Darwin: Privacy Statement

For a printable version of this statement please click here.

Protecting your privacy

Darwin is committed to protecting and respecting your privacy.  This privacy policy ("Privacy Policy") sets out the basis on which your personal information will be used by us. We are the "data controller" (that is, the person who decides what to do with it) of your personal information for the purposes of the Data Protection Act 1998 ("the Act"). 

Please read the following Privacy Statement carefully to understand how we will use and what we will do with your personal information.

Whose personal information do we collect?

Darwin needs to collect and use certain types of personal information in order to operate our web-based online benefits system.

The people whose personal information we collect include current, past and prospective employees of the businesses who use our online benefits services. It is these persons whose employment benefits and entitlements are captured on our systems and made available for easy online access.

What personal information do we collect?

We collect the following personal information:

·        Name

·        Age

·        Address and email

·        Telephone number

·        Security and identification information

·        Employment status and position

·        Employment contract details

·        Employment benefits and entitlements

·        Any other details necessary or relevant to the operation of the online benefits system from time-to-time.

In addition, it may occasionally be required by law to collect and use certain types of personal information of this kind to comply with the requirements of government departments for business data, for example.

How is your personal information used?

We will use the personal information you provide to us to:

• Operate and offer to you the benefits of our online benefits system.
• Administer our business and comply with laws and regulations.
• Share with others as set out elsewhere in this Privacy Policy.

The requirements of Data Protection Laws

We regard the lawful and correct treatment of personal information by Darwin as very important to our successful operation, and to maintaining confidence between us and our users.  We ensure that our organization treats personal information lawfully and correctly.  To this end we fully endorse and adhere to the 'Principles of Data Protection', as set out in the Act. In particular, without your consent or first amending this Privacy Policy to reflect any change in our usage of personal information:

·        We will not use your personal information for any purpose that is incompatible with this Privacy Policy.

·        We will only collect sufficient personal information from you to operate our online benefits system and not any more.

·        We will endeavour to keep your personal information up-to-date.

·        We will not retain your personal information longer than necessary unless required to do so by law.

·        We will operate appropriate technical and organizational processes to protect your personal information against unauthorized or unlawful access or processing and against accidental loss or destruction. The detailed measures we take are described elsewhere in this Privacy Policy.

·        We will not transfer your personal information to a country outside the European Economic Area unless adequate and sufficient safeguards are in place to protect your personal information to the standards that apply within the EEA.

Additional Privacy Measures

We have put in place internal training and management processes to enable us to perform in accordance with this Privacy Policy. In particular, we have a person with specific responsibility for Data Protection in our organization; currently that person is the Training and Procedures Coordinator.  The Training and Procedures Coordinator is responsible for ensuring that:

·        Everyone managing and handling personal information understands that they are responsible for following good data protection practice;

·        Everyone managing and handling personal information is appropriately trained to do so;

·        Everyone managing and handling personal information is appropriately supervised;

·        Anybody wanting to make enquiries about handling personal information knows what to do;

·        Anybody handling queries about personal information knows what to do;

·        Queries about handling personal information are promptly and courteously dealt with;

·        Methods of handling personal information are clearly described;

·        A regular review and audit is made of the way personal information is managed and new technology and security measures considered;

·        Methods of handling personal information are regularly assessed and evaluated; and

·        Performance with handling personal information is regularly assessed and evaluated.

Security Arrangements for your personal information

We believe that security of your personal information is core to you using and trusting our online system. 

When handling personal information security must be paramount and we have rigidly pursued a maximum security policy.  We utilize SSL (Secure Sockets Layer) 3.0 with 128-bit encryption, implemented with digital certificates from Verisign Inc., the recognized world leader in this field.  This protects web Internet and all information transferred to and from our online system from unauthorized access and snooping.  This ensures that personal information can be uploaded to the platform with the confidence that that personal information is secure.

The personal information stored on our system is also further protected from unauthorized access by 'firewall' systems and monitoring tools.  These prevent access by anyone other than legitimate users.  With our powerful monitoring and logging tools we can trap any events which may be associated with attempted security breaches.

Our online system is hosted by Datapipe.  This company was selected by us because they have an outstanding reputation for both security and a robust protocol, which further protects our Site.

With whom is your personal information shared?

Darwin may disclose your anonymised personal information to our business partners who provide services to us (for example employee benefit providers or insurance companies) so that we are able to obtain the best terms for the benefits you are provided with. This is conditional that they will process any such personal information in accordance with the Data Protection Act 1998. We will not disclose your personal information for the purposes of marketing.

Darwin may disclose depersonalized, aggregated statistics about our service visitors, clients and sales in order to describe our services to prospective partners, advertisers, investors and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifying information.

Darwin may disclose personal information if required to do so by law, court order or other governmental authority or if it believes that such action is necessary to protect and defend the rights, property or personal safety of Darwin, our online benefits system or its visitors.

IP Addresses and Cookies

We may collect information about your computer including where available your IP address, operating system and browser type for system administration as part of our audit trail process.  In addition we obtain information about your general Internet usage by using a cookie file which is stored on the hard drive of your computer.   Cookies are pieces of information that a website transfers to your hard drive to store and sometimes track information about you.  Most web browsers automatically accept cookies, but if you prefer, you can change your browser to prevent that.  However, you may not be able to take full advantage of our online system if you do so.  Cookies are specific to the server that created them and cannot be accessed by other servers, which means they cannot be used to track your movements around the web.  Although they do identify a user's computer, cookies do not personally identify users and passwords and credit card information are not stored in cookies.

We may use cookies to hold the brand last accessed for the login page where this is not specifically referenced.

You are not obliged to accept cookies - Go to www.cookiecentral.com for instructions on how to disable cookies.

Access to Information

Data Protection law gives you various rights including the right to access information held about you. 

We will provide you with a summary of the personal information that we hold about you upon your written request, subject to an administration charge of £10 per request. To make a request, you should send an email to [email protected] and provide your full postal address and postcode.

You can also request at any time that the personal information we hold about you is updated or corrected and we will gladly do this.

Your acceptance of these terms

By using our online benefits system, you consent to the collection and use of your personal information by Darwin and to this Darwin Privacy Policy.

If we change our Privacy Policy in any way, we will post these changes on this page. We recommend that you visit this Privacy Policy as often as you can to check for any changes.

Please e-mail any questions, concerns or comments you have about these policies to [email protected] or write to us at: