Husky Finance, a trading name of Financial SatNav Limited (referred to below as "Husky"/"we"/"us"/"our"), is a company registered in England and Wales under registered number 08071637, with our registered office at Gloucester House, Church Walk, Burgess Hill, West Sussex RH15 9AS, UK and our operational London office at 10 Finsbury Square, London EC2A 1AF.
Husky operates a number of websites to provide its services, all under the top-level domain huskyfinance.com. This policy refers to huskyfinance.com and all its sub-domains.
Under the UK data protection framework, Husky is the Data Processor for personal information provided by Husky customers; Husky customers (i.e. employers) remain the Data Controller for the personal data of their employees. Husky does not operate any joint controller arrangements with any other party at this time.
All Husky hosted services which store personal data (including huskyfinance.com) are hosted on the Microsoft Azure cloud platform, currently in the North Europe region (based in Dublin, Ireland). (This is with the exception of resources.huskyfinance.com and answers.huskyfinance.com, which are hosted by a third party on Digital Ocean servers in New York. Neither of these properties hold personal information relating to Husky customers.) All personal data is currently maintained within Microsoft’s Dublin facility.
The huskyfinance.com website and its sub-domains are intended for use by businesses; Husky is a business-to-business (B2B) service. With the exception of getstarted.huskyfinance.com, resources.huskyfinance.com and answers.huskyfinance.com, the sub-domains of huskyfinance.com that make up the Husky service are intended for use only by paying Husky customers and their agents. Any contact information held by Husky on its systems, beyond that provided by customers as part of the day-to-day running of the service, is held on the basis that it relates to business entities, and not to individuals outside of a B2B context.
By way of a separate method of access, individuals (in the capacity as employees) receive and provide information via a mobile application, known as the "Husky for Everyone" application, for the purposes of access by an employee to their own pension administration data.
Access to Husky services is currently made available through either the Husky websites (via the huskyfinance.com domain and its sub-domains), or through the "Husky for Everyone" application.
The Husky service (including the huskyfinance.com website) is not intended for use by individuals under the age of 16. If you are under the age of 16, you should leave the site immediately. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us at email@example.com. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our systems.
We collect information in the following ways:
Note that Husky does not currently employ any automated processing profiling techniques on individuals' data.
Husky does not directly store credit card or direct debit information in its systems; all payment information is handled via its PCI-certified payment providers.
As part of its day-to-day processing relating to workplace pension administration, Husky exchanges personal information relating to employees with the following groups of people:
The pension provider(s) specific to each employer The rights to carry out this processing and exchange of personal data is granted to Husky through our Standard Terms and Conditions, acceptance of which is a part of the sign-up process for every Husky customer.
Husky does not disclose personal employee information to any other party without the express permission of the relevant Data Controller.
We use third-party service providers to monitor and analyze the use of our service.
Service notifications, including advise of new software releases or procedures – these are sent to nominated contacts of customers or their agents Statutory communications – sent to employees to notify them of changes in their auto-enrolment status Marketing communications – sent to business contacts to inform them of the services Husky provides or to provide informative materials around workplace pensions For statutory or operational reasons, it is not possible for individuals to opt out of these first two forms of communication. All marketing communications from Husky include an unsubscribe option which enables individuals to be removed from any further marketing communications.
Husky takes the security of its customers’ personal information very seriously and adopts best practice in terms of data security across the organisation. As part of this commitment, Husky has ISO 27001 certification, audited by the British Standards Institute (BSI).
Vulnerabilities or threats to data security within the Husky service that are identified by customers, their agents or any other third-party should be notified without delay to firstname.lastname@example.org.
If Husky personnel become aware of a security breach, the company’s Information Security Officer takes the following steps:
Notifies the affected Data Controller(s) – typically the employer – by email and where appropriate also by telephone
Notifies the Pensions Regulator and the Information Commissioner's office, by email
Provides information on the breach on the company’s website
All notifications are to be made within 72 hours but will typically be made as soon as an impact assessment has been made, i.e. same day or next day.
Under certain circumstances, Husky may be required to disclose personal data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Husky may disclose personal data in good faith if it reasonably believes such action is necessary to:
Comply with a legal obligation Protect and defend the rights or property of Financial Satnav Limited or its subsidiaries Prevent or investigate possible wrongdoing in connection with the Husky service Protect the personal safety of users of the Husky service or the public Protect against legal liability Data Longevity Husky is obligated to maintain records relating to automatic enrolment for six (6) years. As such, it is not possible for employee or ex-employee to request that their data be removed prior to the end of that period.
Husky policy is to archive personal data older than six years and remove it from its online environment. Individuals may request that their personal data be removed from our archives by email to email@example.com.
Individuals may request copies of their personal data held by Husky by email to firstname.lastname@example.org. It is the Data Protection Officer’s responsibility to ensure that the request is a valid one from the individual concerned, and the DPO may contact the individual's current or previous employer in order to verify this.
Personal data is processed by Husky Finance in two physical locations, London and Dublin, but at all times, this data remains within these centres.
Who to contact if you have an issue or question If you have an issue, concern or question relating to privacy or data protection, you should contact the Husky Data Protection Officer via email in the first instance via email@example.com. You can also contact the DPO by calling +44 (0)20 7582 7875 and asking to speak to the Data Protection Officer, or by letter addressed to Husky Finance, 10 Finsbury Square, London EC2A 1AF, clearly marked for the attention of the Data Protection Officer.