Privacy

Privacy policy

Read more about how Benify manages personal data in our Privacy Policy.

Cookies

At Benify, we use cookies on our website so that you are able to enjoy the best possible online experience.

Read more about cookies in our Cookie policy

Storage location

All personal data is stored on servers that are fully owned and controlled by Benify. Our servers are located on three physically independent data centers within the EU.

Benify AB sub-processors

• Benify processing – Invoice partner. Storage location – EU. Processing location – EU.
• Lifeplan AB – Pension & Insurance consulting partner. Storage location – EU. Processing location – EU.
• Printline Idéproduktion AB – Prints and sends welcome mail to users. Storage location – EU. Processing location – EU.
• Stay Secure Sweden AB – Provides advanced e-mail protection services. Storage location – EU. Processing location – EU.
• Zendesk Inc. – Provider of system for customer service. Storage location – EU. Processing location – USA (Standard clauses, Privacy Shield and security measures in place).
• CGI Sverige AB – Provider of Electronic identification service. Storage location – EU. Processing location – EU.

Personal data retention

To ensure that personal data processing is limited to what is necessary Benify have a personal data retention policy implemented in the Benify application.

The purpose of this policy is to adapt the Benify application to the GDPR requirement of data protection by design and by default and the principles of data minimization and storage limitation.

The policy is based on the following scenarios:
• Automatic erasure for active clients and end-users
• Erasure due to termination of agreement
• Erasure due to termination of employment
• Individual’s right to erasure and restrict processing

Our efforts are based on 7 cornerstones of:

Lawfulness, fairness and transparency

Benify takes comprehensive measures to ensure that our processing of personal data is lawful and complies with relevant legislations and agreements. We are fully transparent with our internal polices, procedure and the security measures taken to process and protect personal data.

Data minimization

Together with the client, Benify’s experts conduct meticulous implementation-, integration- and management reviews of the portal to minimise risk and ensure only applicable data is to be processed.

Storage limitation

Benify’s application ensures privacy by design – through automated system functionalities which remove personal data that are no longer required for processing purposes.

Accountability

Benify allows you to clearly demonstrate the actions you have taken to ensure full compliance with the GDPR. We will help you to show accountability at each step in the process.

Purpose limitation

Clients have full control in setting and limiting the purpose and scope within which Benify has license to process. This is well defined and documented in a personal data processing agreement.

Data accuracy

Regular file integration ensures that all data remains accurate. Benify performs periodical integrity checks, thereby applying the four-eyes principle before taking action.

Integrity and confidentiality

Benify is an internationally certified ISO 27001 organization. We guarantee protection of your employees’ personal data behind a framework of technical and organizational safeguards.