Legal

Effective date: 01 March 2025

Company: inBeta Limited (registered in England & Wales, No. 12833245)

1) Scope & Agreement

These Terms govern your use of (a) our public sites at inBeta.io and inBeta.ai (including sub-domains) (the "Website") and (b) the inBeta.ai Client Portal (the "Portal"), which provides authenticated access to Optics deliverables powered by our iBx multi-agent engine under human-governed, auditable workflows. By using the Website or Portal you agree to these Terms. If you don't agree, please don't use them. Where a separate contract applies (e.g., MSLA or SoW), that contract prevails for paid services.

2) Purpose, Audience & Lawful Use

The Website provides marketing, research and governance information.
The Portal provides authenticated client access to insight packs, dashboards, and files.
Portal users must be 18+ and act for a business or professional purpose. Consumers using the Website remain protected by applicable UK law.
You must not misuse the Website/Portal (e.g., unlawful activity, introducing malware, security testing without written consent, or automated access beyond Section 8).

3) Accounts, Security & Confidentiality (Portal)

Authority & access. You warrant you're authorised by your organisation to access the Portal and will keep credentials confidential (use strong, unique passwords; enable MFA where available; no account sharing).
Confidentiality. Portal materials, insight packs, data exports, and dashboards are confidential to the client and inBeta and may be disclosed only as permitted in your MSLA or by law.

4) Intellectual Property & Licences

Ownership. All Website/Portal content (including text, data models/schemas, software, layouts, video/audio and reports) belongs to inBeta or licensors and is protected by copyright and database rights.
Research Blog quotation licence (Website only). You may quote up to 200 words per blog post for commentary, scholarship or journalism with clear citation (title, author if shown, date, canonical URL). No full-post reproductions, dataset compilation, training/finetuning on our content, or derivative works that substitute for our originals. Licence is revocable, non-transferable, and does not apply to non-blog pages, the Portal, downloads, paid deliverables, or content marked "All rights reserved." Any AI-assisted output must display the citation adjacent to the quoted text.
Portal licence. Subject to your MSLA and fees paid, we grant a limited, non-exclusive, non-transferable licence for internal business use of Portal deliverables for the term of your contract. No implied rights (including to use our trademarks or product names such as "Optics" or "iBx").

5) Content Standards & Uploads

If you upload or provide materials, you warrant you have the necessary rights and that your content does not infringe third-party rights, breach confidentiality, or contain unlawful content. You grant us a licence to use your uploads solely to provide the Portal and related services as agreed (and as further governed by our DPA where applicable).

6) Privacy, Cookies & Data Ethics

See our Privacy Notice and Cookie Policy for what we collect and why. We design services to favour transparent, auditable AI with human-in-the-loop governance and maintain security aligned with ISO 27001/42001 roadmaps and EU-AI-Act-style transparency.

7) Disclaimers & Service Availability

Website: provided "as is" and "as available" for general information/marketing; not advice.
Portal: outputs are decision-support based on data and methods at the time; you remain responsible for business decisions and compliance.
We disclaim all implied warranties to the fullest extent permitted by law and may update/suspend/discontinue parts of the Website or Portal.

8) AI, Automated Access & Text-and-Data Mining (TDM)

Prohibited (except for the limited blog quotation in §4):

crawling/scraping/harvesting/mining or otherwise copying our content to train, finetune, evaluate, or augment AI systems (including embeddings, vector databases, or retrieval corpora);
building, selling, or sharing datasets derived from our content;
framing or replicating substantial parts of the Website or Portal.

Permitted: good-faith search indexing that respects robots.txt and standard directives for discoverability of public pages (never Portal content) and automated accessibility tools (e.g., screen readers).

Legal carve-outs: nothing here restricts statutory exceptions (e.g., UK non-commercial research TDM to the extent applicable by law). Where a licence is required, we reserve all rights.

Machine-readable signals: we deploy robots.txt, meta and header directives communicating our no-training/no-dataset policy; see Appendix A. These signals guide compliant crawlers, but these Terms are the enforceable policy.

9) Linking & Third-Party Sites

You may link to public pages fairly and legally without implying endorsement. We're not responsible for third-party sites/services, their content, security, or privacy practices.

10) Liability

Nothing limits or excludes liability for death/personal injury caused by negligence, fraud/fraudulent misrepresentation, or other liability that cannot be limited under English law. Subject to the foregoing, we exclude all liability for loss of profits/revenue/business/goodwill; loss or corruption of data; indirect or consequential loss; and losses arising from reliance on Website content. For Portal services delivered under a contract, the MSLA's liability limits apply.

11) Indemnity

You agree to indemnify us for claims arising from unlawful use of the Website/Portal, breach of these Terms, or infringement of third-party rights (including misuse of our content to train AI systems contrary to §8).

12) Changes

We may update these Terms from time to time. The "Effective date" shows when changes take effect. If changes materially affect Portal users, we'll give reasonable notice via the Portal or email.

13) Governing Law & Jurisdiction

These Terms (and non-contractual obligations) are governed by the laws of England and Wales. The courts of England have exclusive jurisdiction.

14) Contact

General: hello@inBeta.io · Privacy & data: privacy@inBeta.io · Legal notices & permissions: legal@inBeta.io

Effective: 01 March 2025

Who we are: inBeta Limited (UK Co. No. 12833245), Century House, Wargrave Road, Henley-on-Thames, Oxfordshire, RG9 2LT.

Contact: privacy@inBeta.io

1) What this notice covers

This notice explains how we collect and use personal data when you visit inBeta.io / inBeta.ai, use the inBeta Optics Portal, interact with our content, or work with us in a live mandate. It applies to website/portal users, business contacts, referees/sources, supplier contacts, and executives whose public professional information may be referenced in our work. It complements client MSLA/SoW terms.

2) Our role (Controller vs. Processor)

Controller – for iBx Core and Geared layers and for website/portal data: we decide the purposes and means of processing.
Processor – for User-Supplied client data in the Optics Portal (e.g., org charts, role specs, interview recordings with notice/consent): we act only on the client's written instructions under the MSLA/SoW.

3) The data we collect (our three-layer model)

iBx Core (public/licensed): curated professional and market sources (e.g., corporate filings, registries, reputable market/financial and industry research, professional networking/media, company publications, publicly available A/V) used to create a general sector-tuned baseline.
iBx Geared (client-specific overlay): configuration/calibration that weights Core signals to a specific mandate (role structures, target segments, benchmarks).
User-Supplied (client/internal): limited inputs chosen by a client or individual (e.g., org design, role definitions, mobility/DEI metrics in aggregate, CVs, interviews/notes with consent) plus necessary portal account data and telemetry.

Typical categories: identity and contact details; career history and credentials; governance/market roles; professional content; portal authentication logs and support tickets. We avoid special category data; where strictly necessary (e.g., lawful DEI reporting or access accommodations) we use an appropriate legal basis and safeguards.

We do not run a general candidate database or sell personal data. We use public professional information for live mandates and then archive or retire it.

4) Why we use data (legal bases)

Provide Optics & advisory; run the Portal (analytics, reporting, delivery, support, security): contract / legitimate interests (B2B leadership foresight; fair, proportionate use).
Source professional insights for live mandates from public/licensed data and contact nominated referees/sources: legitimate interests.
Audit, governance, and product integrity (lineage logs, bias checks, human QA): legitimate interests / legal obligation.
Marketing to business contacts (insights/events): consent or soft opt-in to existing clients; you can opt out anytime.
Compliance, disputes, tax/record-keeping: legal obligation / legitimate interests.

Special category data is processed only with explicit consent or where employment/social protection law allows, or in aggregated/anonymised form.

5) AI, profiling, and human oversight

Our agentic AI stack automates data preparation and pattern recognition with full lineage logging and human QA sign-off before insights are released.
We do not make decisions with legal or similarly significant effects based solely on automated processing (UK GDPR Art. 22).
We do not use client personal data or individuals' data to train public foundation models. Fine-tuning for Optics happens in controlled environments and, where possible, uses aggregated, synthetic, or de-identified data.
You can object to profiling related to you or ask us to narrow its scope (see §9).

6) Where data comes from

Public/licensed professional and market sources; the client (Processor layer); you (directly, e.g., via the portal or briefings); referees/sources you nominate; and portal telemetry essential for security and performance.

7) Sharing & international transfers

We share data only as necessary with: client-authorised users; secure cloud/IT providers; our professional advisers; and regulators where required. If data leaves the UK/EEA, we use appropriate safeguards (UK IDTA/Addendum, EU/UK adequacy, or SCCs with TIAs). A current summary of key sub-processors and transfer mechanisms is available via the Portal Support Centre.

8) Security

We apply layered technical and organisational measures proportionate to risk (access control, encryption in transit/at rest, logging/monitoring, SDLC, backup/DR). Our programme aligns to ISO 27001/42001 controls. If a breach risks your rights and freedoms, we'll notify you and regulators as required.

9) Your rights

You can access, correct, erase, restrict, object (including to profiling for our legitimate interests), and port your data, and you have rights around automated decisions. For Processor-layer data, we'll direct you to the relevant client controller. Email privacy@inBeta.io. We may need to verify your identity and context. You can complain to the UK ICO at any time (ico.org.uk).

10) Retention (how long we keep data)

iBx Core public/licensed signals: refreshed on rolling cycles; personal markers not referenced in live work are typically purged or re-fetched after ~24 months.
iBx Geared analytics: mandate + 24 months for auditability/defence of claims, then anonymised.
User-Supplied (Processor): per client instruction/MSLA; default up to 24 months post-mandate unless instructed otherwise.
Portal security logs/telemetry: 12–24 months.
Financial/contract records: 6–7 years (legal obligation).
Suppression/opt-out lists: minimal, held solely to honour your request.

11) Marketing

B2B insights and events are sent to opted-in contacts and existing clients under PECR "soft opt-in". Opt out anytime via the email footer or privacy@inBeta.io.

12) Cookies

We use essential cookies to run the site/portal and optional analytics with consent. See our separate Cookies & Similar Technologies Policy for details and controls.

13) Children

Our services target organisations and adult professionals. We do not knowingly collect children's data.

14) International users & EU representation

If we appoint an Article 27 EU/EEA representative, we will publish details here. Our safeguards for cross-border transfers are described in §7.

15) Changes to this notice

We will update this notice when the law, technology, or our product changes. Material updates will be flagged on the website/portal with the effective date.

Contact us: privacy@inBeta.io
Security reports: security@inBeta.io
Complaints: UK ICO (ico.org.uk)

Introduction

This Ethics, Diversity, Inclusion and Belonging Notice (the "Notice") explains and describes our commitment to Inclusivity and fairness. Inbeta is striving to be the foremost inclusive talent partner for a progressive organisation.

We want to help as many people as possible achieve their full potential, regardless of background, and empower organisations to thrive, driven by our delivery of outstanding talent.

Inclusivity and fairness is the reason why Inbeta exists. Not only is our client proposition built around inclusion, but our organisation has been developed for the people within to ensure we have an environment where all our people, and those we interact with, can flourish, perform and feel valued to their uniqueness.

We are a young and growing business searching for every opportunity to demonstrate our dedication to the Ethics, Diversity and Inclusion and agenda. Internally, we describe this as Belonging. Our commitments will grow over time, though to date, we have the following actions in place that will guide us as our team expands and our responsibilities in the field of talent increase:

Inbeta on EDI&B:

We will use our proprietary technology, methodology and assessment, that we offer to our clients to surfaces outstanding talent for our business.
We will ensure that our shortlists for roles within Inbeta are diverse by as many characteristics as possible, challenging ourselves where our search may have resulted in an imbalanced shortlist.
One of our founding roles within the company is a “Moral Compass”. A person with the role of ensuring that our culture and practices are developed with Inclusivity and ethics in mind.
All of our employees undertake rigorous bias training and cultural intelligence (CQ) training.
We will ensure that pay is reviewed at each appointment and on an annual basis to reassure ourselves that there is no inequality in salary or a wide pay gap.
We are committed to educating our clients and candidates on the Inclusion and Diversity agenda. We will challenge in a supportive fashion and extend our expertise to influence all we do business with positively.

Changes to this Notice

We reserve the right to modify this Notice from time to time, so please review it regularly. More information on Inbeta’s broader EDI&B positioning, and equal employment is available in our Privacy Policy.

If you have any questions regarding this Website or its policies, please contact hello@inbeta.io

Effective date: 01 March 2025

1) Who we are & where this applies

This policy explains how inBeta Limited ("inBeta", "we", "us") uses cookies and similar technologies on www.inbeta.io (and sub-domains) and on the inBeta.ai Client Portal (the "Portal"). Read this together with our Privacy Policy and Terms of Website & Portal Use.

2) What we mean by "cookies & similar technologies"

"Cookies" are small files placed on your device. "Similar technologies" include local/session storage, SDKs, pixels, tags, beacons and server-side tagging. We use "Cookies" to refer to all of these.

3) The rules we follow

We only set non-essential cookies with your consent (UK PECR, Reg. 6).
We meet UK GDPR transparency and lawful-basis requirements and apply the same standard for EEA visitors (ePrivacy).
Bottom line: non-essential cookies aren't set until you choose them in our banner/settings.

4) How we use Cookies (by category)

We practice data minimisation, avoid dark patterns, and set conservative defaults.

Strictly necessary (always on; no consent required) – make the site/Portal work; security; load-balancing; consent capture (e.g., session/auth tokens, CSRF protection, load-balancer routes, CMP consent state). Legal basis: legitimate interests / contract (Portal access).
Functional (consent) – remember choices such as language and UI preferences. Legal basis: consent.
Analytics / performance (consent) – understand aggregate usage and improve reliability; configured with IP masking and limited retention. Legal basis: consent.
Advertising / social media (consent) – only if campaigns are active; measure campaign effectiveness. Legal basis: consent.
Security / anti-fraud (may be necessary) – detect unusual activity and protect accounts (primarily in the Portal). Legal basis: legitimate interests / contract.

Portal note. The Portal uses essential cookies for secure sign-in and session continuity, supports audit trails and human QA, and does not use third-party advertising cookies.

5) Your choices: consent, control & signals

Banner & settings. On first visit we display a banner. You can accept, reject, or customise by category, and change choices any time via "Cookie settings" in the footer. Consent is per device/browser. We refresh consent at least every 6 months or sooner if vendors/purposes change. You can withdraw consent at any time.
Global Privacy Control (GPC). If your browser sends a recognised GPC signal, we treat it as an opt-out for non-essential cookies. We also honour Do-Not-Track where feasible by aligning it to "reject all non-essential".

6) Third parties & international transfers

Our Consent Management Platform (CMP) shows the live list of vendors, purposes and durations in "Cookie settings." Some providers may process data outside the UK/EEA; where they do, we use appropriate transfer safeguards (e.g., UK Addendum/SCCs) and vendor DPAs.

7) Retention

Consent records: up to 24 months for compliance proof.
Essential cookies: session or short fixed periods necessary for security/availability.
Analytics (if used): typically 2–14 months.

Exact lifetimes appear in "Cookie settings."

8) Managing cookies in your browser

You can block/delete cookies in your browser. Doing so may cause parts of the site/Portal not to work (for example, you may be signed out). For vendor-level control, use Cookie settings.

9) Children

Our services target business users. We do not knowingly place cookies in relation to children.

10) Updates

We'll post updates here and refresh the banner if purposes or vendors change materially.

Questions or requests: privacy@inbeta.io (inBeta Limited, Company No. 12833245).

Modern Slavery Policy

Modern slavery is a crime and a violation of fundamental human rights. It takes various forms, such as slavery, servitude, forced and compulsory labour and human trafficking, all of which have in common the deprivation of a person's liberty by another to exploit them for personal or commercial gain.

inbeta Limited has a zero-tolerance approach to modern slavery, and we are committed to acting ethically, with integrity, across all our business dealings, relationships and implementing and enforcing effective systems and controls to ensure modern slavery is not taking place anywhere in our own business or any of our supply chains. However, it is essential to note that we believe this is a low-risk area for inbeta Limited as our company focuses solely on executive leadership acquisition and performance and engages only professional executives to carry out our services.

Organisational Structure

inbeta Limited is an executive leadership performance business, generally providing services directly to our clients. However, where necessary, we may supplement our services with those provided by other executive partners operating in niche and specialist areas.

Where this is the case, inbeta Limited operates stringent measures to assess and ensure these other suppliers operate as 'true' Supply Chain Partners, mirroring our policies and standards, and in an ethical, legally compliant and professional manner. They are expected further to promote similar standards in their own supply chains, consistent with our disclosure obligations under the Modern Slavery Act 2015.

Policy Structure

We expect the same high standards from all of our employees, contractors, suppliers and other business partners and as part of our contracting processes.

This policy applies to all persons working for us or on our behalf in any capacity, including employees at all levels, directors, officers, agency workers, seconded workers, volunteers, interns, agents, contractors, external consultants, third-party representatives partners.

This policy does not form part of any employee's employment contract, and we may amend it at any time.

Responsibility for the Policy

inbeta Limited has overall responsibility for ensuring this policy complies with our legal and ethical obligations and that all those under our control comply with it.

inbeta Limited has primary and day-to-day responsibility for implementing this policy, monitoring its use and effectiveness, dealing with any queries about it, and auditing internal control systems and procedures to ensure they effectively counter modern slavery.

Management at all levels is responsible for ensuring those reporting to them understand and comply with this policy and are given adequate and regular training on it and modern slavery in supply chains.

You are invited to comment on this policy and suggest ways in which it might be improved. Comments, suggestions and queries are encouraged and should be addressed to the Board of Directors.

Compliance with the Policy

You must ensure that you read, understand and comply with this policy.

The prevention, detection and reporting of modern slavery in any part of our business or supply chains is the responsibility of all those working for us or under our control.

You are required to avoid any activity that might lead to, or suggest, a breach of this policy.

You must notify a company Director as soon as possible if you believe or suspect that a conflict with this policy has occurred or may occur in the future.

You are encouraged to raise concerns about any issue or suspicion of modern slavery in any parts of our business or supply chains of any supplier tier at the earliest possible stage.

If you believe or suspect a breach of this policy has occurred or that it may appear, you must notify a company Director OR report it per our Whistleblowing Policy as soon as possible.

Training for Staff

If you are unsure whether a particular act, the treatment of workers more generally, or their working conditions within any tier of our supply chains constitutes any of the various forms of modern slavery, raise it with a company Director.

We aim to encourage openness and will support anyone who raises genuine concerns in good faith under this policy, even if they turn out to be mistaken. We are committed to ensuring no one suffers any detrimental treatment due to reporting in good faith their suspicion that modern slavery of whatever form is or may be taking place in any part of our own business or any of our supply chains.

Detrimental treatment includes dismissal, disciplinary action, threats or other unfavourable treatment connected with raising a concern. If you believe that you have suffered any such treatment, you should inform a company Director immediately.

If the matter is not remedied, and you are an employee, you should raise it formally using our Grievance Procedure, which can be found in the current employee handbook. This Modern (Anti) Slavery Policy and Statement is intended for businesses in all countries, especially the United Kingdom.

Communications & Awareness of this Policy

Training on this policy and the risk our business faces from modern slavery in its supply chains forms part of the induction process for all individuals who work for us, and updates will be provided using established communication methods between the business and you.

Our zero-tolerance approach to modern slavery must be communicated to all suppliers, contractors and business partners at the outset of our business relationship with them and reinforced as appropriate thereafter.

Breaches of this Policy

Any employee who breaches this policy will face disciplinary action, which could result in dismissal for misconduct or gross misconduct. We may terminate our relationship with other individuals and organisations working on our behalf if they breach this policy.

on behalf of the company Director's of inbeta Limited, 2021

Click here to download our signed copy.