Partner and Member Privacy Policy

This Privacy Policy (the "Policy") tells you how Beam Up Ltd ("We") collect and process your personal information when you are a Member or a Partner of Beam. If you are not a Member or a Partner, our collection and processing of your personal data is subject to our general privacy policy, available here.

"Partners" are individuals at social and other organisations who refer individuals to Beam, or who help Beam provide services to Members.

"Members" are individuals that Beam supports by providing you with a funding page and supporting you to through training and into employment amongst other things.

This Policy (and any other agreements that we have in place with you) explains how we will process any personal information that we collect about you, including information that you give to us. It also tells you our views and practices about your personal data and how we will treat it. Where we are seeking your consent in relation to certain things that we do with your personal information we will provide you with a separate consent form.

For the purpose of applicable data protection legislation (including but not limited to the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679)), the data controller of your personal information is Beam Up Ltd of Runway East Moorgate, 10 Finsbury Square, London, EC2A 1AF.

Information collected directly from you
During the course of our relationship with you as a Member, we will collect certain personal information from you, including but not limited to:

Where you work for one of our Partner organisations, we will collect certain limited personal information about you. Personal information collected in this context is usually (but may not exclusively be) limited to name, employer name, job title, phone, email and other business contact details.

Information we collect about you automatically

If you interact with our website, as is the case with most websites, we automatically get some technical details such as your chosen browser and unique IP address. As is common to all major websites, we also collect information about your visit, including information about how you are using the website including the movement of your mouse, what buttons you click, and any phone number you may phone us on with a customer service issue.

Information we receive from other sources – Members only

When you are referred to Beam by one of our Partner organisations, or are otherwise referred to Beam, we collect the following information about you from that referring third party:

From time to time, we may also receive information about you from third parties (other than our Partner organisations). The nature of this information will depend upon the circumstances. Such third parties may include for example:


We use your personal information for a number of purposes, including:


We use your personal information for a number of purposes, including:


We work closely with a number of trusted partners with whom we might need to share personal information to help us run successful campaigns and support members. These may include:

We may also have to share your personal information with the police, or social services safeguarding team(s) where there is a safeguarding requirement. More information about this type of information sharing can be found in the Member Privacy and Consent form.

We may also disclose your personal information in the following circumstances:


All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password to access certain parts of the Website, you are responsible for keeping this password confidential. Please do not share your password with anyone. Unfortunately, the sending information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data sent to the Website and so if you send information you do so at your own risk. Once we hold your information, we will use strict procedures and security features to try to stop unauthorised access to it.


The information that we collect from you may be sent to, and stored at, a destination outside the European Economic Area (which means the 28 European Union member states, together with Norway, Iceland and Liechtenstein, ”EEA”), including by our suppliers. Your information may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and applicable legal requirements, for example by entering into data transfer agreements which incorporate the current standard contractual clauses adopted by the European Commission for transfers of personal data.


We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for your information, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use of disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and any applicable legal requirements.

As a general rule unless you instruct us otherwise, we will delete your data (other than limited contact information) 2 years after you are no longer active within the Beam community. For Members, this will be 2 years from the date that your case is closed, and for Partners, this will be 2 years from the date that you cease to be a Beam partner. However, in certain exceptional cases we may be required to retain your data for longer. We will only do this where we are required to do so by law or where we need to establish, exercise or defend legal claims (for example if we are in a dispute with you). In such circumstances, we will keep your data only for the period required by law or until the conclusion of our legal claim, and whatever the circumstances, we will not keep your data for longer than necessary. Please note that we will retain limited contact information (name, gender, email, phone number, date of birth) for a period of 7 years to help identify you if you get back in touch with Beam.

If requested, we will also keep your campaign page open until you ask us to delete it up to a maximum period of 7 years after your case has been closed.

Access to your information

You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email us at [email protected] If we provide you with access to the information we hold about you, we will not charge you for this unless permitted by law. If you request further copies of this information from us, we may charge you a reasonable administrative cost. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.

Right to object

This right enables you to object to us processing your personal data where we do so for one of the following reasons:

Right to withdraw consent

Where we have obtained your consent to process your personal data for certain activities, you may withdraw this consent at any time and we will cease to use your data for that purpose unless we consider that there is an alternative legal basis to justify our continued processing of your data for this purpose, in which case we will inform you of this condition.

Right to erasure

You have the right to request that we "erase" your personal data in certain circumstances. Normally, this right exists where:

We would only be entitled to refuse to comply with your request for erasure in limited circumstances and we will always tell you our reason for doing so.

When complying with a valid request for the erasure of data we will take all reasonably practicable steps to delete the relevant data.

Right to restrict processing

You have the right to request that we restrict our processing of your personal data in certain circumstances, for example if you dispute the accuracy of the personal data that we hold about you or you object to our processing of your personal data for our legitimate interests. If we have shared your personal data with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal data.

Right to rectification

You have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. You may also request details of the third parties that we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.

Right of data portability

If you wish, you have the right to transfer your personal data between service providers. In effect, this means that you are able to transfer the details we hold on you to another third party. To allow you to do so, we will provide you with your data in a commonly used machine-readable format so that you can transfer the data. Alternatively, we may directly transfer the data for you.

Right to complain

You have the right to lodge a complaint and can contact us at [email protected] You also have the right to make a complaint to your local supervisory authority which is the Information Commissioner’s Office. You can contact them in the following ways:

The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites.


There are a number of different ways that we are lawfully able to process your personal information. We have set these out below.

Where using your data is in our legitimate interests

We are allowed to use your personal data where it is in our interests to do so, and those interests aren't outweighed by any potential prejudice to you.

We believe that our use of your personal information is within a number of our legitimate interests, including but not limited to:

We don't think that any of the activities set out in this privacy policy will prejudice you in any way. However, you do have the right to object to us processing your personal data on this basis. We have set out details regarding how you can go about doing this above.

Where you give us your consent to use your personal data

We are allowed to use your data where you have specifically consented. In order for your consent to be valid:

We seek consent from our Members for various processing activities. Details of these are set out on our Member consent and privacy form. We also keep campaign pages up on the website when Members ask Beam to do so.

You have the right to withdraw your consent at any time. We have set out details regarding how you can go about this above.

Where using your personal data is necessary for us to carry out our obligations under our contract with you

We are allowed to use your personal data when it is necessary to do so for the performance of our contract with you. For example, we require certain personal information about you in order to process and manage your funding campaign and journey through training and into work.

Where processing is necessary for us to carry out our legal obligations

As well as our obligations to you under any contract, we also have other legal obligations that we need to comply with and we are allowed to use your personal data when we need to in order to comply with those other legal obligations.


Any changes we make to this Policy in the future will be posted on this page and we may email you to tell you about any changes. Please check back regularly to see any updates or changes to this Policy.


If you have any questions about this Policy, or would like to exercise your rights with respect to your personal information, send us an email via [email protected] The contact details of the Data Protection Compliance Manager are as follows: Alexander Stephany who can be contacted on [email protected] If you have any questions about this Policy, or want to complain about how we handle your personal information, Alexander Stephany would be happy to help.