BNI® Privacy Policy

Click the drop down arrow to select your language. -

CLICK HERE TO PRINT THE BNI® PRIVACY POLICY IN ENGLISH. 

Effective/Last Updated: March 1, 2025

BNI® DATA PROTECTION AND PRIVACY POLICY

BNI Worldwide Development Ltd is the data controller of your personal data for and on behalf of BNI Global, LLC, together with its related affiliates (collectively, “BNI“, “our” or “we“).

This Data Protection and Privacy Policy (“Policy“) is intended to explain to you, as a user of BNI, our services, BNIConnect.com, or web-accessed or mobile applications (“Sites”), what personal data we collect about you, how we use or process that data, with whom it may be shared, and your options about such uses and disclosures.

If you have any questions about this Policy or our personal data processing practices, or if you would like to request information about our disclosure of personal data to third parties for their direct marketing purposes, please contact us by email, telephone, or mail as follows:

BNI Worldwide Development Ltd
Ballinrobe Road
Castlebar
Co. Mayo
F23 FT28
IRELAND

Phone:  +353 94 902 1553
Email: legal@bni.com

BNI’s Data Protection Officer can be contacted at the above address or phone number, or by email at dpo@bni.com.

If you are located in Mainland China, please contact us at:

Regus Tianhe Teem Tower Centre
27/F Teem Tower
208 Tian He Road
Tian He District
Guangzhou, 510620
P.R. China

Phone:  86-020-28261855
Email: info.china@bni.com

If you are a California resident, please see our California Notice at Collection and Privacy Policy accessible at https://bnitos.com/ca-nacapp.

We encourage you to read this Policy carefully when using our Sites or transacting business with us.

In the event of inconsistency between any terms of this Policy and any translation of this Policy into another language, the English version will control and prevail on any question of interpretation or otherwise.

Categories of personal data collected about you and others

Personal data refers to any information about an identified or identifiable individual. “Sensitive Personal Data” means personal data that, once leaked or illegally used, will easily lead to infringement of human dignity or harm to the personal or property safety of a natural person, including (but not limited to): (i) biometric data; (ii) religion; (iii) specific social status; (iv) medical health information; (v) financial accounts; (vi) tracking/location information; and (vii) minors’ data . If you do not agree with the collection and processing of your Sensitive Personal Data, you may not be able to use the functions corresponding to the Sensitive Personal Data you have not consented for us to collect and process, but would not affect your use of any other functions. Reference to personal data in this Policy shall be deemed to include reference to sensitive personal data.

We collect, store and use, with your consent where required by the applicable laws, the following personal data via our Sites, or otherwise interacting with us.

A. General.  When you engage in certain activities on our Sites, such as registering for an account, purchasing a product, submitting content and/or posting content on any of our blogs, or sending us feedback, we may ask you to provide certain information about yourself. Examples of personal data may include your first and last name, email address, mailing address, telephone numbers, age group, gender and other identifying information. When setting up your profile on our Sites, you may be asked to provide an e-mail address, phone number, and address. To a very limited extent, we may be processing your own professional revenue data, although mostly such revenue data relates to your organisation, not to you personally.

We gather certain information about you based upon where you visit on our Sites, and what other sites may have directed you to us. This information, which is collected in a variety of different ways, is compiled and analyzed on both a personal and an aggregated basis. This technology enables us to determine (i) your IP Address of your computer and its geographic location from installing the applications onto your computer or your mobile device; (ii) your search terms or interactive behavior via the Sites; (iii) your purchasing behavior; (iv) source of the information sought by you during your search; and (v) the age of your results data (collectively, “Shared Information“). 

B. Other Information You Provide. We may also collect and store any personal data you enter on our Sites or provide to us in some other manner, including personal information that may be contained in any comment you post to our Sites. This includes your name, address, e-mail address, and telephone number (if provided and applicable); images (both still and moving).

C. Information About Others. We may also collect and store personal data about other people provided to us by members, including their businesses, contact details including email addresses and/or IP addresses. Where applicable, this data is mainly used in the legitimate interests of members, for the purposes of generating their invitations to non-members to Chapter meetings and other BNI events, and for business-to-business referrals between members for the potential purchase of goods or services from non‑members. Also, direct marketing to non-members shall only be done on their prior consent. A member may make a referral to another member of the name and contact details of a non-member for the purpose of direct marketing to that person, whose data shall be stored in BNI Connect on behalf of the members. If you provide to us personal data of any other individuals, you must provide a copy of this Policy to them, and obtain their consent for you to share their personal data for us to use for the purposes as described in this Policy.

D. Automatic Collection of Data.  Information concerning your computer hardware and software are automatically collected and may be shared with other BNI or affiliated websites. This information may include: your IP address, browser type and language, domain names, access times, referring website addresses and the content of any undeleted cookies that your browser previously accepted from us (see “Cookies” below).

E. Cookies. When you visit our Sites, if you provide opt-in consent, we may use one or more “Cookies” to make our Sites easier for you to use and to personalize your online experience. Through the use of a cookie, we also may automatically collect information about your online activity on our Sites, such as the web pages you visit, the links you click, and the amount of time you spend on the Sites. You can withhold or withdraw consent, but if you choose to decline cookies, you may not be able to sign in or use some of the features offered on our Sites.

F. Other Technologies. We may use the ever-evolving Internet technology, such as web beacons and other similar technologies, to track your use of our Sites. We also may include web beacons in company e-mail messages, newsletters, or notifications to determine whether messages have been opened and/or acted upon. This enables us to customize the services we offer our Sites visitors to deliver targeted advertisements and to measure the overall effectiveness of our online advertising, content, programming or other activities.

G. Information From Other Sources.  We sometimes supplement the information that we receive that has been outlined in this Policy with information from other sources and companies. Such outside information includes updated delivery and address information from carriers or third parties, which enables us to correct our records and deliver, for example, future communications more easily; account information, purchase or redemption information, and page-view information from some merchants with which we operate co-branded businesses or for which we provide technical, fulfilment, advertising, or other services; search term and search result information from some searches conducted through the Web search features; search results and links, including paid listings (such as Sponsored Links from Google); and credit history information from credit bureaus, which we use to help prevent and detect fraud and to offer certain credit or financial services to some customers.

How your personal data is used and the legal basis for its processing

With your consent (where required by the applicable law), we primarily use your personal data to fulfil our contract to provide support or service offerings to you.

A. Contractual Necessity.  On the basis of contractual necessity, we process the personal data of members and membership applicants to:

  • manage your account and provide you with customer support;
  • enforce our terms and conditions;
  • manage our business;
  • enable and leverage the Sites to provide user functionality;
  • process payment for any purchases, subscriptions or sales made on our Site, and to protect you and ourselves against, or identify, possible fraudulent transactions, and otherwise as needed to manage our business.

B. Legitimate Interest.  In our legitimate interests in the maintenance and development of our business, we may process your data to:

  • perform research and analysis about your use of , or interest in, our products, services, or content, or products, services or content offered by others; this information may be used, by way of example only, to help us understand the demographics of our members, identify chapters with openings for certain professions, inform future marketing campaigns and judge the success of these marketing campaigns, and judge the success of members and identify coaching strategies.
  • cross market your services/products with our services and our affiliates’ services
  • verify your eligibility and deliver online and/or offline in connection with contests and sweepstakes;
  • protect and defend the rights or property of BNI or one of BNI’s referral networks.

C. Consent.  You may consent to us:

  • providing your email address and other information to our business partners for offers to you of products, services, promotions, contests and/or sweepstakes;
  • sending you email notifications and/or newsletters;
  • creating and operating cookies on your devices when you visit our websites;
  • processing your personal data for the purposes as described in this Policy.

You have the right to withdraw your consent at any time by emailing us at legal@bni.com.

D. Legal Necessity.  When legally necessary, we may also process your personal data:

  • to establish or exercise our legal rights, or to defend against legal claims;
  • in the vital interests of staff, members and users of BNI, or the public, to protect their personal safety.

Data retention

Your data will only be retained for as long as necessary to fulfil the purposes for which it was obtained and/or meet any applicable legal obligations. Please see our Data Retention Policy, accessible at https://bnitos.com/retention for more information.

We take reasonable and appropriate technical and organizational measures to safeguard your personal data against any breach, unauthorized or illegal access, alternation, disclosure or, deletion, such as identity verification, encryption, access control, malicious codes resistance, security audit.

How your personal data is disclosed

With your consent (where required by the applicable law), we may share personal data with:

A. Authorized Service Providers. Authorized service providers performing services on our behalf, e.g., processing credit card payments, delivering products and services, providing customer service and marketing assistance, performing business and sales analysis, supporting our Sites’ functionality, and supporting other features and promotions offered through our Sites.

B. Business partners. From time to time, we may offer products, services, promotions, contests and/or sweepstakes on our Sites and share personal data with the businesses with which we partner to provide these offers.

C. Franchisees. If you are a BNI member or a non-member, we may share your personal data with BNI Master Franchisees or (Sub)franchisees of BNI, who are joint controllers of data (“Data Controller”) with us. We may direct you to a BNI Chapter or potentially provide you with additional information about franchise opportunities based on your interest. As joint Data Controllers, Master Franchisees and (Sub)franchisees have separate obligations for implementing appropriate technical and organizational measures to ensure and to demonstrate that their processing activities are compliant with the requirements of the European Union’s General Data Protection Regulation (“GDPR” or the “Regulation”) and China’s Personal Information Protection Law (“PIPL”).

D. Members. We and our authorized third-party agents may share your personal data and member performance data with other members, chapters, and the entire BNI System.  This includes (a) displaying your personal information as a way of marketing your business on BNI Connect®, and (b) sharing your performance data via BNI Connect®, BNI® University, and any other web platforms or techniques we may, separately or through authorized third-party agents, choose to utilize or develop in the future related to the core business of networking and passing referrals.

E. Other Situations. We may also disclose your information:

  • under a legal obligation, including but not limited to, a subpoena or court order;
  • under legal authority to respond to requests for cooperation from a law enforcement or other government agency (including civil and criminal matters);
  • to prevent illegal activity, to prevent imminent bodily harm, or to protect ourselves and you from people violating our Terms of Service, accessible at https://bnitos.com/tos. This may include sharing personal data with, for example, other companies, lawyers, courts or other government entities where applicable;
  • in connection with a substantial corporate transaction, such as the sale of our business, a merger, divestiture, consolidation, or asset sale, though in any event, any acquiring entity or other third-party assignee will be bound by the provisions of this Policy;
  • to protect and defend the rights or property of BNI or one of BNI’s referral networks; and, act under exigent circumstances to protect the personal safety of members and users of BNI, its Sites, or the public. This may include sharing personal data with, for example, other BNI members, visitors, government health agencies, or other government entities.

All the recipients of Personal Information as set forth above are required to take appropriate security measures to protect your Personal Information in line with our Policies.

Any third parties to whom we may disclose personal data may have their own data protection and privacy notices/policies, which we encourage you to view on the websites of those third parties.

Third Party SDK we use

Name of SDK application Purpose of Collection and Use Personal Information Collected via SDK Sensitive Permission Requested Link to SDK Provider Privacy Policy
Schoox Member training Member name, member email address N/A https://www.schoox.com/privacy.php
Marketo Member marketing communication and management Member name, member email address, phone number, business address, member gender (optional) N/A https://www.adobe.com/privacy/policy.html
KCADI LTD Data analysis and reporting Name, email, phone number, business and billing address data, business name, member gender (optional) N/A N/A

Third-Party Websites

There are a number of places on our Sites or through our services where you may click on a link to access other websites that do not operate under this Policy. For example, if you click on an advertisement or a search result on our Sites, you may be taken to a website that we do not control. These third-party websites may independently solicit and collect personal data, from you and, in some instances, provide us with information about your activities on those websites. We recommend that you consult the data protection and privacy notices/policies of all third-party websites you visit.

Your Data Protection Rights

Under GDPR, you have the following rights:

  • You have the right to be provided on request with a copy of your personal data.
  • You have the right to rectification of inaccurate data we may have recorded about you.
  • You have the right to the erasure of your data (“Right to be Forgotten”) which we no longer have justification for recording.
  • You have the right to object to processing of your data which is being done on the basis of our legitimate interests.
  • You have the right to refuse to be contacted for direct marketing purposes.
  • You have the right to restrict the processing of your personal data when:
    • the basis for its processing is in dispute;
    • its accuracy is in dispute;
    • we cannot establish a lawful basis for its processing, but you do not wish it to be erased;
    • we no longer need your data, but you need it for the establishment, exercise, or defense of legal claims;
    • you object, where applicable, to our processing your data on the basis of our legitimate interests, pending verification of whether our interests override.
  • You have the right to be provided in a structured, commonly used and machine-readable format with a copy of your data which we process on the basis of your consent or contractual necessity, or to have it transferred directly to another data controller (“Data Portability”).

Under PIPL, you have the following rights:

  • Right to access and copy of data.
  • Right to transfer.
  • Right to correct or supplement.
  • Right to deletion in certain circumstances.
  • Right to limit or withdraw consent.
  • Right to request details of processing (including for automated decision-making, and can refuse such decision) and of handling rules.
  • Right to deregister accounts.
  • Right to complain.

If you have an online account with us, you have the ability to review and update your personal information online by logging into your account. You can also review and update your personal information and exercise your other rights by contacting us. More information about how to contact us is provided below.

If you have an online account with us, you also may choose to close your account at any time by emailing us at legal@bni.com. If you close your account, we may still retain certain information associated with your account for analytical purposes and record keeping requirements per our Data Retention section above as well as to prevent fraud, collect any fees owed, enforce our Terms of Service, or take other actions otherwise permitted by law. In addition, if certain information has already been provided to third parties as described in this Privacy Policy, retention of that information will be subject to those third parties’ policies.

If you are not satisfied with our response or are otherwise concerned with how we process your personal data, you also have the right to make a complaint to our supervisory authority, Ireland’s Data Protection Commission (www.dataprotection.ie). If you are Chinese resident, you also have the right to make a complaint to  the Cybersecurity Administration of China (CAC).

Communities and Forums Offered on our Sites

We may provide areas on our Sites where you can post information about yourself, including your name and email address, communicate with others; upload content; and post comments. Such postings are governed by our Terms of Service. Also, whenever you voluntarily disclose personal data on our Sites, that data will be available and can be collected and used by others who have authorized access to your content.

We encourage you to exercise discretion and caution with respect to your personal data. Once you have posted data, you may not be able to edit or delete such data.

Any personal data that you disclose through our Sites, or other online forums hosted on our Sites, may be collected and used by others. We recommend caution when giving out personal data to others in these online forums.

Children’s Privacy

Our Site is a general audience site not intended for use by children, and we do not knowingly collect personal data from children. You may access our Sites only if you are of legal age to lawfully form a binding contract.

Transfers of Personal Data Outside of Europe or the Mainland China

The global extent of BNI’s business necessitates the transfers of personal data to its franchisees, members, and business partners and service providers on a worldwide basis. When personal data is transferred from the European Economic Area (EEA), at least one of the following safeguards to protect your personal data to a similar level as within the EEA will be applied:

  • Our franchisees, business partners or service providers are located in countries which have been designated by the European Commission as having an adequate national standard of data protection; or
  • We will require our franchisees, business partners or service providers to adopt the data protection standard contractual clauses “(“SCC”) pre-approved by the European Commission.

With your separate consent, we may share, transfer or store your personal data outside of Mainland China where we are satisfied that adequate levels of protection are in place to protect the integrity and security of your personal data or adequate security measures are adopted in compliance with legal requirements. For example, we may sign agreements with the recipients of your personal data. In any case, we will ensure the entity that receives your personal data properly handles your personal data and your personal data gets the same level of protection that it obtained in Mainland China.

Data Privacy Framework

BNI Global, LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. BNI Global, LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. BNI Global, LLC has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. BNI’s U.S. subsidiaries adhering to the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF are: BNI Connect Global, LLC, BNI Franchising, LLC, BNI Global, LLC, BNI Global Holdings LLC, BNI Holdings, LLC, BNI Intermediate Holdings, LLC, BNI International Holdings CTB, LLC,, Corporate Connections Franchising, LLC, Corporate Connections Global, LLC, Prosperity Brands, LLC, and Scion Social Holdings LLC.

Under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, you have the following rights:

  • Right to choose (opt out) whether your personal information is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by you, through clear, conspicuous, and readily available mechanisms to exercise choice.
  • Right to access personal information about you that we hold and the right to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access to you would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated.

Additional information on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF can be viewed at https://www.dataprivacyframework.gov/s/ . The Federal Trade Commission (FTC) has jurisdiction over BNI’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. BNI will annually renew its EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF self-certification to help ensure the treatment of all personal data continues to be accurate and processed in accordance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF principles. In cases of onward transfer to third parties of EU, UK, and Swiss Personal Data received pursuant to the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-US DPF, BNI is potentially liable. All questions or complaints regarding the processing and use of personal data should be directed to legal@bni.com. You may also contact BNI’s Data Protection Officer by email at dpo@bni.com.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, BNI Global, LLC commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit  https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, BNI commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.

You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: prior to initiating an arbitration claim: (1) raised the claimed violation directly with BNI and afforded us the opportunity to resolve the issue within the timeframe set forth in section (d)(i) of the Supplemental Principle on Dispute Resolution and Enforcement; (2) made use of the independent recourse mechanism under the Principles, at no cost to you; and (3) raised the issue through your Data Protection Authority (DPA) to the US Department of Commerce and afforded the US Department of Commerce an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the Department’s International Trade Administration, at no cost to you.

Changes to this Policy

We will occasionally update this Policy to reflect changes in our practices and services. When we post changes, we will revise the “Last Updated” date at the top of the Policy. If we make any material changes in the way we collect, use, and/or share your personal data, we will notify you email to the email address you most recently provided us in your account, profile or registration if we have such an email address, and/or by prominently posting notice of the changes on our Sites, or where required by the applicable laws, obtain your consent. We recommend that you check our Sites from time to time to inform yourself of any changes in this Policy..

©2025 BNI Global, LLC. All rights reserved.