Benefacts registered users - Privacy Notice

Please read this Privacy Notice carefully. It contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

Who we are

This Site is operated by Benefacts of 6 Merrion Square, Dublin D02 FF95, Ireland. You can contact us by post at this address or by email at We are a company limited by guarantee without share capital with company registration number 553387. Read more about our company here

Our data protection officer may be contacted by emailing

The Site

This Privacy Notice relates to your use of as a Benefacts registered user only.

Please refer for our general Privacy Notice and terms relating to


Our collection and use of your personal information

We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union and Ireland and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

We collect personal information about you when you register to access our website, contact us, or send us feedback.

We collect this personal information from you either directly, such as when you register with us, your login details, or contact us via our website or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).

The personal information we collect about you includes:

  • your name and email address;
  • your login details including email verification;
  • details of any feedback you give us by email;
  • how you browse the Site;

We use this personal information to:

  • create login credentials;
  • notify you of any changes to our website or to our services that may affect you; and
  • improve and assess the utility of the Site.

Our legal basis for processing your personal information

When we use your personal information we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.

The legal basis we rely on for processing your personal data in connection with Benefacts registered users is Benefacts’ legitimate interests: where our use of your personal information is necessary for our legitimate interests in assessing the utility of the website and the interest in the registered users only content service, where Benefacts’ legitimate interest is not overridden by your personal rights and freedoms.

Further information – the personal information we collect, when and how  we use it

For further details on when we collect personal information, what we collect as well as how we use it, please read the following sections:

When information is collectedWhat information we ask forHow and why we use your information
When you register with us– Contact details: your name, email address and password;
We ask for this:
– to create and manage access to our Site
– to assist us in reporting to our funders and other stakeholders on the profile of users of the Site
We rely on our legitimate interests in testing our new product with users as the lawful basis for collecting and using your personal information.
Anonymised and aggregated data may be shared with our funders and other stakeholders. No individual user will be identified or named.
When you use the SiteBrowsing activity through the website, search activity and monitoring of logins.We ask for this:
– To analyse use of the Site
– To improve the user experience on the Site
We rely on our legitimate interests in testing our new product with specified users as the lawful basis for collecting and using your personal information.
Such personal data may be shared in an aggregated format with our funders and other stakeholders. No individual user will be identified or named.

Who we share your personal information with

Other than as outlined in the table above we may also share your personal information with law enforcement or other authorities if required by applicable law.

We will not share your personal information with any other third party.

Whether information has to be provided by you, and if so why

We require you to provide a name, email address and password to enable us to allow access to our Site. We do not ask you to submit any optional extra personal data.

In order to use the Benefacts registered users service, you are required to provide the information we request.

If you do not provide the information we request, you may not log-in to the Benefacts registered users service.

Transfer of your information out of Ireland and EEA

We will not transfer your personal information to any party located outside the European Economic Area (EEA).

Cookies and other tracking technologies

We use three kinds of tracking / analytic technologies to monitor your behaviour as a visitor on the website. In all cases your identity is anonymised (i.e. you cannot be identified, or you are assigned a random number). We will be able to analyse use relating to particular roles or functions within the public service, although not at an individual level.

Google AnalyticsGoogle Analytics is a web analytics service offered by Google that tracks and reports website traffic, currently as a platform inside the Google Marketing Platform brand.
HotJarHotjar is a behavior analytics and user feedback service that helps us to understand the behavior of our website users and get their feedback through tools such as heatmaps, session recordings, and surveys. 
MixPanelMixpanel allows us to track user interactions with our Site. Data collected is used to build custom reports and measure user engagement and retention.

Your rights

Under the General Data Protection Regulation you have a number of important rights. In summary, those include rights to:

  • fair processing of information and transparency over how we use your use personal information;
  • access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address;
  • require us to correct any mistakes in your information which we hold;
  • require the erasure of personal information concerning you in certain situations;
  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
  • object at any time to processing of personal information concerning you for direct marketing;
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
  • object in certain other situations to our continued processing of your personal information;
  • otherwise restrict our processing of your personal information in certain circumstances; and
  • claim compensation for damages caused by our breach of any data protection laws.

If you would like to exercise any of those rights, please:

  • email us;
  • let us have enough information to identify you (eg, user name, email);
  • let us know the information to which your request relates.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it.

Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

We hope that we can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in a European Economic Area state if you work, normally live or if any alleged infringement of data protection laws occurred in the relevant state. The supervisory authority in Ireland is the Data Protection Commissioner who may be contacted at

Changes to this website privacy policy

This website privacy policy was published on 15th September 2020

We may change this website privacy policy from time to time, when we do we will inform you via a notice on this website.

How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact us, please send an email to