Privacy Notice
Benefex Limited (company registration number 04768546) and Benefex Financial Solutions Limited (company registration number 06242658) (we/us/our) are committed to protecting and respecting your privacy. Benefex are technology businesses that provides Software as a Service (SaaS) platform we call OneHub. The platform works across mobile, tablet and desktop services.
This notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the notice carefully to understand our views and practices regarding your personal data and how we will treat it.
For the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR) requirements, Benefex are the data controller for business to business and career opportunities. We are registered with the Information Commissioners Office as follows
Benefex Limited
Registration: Z8773545
Data Protection Representative: Information Security Director
Contact Details: Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU
Benefex Financial Solutions
Registration: Z3103927
Data Protection Representative: Information Security Director
FCA contact: Corporate Benefits Director
Contact Details: Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU
1. What is personal data?
The GDPR definition is as follows: ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We aim to update our site regularly, and may change the content at any time. If the need arises, we may suspend access to our site, or close it indefinitely. Any of the material on our site may be out of date at any given time, and we are under no obligation to update such material.
We may revise these terms of use at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are binding on you. Some of the provisions contained in these terms of use may also be superseded by provisions or notices published elsewhere on our site.
2. What we collect, process and why
To ensure we can provide a valid response to a request or an update for information regarding our services, news, case studies, white papers or career information, we will collect personal information from you via web forms, direct contact or email requests. The information collected may be used to contact you personally or your business for the for marketing, employment opportunities and information relating to Benefex services.
2.1 Data Types Processed
The following data will be used for a business to business enquiry and processing benefits service:
| Personal Data Type | Source of Data |
|---|---|
| Title, Name, Address (business or Personal), Email Address (business and personal), Position, Telephone number (mobile and/or Landline), Curriculum Vitae information and Company name. |
|
| Additional Data Type | Source of data |
| Information about your computer, including (where available) your IP address, operating system and browser type (for system administration). | This is statistical data about our users’ browsing actions and patterns, and does not directly identify an individual. This is to ensure that content from our site is presented in the most effective manner for you and for your computer and to ensure that we can identify a genuine business enquiry. |
2.2 What is the purpose of processing and who receives the information?
Benefex require this information to provide you/your business with information relating to rewards and benefits, recognition, communications and additional marketing information if required. The data is processed may also be used to provide:
- Careers information about Benefex Limited or Benefex Financial Solutions
- Benefex news updates
- Information that you request from us. i.e. white papers and case studies and or additional information that may be of interest to you or your business.
- Obligations arising from any contractual agreements between us and a business.
- Our obligations arising from any contractual agreements between us and an individual.
- Changes to our services.
- Communications may be by post, e-mail or telephone.
- Questionnaires and surveys regarding policies and initiatives, which may provide statistical comparisons to other organisations.
2.3 Our legal basis for processing
Benefex (the data controller) have two reasons for processing personal information relating to business contacts and personal information relating to career enquiring contacts.
- Benefex are a business to business service, to generate leads for business purposes we will process personal data and contact business individuals to meet our business strategy goals and we will use your corporate information to provide you the right information for your interests.
- Benefex are an employer, we therefore provide career choices for individuals.
2.4 Special categories of personal data
Benefex do not process special categories of personal data (i.e. racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation).
3. Consent
Benefex is a business to business service and it is expected that all contacts via the corporate website will be for business reasons or career opportunities. This in most cases will be classified under “Article 6 of the GDPR – Lawfulness of processing” Article 6(1)(b) “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”
However, any contact made via the website will be provided with the opportunity to consent to store the data provided and communicate with them as required.
4. Withdrawal of consent
Data Subjects can in accordance with GDPR Article 7(3) withdraw consent of any marketing communication directed to them personally, by using the supplied unsubscribe links on the communications received or alternatively, they may withdraw consent by contacting [email protected] stating the requirement to with draw consent and providing the relevant contact details held by Benefex.
5. Disclosure of personal data
5.1 Career Candidates:
Benefex will not disclose your personal data to any other third party, it is for Benefex own business purposes. Should Benefex wish to disclose your personal data it will be included in employment contracts and within our internal data protection procedures.
5.2 Business Enquiries:
Benefex are part of the Zellis Group, this includes Zellis, Moorepay and Resource Link. Contact information provided to Benefex via telephone, email or the Benefex corporate website may be shared directly within the Zellis Group for providing business related information that you have requested, sales and / or marketing purposes. Benefex will not share it with anyone outside of the Zellis Group environment. Benefex would also ask that you to refer to each companies own privacy notice, to ensure you have the relevant privacy information associated with each company within the group.
5.3 Third parties:
Benefex may use third-party platforms to conduct marketing surveys and questionnaires, which require elements of the personal information listed in the Data Types Processed table. These third parties have been reviewed by Benefex and do not use any personal data for their own purposes. If a recipient does not wish to engage with these surveys / questionnaires, data can be requested to be removed; please follow the steps indicated in the Withdrawal of Consent section.
6. Where does your data reside?
All personal data processed by Benefex normally resides within the European Economic Area (EEA). However, some of Benefex’s suppliers may be based internationally (outside of the UK and EEA) and are required to process the personal data to provide services to Benefex. For example, Benefex’s Contact Relationship Management (CRM) provider resides outside of the UK and EEA and processes personal data to provide Benefex with a CRM tool. Benefex may also transfer personal data internationally within its group.
Prior to any international transfer, Benefex shall ensure that adequate safeguards have been implemented between Benefex and the supplier, such as EU Standard Contractual Clauses (SCC) or International Data Transfer Agreements (ITDA), to ensure the security and privacy of your personal data.
7. Security of your data
Benefex ensure that personal data remains protected in accordance with data protection law. Benefex will encrypt at rest and in transit all data stored within its infrastructure and will ensure that only authorised personnel will have access to such data. Benefex conduct regular tests of the infrastructure and applications to ensure it remains secure.
In accordance with the General Data Protection Regulation, Benefex maintain a security framework under Article 32 “Security of processing”, Benefex are certified to ISO 27001 (Information Security Management System requirements) and use the associated security controls for ISO 27001 Annex “A” and ISO 27002/27017 (Code of practice for information security controls including those associated with access to cloud services). Additionally, we are certified to the “National Cyber Security Centre” Cyber Essentials Scheme.
8. Retention Period
Benefex will only store your personal data for the purposes of Business to Business (B2B) or career opportunities. Benefex may be required to retain information in accordance with UK law. B2B information will be reviewed as necessary to maintain communications with individuals unless otherwise directed. In general, we maintain personal data for the following periods:
- Business Enquires: 7 years
- Career opportunities: 6 months
9. Your rights as a data subject
While Benefex process your personal data, you as the data subject have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Note: Subject Access Request see section 3.11
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: if Benefex refuses your request under rights of access, you will be provided with a reason to why.
- Note: You have the right to complain as outlined in clause 3.12 below.
10. Subject Access Request
If you have provided personal data to Benefex you are entitled to understand what data is held about you as the data subject. Under data protection law you can submit a subject access request, to do this please contact the Benefex Data Protection Official at the following address or email [email protected] for an application form.
Data Protection Official, Benefex Limited, Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU.
Proof of identification will be required to ensure that the information is released to the correct person and to the correct address.
11. Complaints
If you wish to make a compliant about how your personal data is being processed or how your complaint has been handled, you have the right to submit a complaint directly with Benefex and/or the supervisory authority. The data protection representatives for Benefex and the ICO are detailed below.
| Information Commissioners Office (ICO) The Supervisory Authority | Benefex Data Protection Official |
| Head Office: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 01625 545 745 / 0303 123 1113 | Information Security Director Benefex Limited, Mountbatten House, Grosvenor Square, Southampton, Hampshire, SO15 2JU |
Want to speak to one of our team?
