Privacy Policy
Last updated: April 2026
1. Who We Are
The Black Business Directory (DBBC) is a community platform that promotes and increases the visibility of Black-owned businesses and services across Derby and Nottingham. Our website is dbbc.uk.
For any questions about this privacy policy or how we handle your data, please contact us at [email protected].
2. What Information We Collect
We collect the following types of information:
Account Information
- Full name and email address (when you register an account)
- Password (stored securely using encryption — we never store plain text passwords)
Business Listing Information
- Business name, description, category, and location
- Contact details (phone number, email, website, social media links)
- Business logo and photos
Payment Information
- If you subscribe to a premium plan, payments are processed securely through Stripe. We do not store your card details — Stripe handles all payment data in accordance with PCI-DSS standards.
Usage Data
- We use Google Analytics to understand how visitors use our site (pages visited, time spent, general location). This data is anonymised and helps us improve the platform.
- Google Analytics only runs if you accept cookies via our cookie banner.
3. How We Use Your Information
We use the information we collect to:
- Create and manage your account
- Display your business listing on the directory
- Process premium subscriptions and payments
- Send you important updates about your account or listing
- Improve the website and user experience
- Respond to enquiries submitted through our contact form
We will never sell your personal data to third parties.
4. Legal Basis for Processing (UK GDPR)
We process your data under the following legal bases:
- Contract: To provide the services you've signed up for (account, business listing, premium features)
- Consent: For analytics cookies (you can opt out at any time via the cookie banner)
- Legitimate interest: To improve our platform and communicate important updates
5. Cookies
Our website uses cookies. Here's what they do:
| Cookie | Purpose | Type |
|---|---|---|
| Session cookie | Keeps you logged in while using the site | Strictly necessary |
| Cookie consent | Remembers your cookie preferences | Strictly necessary |
| Google Analytics | Helps us understand how people use the site | Analytics (requires consent) |
You can change your cookie preferences at any time by clearing your browser cookies and revisiting the site.
6. How We Store and Protect Your Data
- Your data is stored securely in an encrypted database
- Passwords are hashed using industry-standard encryption (bcrypt)
- File uploads (logos, photos) are stored securely in the cloud using AWS S3
- All connections to our website are encrypted using HTTPS/SSL
7. Third-Party Services
We use the following third-party services:
- Stripe — for processing payments securely
- Google Analytics — for understanding website usage (only with your consent)
- AWS S3 — for storing uploaded images securely
Each of these services has their own privacy policies and data protection measures.
8. Your Rights
Under UK GDPR, you have the right to:
- Access — request a copy of the data we hold about you
- Rectification — ask us to correct inaccurate data
- Erasure — ask us to delete your data (\"right to be forgotten\")
- Restrict processing — ask us to limit how we use your data
- Data portability — request your data in a portable format
- Object — object to our processing of your data
- Withdraw consent — withdraw consent for analytics cookies at any time
To exercise any of these rights, please email us at [email protected]. We will respond within 30 days.
9. Data Retention
We keep your account and business listing data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Some anonymised analytics data may be retained for statistical purposes.
10. Children's Privacy
Our platform is not intended for children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
11. Changes to This Policy
We may update this privacy policy from time to time. Any changes will be posted on this page with an updated date. We encourage you to review this page periodically.
12. Contact Us
If you have any questions, concerns, or requests regarding this privacy policy or your personal data, please contact us:
Email: [email protected]
Website: dbbc.uk/contact
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.