, including to let you know about major changes to those products and services or to the terms of the contract between us or to any related information (such as changes to this Privacy Policy).

To confirm your identity and verify the information you provide

For security reasons and to safeguard the authenticity of our directory, we must confirm you are who you say you are. This means we may check the information you provide to us against other information we hold about you from the third party sources described above in What personal data we collect and why.

To process payments

We process your payment card details so that we can obtain payment for any paid-for products and services you have requested and collect any future payments or overdue amounts for those products and services.

Direct marketing (including by third parties)

If you have provided your consent or we otherwise have the right to do so, we may use your contact details to send you direct marketing and keep you informed of promotional offers by email, SMS, post or telephone relating to our products and services.

You can unsubscribe from our direct marketing at any time by clicking the “Unsubscribe” link in any of our emails or by contacting us (see How you can contact us).

Our trusted business partners would also like to use your name, email address, postal address and telephone number to inform you of similar products, services and promotional offers. We will only share your personal data with our partners where you have provided us with your consent to do so. You can unsubscribe at any time by clicking the “Unsubscribe” link in any of their emails or managing your preferences via their website.

Please see Who we share your personal data with and where it is stored by them to find out exactly who our marketing partners are.

To conduct automated decision-making and profiling

We use technology which tracks your use of our website, products and services to help us build a profile of your preferences. What this means for you is that you are more likely to receive direct marketing and promotional offers that are tailored to your specific preferences, based on your previous activity. It also means that we don’t send the same offers to all of our customers, so you may not be made the same offers as another customer.

If you don’t agree with an automated decision that our technology has made in relation to you, you can let us know (see How you can contact us) and we may decide to look into it for you. You may still have the right to object to us processing your personal data for the purpose of automated decision-making or to restrict us from doing so (see Your Rights).

Please note that the legal basis for us carrying out these activities is that it is in our legitimate interests to do so, having taken into account whether your interests and fundamental rights and freedoms are overridden by this type of processing. See Legal grounds for processing for more information.

To track your usage of our website, communications, products and services

We use cookies and similar technologies to track your activity on our website so that we can provide important features and functionality on our website, monitor its usage, and provide you with a more personalised experienced. Please see our Cookie Policy to find out more.

We also use tracking technology within our emails to capture information such as the time and date you open our emails and the type of device used to open it. We use this information to understand the effectiveness of our email communications so that we can improve them in the future and provide a more personalised overall service to you.

To process credit risk assessments

If you are a partner in a partnership, a sole trader or represent a business which is not a private or public limited company or LLP, if you have provided your consent to do so, we process your name, job title, date of birth and residential address history dating back three years to obtain your credit score. We need to do this in order to establish the best possible payment terms we are able to offer to you.

To produce aggregated underwriting risk analysis reports for commercial lenders and commercial insurers

We combine the personal data we hold about you with other customers’ personal data to produce underwriting risk analysis reports for our commercial lenders and commercial insurers. The reports we produce are based on combined, aggregated datasets and do not contain any personal data about you or about any of our other customers.

To contact you about a contract renewal for paid-for products and services

We use the telephone number you have provided to us so that we can call you to discuss the renewal of the contract between us for any paid-for products and services we provide. We will do this in the lead up to the expiry of your contract and, if we don't hear back from you to confirm whether or not you would like to renew your contract with us, up to six months after the date that your contract with us expires.

Please note that if we haven’t heard from you by the time your contract for paid-for products and services expires or if you’ve told us your business no longer requires any of our paid-for products and services after your contract expires, your business will retain a free business listing on our directory. We will remove your listing if you tell us to (see How you can contact us).

To provide and improve customer support

We use your personal data to be able to provide and improve the customer support we provide to you (for example, where you have questions about our products and services).

To conduct internal training

We may use your personal data for internal training purposes so that our staff have the knowledge and expertise they need to ensure we provide you with the best possible customer experience. For example, if you contact us by telephone, we may record the call and make notes in relation to your call for training and service improvement purposes.

To conduct market research and analytics

We may analyse your personal data (potentially in combination with personal data relating to other customers) to better understand our customer base. We may also invite certain customers to be involved in market research. If you accept our invitation, we will use your feedback to improve our products and services.

To maintain our records and improve data accuracy

Like any business, we process personal data in the course of maintaining and administering our internal records. This includes processing your personal data to ensure that the information we hold about you is kept up to date and accurate.

To respond to enquiries, complaints and disputes

We use the personal data we hold about you to help us respond to any enquiries or complaints you have made, or deal with any dispute which may arise in the course of us providing our products and services to you, in the most effective manner.

To investigate, detect and prevent fraud and comply with our legal obligations

In certain circumstances, we use your personal data only to the extent required in order to enable us to comply with our legal obligations, including for fraud detection, investigation and prevention purposes. This may require us to provide your personal data to law enforcement agencies, including Trading Standards, if they request it.

5. Legal grounds for processing

Data protection law requires us to only process your personal data if we satisfy one or more legal grounds. These are set out in data protection law and we rely on a number of different grounds for the processing we carry out. These are as follows:

Consent
In certain circumstances, we process your personal data after obtaining your consent to do so for the purposes of:

  • sending you marketing communications about our products and services;
  • sharing your name, email address, postal address and telephone number with our trusted business partners so that they may market to you about their own similar products and services;
  • conducting marketing research;
  • using your location to deliver specific messaging and to you and to facilitate the messaging functionality on our app and websites (as applicable);
  • obtaining your credit score so that we can establish the best possible payment terms we are able to offer to you.

Necessary for the performance of a contract and to comply with our legal obligations

It is necessary for us to process your basic contact details, payment details and information about the business you represent for the performance of the contract between us (which, depending on the products and services we have from time to time agreed to provide to your business, is governed by one or more of the terms and conditions found here). In particular, we rely on this legal ground to:

  • publish your business listing on our directory and provide you with the products and services you have requested, including where relevant, advertising the identity, location and contact details of your business on third party search engines, social media sites and other relevant business websites on your behalf and registering a domain name on your behalf;
  • communicate with you about the products and services that we provide to your business, including to let you know about major changes to those products and services or to the terms of the contract between us or to any related information (such as changes to this Privacy Policy);
  • confirm your identity and verify the information you provide;
  • process payments; and
  • provide and improve customer support.

If you choose not to give some or all of the aforementioned information to us, this may affect our ability to provide our products and services to you.

In certain circumstances, we also use your personal data only to the extent required in order to enable us to comply with our legal obligations, including to detect, investigate and prevent fraud.

Necessary for the purposes of our legitimate business interests or those of a third party

It is sometimes necessary to collect and use your personal data for the purposes of our legitimate interests as a business, which are to:

  • provide you with products and services that are as useful and beneficial to your business as possible, including by personalising our contact with you (using automated decision-making and profiling techniques) and making sure we tell you about all the offers that are relevant to your business;
  • better understand our customer base so that we can improve our products and services and marketing activities (which could also benefit you);
  • comply with our contractual obligations to third parties, for example to produce aggregated underwriting risk analysis reports for our commercial lenders and commercial insurers;
  • confirm whether or not you would like to renew your contract with us for any paid-for products and services;
  • develop and improve our website to enhance the customer experience;
  • train our staff so that we can provide you with a better customer service;
  • respond to any enquiries or complaints you have made, or deal with any dispute which may arise in the course of us providing our products and services to you; and
  • ensure effective operational management and internal administration of our business, document retention, compliance with regulatory guidance and exercise or defence of legal claims.

Please note that where we wish to rely on this legal ground for processing, we are required by data protection law to consider whether our legitimate interests are overridden by your interests or your fundamental rights and freedoms. We may continue to process your personal data on the basis of our legitimate interests only if we determine that your interests, rights and freedoms are not overridden by our legitimate interests.

We have considered these matters and on balance, we consider that the benefits described above are not outweighed by your interests or your fundamental rights and freedoms.

Where we think there is a risk that one of your interests or fundamental rights and freedoms may be affected we will not process your personal data unless there is another legal ground for us to do so (either that we have obtained your consent to the processing or it is necessary for us to perform our contract with you or to comply with our legal obligations).

6. Who we share your personal data with and where it is stored by them

We may provide your personal data to:

    • our suppliers and services providers, including other companies in our group, who perform certain business services for us and act as “processors” of your personal data on our behalf; and
    • other organisations, who use your personal data for their own purposes and are “controllers” of such data in their own right. Such organisations may be located outside the EEA.

In addition, we may disclose your personal data:

    • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to protect the rights, property or safety of our business, our customers or others. This includes, in specific cases, exchanging information with other organisations for the purposes of fraud protection; and
    • to successors in title or replacement operators of all or part of our business.

In some cases the personal data we collect from you may, for the purposes set out above, be transferred outside the European Economic Area (“EEA”) and such destinations may not have laws which protect your personal data to the same extent as in the EEA. We are required by data protection law to ensure that where we or our “processors” transfer your personal data outside the EEA, it is treated securely and is protected against unauthorised access, loss or destruction, unlawful processing and any processing which is inconsistent with the purposes set out in this Privacy Policy.

The table below sets out details of the third parties to whom we currently disclose your personal data. The table also explains how these organisations use your personal data, whether they are our "processors" or use your personal data for their own purposes once they have received it, any processing they perform outside the EEA, and the safeguards that are used to protect your personal data if this happens. This information may be updated from time to time.

Please ask us if you would like more information about the safeguards that are used to protect your personal data when it is processed outside the EEA (see How you can contact us).

Name of recipient Why your personal data is shared Location of processing Safeguards used to protect personal data processed outside the EEA
Our suppliers and service providers (“processors”)
Agility Works Limited (“Agility”) Agility Works provides data matching services, cleansing, analysis and market insight services. UK N/A – processing is taking place within the EEA.
Deya Limited

(“Deya”)

Deya facilitates the delivery of the Yellow Pages directory and verifies receipt of delivery UK N/A – processing is taking place within the EEA.
Dunn & Bradstreet Limited

(“D&B”)

D&B provides business information services EEA

USA

Outside of EEA (non-USA)

N/A - processing is taking place within the EEA

Privacy Shield

All transfers outside of the EEA are undertaken subject to an adequate level of protection

Experian Limited (“Experian”) Experian provides data matching services, cleansing, analysis and market insight services. UK N/A – processing is taking place within the EEA.
Hibu Inc. (“Hibu”) Hibu is a US-based group company and currently shares some computer systems with Yell USA There is no adequacy decision by the European Commission in respect of transfers of personal data to the locations specified in the column to the left. This means that the European Commission does not consider the laws in these locations to protect personal data to the same extent as in the EEA.

Consequently, we have entered into standard data protection clauses (known as controller-processor model clauses) with Hibu pursuant to Article 46(2) of the GDPR. Such clauses provide adequate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals when personal data is transferred to locations for which there is no adequacy decision.

NSC Programming Limited (“NSC”) NSC provides services in connection with our legacy data systems. UK N/A – processing is taking place within the EEA.
Rackspace International GmbH (“Rackspace”) Rackspace hosts our data. UK N/A – processing is taking place within the EEA.
SAP (UK) Limited (“SAP”) SAP hosts our data. UK N/A – processing is taking place within the EEA.
Shift 6 Limited (“Appsee”) Appsee provides user behaviour analysis pertaining to our apps EEA

Israel

N/A – processing is taking place within the EEA.

EU decisions as to adequacy decision

Smile Family Inc. (“SendBird”) SendBird provides the functionality for our messaging platform in the Merchant and Consumer apps UK N/A – processing is taking place within the EEA.
Tata Consultancy Services Limited (“Tata”) Tata operates our customer services and conducts a number of business operations on our behalf which require us to share your personal data with them, including data input, product support and account management services. India

Philippines

Model clauses – as above for Hibu.
Wipro Limited ("Wipro”) Wipro provides helpdesk support services. India

Philippines

Model clauses – as above for Hibu.
Other organisations we may share your personal data with
118118 (“118”) Data provided to 118 to match against its database to provide data matching services, cleansing, analysis and market insight services. UK N/A – processing is taking place within the EEA.
Apple Inc (“Apple”) Data provided to Apple for incorporation within Apple’s location services including Maps, Siri, Safari and Spotlight (at Apple’s discretion). UK, USA All transfers outside of the EEA are undertaken subject to an adequate level of protection
Experian Limited (“Experian”) Data provided to incorporate into Experian database for marketing and analytical services by Experian and their data customers UK N/A – processing is taking place within the EEA.
IDG, part of IDS Data Services Ltd (“IDG”) Data provided to incorporate into IDG database for marketing and analytical services by IDG and their data customers UK N/A – processing is taking place within the EEA.
Microsoft Corporation
(“Microsoft”)
Data provided to Microsoft for incorporation within Microsoft’s offerings including products, websites, applications, software or services developed, owned or operated by Microsoft (at Microsoft discretion) UK

USA

All transfers outside of the EEA are undertaken subject to an adequate level of protection.
Pelucid Ltd t/a GrowthIntel (“GrowthIntel”) Data provided to incorporate into GrowthIntel database for marketing and analytical services by GrowthIntel and their data customers UK N/A – processing is taking place within the EEA.

7. How long we keep your personal data for

We retain your personal data for no longer than is necessary for the purpose(s) for which it was provided. What this means in practice will vary between different types of data. When determining the relevant retention periods, we take into account factors including:

      • legal obligation(s) under applicable law to retain data for a certain period of time;
      • statute of limitations under applicable law;
      • potential or actual disputes; and
      • guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your personal data from our systems when it is no longer needed.

8. Your rights

You have the following rights regarding your personal data:

Rights What does this mean?
1. Right to be informed You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we are providing you with the information in this Privacy Policy.
2. Right of access You have the right to obtain access to your personal data (if we are processing it) and certain other information (similar to that provided in this Privacy Policy). This is so you are aware and can check that we are using your personal data in accordance with data protection law.
3. Right to rectification You are entitled to have your personal data corrected if it is inaccurate or incomplete.
4. Right to erasure This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
5. Right to restrict processing You have the right to ‘block’ or suppress further use of your personal data in certain circumstances. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.
6. Right to data portability You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
7. Right to object to processing You have the right to object to us processing your personal data for our legitimate business interests or for direct marketing purposes (including in each case any related profiling).
8. Right to withdraw consent to processing If you have given your consent to us to process your personal data for a particular purpose (for example, direct marketing), you have the right to withdraw your consent at any time (although if you do so, it does not mean that any processing of your personal data up to that point is unlawful).
9. Right to make a complaint to the data protection authorities You have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we have handled your personal data or believe our processing of your personal data does not comply with data protection law.

For more information about your rights or if you would like to exercise any of your rights, you are welcome to contact us at the contact details set out below under How you can contact us.

9. How you can contact us

If you would like to exercise your data protection rights or if you are unhappy with how we have handled your personal data, you may contact us by:

  • emailing: dpo@yell.com;
  • writing to: Yell Limited, 3 Forbury Place, Forbury Road, Reading, Berkshire RG1 3YL;
  • calling: 0800 777 445; or
  • submitting a message through our online contact form.
  • If you would like to contact our data protection officer, you may do so by emailing dpo@yell.com.

If you’re not satisfied with our response to any enquiry or complaint or believe our processing of your personal data does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) by:

  • writing to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF;
  • calling: 0303 123 1113; or
  • submitting a message through the ICO’s website at: ico.org.uk.

10. Links to other websites

Our website contains hyperlinks to websites owned and operated by third parties. This Privacy Policy does not apply to those other websites. We encourage you to read the privacy statements on the other websites you visit, as they will govern the use of any personal data you provide when visiting those websites. We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

11. Changes to this Privacy Policy

This Privacy Policy was last updated on 20 August 2018

This Privacy Policy may be updated from time to time so you may wish to check it each time you provide personal data to us. We won’t alert you to minor changes, but if there are any major changes we will let you know and where appropriate ask for your consent.