Skip to content Skip to footer

For Business Privacy policy

Benenden Health provides healthcare and wellbeing services to other businesses as well as directly to individuals. This Privacy Notice applies only to individuals we contact in the course of marketing our products and services to other businesses. 

This privacy notice tells you what to expect when Benenden Health collects, uses, retains and discloses your personal information. Personal information is information that (on its own or together with other information) identifies you and is about you. This notice was last updated in November 2022.

Who we are 

‘Benenden Health’ and ‘Benenden’ are trading names of The Benenden Healthcare Society Ltd.

When we refer to Benenden Health or to Benenden (or to ‘we’, ‘us’, or ‘our’), we mean The Benenden Healthcare Society Ltd which is registered at Holgate Park Drive, York, YO26 4GG.

Our commitment to your privacy

Benenden Health recognises the importance of protecting personal and confidential information in all that we do. We take care to meet our legal duties, and we put in place all reasonable technical, security and procedural controls required to protect your personal information for the whole of its life, in whatever format we hold that information in.

How the law protects you

Your privacy is protected by law, which says that we can use your personal information only if we have a proper reason to do so. This includes sharing it outside of Benenden Health. The reasons why we may process your personal information are:

  • To fulfil a contract we have with you;
  • When it is our legal duty;
  • When it is in our legitimate interest; or
  • When you consent to it.

A legitimate interest is when we have a business or commercial reason to use your information, but this must not unfairly go against your rights or freedoms. If we rely on our legitimate interest, we will tell you what that is.

Below is a list of the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.

  • To develop and carry out marketing activities
  • To conduct analysis and research activities to improve and develop our products and services
  • To analyse the reaction to our advertising activity (including website activity)
  • Our legitimate interests
  • Your consent
  • Understanding which of our products and services may interest you and telling you about them
  • Defining audiences to market our products to
  • Recording your consent when we need it to contact you
  • To detect, investigate, report and seek to prevent financial crime
  • To manage risk for us and our members or customers
  • To comply with regulations that apply to us
  • To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance and audit
  • Our legal duty
  • Our legitimate interests
  • Developing and improving how we deal with financial crime
  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties


What types of personal information do we handle?

We process personal information to enable us to run Benenden Health, to support the provision of services to members and customers, to maintain our own accounts and to promote our services.

The types of personal information we use include:

  • Personal details (such as names, addresses, telephone numbers, dates of birth);
  • Details of how you use our website, and where you have accessed it from;
  • Details of when you contact us and when we contact you (including voice recordings of telephone calls and copies of written communications such as emails or letters);
  • Contact details (such as names, roles, telephone numbers and email addresses) of business contacts.

Where we collect personal information from

We may collect your personal information from the following sources:

Personal information you give to us:

  • When you contact us (for example by phone, email or letter);

Personal information gathered from our website

Personal information from third parties that we work with:

  • Details obtained from social media;
  • Details obtained from cookies on third party websites (please see for further information)
  • Supply of licensed business data from providers of B2B marketing campaign and lead generation data.
  • We use providers of business contact details to obtain the details of individuals who may be interested in providing our products or services to their employees.
  • Details obtained from events such as trade fairs, or from enquiries made directly to us through our website.

Who we share your personal information with

We may share your personal information between Benenden Healthcare Society Ltd, Benenden Charitable Trust, and Benenden Wellbeing Ltd for these reasons:

  • Developing, testing, researching and improving products and services;
  • Marketing products and services we believe may be appropriate to you;
  • Legal and regulatory compliance;
  • Preventing or detecting financial crime;
  • Complaints handling; or
  • Improving customer service.

In the usual course of our business, we may use other third party organisations known as ‘data processors’ under data protection law to support the essential delivery of our services. These organisations process your personal information on our behalf. 

These types of organisations are:

  • Mailing, email, SMS messaging, and/or print fulfilment organisations (to enable us to communicate with you efficiently);
  • Providers of business services such as auditors, consultants, solicitors and/or insurers (to enable us to run Benenden efficiently);
  • Providers of records management services such as secure disposal suppliers, and IT storage providers (to enable us to secure data efficiently);
  • Providers of IT systems or services (to enable us to run Benenden efficiently);
  • Market researchers (to help us to improve the services we offer);
  • Providers of information management services (to help us learn about our customers);
  • Companies you ask us to share your personal information with (upon request).

When we share your information with our approved third party providers, our contractual relationship with them prevents them from using your information for any other purpose outside of our instructions to them. They may use their own third party data processors, but are always required to meet the same legal requirements as Benenden does.

Benenden Health will never sell your information, or share it with external companies for their own marketing purposes.

Sending personal information outside of the EEA

Data protection law holds all countries in the European Economic Area (‘EEA’) to the same high standards. If we transfer information outside of the EEA, we will make sure that it is protected to these standards.

We will only send your personal information to countries outside of the EEA to:

  • Follow your instructions
  • Comply with a legal duty, or
  • Work with other third-party organisations (as detailed above) who we use to help provide our services to you

We will always use one or more of these safeguards:

  • Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA
  • Make use of Model Clause Contracts or binging corporate rules, where suitable, to facilitate the transfer of personal and special category data between ourselves and an international organisation.

How long we keep your personal information

We may keep your business contact information for up to 7 years, to enable us to respond to questions or complaints and to maintain records according to legal requirements and documented business need.

Your rights

In order to exercise your rights under data protection law, we will need to verify your identity for your security. 

You can contact us by emailing, writing to Data Protection Officer, The Benenden Healthcare Society, Holgate Park Drive, York, YO26 4GG or telephoning Member Services on 0800 414 8100.

Your right of access - You can request a copy of your personal information.  

Letting us know if your personal information needs updating - You have the right to ask us to rectify any information we hold on you that you think is wrong, out of date or incomplete. 

If you want us to erase your personal information - You have the right to request that we erase your personal information in certain circumstances. 

If you want us to restrict processing – You have the right to restrict the processing of your information in certain circumstances. 

If you object to processing – You have the right to object to the processing of your personal information in certain circumstances.

Obtaining your personal information in a portable format - You have the right to get copies of your personal information transferred to another organisation or to you in certain circumstances. 

Your right to complain

If you are not satisfied with our response or believe that we are not processing your personal information in accordance with the law, you can complain to the Information Commissioner’s Office (ICO) by emailing or telephoning 0303 123 1113. Additional contact methods are detailed on their website:

Changes to this privacy notice

We regularly review our privacy notice. We will publish any updates on the Benenden website and inform members and customers of any changes within our regular communications. You can request a copy of our privacy notice by us using the details above.

How to contact our Data Protection Officer

If you have any questions about this privacy notice or our processing of information, if you wish to raise a complaint on how we have handled your personal information, or if you wish to exercise any of the rights set out in this privacy notice, please contact our Data Protection Officer by emailing or writing to: Data Protection Officer, The Benenden Healthcare Society, Holgate Park Drive, York, YO26 4GG.