Privacy Policy - GDPR

Us and our contact details.

Parliament Hill Limited act as data controller and our contact details are Parliament Hill Ltd, 127 Cheapside, London, EC2V 6BT. Contact e-mail address for Data Protection requests is andrew@parliament-hill.co.uk.

Main purpose and lawful basis for processing.

Thank you for contacting us and showing an interest in the benefit schemes we set up and manage on behalf of clients.

Any personal details you pass to us during these exchange of ideas will be used to consider the attractiveness for your organisation to set up a benefit scheme which we would manage for you under contract. It is the hope that the outcome will lead to a contract that is our legal reason for holding, controlling and processing your data. This can include any aspect that might be covered under a Benefit Scheme and some aspects that you yourself may raise. This can include discussing opportunities, opt-in permissions and contact preferences.

Personal data you may pass to us is likely to be the names and contact details and their position within or to your organisation. We would expect that in passing us those personal details, that you have the data subject’s permission to do so. When we pass you personal data, regarding people within our organisation or who we deal with, then we will have obtained their permission to do so. Such exchange of personal data will only be used for the purposes of setting up and evaluating the viability of the benefit scheme including all pre-contract negotiation.

You agree that we can combine the personal data you give us with any other publicly available data, and data you provide us with or data that is made available to us because you have provided us with a log in that gives us access to such data.

Legitimate business interests and legal requirements and those possible recipients or personal data.

Below is an example of our and others legitimate business interests and should not be considered an exclusive list.

We would also be handling some of that data for our legitimate business interests. That could include, but is not limited to, the maintenance of legal records, task management, staff training and monitoring, record keeping and reporting back to gave us your contact details, seeking advice from others and or contacting some specific benefit providers in the hope that a specific benefit/deal might be arranged for your organisation and your members. We may use suppliers who provide basic services to us as a commercial business and in providing their services they may have access to certain data either held by us, which they require in providing their service to us or that might pass through them.

If we discuss setting us benefit web pages then we may involve the person we use to set up parts of the benefit web sites who will be acting as our processor when working under our instructions.

We may use IT services to design and set up a log in process or help us with the design of the benefit web site. We may use copy write services for the production of marketing material and financial promotions. We may obtain sign off of financial promotions and benefit pages from benefit providers. In doing these items we may convey, instructions, comments or opinions given by you to us with an identifier as to the source of such instructions, comments or opinions. We may need to contact Benefit Providers in the management and negotiation of Benefits.

Where consent may be involved and where consent is given or obtained.

We do not place a restriction on the category of personal data you wish to provide us with, but we would generally not expect you to provide us with ‘special category or sensitive’ data. If you do, then by providing us that data, we would treat that as you having obtained adequate consent from the Data Subjects for us to process such data during these discussions.

Automated decision making and sending data outside of the EEA.

We do not send data outside the European Economic Area and if we did then we would first seek you consent. We do not use automated decision systems. Log in systems, if managed by us, may include an automated check of log in details.

The period we may store your data or the criteria we may use for storage.

This data will be stored by us for up to a period of 12 months after discussions have concluded if no agreement is reached, or such other times as may be required by law, or regulatory rules. If the benefit agreement goes ahead then that storage period would normally be for the length of the benefit period plus up to a further seven years or such other times as may be required by law, or regulatory rules if longer. Data stored and processed by other data controllers will be stored and processed at their discretion.

Below are your rights in respect of this data.

General rights. Where the law does allow us to charge a fee then we reserve the right to do so.