DistributorIQ is a trading name of Micker Brook Ltd, a company registered in England and Wales (company number 16029659), with its registered office at Unit 7 Robinson Street, Ashton-Under-Lyne, England, OL6 8NS.
We are the data controller for personal data processed in connection with the DistributorIQ platform, website, and services. This means we are responsible for deciding how and why your personal data is processed.
We are registered with the Information Commissioner's Office (ICO) under registration number . If you have questions about how we handle personal data, contact us at [email protected].
We collect and process the following categories of personal data:
Information you provide to us
Information collected automatically
Information about distributors
The DistributorIQ database contains information about distributors and their representatives, including names and contact details of key personnel. This data is collected from publicly available sources, regulatory databases, and primary research. We process this data on the basis of legitimate interests — to build and maintain a verified intelligence database that serves our clients. Individuals whose data appears in the database have the rights described in Section 8.
| Purpose | Data used | Lawful basis |
|---|---|---|
| Responding to shortlist requests and enquiries | Name, email, company, brief content | Contract / pre-contract steps |
| Delivering shortlist reports and platform services | Name, email, account information, usage data | Contract performance |
| Sending service-related communications (e.g. shortlist delivery, status updates) | Name, email | Contract performance |
| Sending marketing communications about our services We use Plausible Analytics which operates without cookies. No cookie consent is required for analytics. If you submit a contact form, you consent to us processing your contact details to respond to your enquiry. We do not send marketing communications without your explicit consent. | Name, email, company | Consent or legitimate interests |
| Improving the platform and our services | Usage data, feedback | Legitimate interests |
| Fraud prevention and security | Technical data, usage data | Legitimate interests / legal obligation |
| Complying with legal obligations | As required | Legal obligation |
| Building and maintaining the distributor database | Distributor contact information from public sources | Legitimate interests |
We will not use your personal data for purposes that are incompatible with the purposes for which it was collected, without first obtaining your consent.
UK GDPR requires us to have a lawful basis for processing personal data. The bases we rely on are:
We do not sell your personal data to third parties. We may share your data with the following categories of recipients, all of whom are bound by appropriate data protection obligations:
Some of our service providers are located outside the UK. Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place, including:
Third-party processors: Plausible Analytics (EU, Germany — no personal data processed); Formspree Inc. (USA — Standard Contractual Clauses); Google LLC / Google Workspace (USA/EU — Standard Contractual Clauses). For queries about international transfers, contact [email protected].
| Data type | Retention period | Reason |
|---|---|---|
| Shortlist request and brief content | 3 years from last interaction | Contract performance and legitimate interest in service improvement |
| Account information | Duration of account + 2 years | Contract performance |
| Marketing communications | Until unsubscribe or 3 years of inactivity | Consent / legitimate interests |
| Financial records | 7 years | Legal obligation (Companies Act / HMRC) |
| Usage and technical data | 13 months (analytics) / 90 days (server logs) | Legitimate interests — service improvement and security |
| Distributor contact data in database | Annual review; removed if no longer accurate or relevant | Legitimate interests — data minimisation compliance |
We may retain data for longer periods where required by law or where we have a legitimate interest in doing so (for example, to defend legal claims).
Under UK GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, contact us at [email protected]. We will respond within one calendar month. We may need to verify your identity before acting on a request.
These rights also apply to distributor personnel whose contact information appears in our database. If you are a distributor representative and wish to access, correct, or remove your information, please contact us at the address above.
We use cookies and similar tracking technologies on our website and platform. Cookies are small text files stored on your device.
| Category | Purpose | Legal basis |
|---|---|---|
| Strictly necessary | Essential for the website and platform to function — session management, security, authentication. | Legitimate interests (no consent required) |
| Analytics | Understanding how users interact with the site — page views, navigation paths, error rates. Plausible Analytics (privacy-first, cookieless, no personal data collected). Formspree (contact form processing — submissions transmitted to our email). Google Workspace (email hosting and delivery). | Consent |
| Functional | Remembering your preferences and settings. | Consent |
You can manage cookie preferences through your browser settings or via our cookie consent tool We use Plausible Analytics, a privacy-first analytics tool that does not use cookies and does not collect personal data. No consent management platform is required for this tool. If additional analytics or marketing tools are added in future, this policy will be updated accordingly.. Withdrawing consent for non-essential cookies will not affect your use of the core service.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These include encryption of data in transit and at rest, access controls, and regular security reviews.
No method of transmission over the internet is completely secure. While we use commercially reasonable means to protect your data, we cannot guarantee absolute security. If you become aware of any security vulnerability related to our services, please report it immediately to [email protected].
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where required, notify affected individuals without undue delay.
We may update this privacy policy from time to time to reflect changes in our practices, technology, or legal requirements. Material changes will be notified to registered users by email at least 14 days before they take effect. The current version is always available at distributoriq.com/privacy.
Your continued use of the platform after any changes take effect constitutes your acknowledgement of the updated policy.
If you have a complaint about how we handle your personal data, please contact us in the first instance at [email protected]. We will acknowledge your complaint within 5 working days and aim to resolve it within 30 days.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):