This General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a new regulation which replaces the Data Protection Regulation (Directive 95/46/EC). The Regulation aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which commercial organisations can legally operate.
Even though the UK has expressed its intention to leave the EU in March 2019, the GDPR will continue to be applicable in the UK from 25th May 2018. The Government intends for the GDPR to continue in UK law post Brexit and has also introduced a Data Protection Bill to replace the current Data Protection Act in due course.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purposes of data protection legislation in force from time to time the data controller is Sustain Recruitment Ltd. Quadrant Court, 51-52 Calthorpe Road, Birmingham B15 1TH.
Who we are and what we do:
We are a recruitment agency and recruitment business as defined in the Employment Agencies and Employment Business Regulations 2003 (Sustain Recruitment Ltd). We collect the personal data of the following types of people to allow us to undertake our business:
Prospective and places candidates for permanent and temporary roles;
Prospective and live client contacts;
Supplier contracts to support our services;
Employees, consultants, temporary workers.
We collect information about you solely for the purpose of carrying out our core business and ancillary activities.
What we collect from you:
Sustain collects personal data directly from you, (via email, website forms, phone or otherwise) as well as from other available sources to the extent relevant and permitted under the GDPR legislation. Subject to this applicable law we may collect the following information:
Name and job title;
Contact information including phone numbers and email addresses;
Links to your professional profiles, available in the public domain, e.g. linked in, corporate web sites and others;
Your competence, skills, experience and education, e.g. your CV and resume, previous employments, educational details and qualifications, third part references;
Your references, e.g. preferred country of employment, areas of interest as well as your preferred ways to be contacted by Sustain;
Other information relevant to roles and relevant to industry news;
Other information, such as information found from public sources as well as information depending on the position you are applying for, and where necessary for the recruitment activities. This will only be in the case of legitimate interest (please see our Legitimate Business Interests below).
We will only collect sensitive personal data about you when absolutely necessary for the recruitment process. We will only process this data if you have given your consent for us to do so.
Our Legitimate Business Interests
Our legitimate interests in collecting and retaining your personal data are described below:
As a recruitment business and recruitment agency we introduce candidates to clients for permanent employment, temporary worker placements or independent professional contracts. The exchange of personal data of our candidates and our client contacts is a fundamental, essential part of this process.
In order to support our candidates’ career aspirations and our clients’ resourcing needs we require a database of candidate and client personal data containing historical information as well as current resourcing requirements.
To maintain, expand and develop our business we need to record the personal data of prospective candidates and client contacts. Due to the nature of our business we will never store your personal data for a period longer than 6 years without having meaningful contact from us in 6 years or more your personal information will be deleted from our systems. “Meaningful contact” means, for example, any form of contact between us in relation to the Company assisting / providing recruitment services to you.
When you access our services online, our web servers automatically create records of your visit. These records typically include IP- address, access times, the sites linked from, pages visited, the links and features used, the content viewed or requested, browser or application type, language and other such information. When you use our services or otherwise interact with us over telecommunication networks, certain additional information, such as your mobile telephone number, may be transmitted to Sustain by the telecommunications operator as a standard part of that communication.
Purpose of the processing and the legal basis for the processing
Sustain will collect, use, store and otherwise process your Persona Data for the purposes of Sustain’s recruitment or resourcing activities. Additionally your personal data may be processed for other purposes such as relevant information we think will be of legitimate interest to you. We may also use your personal data to carry out our obligations we have entered into between you and us.
Our legal basis for the processing of personal data is our legitimate business interests, described in more detail below, although we will also rely on contract, legal obligation and consent for specific uses of data.
We will rely on legal obligation if we are legally required to hold information on you to fulfil our legal obligations.
We will in some circumstances rely on consent for particular uses of your data and you will be asked for your express consent, if legally required. Examples of when consent may be the lawful basis for processing include permission to introduce you to a client (if you are a candidate) or if we need to process ‘special categories’ of personal information.
Should we want, need or rely on consent to lawfully process your data we will request your consent orally, by email, or by an online process for the specific activity that we require consent for and record your response on our system. Whenever necessary an subject to statutory record-keeping requirements. Sustain will delete and/or anonymise Personal Data that is no longer needed. If there has not been any recent activity between yourself and Sustain, we may delete your profile after a reasonable time in compliance with the GDPR legislation.
In further detail, Sustain will process your Personal Data for the following purposes:
Communicating with you, in context of recruitment activities, such as:
To obtain additional information where necessary;
To inform you of available vacancies and relevant industry news;
To provide you with the information relating to your application and to fulfil your requests.
Managing recruitment and resourcing activities:
Including activities related to organisational planning. In the course of recruitment activities, we may use your information:
To set up and conduct interviews and assessments;
To evaluate, select and recruit applicants;
To conduct background and credit checks and assessments as required or permitted by applicable local law;
To contact third party references provided by you to evaluate your previous performances;
Or as otherwise necessary in context of recruitment services.
Develop of services:
We may use your Personal Data to develop and improve our recruitment processes, websites and other related services. Where feasible, we use aggregated anonymous information in context of development activities.
Legal and regulatory compliance:
Including obtaining and releasing Personal Data as required by law, judicial organisations or practice in order to comply with legal obligations imposes on us.
Transfer of your Personal Data:
Sustain will not sell, lease , rent of otherwise disclose your Personal Data unless you have given explicit consent. Sustain may share your Personal Data if you have given your informed consent for Sustain to do so.
We do not undertake automated decision making or profiling. We do however, use our systems to search and identify personal data in accordance with the parameters set by a person. A person will always be involved in the decision making process.
Transfer outside the EEA:
We may inform you from time to time pass your personal data to clients outside the EEA if you have given your explicit consent for us to do so in relation to a role. No personal information is otherwise stored outside of the EEA.
Security and controlling your personal information:
We are committed to ensuring that your information is secure although unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site’ any transmission is at your own risk. Once we have received your information, in order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We take reasonable steps to keep the Personal Data we possess accurate and to delete incorrect or unnecessary Personal Data. With respect to the processing of your Personal Data, you will always have the rights as provided by applicable local law. In addition, this Policy provides you with the right to know what Personal Data we hold about you; to request incomplete, incorrect, unnecessary or outdated personal data deleted or updated as well as to object to Sustain’s processing of your Personal Data on compelling legitimate grounds. There may be certain categories of information prescribed by applicable local law that Sustain may lawfully withhold.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about roles and market information which we think you may find interesting if you consent for Sustain to do so.
Retention of your data:
We understand our legal duty to retain accurate data and only retain personal data for as long as we need it for our legitimate business interests and that you are happy for us to do so. Accordingly, we will re-assess our ‘Legitimate Interests Needs Balancing Act’ on a yearly basis and run data routines to remove data that we have no longer have a business interest in maintaining.
We segregate our data so that we keep different types of data for different time periods. The criteria we use to determine whether we should retain your Personal Data include:
The nature of the Personal Data;
It’s perceived accuracy;
Our legal obligations;
Whether an interview or placement has been arranged; and
Our recruitment expertise and knowledge of the industry by country, sector and job role.
We may archive part or all of your personal data or retain it on our financial systems only, deleting all or part of it from our main Customer Relationship system. We may pseudonymise arts of your data, particularly following a request for suppression or deletion of your data, to ensure that we do not re-enter your personal data on to our database, unless requested to do so.
For your information, Pseudonymised Data is created by taking identifying fields within a database and replacing then with artificial identifiers or pseudonyms.
You may choose to restrict the collection or use of your personal information in the following ways:
Whenever you are asked to fill in a form om the website, look for the box that you can click to indicate what you would like your Personal Data to be processed for;
If you have previously agreed to Sustain using and or storing your personal information you may change your mind at any time by writing to or emailing us at email@example.com or in writing to Sustain Recruitment Ltd. 51-52 Calthorpe Road, Edgbaston, Birmingham B15 1TH.
Under the GDPR and Sustain policies and procedures you have the right to:
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal information to another party in certain formats, if practicable.
The Data Protection Act 1998 and the GDPR give you the right to access information held about you. We also encourage you to contact us to ensure your data is accurate and complete. For any of the above please write to Sustain Recruitment Ltd. 51-52 Calthorpe Road, Edgbaston, Birmingham B15 1TH or email firstname.lastname@example.org If you believe any of the information we are holding on you is incorrect or incomplete, please write or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Sustain may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 22nd May 2018.