Welcome to Personnel Selection’s Privacy Policy.
Personnel Selection specialises in the provision of recruitment services for companies and professionals at all levels.
In this policy, references to Personnel Selection, “we”, “us” or “our” means Personnel Selection Associates Limited, a company registered in England and Wales under No. 1002037. Our registered office is at 3 High Street, Woking, Surrey GU21 6BG.
References to “you”, “yours” means you.
For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”),we are a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. You are a “data subject”, which means that you benefit from certain privacy rights as an individual.
Who does this Policy apply to?
- This Privacy Policy applies to the personal data of our website users, candidates, clients, suppliers, and other people whom we may contactin order to find out more about our candidates or whom they indicate is an emergency contact. It also applies to the emergency contacts of our staff. To be clear, if you are a member of Personnel Selection staff, you should refer to the Personnel Selection Staff Privacy Policy which is available on the Personnel Selection intranet.
What is the Purpose of this Policy?
- This Privacy Policy explains what we do with your personal data, whether we are in the process of helping you find a job, continuing our relationship with you once we have found you a role, providing you with a service, receiving a service from you, using your data to ask for your assistance in relation to one of our candidates, or you are visiting our website.
- It describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.
- The data protection law in the UK changed on 25 May 2018, and although this privacy notice sets out most of your rights under the new laws, we might update the notice from time to time to take new guidance, rules, regulations and best practice into account. Please just visit our website if you want to stay up to date, as we will post any changes on here.
Our Commitment to the Data Protection Principles
We will comply with data protection law and principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
What kind of personal data do we collect?
- Candidate data: In order to provide the best possible employment opportunities that are tailored to you, we need to process certain information about you. We only ask for details that will genuinely help us to help you, such as your name, age, contact details, education details, employment history, emergency contacts, immigration status, financial information (where we need to carry out financial background checks), and social security number (and of course you may choose to share other relevant information with us). Where appropriate and in accordance with local laws and requirements, we may also collect information related to your health, diversity information or details of any criminal convictions.
- Client Data:If you are a Personnel Selection customer, we need to collect and use information about you, or individuals at your organisation, in the course of providing you services such as: (i) finding candidates who are the right fit for you or your organisation; (ii) providing you with a Managed Service Provider (“MSP”) programme (or assisting another organisation to do so); (iii) providing you with Recruitment Process Outsourcing (“RPO”) services (or assisting another organisation to do so); and/or (iv) notifying you of content published by Personnel Selection which is likely to be relevant and useful to you.
- Supplier Data:We need a small amount of information from our suppliers to ensure that things run smoothly. We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).
- People whose data we receive from candidates and staff, such as referees and emergency contacts:In order to provide candidates with suitable employment opportunities safely and securely and to provide for every eventuality for them and our staff, we need some basic background information. We only ask for very basic contact details, so that we can get in touch with you either for a reference or because you’ve been listed as an emergency contact for one of our candidates or staff members.
- Website Users: When you visit our website, we may collect certain data from you. This may include identity data such as your first name, last name, username or similar identifier, title, job role or position held and any contact data you submit to us via the website, which includes postal address, email address and telephone numbers, (as well as professional contact details). We may also collect technical data including internet protocol (IP) address, time zone setting and location, operating system and platform and other technology on the devices you use to access our website. The technical information we obtain from your use of our website will not usually contain your personal data and any technical information collated will not usually identify you personally, however, our website does use cookies, and further information on this is set out below.
Information for Website Users about Cookies
- What are cookies and how do we use them?
A “cookie” is a bite-sized piece of data that is stored on your computer’s hard drive. They are used by nearly all websites and do not harm your system.
We use them to track your activity to help ensure you get the smoothest possible experience when visiting our website. We can use the information from cookies to ensure we present you with options tailored to your preferences on your next visit.
We can also use cookies to analyse traffic and for advertising purposes.
In most cases we will need your consent in order to use cookies on our website, and you can do this by clicking the “I accept” box contained in the banner on our website.
The exception is where the cookie is essential in order for us to provide you with a service you have requested (e.g. to be able to use some of the operational functions on our website).
A List of Cookies that we use on our website is available on request.
- ThirdParty cookies
Sometimes, third parties (such as social media providers) can place cookies on websites to track their subscribed users. This is not something that we authorise, but should this occur, these third parties are responsible for the cookies they set on our website. If you want further information, please check the website of any social media accounts you hold and review your settings. More information will be provided on the website of the relevant third party.
- How to reject cookies
If you don’t want to receive cookies that are not strictly necessary to perform basic features of our site, you may choose to opt-out by changing your browser settings. For further information about cookies and how to disable them please go to the Information Commissioner’s webpage on cookies: https://ico.org.uk/for-the-public/online/cookies/.
Information about Criminal Convictions and Candidates
If we process information about our candidates’ criminal convictions, we only do this for specific roles, as requested by our clients.Pursuant to contractual obligations with our clients in some instances, we (or our clients) need to carry out a criminal records check in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the role at our client. In particular where:
- The role is one which is listed on the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975 (SI 1975/1023) and/or is also specified in the Police Act 1997 (Criminal Records) Regulations (SI 2002/233) so is eligible for a standard or enhanced check from the Disclosure and Barring Service.
- The role requires a high degree of trust and integrity since it involves dealing with high value client money and so we would like to ask you to seek a basic disclosure of your criminal records history.
We only ever collect and process such data in accordance with safeguards which we are required by law to maintain when processing such data.
How do we use your personal data?
Candidate Data: The main reason for using your personal details is to help you find employment or other work roles that might be suitable for you and to provide you with recruitment services. This includes processing your personal information to allow to:
- Assess your skills, qualifications, and suitability for the work, role and in accordance with our clients’ requirements.
- Carry out background and reference checks, where applicable, and if so requested by our clients pursuant to their instructions for staffing the role.
- Communicate with you about the recruitment process.
- Keep records related to our selection processes and successful recruitments or placements at our clients.
- Comply with legal or regulatory requirements.
The more information we have about you, your skillset and your ambitions, the more bespoke we can make our service. Where appropriate and in accordance with local laws and requirements, we may also use your personal data for things like marketing, profiling and diversity monitoring. We will never undertake automated profiling decisions without your consent or without allowing you to challenge any results.
More information about the lawful bases for processing your personal data is set out at
Schedule 1.
Client Data: The main reason for using information about Clients is to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly. We will therefore process information about our clients as follows:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
For example, this may involve: (i) identifying candidates who we think will be the right fit for you or your organisation; (ii) providing you with an MSP programme (or assisting another organisation to do so); and/or (iii) providing you with RPO services (or assisting another organisation to do so). The more information we have, the more bespoke we can make our service.
The lawful bases for processing your personal data include to perform or enter into a contract with you, where it is necessary for our legitimate interests, or pursuant to a legal obligation we must comply with. Please see the Glossary at Schedule 2 for a description of these bases.
Supplier Data: The main reasons for using your personal data are to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly, and to comply with legal requirements.
The lawful bases for processing your personal data include to perform or enter into a contract with you, where it is necessary for our legitimate interests, or pursuant to a legal obligation we must comply with. Please see the Glossary at Schedule 2 for a description of these bases.
People whose data we receive from candidates and staff, such as referees and emergency contacts: We use referees’ personal data to help our candidates to find employment which is suited to them. If we are able to verify their details and qualifications, we can make sure that they are well matched with prospective employers. We may also use referees’ personal data to contact them in relation to recruitment activities that may be of interest to them. We use the personal details of a candidates or staff member’s emergency contacts in the case of an accident or emergency affecting that candidates or member of staff .
The lawful bases for processing your personal data include where it is necessary for our legitimate interests, or pursuant to a legal obligation we must comply with. Please see the Glossary at Schedule 2 for a description of these bases.
Who do we share your personal data with?
- Candidate Data:We will only share your personal information with our clients for the purposes of processing your application. Primarily this means we will share your information with prospective employers to increase your chances of securing the job you want. We will only ever share this information with your consent.
Other third parties might involve IT service providers or CRM systems, data storage or hosting providers, or accounts departments in the event of contract placements (in this case, we will ensure that data is encrypted or anonymised to protect your privacy rights). In this case, all our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies.
We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions. This also goes for our clients.
Unless you specify otherwise, we may also share your information with any of our group companies and associated third where we feel this will help us to provide you with the best possible service or where we are required to do so pursuant to a legal obligation.
- Client Data:We will share your data with candidates, specific third parties such as lawyers, tax administration, auditors and accountants and suppliers such as data centres, cloud storage, IT service providers, e-mail providers and data base managements systems (in this case, we will ensure that data is encrypted or anonymised to protect your privacy rights).
The reasons we share your data is: (i) primarily to ensure that we provide you with a suitable pool of candidates; (ii) to provide you with an MSP programme (or assist another organisation to do so); and/or (iii) to provide you with RPO services (or assist another organisation to do so). Unless you specify otherwise, we may share your information with any of our group companies and associated third parties to help us meet these aims or because we have a legal obligation to do so.
- Supplier Data:Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers and organisations to whom we provide services, including lawyers, tax administration, auditors and accountants and suppliers such as data centres, cloud storage, IT service providers, e-mail providers and data base managements systems (in this case, we will ensure that data is encrypted or anonymised to protect your privacy rights).
- People whose data we receive from candidates and staff, such as referees and emergency contacts:Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers and organisations to whom we provide services, including lawyers, tax administration, auditors and accountants and suppliers such as data centres, cloud storage, IT service providers, e-mail providers and data base managements systems (in this case, we will ensure that data is encrypted or anonymised to protect your privacy rights).
How do we safeguard your personal data?
We care about protecting your information. This is whywe have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so
How long do we keep your personal data for?
If we have not had meaningful contact with you (or, where appropriate, the company you are working for or with) for a period of two years, we will delete your personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it (for example, because of our obligations to tax authorities or in connection with any anticipated litigation).
International Transfers
From time to time, we may transfer your personal data outside the European Economic Area (EEA) from time to time, such as when using CRM systems, cloud storage, email services or data centres, or when providing your contact details to candidates or clients or other suppliers or vendors who may be based outside of the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to your personal data by ensuring that at least one of the following safeguards is implemented, in the absence of a ruling from the European Commission that such a non-EEA country affords adequate data protection to you:
- We may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we make transfers to the US or Switzerland, we may transfer data to third parties if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US and Switzerland.
How can you access, amend or take back the personal data that you have given to us?
Even if we already hold your personal data, you still have various rights in relation to it. To get in touch about these, please contact us. We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of any applicable laws. Please note that we may keep a record of your communications to help us resolve any issues which you raise.
You will usually not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
- Right to object:If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.
- Right to withdraw consent:Where we have obtained your consent to process your personal data for certain activities (for example, for profiling your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.
- Data Subject Access Requests (DSAR):Just so it’s clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or deletesuch information. At this point we may comply with your request or, additionally do one of the following:
– we may ask you to verify your identity, or ask for more information about your request; and
– where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.
- Right to erasure:In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data but will generally assume that you would prefer us to keep a note of your name on our register of individuals who would prefer not to be contacted.
That way, we will minimise the chances of you being contacted in the future where your data are collected in unconnected circumstances. If you would prefer us not to do this, you are free to say so.
- Right of data portability:If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.
- If your interests or requirements change,you can unsubscribe from part or all of our marketing content (for example job role emails or Personnel Selection newsletters/mailers) by clicking the unsubscribe link in the email, or by updating your preferences through our preference centre on the Personnel Selection website (by signing into your account or entering your email address).
If you are not satisfied
If you are dissatisfied with any aspect of our Privacy Policy or how we handle your personal data, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
We would, however, appreciate the chance to deal with your concerns in the first instance, as our aim is to always provide excellent customer service and to resolve any issues amicably, so please do not hesitate to contact us in the event of any issue, which can be referred to the ICO if you are not happy with the handling or outcome. You may contact us: Personnel Selection, 3 High Street, Woking, Surrey GU21 6BG.
Schedule 1 – Candidates – Lawful Bases for Processing your Personal Data
CONSENT OR LEGITIMATE INTERESTS
For more information about Legitimate Interests, please see the Glossary at Schedule 2 below.
The basis on which we process your personal data depends on how we got in touch with you.
DIRECT APPLICANT
If you provided us with your personal data directly, for example, by email or via our website, you provided consentto us processing your personal information for the purposes of providing recruitment services.
You have the right to withdraw your consent for processing for that purpose at any time.
To withdraw your consent, please contact admin@persel.co.uk. Once we have received notification that you have withdrawn your consent, we will no longer process your application and we will dispose of your personal data securely.
JOB BOARD OR VIA SOCIAL MEDIA
In the event that you posted your details on a job board or on social media with the “Visible to Recruiters” option ticked, we follow the guidance provided by Information Commissioner (the UK Data Protection Supervisor or ICO). We therefore consider that the lawful basis for processing personal data in this situation, on behalf of you, us as a recruitment agency and for our clients is in everyone’s legitimate interests.
In this instance, we consider that it is fair to consider that when doing so, you clearly expect that recruitment agencies, such as us, would access your data on behalf of our clients.
We consider that our legitimate interests as a recruitment agency and those of our clients to fill vacancies are not out of balance with your interests or rights as an individual. We consider that in this instance, our legitimate interests are likely to align with yours, as the aim is to find a new job or assignment.
However, if an individual has not selected the “Visible to Recruiters” option, then we will never assume that those individuals wish to be contacted for work and we will only contact those individuals in line with rules on direct marketing and e-privacy, and will seek the consent of those individuals before we add their details to our database.
Schedule 2 – Glossary
LAWFUL BASIS
Legitimate Interestmeans the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contractmeans processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligationmeans processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Issued May 2018