Wynne Consulting Privacy Policy
Data controller: Wynne Consulting, Centurion House, Centurion Way, Farington. PR25 3GR
Data protection officer: Simon Wynne, Managing Director. 03707 520025
Definitions and Interpretation:
In this policy document the following definitions apply:
“the Company” means Wynne Consulting Limited (registered company no. 5215518), the brand Wynne Search or any of its associated or subsidiary companies or divisions.
“Candidate” means anyone under consideration or in present or previous contact with the company regarding a job opportunity.
“Client” means anyone who is a present or previous customer, prospective customer or client and anyone to whom the company provides services or prospective services.
“General Data Protection Regulation (GDPR)” means an EU law effective from 25 May 2018.
Introduction:
As part of our normal business activities, the company collects and processes personal data relating to candidates or clients. The company is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations. This Privacy Policy details how we obtain, store and handle personal data and how we comply with data protection laws.
This Privacy Policy applies to both the UK & EU countries. As a business we operate throughout the world but irrespective of the regional differences; we will always handle any data as detailed in this Privacy Policy. We may change this Privacy Policy occasionally. Any changes will be posted here.
What information does the company collect?
Candidate:
The company collects a range of information about you. This is provided directly by you to us on a voluntary basis. This includes:
- your name, private, work address and contact details including email addresses and telephone numbers;
- if applicable details of your qualifications, skills, experience and employment history; this is usually in the form of a CV and any further details.
- If applicable information about your current level of remuneration, including benefit entitlements;
- If applicable information about your entitlement to work in the UK; and
This information is primarily collected by way of you sending us your CV and any “follow-up” e-mails you may send us in answer to specific questions that we may ask. The company may also collect this information in a variety of different ways. For example, data might be contained in application forms, obtained from your passport or other identity documents you provide or collected through interviews or other forms of assessment including online tests when applicable.
The company may on occasion collect data about you from third parties. This is limited to referees supplied by former employers. This will only happen with your express permission where you have supplied us the name and contact details of a referee that you are happy for us to contact.
Client:
The company collects and uses information about you and others within your organisation so that we can provide our services. These services cover all manner of recruitment & HR, with the primary focus (but not limited to) the identifying and introducing of suitable candidates with the right skills & attributes for your organisation. This covers both specific roles and making you aware of specific individuals suited to your organisation when there is no defined role to fill.
Why does the company process personal data?
Candidate:
In order for the company to carry out its duties as a Recruitment Agency; the company has a legitimate interest in processing candidate data during any recruitment process and for keeping records of the process. Processing data from candidates allows the company to manage the recruitment process, assess and confirm a candidate’s suitability & motivation to work for any particular client and to administer any job offers.
In some cases, the company needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a prospective candidates’ eligibility to work in the UK.
The company may occasionally ask for your help identifying other candidates for particular roles that we are working on. In many of these instances, but not always the company will pay a referral fee for this assistance if it leads to a successful placement of a candidate with our client.
Client:
In order for the company to carry out its duties as a Recruitment Agency; the company has a legitimate interest in using client data so that our services can be provided to you on a day by day basis and in a professional manner. This data is limited to individual names, job titles, work telephone numbers & work e-mail addresses.
Who do we share your personal data with?
Candidate:
Your information may be shared internally within the company to identify future career progression opportunities.
The company will share your data with clients related to specific or prospective job opportunities. The primary tool to share your career history is by way of a CV. Any further information that we are required to share with clients will be as part of an interview process and any subsequent job offer. We will always ask your permission to share your data and you are free to withdraw your consent at any time. If during the recruitment process we are required to obtain references from you, this will be on an “ad-hoc” basis and we will only seek references & make contact with your express permission. We do not check references as a matter of course.
The company will not transfer your data outside the European Economic Area unless the job role is outside of the EU.
Client:
Your information may be shared internally within the company in relation to our day-to-day business dealings; but your personal data is not shared outside of the employees and directors of the company.
Who has access to data?
Candidates & Clients:
Your information may be shared internally within the company during the normal course of it’s business.
The company will not share your data with third parties beyond information of your career history by way of a CV. Any further information that we are required to share with third parties will be as part of an interview process and any subsequent job offer. We will always ask your permission to share your personal data and you are free to withdraw your consent at any time. If during the recruitment process we are required to obtain references from you, this will be on an “ad-hoc” basis and we will only seek references & make contact with your express permission. We do not check references as a matter of course.
The company will not transfer your data outside the European Economic Area unless the job role is outside of the EU.
How does the organisation protect data?
Candidate & Client:
All Data will be stored in electronic form in a single secure, password protected location which is our in-house database. No external parties have access to our database other than the company directors and employees. There are no “hard copy paper” records of any description kept. The database is password protected & operates behind a “state of the art” I.T. firewall system. Only authorised employees of the company have access to this data and anybody with access to this data operates under a separate “Information Security & Data Protection Policy” which is a condition of employment and strictly controls and limits how this data can be used.
The company takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties. Your data is held in electronic form only, and is within a password protected, Firewall protected I.T. system with restricted user access. All users with access abide by our data protection policy.
How do I agree to allow the company to hold and use my data?
Candidate:
The company ask that all candidates agree to our “Candidate Agreement” document via return e-mail. This details that we will provide work finding services as an “Employment Agency” as detailed in the Employment Agencies Act 2003 and that you as a candidate authorise us to use your data as detailed in this document (Privacy Policy). In some instances, Candidates that have previously been on contact with us (i.e. they have sent us their CV voluntarily) we will use a “soft opt-in” consent. This is where we take your consent as given unless you opt-out. All of our marketing e-mails carry a clear, simple unsubscribe link to allow the user to “opt-out” of future correspondence at any time.
Client:
We appreciate many clients are very busy and “time poor”, so for ease we use a “soft opt-in” consent for client e-mails. This is where we send occasional e-mails to clients’ marketing highly relevant candidates specific to your niche market sector. This is providing that the client has not “opted-out” of these communications. All of our marketing e-mails carry clear information as to the individual, organisation & contact details of the sender. All of our marketing e-mails carry a clear, simple unsubscribe link to allow the user to “opt-out” of future correspondence at any time.
How long do we keep your data for?
Candidate:
Many of the successful placements we make are for candidates where we have maintained contact for a number of years. We will hold your data indefinitely but it is purely for internal use. Should a job opportunity arise we would always contact you to ascertain your interest levels and clarify whether you wish us to introduce you to our client. We do not share your data with a third party without your express permission.
Client:
We will retain your data indefinitely. You are free at any time ask us to delete your data as detailed within this Privacy Policy.
Our legal basis for processing your data
Legitimate Interests
Within the GDPR legislation Article 6(1)(f) states that we can process your data where it “is necessary for the purposes of the legitimate interests pursued by (the company) or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of you which require protection of personal data.”
On this basis the following descriptions of our activities relating to candidates and clients are justified as “legitimate interests”; however, you are able to object to us processing your data at any time.
Candidate:
We feel that it is entirely reasonable that if you have previously been in contact with us regarding specific or future career progression opportunities and have voluntarily sent us your CV; or that you have voluntarily posted your CV on a job board that you consent to us collecting and using your data to make contact with you in relation to career progression opportunities.
Client:
As a highly professional organisation, we retain data of individual contacts within your organisation and we record notes of conversations, meetings, job specifications and other relevant interaction with your client company. We will also occasionally market highly relevant candidates to you giving you the opportunity to recruit top talent relevant to your business.
Legal Claims & Legal Action
On occasion we could be required to process personal date relating to defending or actioning legal claims. Article 9(2)(f) of GDPR states processing “is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity”.
Website
Use of Cookies
Please refer to our Cookie Policy page.
Third Party Links
On occasion we include links to third parties on this website. Where we provide a link it does not mean that we endorse or approve that site’s policy towards visitor privacy. You should review their privacy policy before sending them any personal data.
Your rights
As a data subject, you have a number of rights. You can:
- access and obtain a copy of your data on request;
- require the company to change incorrect or incomplete data;
- require the company to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
- object to the processing of your data where the company is relying on its legitimate interests as the legal ground for processing.
- You have reason to believe misuse of your personal information
If you would like to exercise any of these rights, please contact Simon Wynne at Wynne Consulting, Centurion House, Centurion Way, Farington, Lancashire. PR25 3GR or by using info@wynneconsulting.co.uk
If you believe that the company has not complied with your data protection rights, you can complain to the Information Commissioner on 0303 123 1113 or by post at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Should you wish to update your marketing preferences you can e-mail us at info@wynneconsulting.co.uk or click the unsubscribe link in any e-mail that we send you.