For the purpose of the DPA and GDPR we are the data controller and any enquiries regarding the collection or processing of your data should be addressed to The Director, REBA Group Ltd, 7c Vera Road, London SW6 6RW, United Kingdom.
By using the reba.global website you are accepting and consenting to the practices described in this policy. We are registered with the Information Commissioner’s Office for this purpose. (Registration number CSN2475735)
Visitors to our website
When someone visits www.reba.global we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Users who sign up for Professional Membership including REBA’s regular e-newsletters
You will give us personal information by filling in forms on our website or by corresponding with us by phone, e-mail or otherwise. Details collected will include:
- Your full name, company name, job role, contact details incl. work phone and email address, some profile details incl. your role and responsibilities.
We process personal information using the lawful basis of legitimate interests and for legitimate business purposes, which include some or all of the following:
- Where processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our Members
- To identify and prevent fraud
- To enhance the security of our network and information systems
- To better understand how users interact with our website
- To inform Members about our products and services via email communications, which we think will be of interest to you
- To inform prospective Members about our products and services via email communications
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- To provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about (unless you opt out of these communications);
- To provide you with information about services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about services similar to those which were the subject of a previous sale or negotiations of a sale to you or where you have agreed to such on registration on the site. If you are a new customer, we will contact you by electronic means only if you have consented to this.
- To notify you about changes to our service;
- To determine the effectiveness of promotional campaigns and advertising
Whenever we process data for these purposes we will ensure that we always keep your Personal Data rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so please email us at firstname.lastname@example.org. Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.
rebaLINK is REBA’s online networking and due diligence platform. Only approved Professional Members are entitled to access this platform, which is powered by Evoluted. rebaLINK is exclusively for the use of HR, reward & benefits professionals that do not supply paid-for products or services to the benefits, reward or HR community. It is a vendor-free and recruiter-free environment that is accessed with a password.
All Professional Members are automatically enrolled in this digital platform, as part of the services REBA provides for supporting HR, reward & benefits professionals in their roles.
The information Professional Members provide about themselves, either when completing their Networking Profile, or at the point of Membership application, is behind a password-only access wall. This information is not shared outside of the rebaLINK platform by REBA at any time, but Users may utilise the platform to message fellow Members or potential suppliers. If they do not include their contact details in these messages, then their details will not be shared outside of the platform.
If a Member wishes to stop receiving notifications from the rebaLINK platform about posts that match their profile details, then they can opt-out of them via their Networking Profile / My Account page. Or they can email us at email@example.com.
All communications via the rebaLINK platform use SSL encryption.
Users who subscribe to our e-newsletters
Users who do not qualify to become a Professional Member will receive REBA’s regular information alerts, if they have not opted out when signing up.
Some users may specifically choose to subscribe to the information alerts (as opposed to Membership). In this case the user will receive regular e-newsletters as part of this service.
To sign up to our e-newsletters we collect your personal information as outlined under the heading “Users who sign up for Professional Membership including REBA’s regular e-newsletters”.
Whenever we process data for these purposes we will ensure that we always keep your Personal Data rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so please click here. Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.
People who are prospective Professional Members
As an organisation we target HR, benefits and reward professionals in order to grow our community. We have sourced their business contact details through official list broking companies such as Electric Marketing. These individuals have consented to 3rd party communications through list research that these list broking companies have carried out. We subscribe to a quarterly update of the records to ensure any gone-aways are removed regularly. All contacts can unsubscribe from any of the email communications we send to them.
Additionally REBA’s Directors occasionally contact their LinkedIn connections to invite them to REBA events, or inform them about other REBA products such as research reports.
Email information alerts
We use a third party provider, Mailchimp, to send our regular e-newsletters including Member Information alerts and marketing emails to prospective Members. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our emails. Mailchimp annually certifies their agreement to EU/US regulations including the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. For more information, please see Mailchimp’s privacy notice.
People who register for REBA events
We use ticketing and registration platform Eventbrite for collecting registrations for REBA’s events. When collecting registrations we gather contact details and some profiling information relevant to the particular event, in order to tailor the event content for the needs of the delegates. At the point of registration we ask delegates to confirm their eligibility for the event, for their agreement to the event terms and conditions and for their communication preferences after the event.
If delegates agree to the sharing of their details with the event sponsors after an event, then we advise them that they need to refer to the privacy policies of each of the event sponsors. The details of the event sponsors are found on the REBA event page.
People who respond to our research surveys
REBA conducts in-depth research into both technical and high level issues, in order to provide essential business information for our Members and the wider HR, benefits and reward community.
We invite our Members and other senior HR, benefits and reward practitioners to participate in these surveys. If they respond we ask for their contact details and their responses to the detailed survey. At the point of response, we ask the respondents if they are happy for us to follow up with them by email to find out more about their survey input.
All data gathered for surveys is processed in order to establish the findings of the survey, and is then published in a report. We do not attribute responses to individual companies unless agreed with each individual contributor on a case by case basis. This will be made very clear to respondents ahead of the report being published. Unless respondents are told otherwise, the data we publish is only used in the aggregate.
As a thank you for completing the survey we send the final published report to the respondents. We keep their contact details for this purpose. We also ask them if they would like to receive information alerts about other relevant products & services from REBA. Anyone who agrees to this, can opt-out of REBA’s information alerts at any time.
Keeping your details up-to-date
You may review, correct, update or change your personal information at any time by contacting us at firstname.lastname@example.org. Alternatively / additionally if you are signed up as a Professional Member you can edit your personal information in your account online under My Account.
Our website search is powered by Evoluted. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by REBA or any third party.
People who contact us via social media
We use a third party provider, Hootsuite to manage our social media interactions on LinkedIn and Twitter. If you send us a private or direct messages via social media the message will be stored by Hootsuite for three months. It will not be shared with any other organisations.
People who email us
We use Google's GSuite as our email platform, which encrypts and protects email traffic for us. If your email service does not support encryption, you should be aware that any emails we send or receive may not be protected in transit.
We also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
People who contact us via the web enquiry form
Where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide. We use SSL encryption to submit the forms. SSL (https) encrypts all data sent from the browser to the server.
Disclosure of your information
We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others:
- We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 users have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
- Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If REBA Group Ltd or substantially all of its assets are acquired by a third party, personal data held by it about its customers will be one of the transferred assets.
Where we store your personal data
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by indicating such at the time that you sign up to our website. You can also exercise the right at any time by contacting us at The Director, REBA Group Ltd, 7c Vera Road, London SW6 6RW, United Kingdom.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Our data retention policy is as follows:
- Professional Members: we will retain the personal data, submitted to us via our online Membership form, for as long as the individual wishes to be a Member. If there is a period of over 3 years during which we don’t receive interaction (email opens, digital platform activity, event attendance) from individual Members, then we will not retain the data longer than this period. If a Member opts out of email information alerts, they will continue to be a Member unless they contact us specifically to request otherwise.
- Associate Members: our customers provide us with their data so we can fulfil a business contract with them. We will retain this data for up to 5 years in order to have a historical record of activity with these customers.
- Event delegates: we will retain the personal data, submitted to us via our online booking form, for up to 3 years. Event delegates often choose to return to events they’ve previously attended, so in order to inform past delegates and registrants about future relevant events we will retain their data. If we do not receive interaction (email opens, bookings or event attendance) from event contacts for over 3 years, then we will delete their data after this period.
- Research respondents: those who respond to any of our research surveys are contributing to in-depth insight reports. We store findings of the data submitted for up to 10 years for trend recording, but we only hold contact data for up to 3 years in order to be able to contact respondents with regards to future research projects and reports. If we do not receive any further input from these respondents, and they are not engaged in other areas of communication with us after 3 years, such as participating in REBA events, joining as a Member or reacting to emails, then we will not retain their data after this period.
Access to information
Under the General Data Protection Regulations (“GDPR”) you have the right to access information held about you, and you have the right to be forgotten by REBA Group Ltd. Contact us at email@example.com for more information or to make a request.
Last updated: 22 May 2018