privacy policy

Last update: 1 October 2025

The protection of your personal data is important to us. This policy describes how we process data collected through the Benefit Makers portal (www.thebenefitmakers.com), managed by ConfBenefit AISBL, and how your rights are guaranteed under EU Regulation 2016/679 (GDPR).

 

  1. Data controller

The data controller is ConfBenefit AISBL, an international non-profit association (AISBL) with registered office in Brussels (Belgium). For enquiries: privacy@thebenefitmakers.com.

 

  1. Portal management and licence of use

The Benefit Makers portal is owned by the holder of the intellectual property rights to the trademark and platform, licensed exclusively to ConfBenefit AISBL for association and community purposes.

ConfBenefit AISBL acts as the data controller for the data collected through the portal. Mariangela Zito acts as the data processor for technical and functional management.

 

  1. Types of data processed

Through the portal, we may collect:

  • Identification data: company name, legal form, registered office, VAT number/tax code.
  • Contact details: first and last name of contact persons, role, email address, telephone number.
  • Public company data: description, common benefit objectives, selected SDGs, logo, website, social media links.
  • Uploaded documents: articles of association, impact reports, company presentations.
  • Browsing data: IP address, technical logs, cookies and similar technologies.

 

  1. Purposes of processing

The data is processed for the following purposes:

  • To manage requests for registration on the Benefit Makers platform.
  • To evaluate applications for admission to ConfBenefit AISBL as full members.
  • To create and publish company profiles in the international directory (subject to consent).
  • To enable the use of networking and collaboration services.
  • To manage administrative and membership relations (fees, institutional communications).
  • To send newsletters and informational communications (subject to consent).
  • To store company documents for internal evaluation purposes.

For companies in transition towards the Benefit business model (Wanna Benefit), data will be processed in order to allow access to restricted areas of the platform, training content and preliminary networking, with the aim of supporting the transition to becoming a Benefit Corporation.

Looking ahead: to also allow access to other stakeholders (professionals, investors, partner organisations) with dedicated areas and purposes. For other stakeholders (professionals, investors, partner organisations), data will be processed in order to allow the creation of dedicated profiles, access to specific content and services, as well as the management of networking and partnership activities.

 

  1. Legal basis

Membership contract: management of membership of ConfBenefit and use of the platform.

Consent: publication of profile, use of logo, sending of newsletters.

Legal obligations: storage of administrative/tax documentation.

Legitimate interest: platform security and improvement of digital services.

 

  1. Data retention

Membership data: for the duration of the membership relationship + 10 years (tax/administrative obligations).

Uploaded documents: until membership is revoked or a request for cancellation is made.

Newsletters: until consent is revoked.

Technical logs: max 12 months.

 

  1. Communication and dissemination

Data may be communicated to:

ConfBenefit Admission Committee, technical partners and appointed consultants, competent authorities in cases provided for by law. Company profiles and logos are only published on the platform with express consent.

 

  1. Transfers outside the EU

If data is processed in countries outside the EU, ConfBenefit AISBL will ensure adequate safeguards (e.g. European Commission Standard Contractual Clauses).

 

  1. Rights of data subjects

Users may exercise their rights under Articles 15-22 of the GDPR at any time: access, rectification, erasure, restriction, objection, data portability and withdrawal of consent.

 

  1. Data security

Appropriate technical and organisational measures are taken to protect personal data from unauthorised access, loss, misuse or unauthorised disclosure.

 

  1. Changes to the policy

This Privacy Policy may be updated in the event of regulatory or functional changes. The updated version will always be published on the portal.