Who is responsible for your personal data?
Ginger Recruitment Services Limited, a company registered in England a Wales (Registration number 9017439) is registered as a data controller in the United Kingdom for the purposes of the Data Protection Act 1998 or any subsequent UK legislation resulting from EU General Data Protection Regulations (GDPR.)
We are a recruitment agency and recruitment business as defined in the Employment Agencies and Employment Businesses Regulations 2003.
Where is your personal data stored?
All the personal data we have is stored in our database in the UK.
It may be processed by staff operating outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, our recruitment services and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. Ginger Recruitment will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice.
The information we collect and how we use it
We collect information that you give us when applying for vacancies, filling in forms on our website (www.ginger-recruitment.co.uk ), subscribe to our services, attend our events, participate in a survey or by corresponding with us by phone, e-mail or otherwise.
Your personal details may include your name, address, e-mail address and phone number; financial information; compliance documentation and references verifying your right to work in the United Kingdom, and/or your qualifications and experience; curriculum vitae; and links to your professional profiles available in the public domain e.g. LinkedIn, Twitter, business Facebook or corporate website.
This information is held and used by us for the following purposes:
– For matching your skill sets with relevant job vacancies, to assist us in finding you the position that most suits you.
– To keep you informed of relevant opportunities as they arise.
– To put forward your details to our clients and prospective employers for you to be considered for vacancies
– For keeping you informed of company services, news and insight related to your specialisms when you have granted us permission to do so.
– To improve our customer service and make our services more valuable to you.
– To notify you about upcoming HR events when you have granted us permission to do so.
Information we obtain from other sources
This is information we obtain about you from other sources such as LinkedIn, job board websites, online CV libraries, your business card, or personal recommendations. In this case we will inform you, by sending you this privacy notice, within a maximum of 30 days of collecting the data of the fact we hold personal data about you, the source the personal data originates from and whether it came from publicly accessible sources, and for what purpose we intend to retain and process your personal data.
Disclosure of your information
Your CV and related information will be shared or sent to prospective employers (our clients). If you secure a new role through Ginger Recruitment, additional information will need to be provided to them to enable the placement to proceed.
We will share your information with selected third parties including:
– Recruitment software tool Influence.
– The third party outsourced Payroll supplier, Haworths Chartered Accountants (if you are employed on a temporary basis).
– Government or law enforcement authorities if we are under a legal obligation to do so.
Retention of your data
We understand our legal duty to retain accurate data and only retain personal data for as long as we need it for our legitimate business interests and that you are happy for us to do so.
We segregate our data so that we keep different types of data for different time periods. The criteria we use to determine whether we should retain your personal data include:
– The nature of the personal data.
– Our legal obligations.
– It’s perceived accuracy.
– Whether an interview or placement has been arranged; and our recruitment expertise and knowledge of the industry by country, sector and job role.
Depending upon the criteria used as to whether we should retain your information we may:
– Retain all your personal data on our main Customer Relationship Manager (CRM) system and financial systems.
– Archive all or part of your personal data from our main Customer Relationship Manager (CRM) system;
– Retain your personal data on our financial systems only.
– Pseudonymise* parts of your data, particularly following a request for suppression or deletion of your data, to ensure that we do not re-enter your personal data on to our database unless requested to do so.
– Remove all your personal data on our main Customer Relationship Manager (CRM) system and financial systems.
*For your information, Pseudonymised Data is created by taking identifying fields within a database and replacing them with artificial identifiers, or pseudonyms.
What are your rights?
You have the right to ask us not to process your personal data for marketing purposes. From May 25th, 2018 we will always obtain your consent before we use your data for such purposes. You can exercise your right to accept or prevent such processing by checking certain boxes on the forms we use to collect your data.
You have the right to request information about the personal data we hold on you at any time. If you would like to make a request for information please email firstname.lastname@example.org
You have the right to request modifications, updates or removal of your data. We may ask you to verify your identity and for more information about your request.
How do we protect your personal data?
We endeavour to take all reasonable steps to protect your personal data but cannot guarantee the security of any data you disclose online. You accept the inherent security implications of sending information over the Internet and will not hold us responsible for any breach of security unless we have been negligent.
All information you provide to us is stored on our secure password and robust firewall-protected systems. We have company policies in place with regular reminders about not clicking on potentially malicious links or attachments to ensure risk from phishing and other malware is minimal.