We are committed to respecting your privacy and complying with data protection laws. By registering on the Website or otherwise using the Services, you give your consent to the use of your data in accordance with the terms contained in this section.
Last updated: June 2025
At Benivo Limited (“Benivo”, “we”, “us”, or “our”), safeguarding privacy, ensuring security, and promoting transparency are integral components of our services. To this end, this privacy policy (the “Policy”) outlines privacy practices regarding the collection and handling of personal information by Benivo when Users consume our services.
This Policy explains how Benivo handles personal data and protects the privacy of the users (“User” or “Users”) of our services (“Services”). This Policy applies to all Users of our Services. Any other capitalised terms in this Policy are as described and defined in the Benivo Users Terms and Conditions.
Benivo processes personal data based on several lawful grounds as required under applicable data protection laws, including the General Data Protection Regulation (GDPR). The lawful bases for our processing activities include:
We process personal data to provide our Services as per the contracts we have with our clients (User Employers). This includes processing necessary for account registration, service delivery, customer support, and communication.
We process personal data for our legitimate business interests, provided these interests are not overridden by Users' data protection rights. These interests include:
We obtain Users' consent for specific processing activities, such as by agreeing to this Privacy Policy. Users have the right to withdraw their consent at any time by contacting us at datarequest@datarep.com quoting <Benivo Limited> in the subject line.
We process personal data to comply with our legal obligations, such as maintaining records for tax and accounting purposes, responding to lawful requests from public authorities, and ensuring compliance with anti-money laundering regulations.
We collect different types of personal data and other information from Users who consume our Services, complete surveys, correspond via email/phone with Benivo employees, or submit data via approved third-party apps employed by Benivo. Some of your data might be provided by your Employer ahead of your registration to Benivo.
We collect different categories of personal data regarding Users as necessary for the provision of our Services including:
You may voluntarily provide additional details on your Benivo profile, such as your profile picture, photos, information regarding your relocation (e.g. your bank of choice, local transportation, company culture etc.), such information may be visible to Benivo and other authorised Benivo users.
We may also collect personal data about User dependents as necessary to provide certain relocation Services.
We seek to minimize collection of personal data not directly relevant and necessary to provide the specific Services requested. Individuals using the Service have control through privacy settings to limit additional data collected.
We are committed to protecting the privacy of children. We will not knowingly or intentionally collect, process or store personal information online from or about children under the age of 16 unless necessary to provide the relocation Services
The information we collect about you may be used by us to provide the Services to you, as subscribed by your Employer, and to process your registration, communicate with you, monitor, develop and improve the Services, process and deal with any complaints or enquiries made by or about you, monitor and investigate any suspected breach of our terms and conditions made by or otherwise relating to you.
We do not sell User personal data to any parties or share data with third parties for marketing purposes. We only disclose personal data to:
In order to consume some Services, you may be required to provide bank, credit card or PayPal details via the Service. This data is transferred to an FCA or equivalent regulated payment provider. Credit card details are not stored or processed by Benivo, nor will Benivo ever contact individuals and request passwords or credit card details.
It is possible that Benivo may share personal information to potential buyers or sellers of Benivo Limited under confidentiality arrangements.
Your data, including your feedback on the Services, your Employer, or your destination, may also be shared with your Employer and other Employees and published for testimonial purposes. Your feedback will only be attributed on a first-name basis should it be published on the Benivo platforms.
Beyond these situations, Benivo will not disclose User personal data to any external third parties unless required by law enforcement authorities. Where we do legally share data, it will be limited to the extent absolutely necessary and legally permissible.
Benivo utilizes vetted third-party service providers to assist in delivering and improving our Services. We conduct thorough due diligence checks on data security practices for all TPSPs. We have confidentiality agreements and data processing terms in place requiring TPSPs to keep User data secure and prohibiting use of information for any purpose other than performing services on behalf of Benivo.
TPSPs may provide services including:
Where TPSPs process or access any personal data, their access is limited strictly to what is necessary to perform contracted services. TPSPs may be provided categories of data including Identify, Contact, Financial or Transactional information but wherever possible, access will be to aggregated non-identifiable data sets.
As part of our Welcome Pack service, the User name and contact details may be shared with pre-approved partners strictly for fulfillment of delivery. These TPSPs are vetted and bound against stringent data protection requirements.
We conduct regular oversight checks on all TPSPs to ensure adherence to both contractual security and data processing provisions as well as alignment with overall Benivo data policies and standards. TPSP partnerships may be terminated for any data incidents or non-conformance.
Benivo leverages industry best practice security measures to protect User data in storage and transit. This includes:
Although we may use overseas cloud hosting providers or processors, we conduct thorough due diligence around applicable data center security and ensure compliance with data localization laws. Cloud platforms undergo independent audits across standards like ISO 27001, SOC 2 Type II, ISO 27017/18, and PCI DSS. We regularly review international data transfer mechanisms including Standard Contractual Clauses or the Data Protection Framework to legitimize cross-border data flows.
Benivo’s IT and network infrastructure is reviewed by external auditors annually and comprehensive information security policies are enforced within Benivo. Your data is backed up every day and Benivo have well-tested backup and restoration procedures that allow swift recovery from a major disaster.
Benivo retains personal data only as long as necessary to fulfill the purposes for which it was collected, as required by law, or as appropriately advised for business requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
For Instance,
We regularly review all systems and archives to ensure data removal in line with the above schedules. Legacy system backups may retain data until the end of their lifecycle; they are carefully secured and access-controlled.
In cases where we decide the means and purpose of processing and act as Controller, you can ask us to delete your data and we shall address it in a timely manner, subject to legal and regulatory obligations and keep you informed of it. In other cases where we act as Service Provider or Processor, we will route your requests to the Business or Controller for actioning your request to delete your data.
Removed personal data is either completely deleted or fully anonymized such that it cannot identify Users. Anonymized analytics data derived from activities may be retained indefinitely for service improvement and delivery purposes.
As a global company, Benivo may transfer some personal data to countries outside of the European Economic Area (EEA) or the United Kingdom. We take reasonable steps to ensure all data exports receive protections equivalent to those required under the GDPR or equivalent data protection laws.
Data transfers to any third countries without a decision of adequacy are legitimized through the following mechanisms:
We conduct due diligence assessments on all overseas entities to validate data protection regulations in destination countries and ensure appropriate security provisions are contractually required. Personal data will only be exported to nations demonstrating comprehensive rule of law, enforceable rights and effective legal remedies for data subjects.
Cross-border data transfer impact assessments are performed periodically factoring in guidance such as EDPB Recommendation 01/2020 covering supplementary measures for transfers. Additional data handling controls may be mandated for higher risk jurisdictions. Regional data localization requirements are respected.
Benivo recognizes and respects the rights of all data subjects under GDPR and local privacy laws, including:
For EU citizens:
Benivo may process the personal data of individuals in the European Union, European Economic Area and/or UK as data controller or data processor and has appointed DataRep as its Data Protection Representative for the purposes of GDPR*
If Benivo has processed or is processing your personal data, you may be entitled to exercise your rights under GDPR in respect of that personal data. For more details on the rights you have in respect of your personal data, please refer to the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en) or the national Data Protection Authority in your country.
Benivo has appointed DataRep as their Data Protection Representative in the European Union so that you can contact them directly in your home country.
If you want to raise a question to Benivo, otherwise exercise your rights in respect of your personal data, you may do so by:
PLEASE NOTE: when mailing inquiries, it is ESSENTIAL that you mark your letters for ‘DataRep’ and not ‘Benivo Limited', or your inquiry may not reach us. Please refer clearly to Benivo Limited in your correspondence. On receiving your correspondence, Benivo is likely to request evidence of your identity to ensure your personal data and information connected with it is not provided to anyone other than you.
If you have any concerns over how DataRep will handle the personal data we will require to undertake their services. please refer to their privacy notice at www.datarep.com/privacy-policy.
DataRep locations and contact information
For China citizens:
You confirm that Benivo may collect and store your personal data including, but not limited to, your name, contact details, ID / passport number and ID / passport copy for the purpose of your relocation. You understand that this information may be transferred to third party relocation service providers (“Benivo Service Providers” or “BSPs”), located both within China and overseas.
Your personal data will be safeguarded according to the regulations set in place by all relevant China legislation, including PIPL.
By agreeing to this policy you agree that you are providing explicit consent to Benivo to process your personal data as noted above.
We may change this policy if necessary, and if we do we will post any changes on this page. If you continue to use Benivo after those changes are in effect, you agree to the revised policy.