Last updated: 24/05/2018
Best Companies Limited is committed to protecting your privacy. This privacy notice applies to those who visit the Websites owned and operated by Best Companies as well as users of our Service(s). Please note that in this privacy notice, “we” or “us” refers to Best Companies. This privacy notice describes how we collect, use, share and secure the personal information you provide. It also describes your choices regarding use, access and correction of your personal information. The capitalised terms used in this Notice but not defined herein shall have the same meaning as defined in our Terms of Service, which are available upon request.
We will never sell your information to anyone.
Best Companies never sells PERSONAL DATA and carries out all processing operations in strict compliance with European privacy laws. CLIENT data is not transferred or stored outside of the EEA.
Have you been invited to complete a SURVEY?
We collect employee names and e-mail addresses from employers so that we can send out an EMPLOYEE SURVEY. If you have received a SURVEY, this is how we obtained your contact details. Email surveys are sent from email@example.com. As part of this process other details will be submitted which may include, but not limited to, gender, job grade, years of service and other employment information. If you have received a login code by post and you are ready to start your SURVEY, please go to https://www.b.co.uk/survey and enter your code for our b-Heard survey. All pre-populated demographics we have received from your employer will be hidden. Any demographics that we are missing will be displayed for you complete. The main purpose for our SURVEYs are for employers to measure the engagement of their workforce.
The employer benefits of which are:
The PERSONAL DATA provided to us by your employer is the minimum necessary for Best Companies to accurately process the contractual services agreement between your Employer and Best Companies. The legal basis for sharing is in the legitimate interest of your Employer, this does not affect your individual rights and freedoms, you may object to this processing at any time. The GDPR acknowledges that companies may have a legitimate interest in processing data as long as the processing does not have a disproportionate impact on the individual. On balance, the legal basis of legitimate interest against the individual impact: our services are reasonable, the company’s interests in our services appear compelling, with there being little impact on the individual.
It is reasonable to expect that the reporting data that we provide to your employer based on the collective individual responses should benefit not only your employer but also every employee in the company. To raise an objection, to the processing, you may raise the request through your Employer or by contacting Best Companies directly using the contact details at the end of this Privacy notice.
What Personal Information do we hold?
If you are taking part in a survey, we need to ensure we can identify whom a survey relates to; we do this by linking an individual to a survey number. This way we will never ask or need you to ever write your name on a survey.
Your employer may share with us some or all of the below personal data in order for us to provide accurate, unique, data insights and organisational reporting to them.
The data they share with us may include:
Your full name
Your email address
Your date of birth
Survey delivery location
Location of work
Job Grade/ Level
Start date of employment with the organisation
Contracted weekly hours
If your employer has selected to take part in our diversity questionnaire, this will involve you providing responses that are referred to as Special Categories of Data. Your employer will have a lawful purpose in order to collect this type of information. From the 25th May 2018, in order for us to collect this type of data from you and report it anonymously back to your employer we require your consent.
When you complete a diversity questionnaire, we will ask you to tick a box consenting to our processing and reporting of this data. In order to keep your survey anonymous the tick you provide will be equivalent to your signature.
The Special categories of data we collect may relate to:
Racial or Ethnic Origin
Religious or Philosophical Beliefs
We will never identify you with your individual responses to your employer or anyone else. The data insight we provide to your employer will always be reported back to them anonymously.
Information regarding our MC3 Product
MC3 is intended as a development tool for organisations to reflect on what they are getting from their managers and their relationship with their team. MC³ should be used and considered as a resource, and when reviewing data the organisation should also consider the wider context of the team. The purpose for MC3 is to help focus managers on those areas to make them great people-managers.
The GDPR advises that you can carry out this type of decision-making when it is necessary for the performance of a contract. Your organisation will have a contract of employment with the individual MC3 is reporting on, which will include clauses or can reasonably be referred to one or more of: a) managing a team b) completing the job function to a certain standard c) personal development. On balance, we have reasonably determined MC3 benefits the individual by identifying what they are good at (which should be celebrated) and it identifies areas where they can focus on to improve. This level of insight not only will benefit the organisation for meaningful conversations but can also really help the manager with their own personal development and becoming a better manager.
The hierarchy provided by the organisation, will have been reviewed for accuracy by your project lead(s) within the organisation, to ensure individuals are aligned correctly to the reporting manager. Should an individual disagree with the results we have the ability to review the result manually. We recommend organisations to actively inform their managers, that they are using our MC3 product, to understand the benefits further please review our website at: https://www.b.co.uk/products/mc3/. We also contractually oblige the organisations surveying with us to assist with the delivery of our privacy notice so individuals can understand how we process their data. To ensure individuals can respond honestly, all individuals responses are reported back anonymously. We also require a minimum quantity of responses in order to provide MC3 reporting.
How do we collect, use and share your personal information and other information?
Like most websites, each time you visit our site(s) we automatically collect certain data relating to your browsing behaviour on the site including, but not limited to, the webpage from which you came from and your IP address. Best Companies uses third party software for analytics. All metrics information collected from your usage of the Service(s) shall be transmitted to the analytics provider. The analysis tools measure and observe your behaviour (what you do) while the feedback tools allow us to hear what you have to say. This information is then used to evaluate how users use Best Companies websites, and to compile statistical reports on activity for us. We will use this information so our websites can be improved, by making them more user-friendly, more valuable and simpler to use. Third party analytics software will not share your PERSONAL DATA or associate your PERSONAL DATA with any other data held by them.
Links to third party sites
Our Websites may contain links to other websites that are not owned or controlled by Best Companies. Please be aware that we are not responsible for the privacy practices of such other websites or third parties. We encourage you to be aware when you leave our Websites and to read the privacy policies of each and every website that collects personal information.
Website registration and web forms
When you register to the site, you may be asked to submit personal information about yourself in order to register and/or download content. This information may include, but is not limited to, your name, the company you work for, email address and telephone number. We will only collect information that is necessary for us to provide you with any services or assistance connected with that content. If you would like more information on our services, do get in touch by completing our online enquiry form https://www.b.co.uk/contact/.
How will we use any personal information we collect?
Where we collect personal information, we will use it for administration and to tailor our service and/or products to match your needs. For example, to create your account and provide the services you request, to respond to any feedback you send us and to use your email address to communicate with you.
For the purposes of the service(s) we provide our CLIENTs, information collected via our SURVEYs will be aggregated and anonymised before being provided to the employer, and before being served as benchmark data or used in any publically available sources.
We retain ownership on all IN-PUT MATERIAL and for the purposes of the General Data Protection Regulation we are the Data Controller. As a duty of care to every respondent, responses provided to us remain confidential, as the data owner we are not obliged to provide an employer with this information if requested. This in turn gives the responder full confidence to provide an honest response without the fear of a reprisal. As Data Controller, we use the data in the creation of benchmark results, where we take groups of organisations data, creating list, sector and ACCREDITATION star benchmarks, to allow organisations to compare. We also process the data for future improvement of our service(s), historical and statistical purposes. The privacy of respondents will always be upheld by Best Companies.
How do we store and protect your personal information
Best Companies has implemented various measures to ensure that all information held by us is adequately protected against unauthorised access, use, disclosure and destruction. We take the security of the site and the information you provide very seriously. We use all appropriate technical measures utilising recognised security procedures and tools in accordance with good industry practice to protect your personal information. Please keep in mind that risk can never be eliminated but can be significantly mitigated and reduced. All measures which we have taken significantly reduce the risk. Best Companies shall not be held liable by any Third Party, including you, in any event of unauthorised access, use and/or disclosure of information provided that such is not due to Gross Negligence, wilful misconduct, fraud or bad faith by Best Companies.
Contact by Marketing and Publishing Partners
As per our contractual terms of service, we will share your Companies Organisational Lead contact detail, to our Publishing Partners and our internal Sales and Marketing teams. This will only extend to the detail necessary to contact you, Your Name, Company Name, Phone Number, Email Address and if required Company Address. They will contact you where our contractual obligations with you require them to and when additional information is required for creation of company profiles and case studies. Our Publishing Partners may also contact you for additional information regarding the Awards, Awards evening and opportunities for advertising in their publications. Best Companies may also contact you regarding items we believe would be of interest to you including future invitations to participate in our surveys and the option to participate in additional services that we supply.
We have taken a number of security measures to protect the data we hold, including but not limited to:
No CLIENT, PERSONAL DATA will be transferred or stored outside of the EEA.
Transferring data to and from Best Companies:
At times it may be necessary for our CLIENT or Best Companies to transfer large files or PERSONAL DATA. Sensitive and confidential documents are sent securely using Data Send UK. All files are stored on Data Send UK secure, private, dedicated, servers with transfers using SSL encryption. The files are automatically deleted from Data Send UK servers after 7 days. This provides a much higher level of security than standard email for transferring files and in most cases FTP. For more information on Datasend please visit their website. https://www.datasend.co.uk/about.html
For further information on our systems, please contact firstname.lastname@example.org or speak to your account manager.
Three years after the termination of the CLIENT, all personal data such as the employee name, email address, and any data that could potentially identify a specific individual, is removed from our system, by anonymisation. Anonymisation means you replace the PERSONAL DATA with replaced by a random unique identifier. This is in line with the Information Commissioners Office (ICO) Anonymisation code of practice. The employee responses, which are attached to employee demographical data, would not be removed, as this would result in the inability to perform any future engagement reporting. It would also similarly affect benchmark data and where organisations are being assessed for ACCREDITATION or a place on the LISTS. The Data Protection Act and General Data Protection Regulation (GDPR) does not apply to data rendered anonymous in such a way that the data subject is no longer identifiable. (This is as referred to in our Terms of Service – Clause 25. Anonymity, d).
Having a three year retention period allows CLIENTs to receive annual or bi-annual analysis reporting subject to their service contract.
Should you want to act upon any of these rights we would encourage you to communicate your request through your employer. You may contact us directly via our contact details below, however we will still make your employer aware of your request.
Best Companies uses a third-party service provider for managing credit card processing. The service provider does not store, retain, or use Billing Information except for the purpose of credit card processing on the Company’s behalf.
Best Companies reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.
If you have a question regarding our Privacy notice, or should you want to contact us regarding your individual rights, you can write or email your request marked for the attention of the Data Protection and Security Specialist as below.
Address for posting your requests:
The Data Protection and Security Specialist
Best Companies Ltd
Please allow up to 72 hours for a response.