Our contact details:
Business Name: Benexo Ltd
Benexo Limited (“We” and “Our Company”) takes the privacy of your personal data very seriously. We are dedicated to protecting the confidentiality and privacy of information entrusted to us in accordance with the UK General Data Protection Regulation (GDPR), the UK Data Protection Act 2018 and those laws relating to Data Protection and privacy in the UK. This Privacy Notice sets out how we obtain, use, store and dispose of your personal data as well as explaining your rights.
This Privacy Notice sets out how we will use your personal data when we are acting as a data controller (someone who determines what data to collect and how to use it). We may also use your personal data when acting as a data processor (acting on instructions given by the data controller – our clients (e.g., your employer or pension scheme). You should therefore also read the Privacy Notice of your employer and/or pension scheme as this will also govern the use of your Personal Data.
Any updates to how we use your data will be explained on this page. We aim to update our site regularly and may change the content at any time. If the need arises, we may suspend access to our site, or close it indefinitely. Any of the material on our site may be out of date at any given time, and we are under no obligation to update such material.
The type of personal information we collect
Personal information is any information that can be used to identify a living person. For example, members’ email addresses, customer financial information, employee data or website user stats. You can find more about what constitutes personal information on the Information Commissioner’s Office (ICO) website.
The following data will be used for a business-to-business enquiry and processing pension and employee benefits, including consultancy services.
|Personal Data Type
|Personal Data Type
Title, Name, Address (business or Personal), Email Address (business or personal), Position, Telephone number (mobile and/or Landline), and Company name.Other unique identifiers (e.g., date of birth, national insurance number)
Additonal Data Type
Source of Data
Information about your computer, including (where available) your IP address, operating system and browser type (for system administration).
This is statistical data about our users’ browsing actions and patterns, and does not directly identify an individual. This is to ensure that content from our site is presented in the most effective manner for you and for your computer and to ensure that we can identify a genuine business enquiry.
How we process the personal information and why
Benexo require this information to provide you/your business with information relating to our services and additional marketing information if required. The data processed may also be used to provide:
- Benexo news updates
- Information that you request from us. i.e. white papers and case studies and or additional information that may be of interest to you or your business.
- Obligations arising from any contractual agreements between us and a business.
- Providing administration services to our clients
- A quality and professional service. We may process personal data when reviewing client files for quality assurance purposes.
- Questionnaires and surveys regarding policies and initiatives, which may provide statistical comparisons to other organisations.
- Processing online requests, including responding to communications from individuals or requests for proposals and quotations.
- Complying with legal and regulatory obligations including maintaining appropriate audit trails, anti-money laundering, terrorist financing, fraud and other forms of financial crime
We may also obtain and process personal data directly when, for example we are establishing a business relationship, performing professional services through a contract.
Benexo are a business-to-business service, to generate leads for business purposes we will process personal data and contact business individuals to meet our business strategy goals and we will use your corporate information to provide you the right information for your interests.
What lawful reasons do we have for processing personal data?
We may rely on the following lawful reasons when we collect and use personal data:
- Contract – We may process personal data in order to perform our contractual obligations owed to (or to enter into a contract with) the relevant individuals.
- Consent – We may rely on your freely given consent at the time you provided personal data to us.
- Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. These may include delivering the professional services our clients have engaged us to provide or to deliver timely marketing insights and speciality knowledge we believe is welcomed by our business contacts.
- Legal obligations – We may process personal data in order to meet our legal and regulatory obligations or mandates.
- Substantial public interest – We may process personal data for reasons of substantial public interest.
Your employer and/or pension scheme trustees may rely on other lawful reasons as laid out in their Privacy Notice.
How we store your personal information
We store most of our data in the UK. We may transfer personal data to reputable third-party organisations situated inside or outside the UK when we have a business reason to engage these organisations.
Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
- Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.
We have put appropriate technical and organisational security policies and procedures in place to protect personal data from loss, misuse, alteration or destruction. We aim to ensure that access to your personal data is limited only to those who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We may apply pseudonymisation, de-identification and anonymisation techniques in efforts to further protect personal data.
How long do we store your personal information
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for. Any personal data processed as part of a client engagement will be retained for as long as instructed by our client. At the end of any engagement with our clients we will retain one copy for our legal and compliance purposes including to demonstrate compliance with regulatory rules, to demonstrate that we have met our contractual and legal obligations and to establish, exercise or defend legal claims.
We may also retain your data to comply with applicable laws, regulations and professional obligations that we are subject to.
We retain such personal data for seven years, unless a different time frame applies as a result of business need or specific legal, regulatory or contractual requirements.
Your data protection rights
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at email@example.com if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at firstname.lastname@example.org.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Office Wycliffe House
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk