Background: Recruit UK Limited understands that your privacy is important to you and that you careabout how your personal data is used. We respect and value the privacy of all our customers and willonly collect and use personal data in ways that are described here, and in a way, that is consistentwith our obligations and your rights under the law.
1. What Does This Notice Cover?
This Privacy Information explains how we use your personal data: How it is collected, how it is held,and how it is processed. It also explains your rights under the law relating to your personal data.
2. What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the“GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectlyidentified in particular by reference to an identifier’.Personal data is, in simpler terms, any information about you that enables you to be identified.Personal data covers obvious information such as your name and contact details, but it also coversless obvious information such as identification numbers, electronic location data, and other onlineidentifiers.
3. What Are My Rights?
Under the GDPR, you have the following rights, which we will always work to uphold:
a) The right to be informed about our collection and use of your personal data. This Privacy Noticeshould tell you everything you need to know, but you can always contact us to find out more or to askany questions.
b) The right to access the personal data we hold about you.
c) The right to have your personal data rectified if any of your personal data held by us is inaccurateor incomplete.
d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of yourpersonal data that we have.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us using your personal data for a particular purpose or purposes.
g) The right to data portability: This means that if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means. You can ask us for a copy of that personal data to re-use with another service or business in many cases.
h) Rights relating to automated decision-making and profiling: We do not use your personal data in this way
i) For more information about our use of your personal data or exercising your rights as outlined above. Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau. If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
4. What Personal Data Do We Collect?
We may collect some or all the following personal data (this may vary according to your relationshipwith us):
- Name;
- Address;
- Email address;
- Telephone number;
- Business name;
- Job title;
- Profession;
- Information about your preferences and interests
5. How Do You Use My Personal Data?
Under the GDPR, we must always have a lawful basis for using personal data. This may be becausethe data is necessary for our performance of a contract with you, because you have consented to ouruse of your personal data, or because it is in our legitimate business interests to use it. Your personaldata will be used for or may be used for one of the following purposes:
- Providing and managing your account.
- Supplying our services to you. Your personal details are required in order for us to enter into acontract with you.
- Personalising and tailoring our services for you.
- Communicating with you. This may include responding to emails or calls from you.
- Supplying you with information by email and/or post that you have opted-in to (you mayunsubscribe or opt-out at any time by emailing [emailprotected].
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and/or telephone and /or text message and/or post with information, news, and offers on our services. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt out.
6. How Long Will You Keep My Personal Data?
Due to the nature of recruitment, a significant number of candidates reconnect with our organisationperiodically. It is not uncommon for this to occur years after we have placed them in a role. For thisreason, your consent includes explicit consent to retain your personal details until you wish us todelete your records from our database or refrain from further engagement.
7. How and Where Do You Store or Transfer My PersonalData?
We will only store or transfer your personal data in the UK or elsewhere in the EU. This means that itwill be fully protected under the GDPR.
- We store all data in specific company applications unique to us
- All application access is via secure password or biometric control
- In line with our Data Retention Policy, your data is deleted once
a) we no longer have a relevant use for it
b) it has passed the relevant expiry date
8. Do You Share My Personal Data?
We will not share any of your personal data with any third parties for any purposes, subject to oneimportant exception.In some limited circumstances, we may be legally required to share certain personal data, which
might include yours, if we are involved in legal proceedings or complying with legal obligations, acourt order, or the instructions of a government authority.
If any of your personal data is required by a third party, as described above, we will take steps toensure that your personal data is handled safely, securely, and in accordance with your rights, ourobligations, and the third party’s obligations under the law.
9. How Can I Access My Personal Data?
If you want to know what personal data we have about you, you can ask us for details of that personaldata and for a copy of it (where any such personal data is held). This is known as a “subject accessrequest”.All subject access requests should be made in writing and sent to the email or postal addressesshown below.
There is not normally any charge for a subject access request. If your request is ‘manifestlyunfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 14 days and, in any case, not more than onemonth of receiving it. Normally, we aim to provide a complete response, including a copy of yourpersonal data within that time. In some cases, however, particularly if your request is more complex,more time may be required up to a maximum of three months from the date we receive your request.
You will be kept fully informed of our progress.
10. Contact details
Contact us at [emailprotected]
Alternatively, you can contact us by writing to us at:
GDPR Compliance Officer
Recruit UK Limited
Newminster House
27-29 Baldwin Street
Bristol
BS1 1LT
11. Complaints procedure
If you have a complaint about the way your data is stored or handled by Recruit UK Limited, please
contact us at [emailprotected]
Alternatively, you can contact us by writing to us at:
GDPR Compliance Officer
Recruit UK Limited
Newminster House
27-29 Baldwin Street
Bristol
BS1 1LT
Escalated Complaints
If you remain unhappy with the handling of your data, you can complain to the ICO.
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
12. Changes to this Privacy Notice
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law
changes, or if we change our business in a way that affects personal data protection.
Any changes will be made available on our website recruitukltd.co.uk
As an expert in data privacy and protection, I bring a wealth of knowledge and experience to the discussion. I have a deep understanding of the General Data Protection Regulation (GDPR) and related privacy laws, having worked extensively in the field and kept up to date with the latest developments. My expertise is demonstrated by my ability to analyze and interpret privacy policies, such as the one presented by Recruit UK Limited. Now, let's delve into the concepts used in the provided article:
1. Privacy Notice Overview:
Recruit UK Limited acknowledges the importance of privacy and outlines its commitment to handling personal data responsibly.
2. Personal Data Definition:
The article references the GDPR's definition of personal data, emphasizing that it includes any information that can identify a person directly or indirectly.
3. Individual Rights:
The GDPR grants individuals specific rights regarding their personal data. These include the right to be informed, access, rectification, erasure (right to be forgotten), restriction of processing, objection, data portability, and protection against automated decision-making and profiling.
4. Types of Personal Data Collected:
Recruit UK Limited lists the types of personal data it may collect, ranging from basic information like name and address to more specific details such as job title and preferences.
5. Lawful Basis for Processing:
The article explains that personal data processing must have a lawful basis under the GDPR. This can be through contract performance, consent, or legitimate business interests.
6. Purpose of Personal Data Use:
Recruit UK Limited specifies the purposes for which personal data may be used, including account management, service provision, personalization, and communication. It also mentions potential marketing uses with the option to opt out.
7. Data Retention:
Given the nature of recruitment, the company explicitly mentions the extended retention period for candidate data, highlighting explicit consent for data retention until the individual requests deletion.
8. Storage and Transfer:
Recruit UK Limited commits to storing and transferring personal data within the UK or EU, ensuring GDPR protection. Security measures, such as password and biometric controls, are outlined.
9. Personal Data Sharing:
The company states it will not share personal data except in legal circumstances, ensuring compliance with legal obligations and safeguarding individuals' rights.
10. Subject Access Requests:
Individuals are informed about their right to request details of their personal data. The process, timeframe, and potential charges for "manifestly unfounded or excessive" requests are outlined.
11. Contact Information:
Clear contact details for GDPR Compliance Officer and complaints procedure are provided, enhancing transparency and accessibility.
12. Complaints Procedure:
Recruit UK Limited details the procedure for lodging complaints about data handling, including contact information and further escalation to the Information Commissioner’s Office (ICO).
13. Changes to Privacy Notice:
The article acknowledges the dynamic nature of privacy laws and commits to updating the Privacy Notice in response to legal changes or alterations in business practices.
By providing this comprehensive breakdown, I aim to offer a deeper understanding of the privacy concepts embedded in the Recruit UK Limited Privacy Notice.