Privacy and Spam Policy
Brentfield Consultancy Ltd (“EBW Global”, “we”, “us”) is a leading provider of psychometric assessments, consulting, and related services. We are committed to safeguarding your personal data and handling it in accordance with applicable data protection laws, including the UK GDPR, the EU GDPR (2016/679) where applicable, and industry-recognised security standards.
This Privacy Policy explains what information we collect, why we collect it, how we use it, and how we keep it secure. It also explains your rights and how to exercise them.
This policy applies to:
ebwlogin.com
ebwglobal.com
ebwonline.co.uk
ebwonline.com
ebwsalesmentor.com
This Privacy Policy may be updated from time to time. The latest version will always appear on this page. Continued use of our websites constitutes acceptance of any updated terms.
1. Who Controls Your Data?
EBW Global processes personal data in different roles depending on the service being used. This is required under the UK GDPR and EU GDPR, which distinguish between a Data Controller and a Data Processor.
1.1 When EBW Global acts as a Data Processor (B2B Assessment Users)
Most EBW Assessments are issued by an EBW Assessment Partner (e.g., coach, consultant, employer, HR team). In these cases:
the EBW Assessment Partner is the Data Controller, and
EBW Global processes data strictly under their documented instructions
EBW Global processes personal data as a Data Processor in accordance with Articles 28 and 29 of the UK GDPR and, where applicable, the EU GDPR (2016/679).
Examples of when we act as Processor:
when scoring assessments
when generating reports
when delivering services under a Partner’s lawful basis
1.2 When EBW Global acts as a Data Controller (B2C Users)
If you purchase EBW services directly — such as:
EBW consultancy
EBW training
a Self-Directed Report
the EBW Sales Mentor App
— EBW Global is the Data Controller and determines how your personal data is processed.
2. What Information We Collect
2.1 Information you provide directly
Name
Email address
Preferred pronouns (he, she, or they)
Assessment responses
Information needed to generate personalised reports
Customer enquiries and support requests
Training, purchase, and account details
Information provided in forms, surveys, or optional services
2.2 Information generated through your use of our services
IP address
Device and browser type
Log data
Cookies
Site usage and interaction data
2.3 Cookies
Cookies help us personalise your experience and improve the site. You can disable cookies in your browser, but this may affect site functionality.
3. What We Do With the Information You Provide
We use your information to:
Provide access to the EBW Assessment Platform
Generate EBW assessment reports
Personalise reports using your name and pronouns
Maintain and administer account information for both EBW Partners and B2C users
Monitor training status, credits, and purchasing history
Provide customer support
Improve our websites and services
Conduct internal research to enhance the accuracy and fairness of EBW assessments
Ensure compliance with legal and contractual obligations
By using this site, and supplying us with your information, you acknowledge that EBW Global processes your information in accordance with this Privacy Policy and, where applicable, under the lawful basis determined by your EBW Assessment Partner or EBW Global (for direct users).
4. Equal Opportunities Monitoring Form
Before beginning an EBW Assessment, you may be invited to complete an Equal Opportunities Monitoring Form. This information:
is used only by EBW’s research team
helps ensure EBW assessments remain fair, reliable, and culturally neutral
is stored securely and separately from your assessment
is not shared with EBW Assessment Partners or employers
is anonymised in all research outputs
does not influence report scoring or feedback
Completion is voluntary and does not affect your assessment.
5. Where We Obtain Your Information
We obtain your information:
directly from you
through EBW Assessment Partners
via training, subscriptions, events, or EBW promotions
from our websites
from third-party marketing lists
5.1 Marketing and Mailing Lists
If EBW Global uses third-party marketing lists in future, we will only use reputable suppliers who comply with data protection and marketing laws. Such lists remain separate from EBW’s internal databases and are used solely for promotional mailings. Each mailing is coded to identify the source list.
6. How We Keep Your Information Secure
We use industry-standard security controls including:
SSL encryption
Secure hosting via Rackspace Tier 1 data centres
Compliance with PCI DSS, ISO27001, and ISAE 3402 Type II
Access controls for authorised personnel
Continuous monitoring and auditing
Secure backup and redundancy systems
While no system is completely secure, we take all reasonable measures to safeguard your data.
7. Optional EBW Services
Some EBW services, such as the EBW Sales Mentor App, offer additional optional features. These services:
are not activated by default
may require separate consent or transparency notices
only process your data when you choose to use them
may operate using different technology environments than the EBW Assessment Platform
Your assessment data is never transferred to optional services unless you choose to use them or, in B2B cases, unless your EBW Assessment Partner authorises this.
7A. Optional Services and Additional Processing
EBW Global provides optional services that require additional processing of assessment data beyond that carried out on the EBW Assessment Platform. These services, including the EBW Sales Mentor App, will only process personal data when the user elects to use the service or, for B2B users, when the relevant EBW Assessment Partner has authorised its use. Each optional service has its own transparency or consent requirements. Full privacy terms for the EBW Sales Mentor App are set out in Appendix 1.
8. International Transfers
The core EBW Assessment Platform is hosted on secure infrastructure located within the UK/EEA. EBW Global does not transfer personal data internationally for standard assessment services.
Optional EBW services may operate on secure systems located outside the UK/EEA. Personal data is only transferred internationally when:
you choose to use an optional service, or
your EBW Assessment Partner authorises its use (B2B)
Where such transfers occur, EBW Global applies:
International Data Transfer Agreements (IDTA)
EU Standard Contractual Clauses (SCCs)
supplementary organisational and technical safeguards.
9. Data Subject Rights
EBW Global supports all rights under UK GDPR and EU GDPR, including rights of access, correction, deletion, restriction, portability, and objection. EBW Global also supports the Right of Access (Article 15) and assists Data Controllers in responding to rights requests as required under Articles 28 and 29.
9.1 B2B Users
If your assessment was issued by an EBW Assessment Partner, they are the Data Controller. All rights requests must be directed to them. EBW Global will support the Controller in fulfilling the request.
9.2 B2C Users
If you purchased EBW services directly, EBW Global is the Data Controller. You can exercise your rights by contacting:
info@ebwglobal.com
EBW Global may require identity verification.
Initial requests are free of charge.
We aim to respond within 30 days.
9.3 Your Right to Complain to a Supervisory Authority
If you have concerns about how your personal data has been handled, you have the right to lodge a complaint with your national data protection authority.
If you are in the United Kingdom:
Information about contacting the Information Commissioner’s Office (ICO) is available at:
https://www.ico.org.uk/
If you are located in the EU:
Details for your local supervisory authority can be found at:
https://ec.europa.eu/newsroom/article29/items/612080
If you are located outside the United Kingdom or European Union (including the United States and other international regions), you may raise any privacy concerns directly with EBW Global using the contact details in this policy.
If your country has a national or regional data protection authority, you may also have the right to submit a complaint to that authority in accordance with your local laws.
We would appreciate the opportunity to address your concerns directly first, but you are not required to contact us before approaching a regulator.
10. Retention of Data
Assessment data is retained for 18 months. After this period:
personal identifiers are permanently removed
anonymised assessment data may be retained for research, benchmarking, or quality assurance
EBW cannot regenerate personalised reports once data has been anonymised
11. Who We Share Information With
We only share personal data where necessary:
EBW Assessment Partners (for assessments they issue)
authorised EBW Global personnel
approved sub-processors
Sub-processors include:
Rackspace (secure hosting)
OpenAI (for App-specific generative AI guidance)
Mandrill (Mailchimp Transactional Email) for App-related emails
We do not sell data or share it for advertising.
12. Changes to This Policy
We may update this policy to reflect legal, technical, or operational changes. Updates will be posted on this page.
13. Contact Information
Privacy and Data Protection Lead
Brentfield Consultancy Ltd
The Joiners Shop
The Historic Dockyard
Chatham, Kent, ME4 4TZ
United Kingdom
Info@ebwglobal.com
Appendix 1
Sales Mentor App Privacy Addendum
(This Appendix forms part of the EBW Global Privacy Policy.)
1. Purpose of this Addendum
This Appendix explains how personal data is processed when you choose to use the EBW Sales Mentor App (“the App”).
It supplements the main EBW Global Privacy Policy and ensures compliance with the UK GDPR, EU GDPR (2016/679), and the EU AI Act (2024).
The App is an optional service.
Your assessment data is not transferred unless you choose to use the App.
2. What the App Does
The App provides optional digital features based on your EBW Sales Compass Report:
Meeting preparation guidance
Instant meeting analysis (based on User-submitted text)
Behavioural improvement suggestions
The App does not:
score or modify your EBW assessment
generate psychometric results
make employment or performance predictions
Its purpose is developmental only.
3. When Your Data is Transferred to the App
Your EBW Sales Compass Report is transferred to the App only when you explicitly consent via the App’s pre-login transparency screen.
If you do not consent:
your report will not be transferred
you will not be able to access the App
your assessment data remains solely on the EBW Assessment Platform
For B2B users, your EBW Assessment Partner confirms they have a lawful basis to offer the App as an optional service.
4. Personal Data Processed in the App
4.1 Data that may be processed
Your EBW Sales Compass Report (narrative + numerical outputs)
User-submitted text (e.g., meeting notes, summaries, or questions)
App usage metadata (feature usage, timestamps)
Device-level technical logs (for security)
4.2 Data that is not processed
Raw assessment item responses
Equal Opportunities Monitoring Form data
Payment information
Any other sensitive category data
Processing is limited strictly to the App’s functions.
5. International Processing and Sub-Processors
The App operates on secure systems that may be located outside the UK/EEA.
Where this occurs, EBW Global applies appropriate safeguards, including:
Standard Contractual Clauses (SCCs)
UK IDTA
Technical and organisational security measures
Additional protections required under the EU AI Act
Sub-processors supporting the App may include:
Cloud hosting providers
AI model providers (e.g., OpenAI)
App infrastructure platforms (e.g., Replit)
Email delivery services (e.g., Mandrill/Mailchimp)
A full list is maintained in Appendix 2 — Sub-Processor Register.
No sub-processor is permitted to:
train AI models on EBW data
use data for advertising or analytics
retain data beyond EBW’s instructions
6. AI Transparency
The App uses generative AI to produce developmental guidance only.
AI systems used in the App:
do not influence EBW scoring
do not produce behavioural or hiring predictions
may generate variable outputs
must be interpreted with human judgement
AI outputs must not be used as the sole basis for employment or organisational decisions.
7. Prohibited Uses of the App
The App must not be used to:
make employment decisions without human review
conduct clinical or psychological diagnosis
train external AI systems
provide third-party access to User content
extract or repurpose App-generated content for other tools
Misuse may result in suspension of access.
8. Data Retention and Deletion
Data in the App is retained only as long as necessary to provide the service.
The App’s retention schedule is separate from the EBW Assessment Platform’s 18-month retention period.
Users may request deletion of App-specific data at any time.
After deletion or anonymisation, the data cannot be re-identified.
9. Your Rights
Users have all rights under UK GDPR and EU GDPR, including:
Right of access
Right to rectification
Right to erasure
Right to restrict processing
Right to data portability
Right to object
If your assessment was issued by an EBW Partner, they remain the Data Controller and must handle your request.
If you purchased directly from EBW Global, you may contact: info@ebwglobal.com
10. Contact Details for App-Related Privacy Questions
Privacy and Data Protection Lead
Brentfield Consultancy Ltd (EBW Global)
The Joiners Shop
The Historic Dockyard
Chatham, Kent, ME4 4TZ
United Kingdom
info@ebwglobal.com
Appendix 2
EBW Global Sub-Processor Register
(This Appendix forms part of the EBW Global Privacy Policy.)
This register lists the third-party service providers (“sub-processors”) authorised by Brentfield Consultancy Ltd (EBW Global) to process personal data on its behalf for:
the EBW Assessment Platform, and
optional Digital Services, including the EBW Sales Mentor App.
All sub-processors are contractually bound to:
comply with UK GDPR and EU GDPR
provide security equivalent to EBW Global standards
use data only for the purpose of delivering EBW services
delete or return data upon termination
never train AI models on EBW data
maintain confidentiality
Updates to this register will be made in accordance with the EBW Global Privacy Policy and/or DPA terms.
1. Core EBW Assessment Platform Sub-Processors
(All located inside the UK/EEA unless stated otherwise)
1.1 Rackspace Ltd (UK/EU)
Role: Secure cloud hosting for the EBW Assessment Platform
Purpose: Stores encrypted assessment data, personal identifiers, and report outputs
Location: UK/EU data centres
Legal Basis: Processor under GDPR
Safeguards: ISO27001, PCI DSS, ISAE 3402 Type II
1.2 Mandrill (Mailchimp Transactional Email)
Role: Automated transactional email delivery
Purpose: Sends EBW Reports and system notifications to EBW Assessment Partners
Location: United States
Safeguards: Standard Contractual Clauses (SCCs) + supplementary measures
Notes:
Processes only the necessary email content for delivery
Does not store assessment data long-term
Does not train models on EBW data
1.3 Rackspace Cloud Backup
Role: Encrypted offsite backup
Purpose: Business continuity for the EBW Assessment Platform
Location: UK/EU
Safeguards: As above
2. Digital Services & Sales Mentor App Sub-Processors
(Used only when Users explicitly choose to use optional digital services)
2.1 Replit, Inc.
Role: Hosting infrastructure for the EBW Sales Mentor App
Purpose: Executes app logic and user-facing functions
Location: United States
Safeguards: SCCs + technical safeguards
Notes:
Only receives Sales Report data after explicit User consent
No raw assessment items or equal opportunities data
2.2 OpenAI (ChatGPT)
Role: AI model provider
Purpose: Generates private, developmental guidance within the App based on User-provided input
Location: United States
Safeguards: SCCs, encryption, restricted processing
Important:
No EBW data is used to train foundation models
No assessment scoring or model calibration
No storage beyond session-level processing
2.3 Mandrill (Mailchimp Transactional Email)
Role: Email delivery for App notifications (optional feature)
Details: As listed under Section 1.2
3. EBW Global Internal Processing & Support Providers
3.1 Microsoft 365 (UK/EU)
Role: Internal staff communication + secure document storage
Purpose: Support, account administration, service management
Safeguards: ISO27001, UK GDPR-compliant cloud tenancy
3.2 Cloudflare (where enabled)
Role: Web security, CDN, DDoS protection
Purpose: Protects EBW websites and App endpoints
Location: Global network
Safeguards: No access to assessment content; edge logs only
4. Sub-Processor Use by Purpose
Purpose Sub-Processors Involved
Assessment delivery: Rackspace (hosting), Rackspace Backup
Transactional email / Report delivery: Mandrill/Mailchimp
App hosting: Replit
Generative AI for App guidance: OpenAI
Security/CDN: Cloudflare (if enabled)
Internal admin: Microsoft 365
5. International Transfer Safeguards
Where personal data is transferred outside the UK/EEA:
SCCs (Standard Contractual Clauses) are in place
UK IDTA or Addendum applied where required
Encryption in transit & at rest
Strict access controls
No data used for training AI models
No advertising, profiling, or unrelated processing
6. Changes to This Register
EBW Global will:
update this register when adding or replacing sub-processors
notify EBW Partners where required under the DPA
ensure new sub-processors meet equivalent legal and security standards