We will aim to comply with the requirements of the GDPR to ensure that personal data provided to us is carefully processed.
Data protection compliance within the organisation is the responsibility of the Managing Director.
Personal data – what is collected and why
We will collect personal data as part of the human resources and organisation development services we deliver to clients and their employees, which may include recruitment processes covering external applicants. We will collect and process sensitive personal data only as is necessary and in compliance with all applicable legislation.
The data could include name, address, phone number, e-mail address, work and education history, health history, pay and benefits information, responses to and the results of assessments administered online or in person, and details of eligibility to work.
By applying for a role, candidates consent to us collecting and processing personal data supplied by them and to disclosing this information to prospective employers in connection with a recruitment process.
Personal data and third parties
As part of a recruitment process, we may pass personal data to prospective employers. Please note that as a result, covering letters and CVs may be transferred to the relevant employer, who may retain a copy of the documents or distribute them to third parties. Clients and their employees who may have access to personal information are required to keep the information confidential.
We do not share information with third parties for direct marketing purposes and will only disclose information to third parties if we are legally obliged to do so.
Safeguarding your data
The security of any personal data is extremely important to us and access is only provided to prospective employers as part of a recruitment process.
We will take all reasonable physical, electronic and administrative steps to safeguard personal data to protect it from loss, misuse, unauthorised use, access, inadvertent disclosure, alteration and destruction.
We will strive to protect all personal data, but it must be noted that despite reasonable precautions no data transmission or storage can be guaranteed to be 100% secure. Therefore, anyone disclosing any personal information to us online or otherwise, must understand that they do so at their own risk.
Storage of data
Information provided by clients or applicants will be stored in paper records or on computer systems in accordance with the Data Protection Act 1998.
Personal data will not be kept longer than is necessary for the purposes for which is was supplied. If you want to request that any of your personal data is deleted before that time then email email@example.com
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
If you want us to do this or if you want to exercise any of your rights with respect to the access, processing, accuracy, storage, deletion or any other aspects of your personal data then please write to the Managing Director at firstname.lastname@example.org
If you make a request relating to your data protection rights, we will consider it in accordance with all applicable data protection laws and regulations. No administration fee will be charged unless the request is deemed to be excessive.
If you feel we have been unable to resolve your information rights concern, you can raise the matter directly with the Information Commissioner at:
Information Commissioner’s Office,