We will collect, process and store personal information about you which will include:
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Most of the information described above comes directly from you but we do obtain some from third parties, e.g. where your information is passed to us from your employer as they have designated you as their contact person. Like most site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”). This Log Data may include information such as your computer’s IP address, browser type, browser version, computer settings, the pages of our Site that you visit, how often you visit those pages, the time and date of your visits, the time spent on those pages and other statistics.
Where we need to collect personal data by law, or under the terms of a contract we have with you or your employer, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you or your employer (for example, to provide you or the company you represent with our services). In this case, we may have to cancel the supply of a product or service, but we will notify you if this is the case at the time.
If you fail to provide personal information when applying for a role with us which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application further. For example, if we require a credit check or references for a role and you fail to provide us with relevant details, we will not be able to take your application further.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
We use your personal information in the following ways:
If you are a business contact, we shall use your information to contact you to discuss our services (and any changes to them); to provide our services, to respond to any questions or concerns you have raised; to deal with administrative matters such as contacting you for business purposes; and (where applicable) to prevent fraud. We will do this on the basis of our legitimate business interests.
We may also use your personal information in order to comply with any legal obligation that we have, in connection with any legal proceedings, or in order to establish, exercise or defend our legal rights.
Where we have relied on our legitimate interests to process your personal data, you may contact us to obtain more information, including in relation to our assessment of the impact on you.
Your information will be shared internally amongst our staff but they will only use it to carry out their duties in line with the purposes set out above. We will need to share your personal information with others from time to time, including:
We will also disclose your personal information if we are required to do so by law or to a law enforcement agency.
We may store your data physically or electronically. Any data stored electronically will be encrypted and stored in our secure servers and/or in our service providers servers in the European Economic Area (EEA) and any data stored physically will be stored in our business premises within the UK.
We will ensure that any transfer of personal information from countries in the EEA to countries outside the EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission, or the use of binding corporate rules or other legally accepted means.
Although we will always do our best to protect your personal data, we cannot guarantee the security of data transmitted to our Site and any transmission is at your own risk.
To determine the appropriate retention period for personal data, we consider the following:
In summary, however, we keep:
We will securely erase your information in advance of these deadlines if we decide that we no longer need it.
You have the following rights regarding your information:
|What does this mean?
|1. Right to be informed
|2. Right of access
|3. Right to rectification
|You are entitled to have your information corrected if it is inaccurate or incomplete.
|4. Right to erasure
|This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
|5. Right to restrict processing
|You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
|6. Right to data portability
|You have the right to obtain and reuse your personal data in a structured, commonly used and machine readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
|7. Right to withdraw consent
|If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful).
|8. Right to object to processing
|In addition to the above rights, you also have the right to object to certain types of processing, in certain circumstances. In particular, the right to object to the processing of your personal data based on our legitimate interests grounds (including processing fro direct marketing).
If you remain unsatisfied with the resolution of your privacy complaint or our response in relation to your exercising of your statutory rights, you may send your complaint in writing to either firstname.lastname@example.org or our registered address at:
FAO Head of Legal
5 Merchant Square
London W2 1AY
Upon receipt of the same, we will investigate your complaint and respond to you within a reasonable time frame.
If you are still not satisfied with our response you may make a complaint to the supervisory authority responsible for the territory in which your Controller operates. In the UK, that is the Information Commissioner – see www.ico.org.uk for more information.