Beam’s Privacy Policy for Magic Notes Users
INTRODUCTION
This Privacy Policy (the "Policy") tells you how Beam Up Ltd (“Beam”, "We"), of Senna Building, Gorsuch Place, London E2 8JF, processes your personal information, in relation to the use of the Magic Notes web application tool ("Magic Notes"). Beam is registered as a controller with the ICO (the UK’s Information Commissioner’s Office) under registration number ZA345840.
This Policy explains how we will process any personal information that we collect from you, or that you give us, in relation to the services we provide with Magic Notes (the "Services"). It also tells you our views and practices about your personal information and how we will treat it. By “you” or the “User” we mean an employee, agent and/or independent contractor of the corporate customer who is authorised by that customer to use our Magic Notes software with a unique account and log in credentials.
For the purpose of applicable data protection legislation (including but not limited to the Data Protection Act 2018, the General Data Protection Regulation (Regulation (EU) 2016/679), and the UK General Data Protection Regulation), Beam is the data controller of your personal information but solely for the limited data handling activities related to your use of the Magic Notes tool as described in this Policy. For all other core purposes in your use of the Magic Notes Services, the corporate customer who Beam has a services agreement with, shall be a controller of your data and that of any individual whose details you submit through the Magic Notes Services (for example recordings, transcripts and summaries) and under the terms of that agreement, Beam is a data processor of that corporate customer. For those reasons, we recommend that you review your employer’s privacy policy.
This Policy applies in relation to the Magic Notes Services only. You can access the separate privacy policy which applies to personal information in relation to our beam.org website here.
By using the Services, you agree to the collection, use, disclosure, and procedures this Policy describes. Please read this Policy carefully so that you understand your rights in relation to your personal information, and how we will collect, use and process your personal information.
If you do not agree with this Policy or any part thereof, you should not access or use any part of the Services, or otherwise provide us with your personal information. If you change your mind in the future, you must stop using the Services and you may exercise your rights in relation to your personal information as set out in this Policy.
WHAT INFORMATION DO WE COLLECT AND HOW DO WE COLLECT IT
We may collect a variety of information from or about you or your devices from various sources, as described below.
Information we collect about you automatically
When you use Magic Notes, as is common with web-based applications accessed via a website (the "Website"), we automatically get some technical details such as your chosen browser and unique IP address. As is common to all major websites, we also collect information about your visit, including how often you visit and information about how you are using the Website, what buttons you click, and your name and contact details such as any phone number you may phone us on with a customer service issue. Most of this information is collected via the use of cookies.
Cookies are a useful way for us to understand how our service users use the Website. Cookies are created by your web browser when you visit the Website. Every time you go back to the Website, your browser will send the cookie file back to the Website's server. They improve your experience of using the Website, for example, by remembering your preference settings so that you are presented with information likely to be most relevant to you, and by measuring your use of the Website to enable us to continuously improve the Website to ensure that it meets your needs. For further information about cookies and how to amend your browser settings in order to block cookies, please see the Cookie information below.
Information you provide to us
In addition to the cookies information above, if you contact us directly, we may receive additional personal information about you. For example, when you contact our Customer Support Team, we will receive your name, email address, the contents of a message or attachments that you may send to us, and other information you choose to provide. When we send you emails, we may track whether you open them to learn how to deliver a better customer experience and improve our services.
Your use of Magic Notes, as part of your missions as employee or contractor of our corporate customer may involve personal information such as the dates, participants and contents of any audio recordings of meetings (which may include the personal information contained on that recording). As highlighted earlier in this Policy, this personal information is subject to the terms of the Policy in place with your employer.
HOW WE USE YOUR INFORMATION and the LEGAL REASONS WE RELY ON
We use the personal information we collect about you for a number of purposes:
| Purpose of data collection and use | Legal basis for data processing |
|---|---|
| to provide the Magic Notes and any related account management services; | Management of our contract with the corporate customer |
| to tell you about changes to Magic Notes; | Our and your legitimate business interests |
| to improve our customer products and services and to make sure that content from Magic Notes is presented in the most effective manner for you and for your computer; | Our and your legitimate business interests |
| to comply with legal and regulatory requirements; | Compliance with our legal and/or regulatory duties |
| to administer Magic Notes and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and | Our legitimate business interests |
| for marketing purposes. | Our legitimate business interests, unless the circumstances of collection of your data required your express consent. |
WHO WE SHARE YOUR PERSONAL INFORMATION WITH
As part of the provision of Magic Notes, we use various third-party service providers such as web or hosting services; tools for collecting feedback; e-mail communication tools; help desk platform providers. It is not possible for us to provide the Services to you successfully without us using these providers.
We may also disclose your personal information to a limited category of trusted third parties, including:
- any current or future member of our group, which includes our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006;
- third party service providers who perform functions on our behalf (including external consultants and professional advisers such as lawyers, auditors and accountants);
- third party IT providers where we have an appropriate data processing agreements (or similar protections) in place;
- tax, audit, or other authorities;
- Beam board members, advisers and their trusted third-party service providers and affiliate,
- analytics and search engine providers that help us improve and optimise Beam;
- in anonymous form to funders or potential funders of Beam;
- if we sell or buy any business or assets, to the potential seller or buyer of such business or assets;
- if Beam or substantially all of its assets are acquired by a third party, personal data held by it about its customers will be one of the transferred assets; and
- if we have to disclose or share your personal data to comply with any legal obligation, or to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Beam, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We do not share, rent or trade your information with third parties for marketing or promotional purposes.
HOW WE PROTECT YOUR PERSONAL DATA
All information we hold about you is stored on secure servers. While we take every reasonable step to protect your personal information, please note that transmitting information over the internet can never be 100% secure. If you choose to share information with us via Magic Notes, please be aware that there is always some level of risk. Once we receive your information, we apply strict procedures and security measures to help prevent unauthorised access.
WHERE WE TRANSFER YOUR PERSONAL INFORMATION
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and applicable legal requirements, for example by entering into data transfer agreements which incorporate the legally mandated data protection clauses and for international transfers, the current standard contractual clauses adopted by the UK Information Commissioner for transfers of personal data.
KEEPING YOUR RECORDS
We will hold your personal information as a minimum for the duration of our services agreement with our corporate customer and for as long as is necessary to comply with our statutory and contractual obligations, the purposes for which we process your information (as described in this Privacy Policy).
YOUR RIGHTS
Access to your information
You have the right to request a copy of the information that we hold about you as a controller. If you would like a copy of some or all of your personal information, please email us at trust@beam.org (with the title: Data Privacy/GDPR related request). If we provide you with access to the information we hold about you, we will not charge you for this unless permitted by law. If you request further copies of this information from us, we may charge you a reasonable administrative cost. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.
Right to object
This right enables you to object to us processing your personal data where we do so for one of the following reasons:
- because it is in our legitimate interests to do so (for further information please see below);
- to enable us to perform a task in the public interest or exercise official authority or;
- for scientific, historical, research, or statistical purposes.
Right to withdraw consent
Where we have obtained your consent to process your personal data for certain activities, you may withdraw this consent at any time and we will cease to use your data for that purpose unless we consider that there is an alternative legal basis to justify our continued processing of your data for this purpose, in which case we will inform you of this condition.
Right to erasure
You have the right to request that we "erase" your personal data in certain circumstances. Normally, this right exists where:
- the data is no longer necessary;
- you have withdrawn your consent to us using your data, and there is no other valid reason for us to continue;
- the data has been processed unlawfully;
- it is necessary for the data to be erased in order for us to comply with our obligations under law; or
- you object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.
We would only be entitled to refuse to comply with your request for erasure in limited circumstances and we will always tell you our reason for doing so. When complying with a valid request for the erasure of data we will take all reasonably practicable steps to delete the relevant data.
Right to restrict processing
You have the right to request that we restrict our processing of your personal data in certain circumstances, for example if you dispute the accuracy of the personal data that we hold about you or you object to our processing of your personal data for our legitimate interests. If we have shared your personal data with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal data.
Right to rectification
You have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. You may also request details of the third parties that we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.
Right of data portability
If you wish, you have the right to transfer your personal data between service providers under certain specific circumstances. In effect, this means that you are able to transfer the details we hold on you to another third party. To allow you to do so, we will provide you with your data in a commonly used machine-readable format so that you can transfer the data. Alternatively, we may directly transfer the data for you.
To exercise any of the above rights, please contact us at trust@beam.org (with the title: Data Privacy/GDPR related request).
Right to complain
You have the right to lodge a complaint and can contact us at trust@beam.org. We would always encourage you to do so in order for us to have a reasonable opportunity to learn about your complaint and address it in line with our internal processes. You also have the right to make a complaint to your local supervisory authority which is the Information Commissioner's Office. You can contact them in the following ways:
- Phone: 0303 123 1113
- Email: casework@ico.org.uk
- Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
THIRD PARTY WEBSITES
This Policy only applies to Magic Notes. If you land on Magic Notes from other websites (or move to other websites from Magic Notes) you should read their separate privacy policies.
Magic Notes may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites.
UPDATES
Any changes we make to this Policy in the future will be posted on this page and we may email you to tell you about any substantial changes. Please check back regularly to see any updates or changes to this Policy.
CONTACT
If you have any questions about this Policy, or would like to exercise your rights with respect to your personal information, send us an email via trust@beam.org. The contact details of the Data Protection Officer are as follows: Stuart Murray who can be contacted on trust@beam.org.
COOKIE POLICY
Our Website uses cookies to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our Website and also allows us to improve our Website.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.
We use the following cookies:
Strictly necessary cookies
These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website, use a shopping cart or make use of e-billing services.
| Name | 1st or 3rd party cookie | Duration | Description |
|---|---|---|---|
| rl_anonymous_id | 1st | 1 year | Internal analytics |
| rl_group_id | 1st | 1 year | Internal analytics |
| rl_group_trait | 1st | 1 year | Internal analytics |
| rl_page_init_referrer | 1st | 1 year | Internal analytics |
| rl_page_init_referring_domain | 1st | 1 year | Internal analytics |
| rl_trait | 1st | 1 year | Internal analytics |
| rl_user_id | 1st | 1 year | Internal analytics |
| expires_at | 1st | Session | Session expiry |
| user_id | 1st | Session | Encrypted User ID |
| XSRF-TOKEN | 1st | Session | Security token |
| _magic_notes_session | 1st | Session | User session |
| cookies_accepted | 1st | 1 year | User acceptance of cookie policy |
| GAESA | 1st | 1 months | Session affinity cookie |
Analytical/performance cookies
They allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily.
Marketing cookies
These cookies record your visit to our Website, the pages you have visited and the links you have followed. We will use this information to make our Website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
| Name | 1st or 3rd party cookie | Duration | Description |
|---|---|---|---|
| _glc_au | 1st | 2 months | Google Ads identifier |
| NID | 3rd | 6 months | Security, Analytics, Functionality, Advertising |
| __Secure* | 3rd | 1 year | Enforces cookies only sent over HTTPS |
Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. For further details of how to do this, please click on the following link: http://www.allaboutcookies.org/manage-cookies/. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Website. Except for essential cookies, all cookies will expire after 180 days.
Version : 2.0
Last updated on : September 5, 2025