Privacy & Data Policy
This statement, together with our Terms & Conditions of access sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Why do we have a ‘Privacy & Data Policy’ and a ‘Cookies Policy’?
Gerrell & Hard Ltd is committed to privacy for everyone who accesses the site. These policies describe how we collect and use personal information about you during and after your working relationship with us, in accordance with the General Data Protection Regulation (GDPR) as updated from time to time. The Regulation aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which commercial organisations can legally operate. This policy applies to all clients, candidates and contractors.
We will comply with data protection law. This says that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way
- Collected only for valid purposes that we have clearly explained to you
- Relevant to the purposes we have told you about and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes we have told you about
- Kept securely
Who is the controller of the data provided?
Gerrell & Hard Ltd is registered as a Data Controller in the United Kingdom for the purposes of the General Data Protection Regulation (Regulation (EU) 2016/679) (the GDPR).
What sort of data do we collect?
Gerrell & Hard Ltd may collect, store and process the following categories of data:
1. Personal data you give us
You may give us personal data by filling in forms on our site or by corresponding with us by phone, e-mail or by other means. This includes information you provide when you register to use our site, subscribe to our services or submit your CV to us.
Here are some examples of the type of personal data you may give us:
- personal contact details such as name, title, addresses, telephone numbers, and personal email addresses
- date of birth
- nationality (which we are required to obtain by law)
- education and qualifications;
- bank account details, payroll records and tax status
- recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process)
- details of your interest in and connection with the intermediary through which your services are supplied.
2. Sensitive personal data
We may collect and process special category or ‘sensitive personal data’. This is strictly only when necessary to ensure we conform to legal or contractual requirements, such as equal opportunities laws or obligations imposed upon us by our clients (to enable them to comply with their own legal requirements). We must have and will obtain your explicit consent to collect and store such data. Special category data is any of the following:
- information about your race or ethnicity, religious beliefs, health or sex life, sexual orientation and political opinions
- trade union membership
- information about criminal convictions and offences
3. Information automatically collected
We may also collect the following type of personal data when you visit our site:
- technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full uniform resource locators (URL) clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our consultants.
For more information about the data we collect from you when you visit our website please review our Cookies policy which can be found below.
4. Personal data we receive from other sources
We may receive personal data about you if you use any of the other sites we operate or the other services we provide. We also work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, and credit reference agencies) and may receive information about you from them.
We use LinkedIn and job boards and their affiliate partners as publicly available sources of personal data for recruitment purposes. We may also receive information about you by word of mouth, for example by a recommendation from a friend, former or current employers or former or current colleagues.
How will we use your personal data?
We will only use your personal data when the law allows us to. Most typically, we will use your personal data in the following circumstances:
- to make it available to our consultants in connection with the recruitment process
- if you have applied for a job the information you provide, including your CV identifying you by name, will be used to determine your suitability for the position and, if applicable, in determining terms of employment or engagement
- in management information used to monitor recruitment initiatives and equal opportunities policies
- if your application is progressed further, details may be disclosed to third parties (such as educational institutions, present and past employers, our employees and directors, credit reference agencies, insurance companies etc.) for reasons such as the verification of, or obtaining extra, information or providing you with a quote for insurances should this be required
- for the purposes of ensuring the validity of right to work documents and other ID your details may be disclosed to an identity verification company who will conduct a soft credit check as part of the verification. This check, although present on your credit file, will not affect your credit score
- if your application is unsuccessful, we may try to find you employment or work with alternative clients and may, therefore, disclose your details to other prospective employers and clients in connection with the recruitment process (which for these purposes includes the process of gaining employment and any ongoing administrative process involved, unless you tell us otherwise)
- if required by law or for the purposes of our business requirements (e.g. to auditors or third party service suppliers)
- to provide you with information about other services and opportunities we offer that are similar to those that you have already enquired about
- to contact you about industry and sector specific information that might be of interest to you
- to deal with legal disputes involving you, or other employees, workers, contractors or clients, including accidents at work
- to notify you about changes to our service
- to pay you
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer
- to personalise the content displayed on our website in order to present you with more relevant jobs and content based on your interests
- as part of our efforts to keep our site safe and secure
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you
- to make suggestions and recommendations to you and other users of our site about services that may interest you or them
How will we share or disclose your personal data?
Most typically, we may share your personal data with selected third parties that may include:
- prospective employers and/or clients for the purposes of assessing your suitability, even where those prospective employers and/or clients wish to remain anonymous until later in the recruitment process
- relevant third party partners, including job boards and payroll service providers
- insurance companies that require the data to contact you with a quote for business insurances
- identity verification companies for the purpose of validating right to work documents and ID documents
- analytics and search engine providers, some of which may be overseas, that assist us in the improvement and optimisation of our site and with the verification of placements
Our legal basis for using your personal data
For prospective candidates, candidates, contractors, referees and clients, we will only collect, store, use, process, transfer and disclose personal data in so far as it is necessary for our legitimate interests in that we need the information in order to assess suitability for potential roles, to find potential candidates and to contact clients and referees.
For clients we may also rely on the need for us to perform a contract for you, for example in contacting you to discuss relevant vacancies and suitable candidates.
In the event that we need to collect and hold sensitive personal data about you we always ask for your consent before undertaking such processing.
How long do we keep your personal data?
We keep your personal data in accordance with the following data retention periods:
Candidate personal data – 5 years since the last contact with you. Contact means addition of your personal data to our database, placement into a role or there is a record of verbal or written communication with you.
Contractor financial data – 7 years following the last payment made.
We will permanently erase your personal data once it reaches the end of its retention period or where we receive a valid request from you to do so. Any traces of your data that still exist within our systems will be put beyond use meaning that it cannot be readily accessed by operational systems, processes or staff.
Where is your personal data stored?
All information you provide to us is stored on our secure servers and is adequately protected using the latest industry technology.
We will do our upmost to protect your personal data. Note though that the transmission of information via the internet is not 100% secure and as such we cannot guarantee the security of your data transmitted to our site or to our business; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, misuse or loss.
If you suspect any unauthorised access to or misuse or loss of your data, please contact us immediately using our contact details within ‘Contact' section below.
Use of automated profiling tools
We do not carry out any automated profiling in our recruitment process.
Transfer of data outside of the EEA
Your personal data may be transferred internationally in the following circumstances:
- to third parties (such as advisers or other suppliers to our Group);
- to overseas clients;
- to clients within your country who may, in turn, transfer your data internationally; and
- to a cloud-based storage provider.
We want to make sure that your personal data is stored and transferred in a way which is secure. We will therefore only transfer data outside of the EEA where it is necessary, compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, for example:
- by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission for the transfer of personal data by data controllers in the EEA to data controllers and processors in jurisdictions without adequate data protection laws
- by signing up to the EU-U.S. Privacy Shield Framework for the transfer of personal data from entities in the EU to entities in the United States of America or any equivalent agreement in respect of other jurisdictions
- transferring your data to a country where there has been a finding of adequacy by the European Commission in respect of that country's levels of data protection via its legislation
- where it is necessary for the conclusion or performance of a contract between ourselves and a third party and the transfer is in your interests for the purposes of that contract
- where you have consented to the data transfer
Access to your data and your rights
Under certain circumstances by law you have the right to:
- request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request erasure of your personal information. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
- object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes;
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it; and
- request the transfer of your personal data to another party.
If you want to verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us using firstname.lastname@example.org.
You also have the right to:
- request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
If you want to access your personal data, please email email@example.com detailing what information you require, and confirming your full name and postal address as a way of confirming your identity.
We will confirm with you what the response date will be, which will usually be within 30 days. We are entitled to refuse the request if it is deemed excessive or a repetition of a previous request.
If you wish to make a complaint to a supervisory body, which in the United Kingdom is the Information Commissioner’s Office, the ICO can be contacted through this link: https://ico.org.uk/concerns
How do we let you know if our policy changes?
Any policy changes, either due to business reasons or future changes in legislation, will be posted on this page or, if substantial, may be promoted on the website or through e-mail notification.
Links to other sites
Our site may, from time to time, contain links to other sites. If you follow a link to any of these sites, please note that these sites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential.
We use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit http://www.aboutcookies.org for detailed guidance.
The list below describes the cookies we use on this site and what we use them for. Currently we operate an ‘implied consent’ policy which means that we assume you are happy with this usage. If you are not happy, then you should either not use this site, or you should delete the cookies having visited the site, or you should browse the site using your browser’s anonymous usage setting (called “Incognito” in Chrome, “InPrivate” for Internet Explorer, “Private Browsing” in Firefox and Safari etc.)
How to disable Cookies
All modern browsers allow you to change your cookie settings. These settings will typically be found in the ‘options’ or ‘preferences’ menu of your browser.
First Party Cookies
These are cookies that are set by this website directly.
You can find out more about Google’s position on privacy regarding its analytics service at http://www.google.co.uk/intl/en/analytics/privacyoverview.html.
Third Party Cookies
These are cookies set on your machine by external websites whose services are used on this site. Cookies of this type are the sharing buttons across the site allow visitors to share content onto social networks. Cookies are currently set by LinkedIn, Twitter, Facebook and Google+. In order to implement these buttons, and connect them to the relevant social networks and external sites, there are scripts from domains outside of our website. You should be aware that these sites are likely to be collecting information about what you are doing all around the internet, including on this website.
You should check the respective policies of each of these sites to see how exactly they use your information and to find out how to opt out, or delete, such information.
We use a session cookie to remember your log-in details for you. These we deem strictly necessary to the working of the website. If these are disabled then various functionality on the site will be broken, including the ability to log-in.
Flash cookies may be used to store user preferences for media player functionality and without them some flash content may not render correctly.