OneHub | Overview

Connect all your employee benefits, wellbeing, reward, and recognition so your people have one home for everything at work.

Explore

OneHub | Benefits

Run, Manage and engage your employees in, benefits - anywhere in the world.

Explore Benefits

OneHub | Discounts

Help employees’ pay go further with global savings on global brands to instantly increase the value of their post payroll spend.

Explore Discounts

OneHub | Reward & Recognition

Shine a light on all things happening across your organisation.

Explore R&R

OneHub | Wellbeing

Enhanced wellbeing with customised and guided support for every employee.

Explore Wellbeing

Benefex resources

All sorts of insights, ideas and guides from the Benefex team to help you deliver an exceptional employee experience.

Explore resources

Customer stories

What’s it like partnering with Benefex? Nobody says it better than our customers. See what we’ve helped them achieve.

Explore stories

Events and webinars

Check out our upcoming events. And explore our library of on-demand webinars, featuring clients, partners and industry thought leaders.

Explore Events and Webinars

Benefex careers

Join our mission to create exceptional employee experiences every day.

Explore careers

Life at Benefex

Explore what it’s like to be a Benefexer, our culture, employee stories, and more.

Explore

Open Roles

Looking for an exciting career? See our open roles and apply today!

Explore roles

About Benefex

Find out more about Benefex, our values, and mission.

Learn more

Customer stories

What is it like to work with Benefex? Nobody says it better than our customers. See what we’ve helped them achieve.

Explore stories

Awards

Check out the recognition we’ve received for excellence in delivering exceptional employee experiences.

Explore awards

ESG

Discover our commitment to achieving net-zero emissions and how we’re making a difference.

Discover our commitments

Get in touch

Contact us for enquiries, partnerships, or to simply say hello. We’d love to hear from you and explore ways to work together.

Contact us

Want to try Benefex?

Book a free demo today

Book a demo

Privacy Notice

The Benefex Group is part of the Zellis Group. When we refer to Benefex, we mean the companies listed below and any entities which may form part of the Benefex Group from time to time (“Benefex“, “we“, “us“, “our“).

Benefex is a technology business that provides Software as a Service (SaaS) platform we call OneHub. The platform works across mobile, tablet and desktop services.  Benefex takes the privacy of your personal data very seriously, and we do so in accordance with the UK General Data Protection Regulation and EU General Data Protection Regulation (together, “GDPR“), the Data Protection Act 2018 and Privacy and Electronic Privacy Regulations (“PECR“) and any other applicable legislation (together, the “Data Protection Laws“).

This privacy notice (the “Notice“) applies to personal data we obtain through our website (https://hellobenefex.com/) (the “Website“) and (ii) our products, services (e.g. marketing, business to business and career opportunities) and/or web-based applications (collectively, the “Services“). A separate privacy notice may apply when you use the services of a Partner or a Third Party, linked to the Services of Benefex. This Notice also describes the rights you may have and how you can contact us about our privacy practices.

We are the Controllers of your personal data (as defined in the GDPR), as we are responsible for processing your personal data, collected through the Website or in connection with our Services. The specific identity of the Controller of your personal data will depend on your location and the Services being provided.  The following table sets out the potential applicable Controllers:

Benefex Limited (company registration number 04768546)
ICO Registration: Z8773454
Data Protection Representative: Information Security Director
Contact Details: Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU

Benefex Financial Solutions Limited (company registration number 06242658)
ICO Registration: Z3103927
Data Protection Representative: Information Security Director
FCA contact: Corporate Benefits Director
Contact Details: Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU.

Benefex Philippines, Inc (company registration number 2023070107567-05)
Contact Details: 17th Floor Skyrise 4B, West Geonzon St., Apas, Cebu City, Cebu

BFX Incorporated (company registration number 6146001)
Contact Details: Suite 302, 4001 Kennett Pike, County of New Castle, Wilmington DE 19807

Affinity Financial Network Limited (company registration number 322827)
Contact Details: 3rd Floor, 1 Custom House Plaza, I.F.S.C. Dublin 1, Dublin, D01C2C5

Affinity Financial Network U.K Limited (company registration number 04428631)
Data Protection Representative: Information Security Director
ICO Registration: ZB053938
Contact Details: Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU

This Notice sets out the basis on which any personal data we collect about you, or that you provide to us, will be processed by us as a Controller. Please read the notice carefully to understand our views and practices regarding your personal data and how we will treat it.

Personal data we collect as a Processor

We also provide Services to many customers where we process personal data on behalf of those customers and under their instruction (e.g. to administer our benefits services).

When we provide those Services, we act as a Processor. Please note that if you are an employee of an organisation that uses these Benefex Services, then the Controller for your information will be that organisation (e.g. your employer) and you should refer to their privacy information and notices.  In such case, we may use your personal data as a Controller for limited purposes such as for internal analysis purposes (as set out in the lawful basis table below), if permitted under the contract with your employer. 

This Notice should be read in conjunction with our Website’s Terms and Conditions.

1. What is personal data?

The GDPR definition is as follows: “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. What we collect, process and why

To ensure we can provide a valid response to a request or an update for information regarding our Services, news, case studies, white papers or career information, we will collect personal information from you via web forms, direct contact or email requests. The information collected may be used to contact you personally or your business for marketing, employment opportunities and information relating to Benefex Services.

2.1 Data Types Processed

The following data will be used if you visit our Websites, we set you up as a customer or you otherwise engage with us (for example, as a job applicant or supplier):

Personal Data Type

Source of Data

Title, Name, Address (business or Personal), Email Address (business and personal), Position, Telephone number (mobile and/or Landline), Curriculum Vitae information and Company name (“Job Application Data“)

  • Directly from you.
  • Subscription HR databases for sales use
  • LinkedIn profiles
  • Benefex web forms
  • Curriculum Vitae submissions by you or by a third party on your behalf

First name, last name, email address, phone number, address, company, job title (“Contact Data“)

  • Directly from you or from your employer (if you are employed by one of our customers or suppliers)

Billing address, bank account information, Benefex purchase or service history, annual revenue (“Financial Data“)

  • Directly from you or collected indirectly by us during the course of our engagement

Additional Data Type

Source of data

Information about your computer, including (where available) your IP address, operating system and browser type (for system administration) (“Technical Data“)

This is statistical data about our users’ browsing actions and patterns, and does not directly identify an individual. This is to ensure that content from our Websites is presented in the most effective manner for you and for your computer and to ensure that we can identify a genuine business enquiry.  For more information, please see our Cookie Policy.

 

2.2 What is the purpose of processing and who receives the information?

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific lawful basis we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

Providing you with careers information about us and our affiliates

(a) Contact Data

Necessary for our legitimate interests to ensure correct information is shared in relation to our range of Services

Processing and communicating with you in relation to your job application

(a) Contact Data
(b) Job Application Data

Necessary for our legitimate interests to consider employing you and (if successful) taking steps to enter into a contract with you

Providing you with marketing communications about Benefex

(a) Contact Data

Necessary for our legitimate interests to ensure customers are aware of our range of Services

Providing you with information that you request from us. i.e. white papers and case studies and or additional information that may be of interest to you or your business.

(a) Contact Data

Necessary for our legitimate interests to ensure customers are aware of our range of Services

In order to comply with obligations arising from any contractual agreements between us and a business, and to provide you with support

(a) Contact Data

(b) Financial Data

Necessary for our legitimate interests, to communicate as required

In order to comply  with our obligations arising from any contractual agreements between us and an individual, and to provide you with support

(a) Contact Data

(b) Financial Data

Necessary for the performance of a contract with you

Communicate changes to our Services

(a) Contact Data

(b) Technical Data

Necessary for the performance of a contract with you

Necessary for our legitimate interests, in updating you

To analyse users’ behaviour when using our Services to customise preferences, and develop  new products, services and advertising

(a) Technical Data

Necessary for our legitimate interests, to define types of customers for our Services, personalise the marketing content we provide you and to keep our websites updated and relevant

To provide you with  questionnaires and surveys regarding policies and initiatives, which may provide statistical comparisons to other organisations

(a) Contact Data

(b) Technical Data

Necessary for our legitimate interests, for running our business, provision of administration and IT services, network security, to prevent fraud and providing a good service

To manage the supplier relationship

(a) Contact Data

(b) Financial Data

Necessary as part of our performance of a contract, or for our legitimate interests to manage our supplier contracts

2.3 Special categories of personal data

Benefex does not process special categories of personal data (i.e. racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation).

3. Marketing

We may contact you to provide you information about our Services and offerings, or updates to them, with the information that you have provided to us, or that we have collected through third parties (e.g. external marketing companies).

The data we collect is used for internal review and to contact you for marketing purposes and is not shared with organisations outside the Zellis Group for marketing purposes, without your consent.

You can always object to our marketing messages by opting out, either by contacting us (see “Contact”) or else by clicking the subscription preferences link in the footer of every email we send.

If you would not wish us to contact you (via phone, email, SMS or any other way), please do not hesitate to contact us at the following email address: [email protected] stating to your right to object to our processing of your personal data for marketing purposes.

 

4. Disclosure of personal data

4.1 Career Candidates

We may disclose your personal data to members of the Zellis Group, our affiliates, service providers and relevant counterparties based on our legitimate interests to process your application. Benefex will not disclose your personal data to anyone other than without your consent, or as required by applicable law or regulation.

4.2 Business Enquiries:

Benefex is part of the Zellis Group, this includes Zellis UK Limited, Zellis Holdings Limited, Zellis Ireland Limited, Moorepay Limited, Moorepay Compliance Limited and Resource Link. Contact information provided to Benefex via telephone, email or the Benefex Websites may be shared directly within the Zellis Group based on our legitimate interests to provide business related information that you have requested, sales and / or marketing purposes. Benefex will not share it with anyone other than the Zellis Group, affiliates, service providers and relevant counterparties. Benefex would also ask that you to refer to each companies own privacy notice, to ensure you have the relevant privacy information associated with each company within the Zellis Group.

4.3 Third parties:

Benefex may use third-party platforms to conduct marketing surveys and questionnaires, which require elements of the personal information listed in the Data Types Processed table. These third parties have been reviewed by Benefex and do not use any personal data for their own purposes. If a recipient does not wish to engage with these surveys / questionnaires, data can be requested to be removed; please contact us using the contact details below.


5. International Data Transfers

All personal data processed by Benefex normally resides within the UK or European Economic Area (“EEA“). However, some of Benefex’s suppliers may be based internationally (outside of the UK and EEA) and are required to process the personal data to provide services to Benefex. For example, Benefex’s Contact Relationship Management (CRM) provider resides outside of the UK and EEA and processes personal data to provide Benefex with a CRM tool. Benefex may also transfer personal data internationally within its group.

Prior to any international transfer, Benefex shall ensure that adequate safeguards have been implemented between Benefex and the supplier, such as EU Standard Contractual Clauses (“SCCs“) (together with the UK Addendum) or International Data Transfer Agreements (“IDTA“), to ensure the security and privacy of your personal data.

If you would like further information about the measures in place in relation to international transfers, please contact us using the contract details below.

6. Security of your data

Benefex ensure that personal data remains protected in accordance with data protection law. Benefex will encrypt at rest and in transit all data stored within its infrastructure and will ensure that only authorised personnel will have access to such data. Benefex conduct regular tests of the infrastructure and applications to ensure it remains secure.

In accordance with the UK GDPR, Benefex maintain a security framework under Article 32 “Security of processing”, Benefex are certified to ISO 27001 (Information Security Management System requirements) and use the associated security controls for ISO 27001 Annex “A” and ISO 27002/27017 (Code of practice for information security controls including those associated with access to cloud services). Additionally, we are certified to the “National Cyber Security Centre” Cyber Essentials Scheme.

 7. Retention Period

Benefex will only store your personal data for the purposes of Business to Business (B2B) or career opportunities. Benefex may be required to retain information in accordance with UK law.  B2B information will be reviewed as necessary to maintain communications with individuals unless otherwise directed. In general, we maintain personal data for the following periods:

  • Business Enquiries: 7 years
  • Unsuccessful Career applications: 6 months

When otherwise deciding how long to retain your personal information, we take into account our legal and regulatory obligations, the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information described above and whether we can achieve those purposes through other means. We may also retain your personal information to investigate or defend against potential legal claims in accordance with the limitation periods of countries where legal action may be brought.

8. Your rights as a data subject

While Benefex process your personal data, you as the data subject have the following rights. If you wish to exercise any of these rights, please contact us using the contact details below:

  • Right to be informed – you have the right to be informed of how we process your personal data (as set out in this Notice).
  • Right of access – you have the right to request a copy of the information that we hold about you (please see below ‘Data Subject Access Request).
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to withdraw consent (if you have given us your consent to use your personal data).

Some of these rights only apply in certain circumstances, so we may not be able to fulfil every request and we reserve all of our rights available to us at law in this regard.  Where a request is made, we may request certain confirmation that you are authorised to exercise this request or ask for proof of your identity, before responding to your request.

9. Data Subject Access Request

If you have provided personal data to Benefex you are entitled to understand what data is held about you as the data subject. Under data protection law you can submit a subject access request, to do this please contact the Benefex Data Protection Official at the following address or email [email protected].

Data Protection Official, Benefex Limited, Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU.

Proof of identity may be required to ensure that the information is released to the correct person and to the correct address.

 

10. Complaints

If you wish to make a complaint about how your personal data is being processed or how your complaint has been handled, you have the right to submit a complaint directly with Benefex and/or the supervisory authority. The data protection representatives for Benefex and the ICO are detailed below.

Information Commissioners Office (“ICO“) The Supervisory Authority

Benefex Data Protection Official

Head Office: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Tel: 01625 545 745 / 0303 123 1113

Information Security Director Benefex Limited, Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU

Email: [email protected]

 

11. Contact

Any questions, comments and/or requests regarding this Notice are welcomed and should be addressed to our Data Protection Official at [email protected]. In addition, please do not hesitate to contact us if you suspect any privacy or security breaches.

 

12. Changes to the Notice

Benefex may update this Notice, or other privacy policies, at any time as we deem appropriate. It is important that you check this Notice from time to time to ensure that you have reviewed the most current version.