Privacy Policy
1. Introduction
This privacy policy (“Policy”) sets out how Benicate Ltd, registered in England, No. 5729095 uses and protects any information that you provide when using our website or engaging with our services. Benicate Ltd (“Benicate”, “we”, “our” or “us”) is committed to protecting your privacy and we comply with the Data Protection laws applicable to the UK. This policy may occasionally be updated by us so please re-review from time to time.
Owner contact email: info@benicate.co.uk
2. Our approach to privacy
Benicate places a high priority on safeguarding confidential information and processing personal data in an ethical manner, and we take our responsibility for the security of customer and employee data very seriously. To help us continue to achieve this, we have embedded privacy by design and by default within our operating procedures and service delivery. This means that privacy and data protection is taken into consideration and implemented in the design and delivery of our business services, marketing functions, IT systems and overall business practices so that our clients, employees and service users’ right to data privacy and data protection is our default position when processing data.
This ensures that no additional actions are required by you to ensure your privacy is honoured and protected. It also means we will not share your data with third parties for marketing purposes, and will only do so when necessary to provide a business service you have requested, or if legally obligated to do so.
In order to carry out other business functions and to deliver our services, we rely on the following lawful conditions for processing personal data:
-
Consent – the individual has given their Consent to the processing of their Personal Data.
-
Contractual – processing of Personal Data is necessary for the performance of a contract to which the individual is a party or for Benicate to take pre-contractual steps at the request of the individual.
-
Legal obligation – processing of Personal Data is necessary for compliance with a legal obligation to which Benicate is subject.
-
Legitimate interests – processing is necessary under the Legitimate Interests of Benicate or an associated third party unless these interests are overridden by the individual’s interests or fundamental rights.
We will be clear and transparent with you about which lawful basis is used when processing your personal data.
3. Collecting personal data
In order to deliver our services and to carry out necessary business functions, we may collect certain personal data from you in a variety of ways, such as, through our website, via email, an online portal, or verbally. These details may include (where applicable), names, contact information and basic employment details. Depending on the service we are delivering to you or your company, we may also ask for more detailed information for a case study we are preparing about you personally, the organisation your work for or an initiative or project you have been involved with.
The answers given in the interview are confidential between you and Benicate until they have been summarised reviewed and approved by you in writing and your consent given to share with our client or make public, via their marketing or media activity. We may also seek upfront consent to share your feedback, in a confidential way, by sharing quotes (but not your personal details) or aggregated trend data and insights.
These interviews are bound by strict confidence, and any notes collated by Benicate are treated accordingly.
Personal data we obtain is collected in a few key ways:
-
Data disclosed by the individual
-
Data disclosed by an authorised third party (i.e. employer) on the individual’s behalf
-
Data obtained from linked system or database
-
Data generated through user interaction with systems/services, for example, our website
Where your data is provided to us by an authorised third party, such as your employer (i.e. in the form of course participant lists), it is the third party’s responsibility to ensure they have the correct lawful basis in place to share this data with Benicate.
4. Data retention and how we retain data
In accordance with the GDPR, personal data shall be kept for no longer than is necessary for the purposes for which it is being processed.
5. Keeping personal data secure
Our website and online services are protected by firewalls and we have implemented security policies, rules and technical measures to protect the data in our control. These security measures are designed to prevent unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.
Any information you provide us with when using our services is stored centrally on secure cloud-based systems. Direct access to these databases are restricted to authorised personnel and their appointed agents only. We have taken every reasonable step to ensure that your personal data is held securely at all times, and that access to these are closely monitored. We use security measures to protect against the loss, misuse and alteration of data within our systems.
Please be aware however, that no internet or email transmission is ever fully secure or error free. You should take special care in deciding what personal data you send to us via email and keep this in mind when disclosing any personal data to us via the internet.
6. Cross-border transfers of personal data
We are located in the UK and no personal data will be transferred outside of the EEA by Benicate or our subcontractors.
7. Controlling your personal data
Any personal data we collect from you or we generate as a result of your interaction with our systems and services belongs to you. Under the data protection laws in the UK you therefore have the right to know if your data is being processed, why and for how long. This will include details of what categories of data we process (e.g. storing your name and contact details in a CRM system), whether your data has been disclosed to third parties and their identities, and how to raise a complaint with the Information Commissioner’s Office (ICO).
In addition to your right of access to data we process, Benicate will uphold other rights afforded to you under the applicable data protection laws in the UK, namely:
-
the right to request that errors in your personal data processed by (or on behalf of) Benicate are amended or corrected;
-
the right to erasure of your personal data if those data are no longer needed for their original purpose, or where the processing is based on consent and you withdraw that consent (and no other lawful basis for the processing exists);
-
the right to restrict processing where the relevant personal data either cannot be deleted (e.g. because the data are required for the purposes of exercising or defending legal claims) or where you do not wish to have the data deleted;
-
the right to object to processing carried out for the purposes of direct marketing, where processing is likely to cause or is causing damage or distress, or where you may be evaluated or subject to decisions on the basis of automated processing;
-
the right to request a copy of the personal data you have provided to us for yourself, or for it to be transferred to another organisation, if the processing was based on consent, the provision of business services under a contract, or processing carried out by automated means.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted. You can change your marketing preferences at any time by contacting info@benicate.co.uk
The accuracy of your information is important to us. If you believe that any information we are holding about you is incorrect or incomplete or wish to exercise any of your rights in relation to your personal data, please contact us. We aim to respond promptly to any requests. However, please note that depending on the complexity and scope of your request, it may take up to 30 days for us to provide you with an adequate response.
8. Data Breach
We have in place a procedure if a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of a public electronic communications service occurs. We will assess the scope and impact of the breach. Based on the assessment of the likely risks to individuals, we will notify the individuals and/or their connected organisations that a data breach has occurred where this may result in a significant risk to the rights and freedoms of individuals, or where we may be in breach of a contractual obligation.
Any such notification to individuals will be carried out as soon as reasonably possible and will include information on the nature of the breach, the likely consequences of the breach, measures taken or proposed by Benicate to address it, and recommendations for affected individuals to mitigate any potential adverse effects. Such individuals will also be provided advice on how to make a complaint to the ICO.
If, due to the nature of the breach Benicate is required to inform the ICO, we will do so within 72 hours of becoming aware of the essential facts of the breach. Such notification must include at least: your name and contact details; the date and time of the breach (or an estimate); the date and time we detected it; basic information about the type of breach; and basic information about the personal data concerned.
9. Cookies
On occasion, we may gather information about your computer to provide statistical information regarding the use of our website to help improve our services.
Such information will not identify you personally, it is statistical data about our visitors and their use of our site. This statistical data does not identify any personal details whatsoever. It is used by us to analyse how visitors interact with the website so that we can continue to develop and improve it.
We may gather information about your general internet use by using a cookie file that is downloaded to your computer. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer as cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Website and the service that we provide to you.
All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular areas of our website.
Although we do not have any advertising featured on this website if we do in the future, they may also incorporate cookies, over which we have no control. Such cookies (if used) would be downloaded once you click on the advertisements.
10. Links from our website
Our website and learning portals may contain links to other websites. However, once you have used these links to leave our site, you should note that we do not have any control over the other websites and are not responsible for the privacy practices of such other websites.
If you submit personal data and other information to a website to which we link, we are not responsible for its protection and privacy. Always exercise caution when submitting data to websites. Read the site’s data protection and privacy policies fully.
11. Changes to the Privacy Policy
We keep our Privacy Policy under regular review and reserve the right to amend or modify this Policy from time to time. Such modification shall be effective immediately upon posting of the modified Policy on our website. Please ensure you regularly review the information posted on our website to obtain timely notice of such changes.
Your continued use and access of Benicate services, including our website, will constitute your acceptance of any changes or revisions to this Privacy Policy.
If we make substantive changes to this Policy, we will announce it on our website to ensure that you are aware of the information we collect and how we use it at all times.
12. Contacting us
If you have any questions, comments or requests regarding this Policy, please get contact us at info@benicate.co.uk. If you would prefer to write to us then our contact address is: Benicate Ltd, 22 Daniel Street, Bath, BA2 6ND.