We have self service tools available within members 'Security Centre' that can facilitate requests for deletion of members data (known as the Right to be forgotten or the Right to erasure) and for copies of all the personal data we store (known as a Subject Access Request or the Right to Access).
Deactivate Your Account
Employees can deactivate their account which permanently deletes all data related to the employee from our systems. This is a simple way for employees to exercise their right to erasure (sometimes referred to as ‘right to be forgotten’).
A request is sent to administrators of the scheme (usually someone in the HR department) to verify the request is genuine and then approve or deny it. Once approved, all data is removed including any available cashback funds on account.
Download Your Data
Employees can request a copy of all the personal data we store relating to them, either in a PDF or machine-readable JSON format. A password will be given to the member upon requesting a download, which is used to encrypt the data export we generate.
A request is sent to the administrators of the scheme (usually someone in the HR department) to verify the request and then approve or deny it. Once this is approved, the member will receive an email notification to download their data.
Where can employees find the Security Center?
When logged into Reward Gateway, members can click 'Account' in the top right hand menu, 'Account Settings' and finally 'Security Centre'. You can read more about our Security Centre at A guide to the Employee Security Center.
Why does my employer need to approve these requests?
There are a number of reasons we involve your employer in these requests.
- We need to validate the authenticity of the request. Password reuse and account sharing is an unfortunate common practise. If we were to delete your data without properly authenticating the request, we would potentially be causing an incident by removing access to your data.
- Rather than requesting copies of identity documents - which many other companies do in response to these requests - we decided to build a simple workflow which allows employers to authenticate these requests. This also handles notifying your employer of your request to no longer share your data with us.
- Your employer is the Data Controller of some information and Reward Gateway is the processor. We need to inform them in order to ensure they do not share your information with us again.
- This process means you can have your request processed quickly with very little effort from you, well within the month we have to respond to your request. We have automatic reminders to employers who do not respond to these requests in a timely manner.
What is expected of employers receiving these requests?
- Checking with the member through trusted channels (eg. internal communication platforms) that they did make this request.
- Approving the request if the request is genuine. Rejecting the request and informing us if the request is not genuine.
- Ensuring you update the systems they use to share employee data with us to reflect the employees right to restrict processing and erasure.
What if my employer won’t or doesn’t respond to these requests, and I want my data deleted as soon as possible?
- You can get in touch with us through the usual support channels, or directly via privacy-requests@ rewardgateway.com
- We may manually verify your identity and approve the request ourselves, while informing your employer at the same time without waiting for their approval (they will still be informed). Please note however, we do have one month to respond to these requests, and going through our automated process is more likely to ensure your request is dealt with quickly and efficiently.
What if my employer shares my data with Reward Gateway, even after I have exercised my right to erasure?
We have a process where we make a secure ‘hash’ (a one-way, irreversible process) of the unique identifier that your employer shares with us (this is usually your payroll ID, work email address, staff number).
When processing a membership refresh or upload, we compare the data provided with this ‘hashed’ value. If it matches, we inform the administrator and reject the data, ensuring we don’t process your data once you have informed us not to.
This is designed as a safety measure to ensure we don’t process your data after being instructed not to, on the basis that employers often use automated data integrations with us and in some situations may not update their systems as quick as we update ours. It is not designed as a replacement for proper lawful basis management and we advise employers to ensure they have their own internal processes for managing this.
Article is closed for comments.