New members
Want to us join us/add family?
Tel: {{healthcare_number}} Tel: 0800 414 8001


8am to 7pm, Mon - Fri

Existing members
Questions about your membership?
Tel: {{}} Tel: 0800 414 8100


8am to 8pm, Mon - Fri

Existing members
24/7 GP Advice
Tel: {{}} Tel: 0800 414 8247
24/7 Psychological Wellbeing helpline
Tel: {{}} Tel: 0800 414 8247


Open 24 hours, 7 days a week

Search site

Important information

Data protection law in the UK and EU will change on 25 May 2018. This notice sets out your rights as a member or customer of Benenden, or as a visitor to our website, under the new law.

This notice comes into effect on 25th May 2018, and was last updated in April 2018.

This privacy notice tells members and customers of Benenden what to expect when Benenden collects, uses, retains and discloses your personal information. Personal information is information that (on its own or together with other information) identifies you and is about you. This includes what you tell us about yourself and what we learn by having you as a member or customer.

Who we are

‘Benenden’ or ‘Benenden Health’ are trading names of The Benenden Healthcare Society Ltd. When we refer to Benenden or Benenden Health (or to ‘we’, ‘us’, or ‘our’), we mean The Benenden Healthcare Society Ltd and/or its wholly owned subsidiary company Benenden Wellbeing Ltd (also trading as Benenden), both of which are registered at Holgate Park Drive, York, YO26 4GG.

Benenden Hospital Trust have a separate privacy notice. If you are, or have been, a patient at Benenden Hospital, their privacy notice (which is available on their website, www.benendenhospital.org.uk) explains how they will hold your personal information.

Benenden Charitable Trust have a separate privacy notice (which will be supplied to all applicants) explaining how the Trust will hold your personal information

To ensure that we process your personal information fairly and lawfully, this notice informs you:

  • Why we need your personal information;
  • How it will be used;
  • With whom it will be shared; and
  • What rights you have in relation to the personal information we collect.

Within this notice we describe instances where Benenden is the ‘data controller’ (the organisation

who decides what personal information is collected and how it is used), and where we direct or commission the processing of personal information by third parties on our behalf to provide services or improve our offering to you.

There may be situations where Benenden processes data on the instructions of another organisation (known as acting as a ‘data processor’), but in those circumstances our use of data would be governed by that organisation.

Our commitment to your privacy 

Benenden recognises the importance of protecting personal and confidential information in all that we do, and takes care to meet our legal duties. Benenden puts in place all reasonable technical, security and procedural controls required to protect your personal information for the whole of its life, in whatever format we hold that information in.

Our commitment to your privacy 

Benenden recognises the importance of protecting personal and confidential information in all that we do, and takes care to meet our legal duties. Benenden puts in place all reasonable technical, security and procedural controls required to protect your personal information for the whole of its life, in whatever format we hold that information in.

How the law protects you

Your privacy is protected by law, which says that we can use your personal information only if we have a proper reason to do so. This includes sharing it outside of Benenden. The reasons why Benenden may process your personal information are:

  • To fulfil a contract we have with you;
  • When it is our legal duty;
  • When it is in our legitimate interest; or
  • When you consent to it.

A legitimate interest is when we have a business or commercial reason to use your information, but this must not unfairly go against your rights or freedoms. If we rely on our legitimate interest, we will tell you what that is. 

Below is a list of the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are. For further information in relation to the marketing that we undertake, please see the ‘Marketing’ section right.

WHAT WE USE YOUR PERSONAL INFORMATION FOR OUR REASON(S) FOR PROCESSING OUR LEGITIMATE INTERESTS (WHERE APPLICABLE)
  • To manage our relationship with you
  • To communicate with you about your membership or Benenden products you have purchased
  • To develop and carry out marketing activities
  • To conduct analysis and research activities to improve and develop our products and services
  • To analyse the reaction to our advertising activity
  • To create anonymised look-alike audiences for marketing purposes
  • Fulfilling contracts
  • Our legal duty
  • Your consent
  • Our legitimate interests
  • Keeping our records up to date
  • Working out which of our products and services may interest you and telling you about them
  • Defining audiences to market our products to
  • Seeking your consent when we need it to contact you
  • Being efficient about how we fulfil our legal and contractual duties
  • To provide you with the services we can offer when members request assistance
  • To manage how we work with other companies that provide services to us and our members or customers
  • Fulfilling contracts
  • Our legal duty
  • Our legitimate interests
  • Being efficient about how we fulfil our legal and contractual duties
  • To administer payments relating to membership
  • To administer payments relating to product sales
  • To administer payments for services we can offer when members request assistance
  • Fulfilling contracts
  • Our legal duty
  • Our legitimate interests
  • Being efficient about how we fulfil our legal and contractual duties
  • Complying with regulations that apply to us
  • To detect, investigate, report and seek to prevent financial crime
  • To manage risk for us and our members or customers
  • To comply with regulations that apply to us
  • To respond to complaints and seek to resolve them
  • Fulfilling contracts
  • Our legal duty
  • Our legitimate interests
  • Developing and improving how we deal with financial crime
  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties
  • To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance and audit
  • Our legal duty
  • Our legitimate interests
  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties
  • To exercise our rights as set out in agreements or contracts
  • Fulfilling contracts

 

What types of personal information do we handle? 

We process personal information to enable us to run the Benenden Healthcare Society Ltd and Benenden Wellbeing Ltd, to support the provision of services to members and customers, to maintain our own accounts and to promote our services.

The types of personal information we use include:

  • Personal details such as names, addresses, telephone numbers, dates of birth;
  • Your relationship to other individuals on your Benenden membership;
  • Employment details, work or profession details for individuals who pay for membership through their salary or pension;
  • Financial details, including payments to Benenden by members and customers and payments made by Benenden for services provided to members;
  • Details of how you use our website, and where you have accessed it from;
  • Details of how you interact with us on social media;
  • Details of when you contact us and when we contact you (including voice recordings of telephone calls and copies of written communications such as emails or letters);
  • CCTV images, which are used for building security;
  • Details of which Benenden products you have purchased;
  • Any consents which you have given us in relation to the processing of your information;
  • Physical or mental health details in relation to requests by members for access to our services. Such information requires special protection by law – we will always explain what information we require and why it is needed when collecting this information. It will always be processed and stored securely;
  • Details of your use of services offered by Benenden.

Where we collect personal information from

We may collect your personal information from the following sources:

Personal information you give to us: 

When you join Benenden Healthcare Society Ltd;

  • When you contact Benenden (for example by phone, email or letter);
  • In member or customer surveys or any other research activity we may conduct with you;
  • When you use our services;
  • When you update your membership information using our website www.benenden.co.uk.

For more information about our use of your personal information through our website (including cookies) www.benenden.co.uk/cookies.

Personal information from third parties that we work with: 

  • When you buy a product from Benenden other than Society membership (for example the Benenden Health Cash Plan);

  • Details of your payments from payroll service providers (if you pay by deduction at source from your salary or pension payment);

  • Details obtained from social media;

  • Details obtained from cookies on third party websites (for further information please visit www.benenden.co.uk/cookies)

  • Identifying and contact information from employers (if your membership is set up and paid for by your employer);

  • Personal information purchased from providers of third party marketing lists (only if you have given express consent to this).

If you choose not to give personal information  

We may need to collect personal information by law, or under the terms of a contract we have with you.

If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot provide you with services under your membership or other products which you have purchased from us. We will notify you if your choice not to give personal information to us would result in a delay or prevent us from meeting our obligations.

Any personal information that is optional will be clearly marked at the point of collection.

Who we share your personal information with 

We may share your personal information between Benenden Healthcare Society Ltd and Benenden Wellbeing Ltd for these reasons:

  • Assisting in verifying your identity;
  • Assessing risks;
  • Understanding your requirements;
  • Developing, testing, researching and improving products and services
  • Marketing products and services we believe may be appropriate to you;
  • Training and business analysis;
  • Legal and regulatory compliance;
  • Preventing or detecting financial crime;
  • Complaints handling; or
  • Improving customer service.

Certain services are provided by third party organisations who collect and use personal information in order to provide those services to you. They are known as our ‘joint data controllers’ under data protection law. This means that they have a separate responsibility to protect your personal information and will keep you informed about how your personal information will be used.

Your personal information will only be shared with third party organisations when required (for example for legal obligations or regulatory requirements, in respect of the products and/or services you request as a member or customer of Benenden).

These types of organisations are:

  • Healthcare organisations we work with to provide the services offered by The Benenden Healthcare Society Ltd;
  • The providers of Benenden insurance products such as Benenden Health Cash Plan;
  • The providers of other Benenden products such as the Benenden Health Assessment;
  • HM Revenue & Customs, our regulators and other authorities, including fraud prevention agencies (where required or permitted by law).

In the usual course of our business, we may use other third party organisations known as ‘data processors’ under data protection law to support the essential delivery of our services. These organisations process your personal information on our behalf.

These types of organisations are:

  • Mailing, email, SMS messaging, and/or print fulfilment organisations (to enable us to communicate with you efficiently);
  • Providers of business services such as auditors, consultants, solicitors and/or insurers (to enable us to run Benenden efficiently);
  • Providers of records management services such as secure disposal suppliers, and IT storage providers (to enable us to secure data efficiently);
  • Providers of IT systems or services (to enable us to run Benenden efficiently);
  • Market researchers (to help us to improve the services we offer);
  • Providers of information management services (to help us learn about our customers);
  • Companies you ask us to share your personal information with (upon request).

When we share your information with our approved third party providers, our contractual relationship with them prevents them from using your information for any other purpose outside of our instructions to them. They may use their own third party data processors, but are always required to meet the same legal requirements as Benenden does.

Benenden will never share or sell your information to external companies for their own marketing purposes.

Sending personal information outside of the EEA

Data protection law holds all countries in the European Economic Area (‘EEA’) to the same high standards. If we transfer information outside of the EEA, we will make sure that it is protected to these standards. We will only send your personal information to countries outside of the EEA to:

  • Follow your instructions;
  • Comply with a legal duty; or
  • Work with other third party organisations (as detailed above) who we use to help provide our services to you.

We will always use one or more of these safeguards:

  • Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA;
  • Put in place a contract with the recipient that means they must protect it to the same standards as the EEA; or
  • Transfer it to organisations that subscribe to Privacy Shield. This is a framework that sets privacy standards for personal information sent between the US and EU countries.

Marketing 

We may use your personal information to tell you about relevant products offered by Benenden (being Benenden Healthcare Society Ltd and its wholly owned subsidiary company Benenden Wellbeing Ltd). This is what we mean when we talk about ‘marketing’.

We can only use your personal information to send you marketing messages if we either have your consent or a ‘legitimate interest’. Legitimate interest is when we have a business reason to use your information for marketing purposes (which will not unfairly go against your rights and freedoms). In other words, we will not market to you based on legitimate interest if you have told us that you do not want to receive such marketing or are registered on a preference services list. 

We have a legitimate interest to:

  • Send you the BeHealthy magazine by post;
  • Send you marketing messages about Benenden Personal Healthcare or other products offered by Benenden (such as Travel or Home Insurance, the Health Cash Plan or Health Assessments) by post;
  • Contact you via telephone to welcome you to Benenden, or to discuss your membership if you decide to leave Benenden; and
  • Send you marketing messages by email or via social media about products offered by Benenden which are similar to those which you have already purchased from us (if you have provided us with an email address).

We will ask your explicit consent to send you any other marketing messages.

You can withdraw your consent or ask us to stop sending you any marketing messages at any time.  If you want to do so, please contact us by:

  • Following the unsubscribe link on the relevant email;

  • Changing your preferences by logging into the member area at my.benenden.co.uk;

  • Writing to us at: Member Services, The Benenden Healthcare Society, Holgate Park Drive, York, YO26 4GG;

  • Emailing memberservices@benenden.co.uk; or

  • Telephoning Member Services on 0800 414 8100*.

Tailoring products and services by automated systems 

We may ask providers of information management services to use automated systems to place you in groups with similar members or customers, based upon your personal information. These are called customer segments. We use these to analyse our member or customer needs, and to make decisions based on what we learn. This helps us to recruit new members and customers from different customer segments, and to show existing members or customers content and promotional material which may be of interest.

You have the right to ask that we do not use your personal information in this type of automated decision making. If you want to do so, please contact us by:

  • Writing to us at: Member Services, The Benenden Healthcare Society, Holgate Park Drive, York, YO26 4GG;

  • Emailing memberservices@benenden.co.uk; or

  • Telephoning Member Services on 0800 414 8100*.

How long we keep your personal information 

We will keep your personal information for as long as you are a member or customer of Benenden.

After you stop being a member or customer:

  • We may keep your personal information for up to 8 years for one of these reasons:
  • 1. To respond to questions or complaints;
  • 2. To show that we treated you fairly; or
  • 3. To maintain records according to legal requirements and documented business need.
  • We may keep your personal information for longer than 8 years if we cannot delete it for legal, regulatory or technical reasons. In these circumstances, we will make sure that your privacy is protected and only use it for legal or regulatory purposes.

Your rights 

In order to exercise your rights under data protection law, we will need to verify your identity for your security.

You can contact us by emailing data.protection@ benenden.co.uk, writing to Data Protection Officer, The Benenden Healthcare Society, Holgate Park Drive, York, YO26 4GG or telephoning Member Services on 0800 414 8100.

How to get a copy of your personal information 

You can request a copy of your personal information, as well as why we have that personal information, who has access to that personal information and where we got that personal information from at any time. Once we have received your request we will respond within 30 days.

Letting us know if your personal information needs updating 

You have the right to question any information we hold on you that you think is wrong, out of date or incomplete. If you do, we will take reasonable steps to check its accuracy and correct it.

If you need to update your contact details (and/or the details of others, for example if you pay for other people on your membership), you can do so by logging into the member area at my.benenden.co.uk or contacting us using the details above.

If you want us to stop using your personal information 

You have the right to object to our use of your personal information, or to ask us to delete, remove or stop using your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and the ‘right to erasure’ (or ‘right to be forgotten’). 

We may be able to restrict the use of your personal information so that it can only be used for certain things, such as legal claims or to exercise legal rights.

In this situation, we would not use or share your information in other ways while it is restricted.

You can ask us to restrict the use of your personal information if:

  • It is not accurate;
  • It has been used unlawfully but you don’t want us to delete it;
  • It is not relevant any more, but you want us to keep it for use in legal claims; or
  • You have already asked us to stop using your personal information but you are waiting for us to assess your request and confirm whether we are permitted to continue using the personal information under data protection law.

If you want to object to how we use your personal information, or ask us to restrict how we use it, please contact us using the details above.

If you want us to erase your personal information 

If you feel that we should no longer be using your personal information, or that we are illegally using your data, you can request that we erase the personal information we hold on you. When we receive your request, we will confirm whether the personal information has been deleted or tell you the reason why it cannot be deleted. There may be legal reasons why we need to keep your personal information.

If you want to request that we erase your personal information, please contact us using the details above.

Obtaining your personal information in a portable format 

You have the right to get copies of your personal information from us in a format that can be easily

re-used. You can also ask us to pass on your personal information to other organisations. To request this, please contact us using the details above.

Your right to complain 

  • If you are not satisfied with our response or believe that we are not processing your personal information in accordance with the law, you can complain to the Information Commissioner’s Office (ICO) 

  • 1. By telephoning 0303 123 1113

  • 2. or emailing casework@ico.org.uk

  • Additional contact methods are detailed on their website: https://ico.org.uk/global/contact-us

Changes to this privacy notice 

We regularly review our privacy notice. We will publish any updates on the Benenden website and inform members and customers of any changes within our regular communications. You can request a copy of our privacy notice by us using the details above.

Contacting us 

If you contact us 

When you contact us, we will need to verify your identity for your security. Verifying identity is an important way of safeguarding against criminal activities including the prevention of illicit access to your information.

If we are unable to validate your identity, we may ask you to provide further evidence so that we can access your information.

Benenden reserve the right to discuss any financial transactions with the originating account holder.

Freedom of information 

Benenden and its subsidiaries are not governed by the Freedom of Information Act as neither Benenden nor any of its subsidiaries are a public authority.

How to contact our data protection officer 

If you have any questions about this privacy notice or our processing of information, if you wish to raise a complaint on how we have handled your personal information, or if you wish to exercise any of the rights set out in this privacy notice, please contact our Data Protection Officer by emailing data.protection@ benenden.co.uk or writing to: Data Protection Officer, The Benenden Healthcare Society, Holgate Park Drive, York, YO26 4GG.