Privacy Notice
Last updated: 17/01/2023
1. Who are we?
We are Zest Technology Limited, a company registered in England and Wales with company number 05104223. Our head office is located at Leatherhead House, Station Road, Leatherhead, Surrey KT22 7FG.
We provide technology to allow companies and individuals to manage employee benefits via an online portal. This website (www.zestbenefits.com) provides details about the services we offer and the ability to make contact with us.
This privacy notice describes how we use your personal data. Please read it carefully along with our Cookies Policy, which can be found at the bottom of this page. We may make changes to this notice from time to time, so please check it regularly.
2. Data Protection Officer
If you wish to exercise your rights under UK data protection law, you can do so by contacting us.
Our Data Protection Officer can be contacted directly by emailing dpo@zestbenefits.com.
3. The personal data we process
We have described below the personal data that we process, what we use it for and where we get it from.
Personal data type: Your contact details, including name, telephone number and email address
What we use it for: To respond to your enquiry or arrange a product demonstration
Where we get it from: You, via the “Get in touch” or “Request a demo” forms
Personal data type: Your email address
What we use it for: To send you newsletters about our products and services
Where we get it from: You, via the “Subscribe to our newsletter” form
Personal data type: Technical information about your computer or mobile device including details such as your operating system and web browser. This is statistical data and does not identify your individual device.
What we use it for: To help us ensure our website displays correctly on all popular devices and operating systems
Where we get it from: Your device
Personal data type: Information used to identify how you are connecting to our website, such as your IP address.
What we use it for: For security reasons, so that we can link any actions on our website with your internet connection (for example, to allow us to identify suspicious behaviour).
Where we get it from: Your device
Personal data type: Details of your use of the website. For example, the pages you visit and the time you spend viewing a page.
What we use it for: To help us improve your experience when using the website,
Where we get it from: You
Personal data type: Details you submit when making a request to exercise your rights under data protection legislation.
What we use it for: To fulfil your request.
Where we get it from: You
Personal data type: Business contact details such as name, job title and email address that we obtain from third party marketing data providers.
What we use it for: To contact you if we believe you may be interested in our products and services.
Where we get it from: Third party marketing data providers. The providers we current use are: Honch.
4. Data Controller
Zest is the controller of the personal data we hold about you as a result of your use of this website. “Data controller” is a role defined by the UK General Data Protection Regulation (UK GDPR). As data controller we have various obligations, including fulfilling all of your rights as a data subject, which you can read about in section 11 below.
5. EU representative
If you are a resident of the European Union, or a Supervisory Authority in an EU member state, you can contact our nominated EU representative. We have appointed IT Governance Europe Limited to act in this regard. If you wish to exercise your rights under the EU General Data Protection Regulation (EU GDPR) or have any queries in relation to your rights or general privacy matters, please email our representative at eurep@itgovernance.eu. Please ensure to include our company name (Zest Technology Limited) in any correspondence you send to our representative.
6. Our lawful basis for processing
UK data protection law requires us to have a lawful basis to process your personal data. The lawful basis that we rely on varies depending on the specific data we are processing and how we collected it, as follows:
7. Processing special categories of data
UK data protection law identifies special categories of data that are considered especially sensitive and so can only be processed under certain conditions.
None of the personal data that we process through this website falls into these special categories.
8. Sharing your personal data
We will share some of your personal data with other companies for the following purposes:
We may also anonymise your personal data and use the results to produce reports or analysis to be shared with other companies in our group, or with external parties.
In addition to the above, we may share your personal data with third parties in the following circumstances:
We periodically appoint digital marketing agents to conduct marketing activity on our behalf. Such activity may result in the compliant processing of personal information by such agents. Agents that are currently appointed in this capacity include:
We may share your personal data in other circumstances but, if so, we will obtain your prior consent before we do so.
9. How long we will keep your personal data
We will process and retain your personal data for as long as it is required for the purpose for which it was originally collected.
The exception to this is if, as a result of you making a request as described in section 11 below, we are required by law to stop processing or storing your personal data.
10. International transfer of your personal data
It is possible that we may transfer your personal data to a country that is outside of the UK and EEA. When we do this, we will ensure that measures are in place as required by UK data protection law and the EU GDPR so that all of your privacy rights are guaranteed.
11. Your rights as a data subject
At any point while we are holding or processing your personal data, you have the following rights:
You can exercise any of the above rights by submitting your request via the online form at https://www.zestbenefits.com/dsar.
When we are not the data controller of the personal data in question, we will forward your request to the appropriate third party and notify you that we have done so.
In cases where we have shared your data with a third party (as explained in section 8 above) we may also share your request with that third party so that they can assist us in fulfilling it.
UK data protection law also gives you the following additional rights:
12. Complaints
In the event that you wish to make a complaint about how your personal data is being processed by Zest (or third parties as described in section 8 above), or about how a previous complaint has been handled, you have the right to lodge a complaint directly with Zest’s Data Protection Officer and with the supervisory authority.
The details for each of these contacts are:
Zest Data Protection Officer:
Data Protection Officer
Zest Technology Ltd
Leatherhead House
Station Road
Leatherhead
Surrey KT22 7FG
dpo@zestbenefits.com
Supervisory Authority:
Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
casework@ico.org.uk
https://www.ico.org.uk
For details of our use of cookies, and to opt in or out of non-essential cookies, please visit this page.