Request a list

Acceptable Use Policy

Version 1.0 (draft) · Last updated TODO — [EFFECTIVE DATE]

CompanyLists

Operated by Team Dimensions Ltd, a company registered in England and Wales (company number 08348964), registered office Walden House, Foxcombe Road, Oxford, OX1 5DL. Contact: [email protected].

About this policy and how it fits together

This Acceptable Use Policy ("AUP") sets out the rules for (a) how you may use the data we license to you (the "Data"), and (b) how you may use our website at https://companylists.co.uk (the "Website").

This AUP is a binding, incorporated part of our Terms of Sale & Licence that sets out the core data-use rules in a standalone form. The Terms of Sale & Licence are the contract between you and us. This AUP exists as a short, standalone page so that the core rules are easy to find on their own and can be referred to at checkout. The full licence grant, restrictions, charges, limitation of liability and remedies are set out in the Terms of Sale & Licence. If there is any conflict between this AUP and the Terms of Sale & Licence, the Terms of Sale & Licence prevail.

You should also read our Database Privacy Notice (Database Privacy Notice) (our UK GDPR Article 14 notice to the company officers whose personal data appears in our lists) and our Privacy Policy (Privacy Policy) (covering customer and Website data). These explain where the personal data in the lists comes from, the lawful basis we rely on, who we disclose it to, how long we keep it, how to contact the Information Commissioner's Office, and the rights of the people in the lists (including the absolute right to object to direct marketing).

A note on roles. When you buy a list, you and CompanyLists are separate, independent controllers under UK data protection law. We are not your processor, and this is not a data processing agreement. We are the controller for the data we compile and supply (and for our own customer data); once you receive a list, you become an independent controller responsible for your own use of it. Your duties as a controller are summarised below and set out in full in the Terms of Sale & Licence.

1. Placement and status

1.1 This AUP is incorporated into and governed by our Terms of Sale & Licence and forms a binding part of the licence we grant you to use the Data. It sets out core data-use rules that are also reflected in the Terms of Sale & Licence; where the two conflict, the Terms of Sale & Licence prevail.

1.2 The Data is licensed, not sold. We grant the purchasing organisation a limited, non-exclusive, non-transferable licence to use the Data on the terms in the Terms of Sale & Licence. This AUP describes the limits of that licence.

1.3 Breach of this AUP is a breach of the licence. If you breach this AUP or the Terms of Sale & Licence, we may suspend your access, terminate the licence with immediate effect, require you to delete the Data, and pursue any other remedies available to us (including the charges and indemnities described in the Terms of Sale & Licence). On termination you must stop using and securely delete all copies of the Data, subject to any record-keeping you are legally required to maintain.

1.4 This AUP covers two things:

  • (a) acceptable use of the Data — the lists of UK companies and the personal data of named company officers contained in them; and
  • (b) acceptable use of the Website — including the free sample rows, list pages, checkout and any account features.

1.5 Governing law and jurisdiction, enforcement, indemnities and limitation of liability are dealt with in the Terms of Sale & Licence. This AUP is governed by the laws of England and Wales, and the courts of England and Wales have exclusive jurisdiction, in line with those Terms. Nothing in this AUP or the Terms of Sale & Licence limits or excludes any liability that cannot lawfully be limited or excluded, including liability for death or personal injury caused by negligence and for fraud or fraudulent misrepresentation.

2. Permitted use of the data

2.1 Internal B2B marketing and prospecting only. You may use the Data only for your own organisation's legitimate business-to-business marketing, prospecting, research and sales activities. The licence is granted to the purchasing organisation for its own internal use.

2.2 What your licence covers depends on the tier you bought, as defined in the Terms of Sale & Licence:

  • Starter and Full (single-list) licences are a one-off supply of a single list. The list is a snapshot at the time of supply; it does not include ongoing updates or refreshes.
  • Pro (all-access) licence is a 12-month all-access licence covering every list on the Website, including lists we add during the term, with weekly refreshes and updates for the duration of the 12-month period. At the end of the term the all-access licence ends; you may keep using lists you downloaded during the term subject to this AUP and the Terms, but you lose access to further downloads and refreshes unless you renew.

2.3 Compliance with data protection law. All of your use of the Data must comply with the UK GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003 ("PECR"), and with your own obligations as an independent controller. Because the Data includes personal data of named company officers (such as name, age and, where available, a contact email and phone number, which may be an individual-subscriber address or number), you are responsible for handling that personal data lawfully, fairly and transparently — see Section 3 and the Terms of Sale & Licence for the specific duties that flow down to you.

2.4 Within your organisation only. You may share the Data internally with your own staff and with contractors acting on your behalf and under your instructions (for example, a marketing agency running a campaign for you), provided they are bound to use it only for your permitted purposes and in line with this AUP. This does not permit any disclosure to third parties for their own use — see Section 3.

3. Prohibited use of the data

The following are strictly prohibited. This list is not exhaustive; the full restrictions are in the Terms of Sale & Licence.

3.1 No resale or redistribution

You must not resell, redistribute, sub-license, rent, lease, lend, syndicate, publish, broadcast, transfer, assign, disclose or otherwise make the Data (in whole or in part, and whether or not modified) available to any third party for that third party's own use. The licence is for your organisation's internal use only.

3.2 No competing or derived products (anti-substitution)

You must not use the Data to build, populate, train, enrich, validate, benchmark or assist in building any product, service, list, directory or database that competes with, substitutes for, or is derived from the Data or the CompanyLists service. This includes incorporating the Data into any data set you make available to others.

3.3 No AI or machine-learning use

You must not use the Data to train, fine-tune, benchmark, evaluate, or provide as input to any artificial-intelligence, machine-learning, large-language-model or similar system, whether your own or a third party's. This includes uploading the Data, or any part of it, to any AI tool or service.

3.4 No scraping, harvesting or bulk extraction

You must not scrape, crawl, spider, harvest, bulk-download, systematically extract, re-utilise, copy or mirror the Data beyond the file we have supplied to you, nor combine it with automated tools to extend or replicate it.

3.5 Direct-marketing and PECR rules you must follow

Because you are an independent controller, you must comply with PECR and the UK GDPR when you contact anyone in a list. In particular you must not, and you must ensure that you do the following:

  • Do not assume the data is corporate-subscriber data. You must not assume that any email address or phone number in the Data belongs to a corporate subscriber. You are responsible for determining the correct PECR subscriber category (corporate or individual) before you market to it.
  • No electronic marketing to sole traders or non-LLP partnerships without consent. You must not send marketing emails or SMS to individual subscribers, sole traders, or partnerships that are not limited liability partnerships unless you have the necessary consent. The PECR "soft opt-in" is not available for data compiled from public records that you did not collect in the course of a sale or negotiations for a sale, so you cannot rely on it for these lists.
  • Screen calls against TPS and CTPS. Before making any marketing call, you must screen numbers against the Telephone Preference Service (TPS) and Corporate TPS (CTPS) and not call registered numbers without the required consent. You must re-screen at least every 28 days.
  • Identify yourself and offer an opt-out. Every marketing message must clearly identify you as the sender and provide a simple, free way to opt out. You must honour and record opt-outs and objections promptly.
  • No special-category data processing. You must not use the Data to infer, derive or process any special-category personal data (such as health, racial or ethnic origin, religious or philosophical beliefs, or sexual orientation).
  • Provide your own Article 14 information. As an independent controller you are responsible for giving the individuals you contact the privacy information required by UK GDPR Article 14, and for honouring their data-subject rights — including the absolute right to object to direct marketing under Article 21, with a fast, free suppression route.

3.6 Seeded records and the re-use charge

Our lists contain seeded "decoy" records that we use to detect unlawful copying, resale or re-use. Misuse of the Data can therefore be traced back to the source list and licensee. If you breach the licence — for example by reselling or redistributing the Data — the liquidated re-use charge set out in the Terms of Sale & Licence applies, in addition to our other rights and remedies (including termination and an indemnity claim). The re-use charge is a genuine pre-estimate of, and proportionate protection for, our legitimate interest in preventing unlawful copying and resale, and is not intended to operate as a penalty. Where we recover the re-use charge, it is credited against any damages we recover for the same loss, so that you are not charged twice for the same breach. The amount and mechanics of that charge are defined in the Terms of Sale & Licence.

3.7 General

You must not use the Data for any unlawful, fraudulent, deceptive or harmful purpose, or in any way that would breach the Open Government Licence v3.0 under which some of the underlying public-sector information is provided. The OGL covers public-sector information but does not license personal data; UK GDPR and PECR apply to the officer personal data independently of the OGL, and nothing in the OGL relieves you of those obligations.

4. Acceptable use of the website

4.1 No scraping, paywall circumvention or unauthorised access

You must not:

  • scrape, harvest, copy, bulk-download or systematically extract the free sample rows, list pages, counts, previews or any other content on the Website;
  • circumvent, disable or attempt to defeat any paywall, access control or technical protection, or access any list, file or feature you have not paid for;
  • access, download or attempt to access any list or part of the Data other than the file properly delivered to you after a completed purchase.

4.2 No interference, automated abuse or promotion-code misuse

You must not:

  • interfere with or compromise the security, integrity or availability of the Website, our systems or our checkout and payment flows;
  • introduce malware, attempt to gain unauthorised access, probe or test the vulnerability of the Website, or place an unreasonable load on it;
  • make automated or abusive use of the checkout, account, download or any API endpoints (including the Stripe-powered checkout), or attempt fraudulent payments or chargebacks;
  • misuse, share, multiply, generate or exploit promotion or discount codes, or use any code other than as intended.

4.3 Suspension, remedies and cross-references

We reserve the right to suspend or withdraw access to the Website and to any account, to refuse or cancel orders, and to pursue all remedies available to us for breach of this AUP — including termination of your licence, recovery of the liquidated re-use charge, and claims under the indemnity in the Terms of Sale & Licence.

Enforcement, indemnities, limitation of liability and governing law (England and Wales) are set out in full in the Terms of Sale & Licence, which this AUP is part of. Nothing in this AUP affects any statutory rights you may have as a Consumer under the Consumer Rights Act 2015 where those rights apply to you, and nothing in this AUP or the Terms of Sale & Licence limits or excludes any liability that cannot lawfully be limited or excluded.

Open Government Licence attribution

Contains public sector information licensed under the Open Government Licence v3.0 — https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/. The Open Government Licence does not license personal data; UK GDPR and PECR apply to the personal data in our lists independently.

Related documents

Contact

Questions about this policy: [email protected].