Terms & Conditions
Effective date: 25 May 2018
Who is Husky?
Husky Finance, a trading name of Financial SatNav Limited (referred to below as “Husky”/“we”/“us”/“our”), is a company registered in England and Wales under registered number 08071637, with our registered office at Gloucester House, Church Walk, Burgess Hill, West Sussex RH15 9AS, UK and our operational London office at 10 Finsbury Square, London EC2A 1AF.
Husky operates a number of websites to provide its services, all under the top-level domain huskyfinance.com. This policy refers to huskyfinance.com and all its sub-domains.
Under the UK data protection framework, Husky is the Data Processor for personal information provided by Husky customers; Husky customers (i.e. employers) remain the Data Controller for the personal data of their employees. Husky does not operate any joint controller arrangements with any other party at this time.
All Husky hosted services which store personal data (including huskyfinance.com) are hosted on the Microsoft Azure cloud platform, currently in the North Europe region (based in Dublin, Ireland). (This is with the exception of resources.huskyfinance.com and answers.huskyfinance.com, which are hosted by a third party on Digital Ocean servers in New York. Neither of these properties hold personal information relating to Husky customers.) All personal data is currently maintained within Microsoft's Dublin facility.
Intended Use and Methods of Access
The huskyfinance.com website and its sub-domains are intended for use by businesses rather than individuals; Husky is a business-to-business (B2B) service. With the exception of getstarted.huskyfinance.com, resources.huskyfinance.com and answers.huskyfinance.com, the sub-domains of huskyfinance.com that make up the Husky service are intended for use only by paying Husky customers and their agents. Any contact information held by Husky on its systems, beyond that provided by customers as part of the day-to-day running of the service, is held on the basis that it relates to business entities, and not to individuals outside of a B2B context.
Access to Husky services is currently made available only via Husky websites via the huskyfinance.com domain and its sub-domains; there are no other channels available to access the service at this time.
The Husky service (including the huskyfinance.com website) is not intended for use by individuals under the age of 16. If you are under the age of 16, you should leave the site immediately. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us at email@example.com. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our systems.
Information We Collect
We collect information in the following ways:
Note that Husky does not currently employ any automated processing profiling techniques on individuals' data.
Husky does not directly store credit card or direct debit information in its systems; all payment information is handled via its PCI-certified payment providers.
Information Processing & Distribution
As part of its day-to-day processing relating to workplace pension administration, Husky exchanges personal information relating to employees with the following groups of people:
The rights to carry out this processing and exchange of personal data is granted to Husky through our Standard Terms and Conditions, acceptance of which is a part of the sign-up process for every Husky customer.
Husky does not disclose personal employee information to any other party without the express permission of the relevant Data Controller.
Third-Party Service Providers
We use third-party service providers to monitor and analyze the use of our service.
Automated communications from Husky may take one of three forms:
For statutory or operational reasons, it is not possible for individuals to opt out of these first two forms of communication. All marketing communications from Husky include an unsubscribe option which enables individuals to be removed from any further marketing communcations.
Husky takes the security of its customers' personal information very seriously and adopts best practice in terms of data security across the organisation. As part of this commitment, Husky is putting in place ISO 27001 certification, audited by the British Standards Institute (BSI). This is expected to be completed in September 2018.
Vulnerabilities or threats to data security within the Husky service that are identified by customers, their agents or any other third-party should be notified without delay to firstname.lastname@example.org.
If Husky personnel become aware of a security breach, the company's Information Security Officer takes the following steps:
1. Notifies the affected Data Controller(s) - typically the employer - by email and where appropriate also by telephone
2. Notifies the Pensions Regulator and the Information Commissioner's office, by email
3. Provides information on the breach on the company’s website
All notifications are to be made within 72 hours but will typically be made as soon as an impact assessment has been made, i.e. same day or next day.
Disclosure of Data
Under certain circumstances, Husky may be required to disclose personal data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Husky may disclose personal data in good faith if it reasonably believes such action is necessary to:
Husky is obligated to maintain records relating to automatic enrolment for six (6) years. As such, it is not possible for employee or ex-employee to request that their data be removed prior to the end of that period.
Husky policy is to archive personal data older than six years and remove it from its online environment. Individuals may request that their personal data be removed from our archives by email to email@example.com.
Requests for Access
Individuals may request copies of their personal data held by Husky by email to firstname.lastname@example.org. It is the Data Protection Officer's responsibility to ensure that the request is a valid one from the individual concerned, and the DPO may contact the individual's current or previous employer in order to verify this.
Data transfers outside the EEA
Personal data is processed by Husky Finance in two physical locations, London and Dublin, but at all times, this data remains within these centres. At no time does Husky transfer personal data outside of the EEA.
Who to contact if you have an issue or question
If you have an issue, concern or question relating to privacy or data protection, you should contact the Husky Data Protection Officer via email in the first instance via email@example.com. You can also contact the DPO by calling +44 (0)20 7582 7875 and asking to speak to the Data Protection Officer, or by letter addressed to Husky Finance, 10 Finsbury Square, London EC2A 1AF, clearly marked for the attention of the Data Protection Officer.