1. INTRODUCTION
This privacy notice provides you with details of how we collect and process your personal data through your use of our site www.thebenchmarkingnetwork.co.uk, and it applies to all clients and suppliers of The Benchmarking Network Ltd and the NHS Benchmarking Network. By providing us with your data, you warrant to us that you are over 13 years of age.
The Benchmarking Network Ltd is the data controller, and we are responsible for your personal data (referred to as “we,” “us,” or “our” in this privacy notice).
2. CONTACT DETAILS
Full name of legal entity: The Benchmarking Network Limited
Email address: enquiries@thebenchmarkingnetwork.co.uk
Postal address: Colony Fabrica, 269 Great Ancoats Street, Manchester, M4 7DB
ICO Registration: Z1624069
Email address for DPO: RCI-DPO@Rcigroup.co.uk
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at enquiries@thebenchmarkingnetwork.co.uk.
3. WHAT DATA WE COLLECT, PURPOSES, AND LEGAL BASIS
Personal data means any information identifying an individual. It does not include anonymised data.
Types of Data and Lawful Basis:
| Data Type | Reason for Processing | Lawful Basis |
|---|---|---|
| Communication Data (e.g., emails, social media messages) | Processed for communication, record-keeping, and legal claims. | Legitimate interests. |
| Customer Data (e.g., name, contact details, purchase details) | Processed to provide goods/services and keep records. | Contract performance. |
| User Data (e.g., website interactions, posts) | Processed to operate our website, ensure security, and maintain backups. | Legitimate interests. |
| Technical Data (e.g., IP address, browser type, usage analytics) | Processed to analyse site use, protect our business, and improve services. | Legitimate interests. |
| Marketing Data (e.g., preferences for communications) | Processed to deliver promotions and measure effectiveness. | Legitimate interests or consent. |
We may also use Customer, User, Technical, and Marketing Data to tailor website content and advertisements. Lawful basis: Legitimate interests (business growth).
Marketing communications are sent based on legitimate interests or consent.
4. SPECIAL CATEGORY DATA
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
5. HOW WE COLLECT YOUR DATA
We collect personal data through:
Direct interactions (website forms, emails, phone calls).
Automated technologies (cookies, analytics tools like Google Analytics).
Third-party sources (e.g., search providers, social media platforms, publicly available sources like Companies House).
For more details, see our Cookie Policy.
6. MARKETING COMMUNICATIONS
We may send marketing communications under the following conditions:
If you are or have been a client, purchased a service, or requested information.
If you have explicitly opted in.
Under the Privacy and Electronic Communications Regulations (PECR), we may send marketing emails to corporate contacts without prior consent in certain circumstances. This typically includes communications related to our services, events, or updates that we believe may be of interest to you in your professional capacity, particularly if you have previously engaged with us or expressed interest in our services.
We will only send marketing emails to individuals who are corporate contacts, i.e., those associated with an organisation, rather than personal email addresses. You can opt out of receiving marketing emails at any time by using the "unsubscribe" link in our emails or by emailing enquiries@thebenchmarkingnetwork.co.uk.
Opting out does not apply to transactional communications related to purchases or service updates.
Before we share your personal data with any third party for their own marketing purposes we will get your express consent.
7. DISCLOSURES OF YOUR PERSONAL DATA
We may share your personal data with the parties set out below:
Other companies in our group who provide services to us.
Service providers who provide IT and system administration services.
Professional advisers including lawyers, bankers, auditors and insurers
Government bodies that require us to report processing activities.
Third parties to whom we sell, transfer, or merge parts of our business or our assets.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
8. INTERNATIONAL TRANSFERS
Some of your personal data may be transferred internationally when we engage third-party suppliers who process data on our behalf. This may include transfers to countries outside the United Kingdom or European Economic Area (EEA).
Where such transfers occur, we ensure that appropriate safeguards, such as standard contractual clauses or equivalent measures, are in place to protect your data and comply with applicable data protection laws.
9. DATA SECURITY
We implement technical and organisational measures to protect data from loss, misuse, and unauthorised access. These include:
Access controls and encryption
Regular security audits
Staff data protection training
We also ensure we have a current Cyber Essentials certification and complete the NHS DSPT annually to provide reassurance around Information Security.
We have procedures to handle data breaches and will notify affected individuals and regulators when legally required.
10. DATA RETENTION
We follow a retention schedule reviewed annually to ensure data is stored appropriately and deleted when no longer necessary.
If we are required to collect data by law or contract and you do not provide it, we may be unable to deliver our services. In such cases, we will notify you.
We will only use your data for its original purpose or a reasonably compatible one. If we need to use it for a different purpose, we will inform you and explain the legal basis.
We may process your data without your knowledge or consent where required or permitted by law.
11. YOUR LEGAL RIGHTS
Under data protection laws, you have the right to:
Request access, correction, or deletion of your data.
Object to processing and request data portability.
Withdraw consent for marketing.
More details: ICO Individual Rights Guide.
To exercise these rights, email enquiries@thebenchmarkingnetwork.co.uk. We aim to respond within one month. If dissatisfied, you can complain to the ICO (www.ico.org.uk).
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
12. THIRD-PARTY LINKS
Our website may contain links to third-party sites. Clicking on these may allow third parties to collect your data. We are not responsible for their privacy policies and recommend reading their privacy notices.
13. COOKIES
We use cookies to enhance website functionality and analyse user behaviour. You can manage cookie preferences through your browser settings. Some features may be affected if cookies are disabled. See our Cookie Policy for details.