Privacy Policy Security and confidentiality

Privacy Notice

Version 2.1 (30 May 2022)

Blue header down w bg

Privacy Notice

This Privacy Notice relates to personal data that Take Note may collect and process when you use our website or the Take Note Secure Portal. Take Note is the data controller for this data. For information relating to how we process data on your behalf, as a data processor, when we’re creating your transcripts, please see our Data Processing Addendum.

1.  Who is processing your personal data?

Take Note Ltd[1] is the data controller of personal data collected via the Take Note website. The data controller is the decision-maker with respect to the purpose and overall means of processing your personal data.

2.  What personal data are you processing?

When you get in touch with us or register for an account in the Take Note Secure Portal, we’ll process your name, email address, and telephone number.

If you enter into a contract with us, we’ll also need some additional information which may be personal data, such as:

  • Your job title and additional contact information
  • Invoicing information
  • Payment details


Like most businesses, we use cookies on our website to enable essential functionality, to improve your experience when using the website, and to analyse website traffic.

For more information about the cookies we use, and how you can change your settings, please see our Cookie Information Page.

3.  Why are you processing this data?

We process your personal data in order to manage our business relationship with you, which may include:

  • Ensuring that your customer account is up-to-date and effectively managed
  • Providing you with information that you’ve requested, such as a quote
  • Contacting you for a customer relations conversation
  • Keeping you up to date with our latest service offerings
  • From time to time, providing you with news or articles that we think may be of professional interest to you
  • For website analytics and to facilitate the effective operation of our business

If you enter into a contract with us, we’ll also process your personal data to ensure that we’re fulfilling our contractual obligations and that we’re meeting any legal or regulatory obligations we may have, such as accounting requirements.

We won’t use your personal data for any other purpose unless required to do so by law.

4.  What is the lawful basis for processing my personal data?

We rely on several lawful bases[2] when processing your personal data:

  • Performance of a contract
    If you’ve entered into a contract with Take Note, we’ll process your personal data to ensure that we fulfil our contractual obligations to you
  • Compliance with a legal obligation
    If we’ve provided you with services then we have a legal obligation to retain certain information for accounting purposes, which may include some of your personal data
  • Legitimate interest (management of your customer account)
    When we're processing your personal data to ensure that your customer account is up-to-date and effectively managed, and that we're meeting your needs as a Take Note customer
  • Legitimate interest (development of our business relationship with you)
    When we’re processing your personal data to provide you with information you’ve asked us for, to provide you with news or updates, or where you’ve previously used our services and we’re keeping in touch
  • Consent
    For cases other that the above, unless otherwise required by law, we'll only process your personal data with your consent

5.  What if I change my mind?

Where we’re processing your personal data on the basis of your consent, you may withdraw that consent at any time.  The UK GDPR also gives you the right to object to your personal data being processed for direct marketing purposes.[3]

You’ll find options to manage your preferences and unsubscribe completely in all non-transactional emails you receive from us – and you can also contact us on to withdraw your consent.

6.  Who has access to my data?

In Take Note, only those authorised to process this data for the purposes mentioned above may access your personal data.

We also use some cloud service providers and other third parties to help provide our IT and payment services. In relation to your personal data, these third parties are data processors only – they must follow our instructions and they are obliged not to disclose or use your personal data for any other purpose.

We may also share your personal data with other Verbit Company entities to facilitate the effective operation of our business and in order to ensure that your customer account is managed in accordance with our group policies.

We’ll never sell your data, and we won’t disclose it to any third parties other than for the purposes mentioned above unless required to do so by law.

7.  How do you secure my personal data?

Take Note operates an Information Security Management System certified to the ISO 27001:2013 international standard.

Your personal data is encrypted both at rest and in transit and may only be accessed by authorised Take Note employees using multi-factor authentication.

Take Note is also committed to a continuous programme of security awareness and development, and all our employees undergo security awareness training certified by the National Cyber Security Centre (NCSC).

8.  Will my personal data leave the UK?

We may transfer your personal data to Verbit in Israel. Any such transfer is covered by relevant adequacy regulations made under Section 17A of the Data Protection Act 2018.

We may transfer some of your personal data to cloud service providers in the United States. Where we do so, we will ensure that appropriate safeguards are in place to protect your personal data. We achieve this by requiring our service providers to enter into Standard Contractual Clauses[4] with us before processing any personal data – if you’d like to see a copy of these, please contact us on

Payment card information will not be transferred out of the UK.

9.  How long will you keep my personal data?

If you’ve entered into a contract with Take Note, we’ll retain your personal data for a period of 7 years after the end of that contract.

In other cases, unless you tell us that you’d like us to delete your personal data sooner, we’ll retain your personal data for a period of up to 2 years after our last active engagement with you.

10.  What rights do I have?

The UK GDPR gives you the following rights in relation to your personal data:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

For more information, or if you’d like to exercise any of these rights, please contact us on

11.  Links to other websites

Our website may contain links to other websites that we think might interest you. Once you use these links to leave the Take Note website, however, we no longer have control over how any personal data you provide will be used and we're not responsible for the protection and privacy of any such personal data. We recommend that you exercise caution and review the privacy notices of these websites before providing any personal data.

12.  What if something goes wrong?

We hope this doesn't happen - and in the first instance, we'd encourage you to get in touch on so that we can help resolve any issues. However, you do also have the right to lodge a complaint with the Information Commissioner's Office (

[1] Take Note Ltd is a company registered in England and Wales under company number 05954367. Our registered office is at Three Tuns House, 109 Borough High Street, London, SE1 1NL.

[2] UK GDPR, Article 6(1)

[3] UK GDPR, Article 21(2)

[4] UK GDPR, Article 46(2)

Light line 05
Dark break line 2