Privacy Policy

Benefex Limited (company registration number 04768546) and Benefex Financial Solutions Limited (company registration number 06242658) (we/us/our) are committed to protecting and respecting your privacy. Benefex are an employee experience technology business that provides Software as a Service (SaaS) for businesses to engage employees with benefits, rewards, recognition and communications across multiple market place providers within a single platform we call OneHub. Benefex Limited and Benefex Financial Solutions work directly with HR teams to understand their business requirements to design employee experiences which drive engagement. The platform works across mobile, tablet and desktop services.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.  Please read the policy carefully to understand our views and practices regarding your personal data and how we will treat it.

For the Data Protection Act 1998 and the EU General Data Protection Regulation requirements, Benefex are the data controller for business to business and career opportunities.  We are registered with the Information Commissioners Office as follows:

Benefex Limited
Data Protection Representative: Information Security Director
Contact Details: Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU

Benefex Financial Solutions
Registration: Z3103927
Data Protection Representative: Information Security Director
FCA contact: Corporate Benefits Director
Contact Details: Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU

 

1. What is personal data?

The GDPR definition is as follows: ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2. What we collect, process and why

To ensure we can provide a valid response to a request or an update for information regarding our services, news, case studies, white papers or career information, we will collect personal information from you via web forms, direct contact or email requests.   The information collected may be used to contact you personally or your business for the for marketing, employment opportunities and information relating to Benefex services.

2.1 Data Types Processed

The following data will be used for a business to business enquiry and processing benefits service:

Personal Data Type

Source of data

Title, Name, Address (business or Personal), Email Address (business and personal), Position, Telephone number (mobile and/or Landline), Curriculum Vitae information

·   Any personal data we collect will be provided by the individual directly.

·   Subscription HR databases for sales use

·   LinkedIn profiles

·   Benefex web forms

·   Curriculum Vitae submissions

Additional Data Type

Source of data

Information about your computer, including (where available) your IP address, operating system and browser type (for system administration).

This is statistical data about our users’ browsing actions and patterns, and does not directly identify any individual. This is to ensure that content from our site is presented in the most effective manner for you and for your computer.

 

2.2 What is the purpose of processing and who receives the information?

Benefex require this information to provide you / your business with information relating to rewards and benefits and additional marketing information if required. The data is processed may also be used to provide:

  • Careers information about Benefex Limited or Benefex Financial Solutions
  • Benefex news updates
  • Information that you request from us. i.e. white papers and case studies and or additional information that may be of interest to you or your business.
  • Obligations arising from any contractual agreements between us and a business.
  • Our obligations arising from any contractual agreements between us and an individual.
  • Changes to our services.
  • Communications may be by post, e-mail or telephone.

2.3 Our legal basis for processing

Benefex (the data controller) have two reasons for processing personal information relating to business contacts and personal information relating to career enquiring contacts.

1. Benefex are a business to business service, to generate leads for business purposes we will process personal data and contact business individuals to meet our business strategy goals.
2. Benefex are an employer, we therefore provide career choices for individuals

2.4 Special categories of personal data

Benefex do not process special categories of personal data (i.e. racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation).

3. Consent

Benefex is a business to business service and it is expected that all contacts via the corporate website will be for business reasons or career opportunities. This in most cases will be classified under “Article 6 of the GDPR - Lawfulness of processing” Article 6(1)(b) “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”

However, any contact made via the website will be provided with the opportunity to consent to store the data provided and communicate with them as required.

4. Withdrawal of consent

Data Subjects can in accordance with GDPR Article 7(3) withdraw consent of any marketing communication directed to them personally, by using the supplied unsubscribe links on the communications received or alternatively, they may withdraw consent by contacting info@hellobenefex.com stating the requirement to with draw consent and providing the relevant contact details held by Benefex.

5. Disclosure of personal data

5.1 Career Candidates:

Benefex will not disclose your personal data to any other third party, it is for Benefex own business purposes. Should Benefex wish to disclose your personal data it will be included in employment contracts and within our internal data protection procedures.

5.2 Business Enquiries:

Benefex will not share personal data used for sales and marketing purposes with anyone outside of the Benefex business environment. Your personal data is only used by Benefex for providing business related information you have requested and that Benefex control.

6. Where does your data reside?

All personal data processed by Benefex resides within the European Economic Area (EEA), any supplier that we may use for cloud services, will have appropriate data protection clauses and agreements in place to ensure the security of your personal data. 

7. Security of your data

Benefex ensure that personal data remains protected in accordance with data protection law.  Benefex ensure that all data stored is encrypted at rest and can only be accessed by those entitled to use.  Benefex additionally ensure that regular tests are carried out to check the overall security of our infrastructure and the personnel in support of the services provided.

In accordance with the General Data Protection Regulation, Article 42 “Certification”, Benefex are certified to ISO 27001 (Information Security Management System requirements) and use the associated security controls for ISO 27001 and ISO 27002 / 27017 (Code of practice for information security controls including those associated with cloud services). Additionally, we are certified to the UK Government Cyber Essentials Scheme.

8. Retention Period

Benefex will only store your personal data for the purposes of Business to Business (B2B) or career opportunities. Benefex may be required to retain information in accordance with UK law.  B2B information will be reviewed as necessary to maintain communications with individuals unless otherwise directed. In general, we maintain personal data for the following periods:

  • Business Enquires: 7 years
  • Career opportunities: 6 months

9. Your rights as a data subject

While Benefex process your personal data, you as the data subject have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you.
    • Note: Subject Access Request see section 3.11
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: if Benefex refuses your request under rights of access, you will be provided with a reason to why.
    • Note: You have the right to complain as outlined in clause 3.12 below.

10. Subject Access Request

If you have provided personal data to Benefex you are entitled to understand what data is held about you as the data subject. Under data protection law you can submit a subject access request, to do this please contact the Benefex Data Protection Official at the following address or email privacy@benefex.co.uk for an application form.

Data Protection Official, Benefex Limited, Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU.

Proof of identification will be required to ensure that the information is released to the correct person and to the correct address.

11. Complaints

If you wish to make a compliant about how your personal data is being processed or how your complaint has been handled, you have the right to submit a complaint directly with Benefex and / or the supervisory authority. The data protection representatives for Benefex and the ICO are detailed below.

Information Commissioners Office (ICO)

The Supervisory Authority  

Benefex Data Protection Official

Head Office:

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

01625 545 745 / 0303 123 1113

Information Security Director

Benefex Limited, Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies.