top of page

Terms & Conditions

Terms of use Last updated: 21 March 2024 ZeroBees’ terms of use are our contract with you. They include our commitment as a service provider and your obligations as a customer. Introduction Welcome to ZeroBees! We’re excited to have you here but before you start using ZeroBees, we need you to look through and accept these terms. We’ve done our best to explain it all without using too much jargon, so it’s clear what we expect from you and what you can expect from us. To make things easier, we’ve included summary paragraphs at the top of each section to give you a heads up on what’s coming up. These are your legal rights and obligations, so please read everything. If you can’t agree to our terms, then you can’t use our services. If you still have questions or comments after you’ve read these terms, please go to ZeroBees Central to get in touch. We’d love to help. Joining and using ZeroBees In this section we explain how to subscribe to ZeroBees and use our services. When you see a word in bold, it will have the same corresponding meaning every time it’s used within these terms. 1. You and ZeroBees: When we say you or your, we mean both you and any entity or firm you’re authorised to represent. When we say ZeroBees, we, our or us, we’re talking about the ZeroBees entity you contract with and pay fees to based on the edition of the ZeroBees product you’re using. Section 57 shows which ZeroBees entity you contract with. 2. Our services: Our services consist of all the services we provide now or in the future, including our online carbon, sustainability and ESG products. Specifically, note that: 2.1 Our carbon accounting platform: is an annual subscription with these terms and conditions applying. 2.2 Our ESG platform (The Business Impact Tracker): is available as a free self-assessment tool. As such, data inputted is available to you while the service is running. Payment (a one-off subscription) is when you decide to verify your scores and have entered evidence. Once payment is confirmed, we will allocate an analyst to you within 3 working days, and will be in touch with our initial review and clarification questions within 3 weeks from analyst allocation. Additional evidence can be submitted for up to 3 months from allocation of your assessor, or until score is finalised, whichever is earliest. Once your score if verified, it cannot be changed in the same assessment process. You will need to update your scores, submit fresh evidence and re-apply for verification. While we recommend regular (e.g. annual) verification and disclosure, you can re-submit at any point for re-assessment, to demonstrate your improvement journey. 3. Creating a subscription: When you create a subscription to use our services and accept these terms, you become a subscriber. If you’re the subscriber, you’re the one responsible for paying for your subscription. If you are purchasing a service as a one-off, then you are a subscriber but without a renewal. 4. People invited to use ZeroBees: An invited user is a person other than the subscriber who has been invited to use our services through a subscription. If you’re an invited user, you must also accept these terms to use our services. 5. User roles and access: As a subscriber inviting others into a subscription, you should understand the permissions you’re granting to invited users. Check out information about user roles and levels of access on ZeroBees Central. In particular, if you’re a small business invited user and your advisor is the subscriber, you can read more about how that works on ZeroBees Central. 6. Partner programme: If you participate in our partner programme, read our additional partner terms. 7. The right to use our services: Whether you’re a subscriber, or an invited user, we grant you the right to use our services (based on your subscription type, your user role and the level of access you’ve been granted) for as long as the subscriber continues to pay for the subscription, until the subscription is terminated, or – if you’re an invited user – until your access is revoked. 8. Subscriber role: As a subscriber, you take responsibility for fully controlling how your subscription is managed and who can access it. It’s quite a big deal! For example: •You control access to a subscription. You decide who’s invited to use our services you’ve subscribed to and what kind of access the invited user has. You can change or stop that access at any time •You’re responsible for resolving any disputes with any invited users over access to your subscription •You’re responsible for all your invited users’ activity 9. Rules: Whatever your role, when you use ZeroBees you agree to follow the rules in section 37. Please read them and make sure you understand what you should and shouldn’t do. 10. Your responsibilities: You promise that you’ll keep your information (including a current email address) up to date. You’re responsible for providing true, accurate and complete information and for verifying the accuracy of any information that you use from our services for your legal, tax and compliance obligations. You’re also responsible for protecting your username and password from getting stolen or misused. Our service has minimum password standards but you will ensure that passwords are very strong and not easily guessable. The stronger the password the better! For more on security generally, check out the security section below. 11. When we introduce new or revised services: Since we’re always thinking about how to make ZeroBees the best it can be – seriously, we’ve got teams dedicated to it – we regularly expand our services. For new or updated services, there might be additional terms. We’ll let you know what those terms are before you start using those services. 12. What we own: We own everything we’ve put into our services unless otherwise stated and excluding content owned by others. This includes rights in the design, compilation, and look and feel of our services. It also includes rights in all copyrighted works, trademarks, designs, inventions, and other intellectual property. You agree not to copy, distribute, modify or make derivative works of any of our content or use any of our intellectual property rights in any way not expressly permitted by us. Pricing Unless you’re in a free trial or other offer period, you’ll need to pay for a subscription based on the pricing of your selected plan. The pricing details and other terms of your subscription are explained when you select your plan. 13. Trial subscriptions: When you first sign up, you can opt for a free trial if available, based on the terms specified at the time. If you choose to continue using our services after the trial, you’ll be billed when you add your billing details into our services, explained in more detail in the pricing plan and on ZeroBees Central. If you choose not to continue using our services following a trial, you may delete your organisation by requesting to Customer Support. 14. ZeroBees pricing plans: Your use of our services generally requires you to pay a monthly or annual subscription fee based on your subscription type (the subscription fee). In some instances and for some products, this may be a one-off payment, where your subscription will not renew. The pricing plan consists of the subscription and subscription fees we offered you, including invoicing, payment, auto-renewal and cancellation terms. The pricing plan may vary by region and includes information set out in the offer details and pricing page. We may update or amend the pricing plan from time to time. The terms of the pricing plan form part of these terms. As with any other changes to our terms, changes to the pricing plan won’t apply retrospectively and, if we make changes and you’re a subscriber, we’ll make every effort to let you know (take a look at section 62 to see how and when we’ll notify you). Check out how to change pricing plans on ZeroBees Central. Depending on your region, subscription fees may be inclusive or exclusive of transactional taxes where relevant (like VAT and GST), as reflected in the pricing plan. 15. Taxes for your use of our services: You’re responsible for paying all other external fees and taxes associated with your use of our services wherever levied. Your responsibility includes withholding tax if it applies, unless we already process that withholding tax. We may collect geographical location information to determine your location, which may be used for tax purposes. This means location information you give us must be accurate for tax residency purposes. 16. Additional services: Depending on where you’re based and how you use our services, you may be able to take advantage of additional services that ZeroBees offers – like consulting and projects. These are typically charged outside of your subscription on a project-basis, and we’ll let you know about when you discuss those services with us. 17. Importance of timely payments: In order to continue accessing our services, you need to make timely payments based on the pricing plan you selected. To avoid delayed or missed payments, please make sure we have accurate payment information. If we don’t receive timely payments, we may suspend access to your subscription until the payment is made. Data use and privacy ZeroBees uses your data to provide our services to you. Our privacy notice is an important part of these terms and describes in more detail how we deal with personal data, like your name and email address. 18. Use of data: When you enter or upload your data into our services, we don’t own that data but you grant us a licence to use, copy, transmit, store, analyse, and back up all data you submit to us through our services, including personal data of yourself and others, to: enable you to use our services; allow us to improve, develop and protect our services; create new services; communicate with you about your subscription; send you information we think may be of interest to you based on your marketing preferences; and disclose to third party service providers and partners to enable and support such purposes. 19. Use of your own personal data: We respect your privacy and take data protection seriously. In addition to these terms, our privacy notice sets out in detail how we process your own personal data that you enter into ZeroBees, like your name and email address. 20. Use of personal data you enter about others: Depending on where your contacts are based, our data processing terms may also apply to the personal data of others (such as your customers, suppliers and employees) that you enter into ZeroBees. 21. Anonymised statistical data: When you use our services, we may create anonymised statistical data from your data and usage of our services, including through aggregation. Once anonymised, we may use it for our own purposes, such as to provide and improve our services, to develop new services or product offerings, to identify business trends, and for other uses we communicate to you. 22. Data breach notifications: Where there has been unauthorised access to personal data that you’ve entered into ZeroBees, we’ll let you know and, where possible, give you information about what has happened. Depending on the nature of the unauthorised access, and the location of your affected contacts, you may be required to assess whether the unauthorised access must be reported to the contact and/or a relevant authority. We think you’re best placed to make this decision, because you’ll have the most knowledge about the personal data you have entered in your ZeroBees subscription. Confidential information We take reasonable precautions to protect your confidential information and expect that you’ll do the same for ours. 23. Keeping it confidential: While using our services, you may share confidential information with us, and you may become aware of confidential information about us. You and we both agree to take reasonable steps to protect the other party’s confidential information from being accessed by unauthorised individuals. You or we may share each other’s confidential information with legal or regulatory authorities if required to do so. Security We take security seriously and you should too! To help protect our services and your data, we offer added security features such as multi-factor authentication. 24. Security safeguards: We’ve invested in technical, physical and administrative safeguards to do our part to help keep your data safe and secure. While we’ve taken steps to help protect your data, no method of electronic storage is completely secure and we cannot guarantee absolute security. We may notify you if we have reason to believe that someone has accessed (or may be able to access) your account without authorisation and we may also restrict access to certain parts of our services until you verify that access was by an authorised user. 25. Account security features: We may introduce security features to make your account more secure, such as multi-factor authentication. Depending on where you are in the world or what services you’re using, we may require you to adopt some of these features. Where we make the use of security features optional, you’re responsible (meaning we’re not liable) for any consequences of not using those features. We strongly encourage you to use all optional security features. 26. Playing your part to secure your data: You have an important part to play by keeping your login details secure, not letting any other person use them, and by making sure you have strong security on your own systems. If you realise there’s been any unauthorised use of your password or any breach of security to your account or email address linked to your account, you need to let us know immediately. You also agree not to use free-form fields in any of ZeroBees’ systems or services to store personal data (unless it’s a field explicitly asking for personal data - like a first name or a last name), credit card details, tax identifiers or bank account details. Maintenance, downtime and data loss We really try to minimise any downtime, but sometimes it’s necessary so we can keep our services updated and secure. You also may have occasional access issues and may experience data loss, so backing up your data is important. 27. Availability: We strive to maintain the availability of our services, and provide online support, 24 hours a day. On occasion, we need to perform maintenance on our services, and this may require a period of downtime. We try to minimise any such downtime. Where planned maintenance is being undertaken, we’ll attempt to notify you in advance but can’t guarantee it. 28. Access issues: You know how the internet works – occasionally you might not be able to access our services and your data. This might happen for any number of reasons, at any time. 29. Data loss: Data loss is an unavoidable risk when using any technology. You’re responsible for maintaining copies of your data entered into our services. For information on how to do that, check out how to export data out of ZeroBees on ZeroBees Central. 30. No compensation: Whatever the cause of any downtime, access issues or data loss, your only recourse is to discontinue using our services. 31. Problems and support: If you have a problem and none of our FAQs can help you resolve it, please contact our support team through ZeroBees Central. 32. Modifications: We frequently release new updates, modifications and enhancements to our services, and in some cases discontinue features. Where this occurs, we’ll endeavour to notify you where practical (for example, by email, on our blog, or within our services when you log in). Do’s and don’ts This section is super important because it outlines how you can (and can’t) use our services. Much of it will be common sense. 33. Feedback: We love your feedback and may use it without restriction. 34. Help using our services: We aim to provide relevant guidance and support to help you use our services. You agree to use our services only for lawful business purposes and in line with the instructions and guidance we provide. 35. Limitations: Some of our services may be subject to limits such as a cap on the number of sites that can be entered within our platform. 36. No-charge or beta services: Occasionally we may offer a service at no charge – for example a free beta service, or a time-limited trial account. Because of the nature of these services, you use them at your own risk. 37. While we can’t cover everything here, we do want to highlight a few more examples of things you mustn’t ever do: •Undermine the security or integrity of our computing systems or networks. •Use our services in any way that might impair functionality or interfere with other people’s use. •Access any system without permission. •Introduce or upload anything to our services that includes viruses or other malicious code. •Share anything that may be offensive, violates any law, or infringes on the rights of others. •Modify, copy, adapt, reproduce, disassemble, decompile, reverse engineer or extract the source code of any part of our services. •Resell, lease or provide our services in any way not expressly permitted through our services. •Repackage, resell, or sublicense any leads or data accessed through our services. •Commit fraud or other illegal acts through our services. •Act in a manner that is abusive or disrespectful to a ZeroBees employee, partner, or other ZeroBees customer. We will not tolerate any abuse or bullying of our ZeroBees employees in any situation and that includes interaction with our support teams. Termination You can easily terminate your subscription with one month’s written notice. We may terminate your subscription as well with the same notice. If you violate these terms, we may terminate your subscription immediately. 38. Subscription period: Your subscription continues for the period covered by the subscription fee paid or payable. At the end of each billing period, these terms automatically continue for a further period of the same duration as the previous one, provided you continue to pay the subscription fee in accordance with the pricing plan. You may choose to terminate your subscription at any time by providing one month’s written notice in advance. You’ll still need to pay all relevant subscription fees up to and including the day of termination. For more information, check out how to cancel a subscription on ZeroBees Central. 39. Termination by ZeroBees: ZeroBees may choose to terminate your subscription at any time by providing you with one month’s written notice in advance. ZeroBees may also terminate or suspend your subscription or access to all or any data immediately if: •you breach any of these terms and do not remedy the breach within 14 days after receiving notice of the breach, •you breach any of these terms and the breach cannot be remedied, •you fail to pay subscription fees, or •you or your business become insolvent, your business goes into liquidation or has a receiver or manager appointed over any of its assets, you become insolvent or make any arrangement with your creditors, or become subject to any similar insolvency event in any jurisdiction. 40. No refunds: No refund is due to you if you terminate your subscription or ZeroBees terminates it in accordance with these terms. 41. Retention of your data: Once a subscription is terminated by you or us, it is archived and the data submitted or created by you is no longer available to you. We retain it for a period of time consistent with our data retention policy, during which, as a subscriber, you can reactivate your subscription and once again access your data by paying the subscription fees. Find out more about reactivating your ZeroBees subscription on ZeroBees Central. We retain data in case you need it as part of your record retention obligations, but you can get in touch with us to have your data removed completely if you wish. Liability and indemnity This section is important as it outlines liability terms between us and both subscribers and invited users, so we urge you to read it closely and in full. 42. You indemnify us: You indemnify us against all losses, costs (including legal costs), expenses, demands or liability that we incur arising out of, or in connection with, a third-party claim against us relating to your use of our services or any third-party product (except as far as we’re at fault). 43. Disclaimer of warranties: Our services and all third-party products are made available to you on an “as is” basis. Subject to the exclusion in section 57, we disclaim all warranties, express or implied, including any implied warranties of non-infringement, merchantability and fitness for a particular purpose. 44. Limitation of liability: Other than liability that we can’t exclude or limit by law, our liability to you in connection with our services or these terms, in contract, tort (including negligence) or otherwise, is limited as follows: •We have no liability arising from your use of our services for any loss of revenue or profit, loss of goodwill, loss of customers, loss of capital, loss of anticipated savings, legal, tax or accounting compliance issues, damage to reputation, loss in connection with any other contract, or indirect, consequential, incidental, punitive, exemplary or special loss, damage or expense. •For loss or corruption of your data, our liability will be limited to taking reasonable steps to try and recover that data from our available backups. •Our total aggregate liability to you in any circumstances is limited to the total amount you paid us for your subscription in the 12 months immediately preceding the date on which the claim giving rise to the liability arose. Disputes This section outlines how disputes may be resolved. 45. Dispute resolution: Most of your concerns can be resolved quickly and to everyone’s satisfaction by contacting our support team via ZeroBees Central. If we’re unable to resolve your complaint to your satisfaction (or if we haven’t been able to resolve a dispute we have with you after attempting to do so informally), you and we agree to resolve those disputes through binding arbitration or small claims court instead of in courts of general jurisdiction. You and we agree that any dispute must be brought in the parties’ individual capacity and not as a plaintiff or class member in any purported class or representative proceeding. Important housekeeping Here we set out some additional terms. Take a read as they cover important issues. 46. No professional advice: Just to be clear, the service provided by ZeroBees through its web-based products is not a professional services firm of any sort, and isn’t in the business of giving any kind of professional advice. We may provide you with information we think might be useful in running your business and recommendations to the best of our experience to improve your business from a carbon accounting point of view, but this should not be seen as a substitute for professional advice and we aren’t liable for your use of the information in that way. 47. Events outside our control: We do our best to control the controllables. We aren’t liable to you for any failure or delay in performance of any of our obligations under these terms arising out of any event or circumstance beyond our reasonable control. 48. Notices: Any notice you send to ZeroBees must be sent to Any notices we send to you will be sent to the email address you’ve provided us through your subscription. 49. Exclusion: In some places, there may be non-excludable warranties, guarantees or other rights provided by law (non-excludable guarantees). They still apply – these terms do not exclude, restrict or modify them. Except for non-excludable guarantees and other rights you have that we cannot exclude, we’re bound only by the express promises made in these terms. Our liability for breach of a non-excludable guarantee is limited, at our option, to either replacing or paying the cost of replacing the relevant service (unless the non-excludable guarantee says otherwise). 50. Export limitations: You must not use our services in violation of any export or trade embargo laws that apply to you. 51. Excluded terms: The terms of the United Nations Convention on Contracts for the Sale of Goods and the Uniform Computer Information Transactions Act (UCITA) do not apply to these terms. 52. Blocking your access, disabling your subscription, or refusing to process a payment: As we grow, our sites will become global, so different laws may apply in different countries that restrict our relationship with you. We may block your access, terminate your subscription, or refuse to process a payment if we reasonably believe there’s a risk - like a potential breach of a law or regulation - associated with you, your company, your subscription, or a payment. Examples of where we might do this include transactions where the payment is from a sanctioned person or country; or where we reasonably believe there is a legal or regulatory risk or a risk of loss being suffered by us or our customers or partners. You promise that you’re not located in a sanctioned country and are not on a sanctioned persons list. We may also block users from a country if we can’t receive payments from that country. You should check what payment methods are available in your country for making payments. We may take any of these actions without notice. 53. Relationship between the parties; assignment: Nothing in these terms is to be construed as constituting a partnership, joint venture, employment or agency relationship between you and us, or between you and any other subscriber or invited user. You’re solely responsible for resolving disputes between you and any other subscriber or invited user. You can find out more about disputes over access on ZeroBees Central. ZeroBees may assign these terms - or any of our rights or obligations in these terms - to another ZeroBees entity as it deems appropriate. ZeroBees entities are the companies controlled by or under common control with Zero Bees Group Limited (a UK company with registration number 13363837). 54. Changes to these terms: We sometimes will decide to change these terms of use. But don’t worry, changes won’t apply retrospectively and, if we make changes, we’ll make every effort to let you know. You can keep track of changes to our terms by referring to the version and the date last updated at the top of the terms. Generally, we endeavour to provide you with 30 days’ notice of material changes before they become effective, unless we need to make immediate changes for reasons we don’t have control over. When we notify you, we’ll do it by email or by posting a visible notice through our services. If a change isn’t material, we may not notify you. If you find a modified term unacceptable, you may terminate your subscription by giving the standard advance notice to ZeroBees. 55. Enforcement of terms: If there’s any part of these terms that either one of us is unable to enforce, we’ll ignore that part but everything else will remain enforceable. 56. Interpretation: Words like ‘include’ and ‘including’ are not words of limitation and where anything is within our discretion we mean our sole discretion. 57. ZeroBees contracting entities; law and venue: Our contracting entities are listed below along with what law and venue apply in any dispute between you and us: ZeroBees edition: United Kingdom ZeroBees entity: Zero Bees Group Limited Address: 28 Derwent Grove, London, SE22 8EA Registration: 13363837 Law: England Venue: England

Privacy Policy

Privacy notice Last updated: 30 November 2022 Introduction This notice applies across all websites that we own and operate and all services we provide, including our online and mobile carbon accounting services products, and any other apps or services we may offer (for example, events or training). For the purpose of this notice, we’ll just call them our ‘services’. When we say ‘personal data’ we mean identifiable information about you, like your name, email, address, telephone number, bank account details, payment information, support queries, community comments and so on. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply. Check out our terms of use for more information on how we treat your other data. We may need to update this notice from time to time. Where a change is significant, we’ll make sure we let you know – usually by sending you an email. You can read the whole notice below, or if you haven’t got much time, you can jump to the section you need using the navigation menu. Who are ‘we’? When we refer to ‘we’ (or ‘our’ or ‘us’), that means Zero Bees Group Limited and all its wholly owned subsidiaries. Our headquarters are in the United Kingdom. Address details for all ZeroBees offices are available on the ZeroBees Central page. We provide an easy-to-use global online platform for small and medium sized businesses and their advisors. At the core of our platform is our awesome carbon accounting software. For European Union data protection purposes, when we act as a controller in relation to your personal data, Zero Bees Group Limited (company number 13363837) is our representative in the European Union. Our principles of data protection Our approach to data protection is built around four key principles. They’re at the heart of everything we do relating to personal data. Ethical: We take a human approach to how we process personal data by being open, honest, transparent and appropriate. Enablement: We enable connections and efficient use of personal data to empower productivity and growth. Security: We champion industry leading approaches to securing the personal data entrusted to us. Stewardship: We accept the responsibility that comes with processing personal data. How we collect your data When you visit our websites or use our services, we collect personal data. The ways we collect it can be broadly categorised into the following: Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. For example, we ask for your contact information when you sign up for a free trial, respond to a job application or an email offer, participate in community forums, join us on social media, take part in training and events, contact us with questions or request support. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services. Information we collect automatically: We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible (for example, by personalising the content you see). Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our cookie notice. Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the personal data we already hold about you, in order to better inform, personalise and improve our services, and to validate the personal data you provide. Where we collect personal data, we’ll only process it: •to perform a contract with you, or •where we have legitimate interests to process the personal data and they’re not overridden by your rights, or •in accordance with a legal obligation, or •where we have your consent. If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you. If you’re someone who doesn’t have a relationship with us, but believe that a ZeroBees subscriber has entered your personal data into our websites or services, you’ll need to contact that ZeroBees subscriber for any questions you have about your personal data (including where you want to access, correct, amend, or request that the user delete, your personal data). How we use your data First and foremost, we use your personal data to operate our websites and provide you with any services you’ve requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following: To communicate with you. This may include: •providing you with information you’ve requested from us (like training or education materials) or information we are required to send to you •operational communications, like changes to our websites and services, security updates, or assistance with using our websites and services •marketing communications (about ZeroBees or another product or service we think you might be interested in) in accordance with your marketing preferences •asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with). To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, in-app support or otherwise. To enhance our websites and services and develop new ones: For example, by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools. To protect: So that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and services fairly and in accordance with our terms of use. To market to you: In addition to sending you marketing communications, we may also use your personal data to display targeted advertising to you online – through our own websites and services or through third party websites and their platforms. To analyse, aggregate and report: We may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties. How we can share your data There will be times when we need to share your personal data with third parties. We will only disclose your personal data to: •other companies in the ZeroBees group of companies •third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you •regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure •an actual or potential buyer (and its agents and advisors) in connection with an actual or proposed purchase, merger or acquisition of any part of our business •other people where we have your consent. International data transfers When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to the United States, where our data hosting provider’s servers are located. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected. For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like New Zealand), or to a third party where we have approved transfer mechanisms in place to protect your personal data, for example, by entering into the European Commission’s Standard Contractual Clauses. For further information, please contact us using the details set out in the Contact us section below. Security Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens. For more information about security, check out the ZeroBees Central page. Retention The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements). We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised. Your rights It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or make your request from the ZeroBees Central page. You also have rights to: •know what personal data we hold about you, and to make sure it’s correct and up to date •request a copy of your personal data, or ask us to restrict processing your personal data or delete it •object to our continued processing of your personal data You can exercise these rights at any time by making a request from the ZeroBees Central page. If you’re not happy with how we are processing your personal data, please let us know by getting in touch from the ZeroBees Central page. We will review and investigate your complaint, and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint. How to contact us We’re always keen to hear from you. If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch. As a technology company, we prefer to communicate with you by email – this ensures that you’re put in contact with the right person, in the right location, and in accordance with any regulatory time frames. Contact us from the ZeroBees Central page.

Anti Slavery & Human Trafficking Statement

Anti-Slavery Statement Last updated: 19 June 2023 LIMITED ANTI-SLAVERY AND HUMAN TRAFFICKING STATEMENT The Modern Slavery Act 2015 (Act) requires any commercial organisation in any sector, which supplies goods or services, and carries on a business or part of a business in the United Kingdom, and is above a specified total turnover, to produce and publish an annual slavery and human trafficking statement. Whilst we are an SME and below this threshold, we believe that we too should set this standard. This statement relates to the actions and activities of Zero Bees Group Limited (ZeroBees) (Company) for our financial year May 2023-April 2024. Where the context so requires, references in this statement to the Company include references to the Company and all of its subsidiaries from time to time. The Company is committed to the prevention of the use of forced labour and has a zero-tolerance policy for human trafficking and slavery. Our policies on slavery and human trafficking The Company will not use or allow the use of forced, compulsory labour, slavery, servitude or human trafficking in the course of its business. This includes sexual exploitation, securing services by force, threats or deception and securing services from children and vulnerable persons. The Company operates the following policies which are relevant to the prevention of slavery and human trafficking in its operations: Anti-slavery and human trafficking policy – this policy sets out the steps that the Company has taken, and will take, to prevent human trafficking and slavery within its business and its supply chain. Employment Policy - Employment terms and conditions for the Company’s employees based at its UK offices are regulated by and are operated in compliance with all relevant prevailing legislation. we pay London Living Wage as minimum and strive to create an environment where people love to come to work. In addition, internal policies are reviewed regularly to ensure continued compliance with the Modern Slavery Act 2015. Due diligence processes for slavery and human trafficking The Company believes that in order to prevent human trafficking and slavery within its business and its supply chain it is necessary to first understand the areas where the Company is most at risk. Due to the Company’s exclusively UK based operations and the fact that most of our very limited supply chain are publically-listed tech companies, the Company believes that the risk of modern slavery occurring in its business or in its supply chain are very low. The Company is, however, committed to ensuring that that is, and remains, the case and has implemented systems to: continually seek to identify and assess potential risk areas in the Company’s business and supply chains; and protect whistleblowers. Supplier adherence to our values and ethics Efforts are made to confirm that the Company’s suppliers are as committed to the prevention of human trafficking and slavery as the Company, and each supplier’s conduct is carefully considered when awarding or renewing business. This statement is made pursuant to section 54(1) of the Act. Contact us from the ZeroBees Central page for more information.

Data Security Policy

ZeroBees Security policy Last updated: 15 February 2024 1. Purpose To establish guidelines for securing the cloud-based SaaS application and its associated data. To ensure that data in the cloud is protected against unauthorized access, disclosure, alteration, and destruction. 2. Scope This policy applies to all employees, contractors, and third-party service providers with access to the cloud-based SaaS environment. 3. Responsibilities The Information Security Team is responsible for implementing, monitoring, and enforcing this policy. All users are responsible for adhering to this policy. 4. User Access Control Access to the SaaS application will be controlled through secure authentication mechanisms (e.g., multi-factor authentication). Access levels and permissions will be based on the principle of least privilege, ensuring users have only the access necessary for their role. Regular audits will be conducted to review access rights and adjust them as necessary. 5. Data Encryption All data stored in the cloud, including backups, will be encrypted at rest and in transit using industry-standard encryption algorithms. Encryption keys will be managed securely, with periodic rotation and strict access controls. 6. Incident Response An Incident Response Plan (IRP) will be developed and regularly updated to address potential security incidents. All users must report suspected security incidents immediately to the Information Security Team. The IRP will outline procedures for response, investigation, mitigation, and recovery from security incidents. 7. Data Privacy and Compliance The SaaS application will comply with applicable data protection laws and regulations (e.g., GDPR, CCPA). Data processing activities will be documented, and data subject rights will be respected and facilitated. 8. Network Security Network security controls, such as firewalls and intrusion detection/prevention systems, will be implemented to protect the SaaS environment. Regular vulnerability assessments and penetration testing will be conducted to identify and remediate potential security weaknesses. 9. Cloud Environment Configuration The cloud environment will be configured according to best practices for security, including the use of security groups, secure APIs, and logging and monitoring services. Configuration changes will be tracked and audited. 10. Business Continuity and Disaster Recovery A Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) will be established to ensure service availability in the event of a disaster or significant disruption. Regular backups of data will be performed, and the ability to restore from backups will be tested periodically. 11. Training and Awareness All users will receive regular training on cybersecurity threats, safe online behaviours, and adherence to this security policy. Security awareness campaigns will be conducted to keep security at the forefront of users' minds. We have policies on best practices such as password policy, removable media policy to ensure staff are well trained in the best practises on cyber security 12. Policy Review and Update This security policy will be reviewed and updated annually or in response to significant changes to the threat landscape or business operations. 13. Enforcement Violations of this policy may result in disciplinary action, up to and including termination of employment or contract and legal action. 14. Suppliers Suppliers will be vetted for security compliance and a log of critical suppliers will be maintained Where applicable/appropriate suppliers will be asked to complete security compliance to ensure that they fit Zerobees’s standards. 15. Assets We will keep and maintain an asset register of critical assets to the business including software, hardware and virtual. We will be responsible for removing physical hardware at end of life.

Zero Bees Group Limited (trading as ZeroBees) ¦ Company Number 13363837 ¦ Registered address 28 Derwent Grove, London, SE22 8EA
bottom of page