1. Scope
At Benevolent Health, your privacy is of paramount importance. We are committed to protecting and respecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all relevant ePrivacy and information security legislation.
This privacy notice applies to:
-
Visitors to the Benevolent Health website;
-
Individuals engaging with us for business or marketing purposes;
-
Users of our mental health support services;
-
Business contacts, suppliers, and prospective clients.
It explains how we collect, use, store and protect your personal data and outlines your rights.
2. Responsibility
2.1 Our appointed Data Protection Officer (DPO) is responsible for ensuring this notice is available and up to date, and that personal data is handled in line with this policy.
2.2 All staff, consultants, and third parties acting on behalf of Benevolent Health are responsible for drawing this notice to individuals’ attention and obtaining appropriate consent where required.
3. Privacy Notice
3.1 Who We Are
Benevolent Health is a coaching, consulting, and mentoring organisation that supports mental health in the workplace. We are registered as a data controller under UK data protection law. Our core services include training, leadership development, and wellbeing support to help address stress, anxiety, and depression.
3.2 Legal Basis for Processing Your Information
We rely on one or more of the following lawful bases:
-
Your explicit consent (e.g. for email marketing or collecting sensitive health data);
-
Where processing is necessary for a contract;
-
Legal obligations we are subject to;
-
Our legitimate interests, provided these do not override your rights.
You have the right to withdraw your consent at any time. To do so, please contact our DPO at: patientcare@benevolenthealth.co.uk.
3.3 Data Sharing and Disclosure
We do not sell personal data. We may share data with:
-
Trusted service providers or contractors;
-
Regulatory authorities where legally required;
-
Partners acting on our behalf under data processing agreements.
All third parties must comply with our data protection and confidentiality obligations and are subject to binding contractual terms.
3.4 Data Retention
We retain your personal data only for as long as necessary:
-
To fulfil the purpose it was collected for;
-
As required by law or regulation;
-
To support legal claims or obligations.
Data is regularly reviewed and securely deleted when no longer needed.
3.5 Security of Personal Data
We implement appropriate technical and organisational measures to safeguard your data, including encryption, access controls, secure data storage, and incident response protocols.
While we take all reasonable precautions, no internet transmission is completely secure. Please take suitable measures to protect your own data when communicating with us online.
Our website may link to other third-party sites. We are not responsible for their privacy practices and encourage you to review their privacy notices.
3.6 Your Rights as a Data Subject
You have the following rights under the UK GDPR:
-
Right to be informed – to know how we use your data;
-
Right of access – to request a copy of your personal data;
-
Right to rectification – to correct inaccurate or incomplete data;
-
Right to erasure – to request deletion of your data in certain cases;
-
Right to restrict processing – to limit how your data is used;
-
Right to data portability – to move your data to another provider;
-
Right to object – to object to processing based on legitimate interests or direct marketing;
-
Rights in relation to automated decision making and profiling – to not be subject to decisions made solely by automated means.
To exercise these rights, email: patientcare@benevolenthealth.co.uk. We will respond within one month. Where relevant, we will notify any third parties involved in processing your data.
3.7 Complaints
If you are unhappy with how we’ve handled your data, please contact our DPO. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
📞 0303 123 1113 | 🔗 https://ico.org.uk/concerns/
Data Protection Officer Contact:
Marteka Swaby
Kemp House, 160 City Road, London, EC1V 2NX
📧 patientcare@benevolenthealth.co.uk
4. Privacy Statement
We are committed to being transparent and accountable in our handling of your data.
Personal data is defined as any information relating to an identified or identifiable individual. We may collect and process data in the following ways:
4.1 Data Sharing and Processing Locations
We only share personal data where legally permitted. Where data is processed by third parties or stored outside the UK, we ensure appropriate data transfer safeguards (e.g., UK International Data Transfer Agreements or standard contractual clauses).
4.2 Updates to this Privacy Policy
This policy will be regularly reviewed and updated to reflect changes in the law or our practices.
Last updated: 30 June 2025
4.3 Our Processing Activities
Customers & Service Users
Data collected: Name, email address, responses to assessments, engagement metrics.
Purpose: Service access, user support, newsletter distribution, wellbeing content.
Retention: Retained for as long as necessary to deliver services or as legally required.
Business Contacts
Data collected: Name, employer, job title, contact details, email/calendar metadata.
Purpose: CRM activity, relationship building, service promotion.
Retention: Retained as long as a business relationship exists or is reasonably expected.
Employees & Job Applicants
Employees and applicants should refer to the Employee Privacy Policy available internally for detailed guidance.
Suppliers & Third Parties
Data collected: Supplier contact details, billing information, service performance data.
Purpose: Contract management, service delivery, quality assurance, compliance.
Retention: Retained in line with legal, contractual, or operational requirements.
4.4 Data We Do Not Collect
Benevolent Health does not knowingly collect data from children under 16. If we become aware of such data, we will delete it immediately. Parents or guardians should contact us if they believe their child’s data has been submitted.
For any questions about this policy or your rights, contact:
📧 patientcare@benevolenthealth.co.uk