Health & financial wellbeing in one portal 24/7 GP access and mental health support Salary access and thousands of discounts One branded platform for your workforce
Last updated: 5 June 2026
This Privacy Policy explains how Perks Direct collects, uses, shares and protects personal data when you visit our website, enquire about our services, or use the employee benefits, wellbeing and engagement platform we provide. Please take a few minutes to read it — we have tried to keep it clear and free of jargon.
The short version: we only collect what we genuinely need, we never sell your personal data, we take particular care with health and wellbeing information, and you are always in control of your rights over your data.
Perks Direct is an employee benefits, wellbeing and engagement platform (including an Employee Assistance Programme, or EAP). Perks Direct is a trading name of Benefits Direct Ltd, a company registered in England and Wales under company number 12498610. We are registered with the Information Commissioner’s Office (ICO) under registration number C1397758.
For any questions about this policy, or to exercise your data protection rights, you can reach our data protection contact at info@perksdirect.co.uk.
Data protection law distinguishes between a controller (who decides why and how data is processed) and a processor (who handles data on a controller’s instructions). Our role depends on the context:
If you are an employee using the platform, please also refer to your employer’s own privacy notice for information about how they handle your personal data in the employment context.
We collect data only through realistic channels for our website and service:
Because our platform includes services such as 24/7 GP/telehealth access, mental-health support and counselling (delivered by accredited counsellors), and an Employee Assistance Programme, using those services can involve special category data about your health and wellbeing. This is treated as particularly sensitive and is handled with extra care.
We rely on the following lawful bases under Article 6 of the UK GDPR:
Our Article 6 basis for arranging the benefit and clinical services you request is normally performance of a contract (or steps you ask us to take before entering into one). For the health data itself, we rely on an Article 9 condition — usually your explicit consent, or where applicable the provision of health or social care, as described in the section above.
We share personal data only where necessary, with appropriate safeguards and contracts in place. We never sell your personal data. The categories of recipient include:
We use appropriate technical and organisational measures to protect personal data against loss, misuse and unauthorised access — for example access controls, encryption in transit and limiting access to those who need it. The partners and processors we work with are bound by contract to keep your data secure and to process it only on our instructions or, where they are controllers in their own right, in line with their own obligations.
We aim to keep personal data within the UK. Transfers to the European Economic Area are covered by UK adequacy regulations, which the UK government has determined provide an equivalent level of protection. Where a provider processes data in any other country, we put an appropriate safeguard in place — such as UK adequacy regulations for that country, or the International Data Transfer Agreement (or the UK Addendum to the EU Standard Contractual Clauses) — so that your data continues to receive an equivalent level of protection.
We keep personal data only for as long as we genuinely need it. Enquiry and quote data is kept while we deal with your request and for a reasonable period afterwards; account and service data is kept for the duration of the relevant relationship; and some records are kept longer where the law requires (for example, accounting and tax records). Where we act as a processor, retention of employee data is governed by our agreement with the employer client. When data is no longer needed, we securely delete or anonymise it.
Under UK data protection law you have the right to:
We will respond to any rights request without undue delay and within one month of receiving it. If your request is complex, or you have made a number of requests, we may extend this by up to a further two months, and we will tell you (and explain why) within the first month. We will not normally charge a fee.
To exercise any of these rights, contact our data protection contact at info@perksdirect.co.uk. If your request relates to data we process on behalf of your employer, we may need to direct it to your employer as the controller, or handle it on their instructions.
We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing, and we do not use your personal data for that kind of automated profiling.
Our website and platform are intended for employers and their employees, and are not intended for anyone under 16 (or under 18 for clinical services such as GP/telehealth and counselling). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can address it.
Our website uses cookies and similar technologies. Essential cookies are needed for the site to function; non-essential cookies (such as analytics) are only set with your consent. You can change or withdraw your cookie consent at any time, as easily as you gave it, through our Cookie Policy or cookie settings. Full details of the cookies we use, including any analytics provider, are set out in our Cookie Policy, where you can also manage your preferences.
Our website and platform may contain links to third-party websites and partner services. This Privacy Policy does not apply to those external sites, and we are not responsible for their content or privacy practices. We encourage you to read the privacy notice of any site or service you visit.
We would always prefer to resolve any concern directly, so please contact us first at info@perksdirect.co.uk. You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection, at ico.org.uk or on their helpline 0303 123 1113.
We may update this Privacy Policy from time to time to reflect changes in our services, technology or legal obligations. When we make changes, we will update the “Last updated” date at the top of this page. Please check back periodically to stay informed.
Perks Direct is the trading name of Benefits Direct Ltd · Company No 12498610 · ICO Reg C1397758.
