Privacy Policy

Company Name: Recruitment Matters International Ltd (“the Company”)
Registered in England and Wales Company number: 06598305

Policy Name: Information Security and Data Protection

Date: 17th May 2018

Version: RMI/01

The General Data Protection Regulations 2018 – GDPR:

The Company processes personal data in relation to its own staff, training delegates and individual client contacts – therefore it is a “data processor” for the purposes of the General Data Protection Regulations 2018.

The Company holds personal data on individuals (“data subjects”) for the following general purposes:

  • Advertising, marketing and public relations.
  • Accounts and records.
  • Design, delivery and evaluation of learning and development programmes

 

The General Data Protection Regulations data principles:

The General Data Protection Regulations 2018 requires the Company as data processor to process data in accordance with the principles of data protection. Article 5 of the GDPR requires that personal data shall be:

  1. processed lawfully, fairly and in a transparent manner in relation to individuals;
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which they are processed, is erased or rectified without delay;
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

 

Personal data” means, any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

Processing” means obtaining, recording or holding the data or carrying out any operation or set of operations on the data. It includes organising, adapting and amending the data, retrieval, consultation and use of the data, disclosing and erasure or destruction of the data. It is difficult to envisage any activity involving data, which does not amount to processing. It applies to any processing that is carried out on computer including any type of computer however described, mainframe, desktop, laptop, iPad, Blackberry ® or other mobile device.

Personal data should be reviewed on a regular basis to ensure that it is accurate, relevant and up to date and those people listed in the Appendix shall be responsible for doing this.

 

Sensitive personal data:

Article 9 of the GDPR refers to sensitive personal data as “special categories of personal data”. The special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual.

Personal data in respect of the following is “sensitive personal data” and will not be gathered by the company unless in specific circumstances and not without prior consent. Any information held on any of these matters WILL NOT be passed on to any third party.

  • Any offence committed or alleged to be committed by them.
  • Proceedings in relation to any offence and any sentence passed.
  • Physical or mental health or condition.
  • Racial or ethnic origins.
  • Sexual life.
  • Political opinions.
  • Religious beliefs or beliefs of a similar nature.
  • Whether someone is a member of a trade union.

 

Information security:

From a security point of view, only those staff listed in the Appendix are permitted to add, amend or delete personal data from the Company’s database(s) (“database” includes paper records or records stored electronically). However all staff are responsible for notifying those listed where information is known to be old, inaccurate or out of date. In addition all employees should ensure that adequate security measures are in place. For example:

  • Computer screens should not be left open by individuals who have access to personal data.
  • Passwords should not be disclosed.
  • Email should be used with care.
  • Personnel files and other personal data should be stored in a place in which any unauthorised attempts to access them will be noticed. They should not be removed from their usual place of storage without good reason.
  • Personnel files should always be locked away when not in use and when in use should not be left unattended.
  • Any breaches of security should be treated as a disciplinary issue.
  • Care should be taken when sending personal data in internal or external mail.
  • Destroying or disposing of personal data counts as processing. Therefore care should be taken in the disposal of any personal data to ensure that it is appropriate. Such material should be shredded or stored as confidential waste awaiting safe destruction.

 

It should be remembered that the incorrect processing of personal data e.g. sending an individual’s details to the wrong person, allowing unauthorised persons access to personal data, or sending information out for purposes for which the individual did not give their consent, may give rise to a breach of contract and/or negligence leading to a claim against the Company for damages from an employee, work-seeker or client contact. A failure to observe the contents of this policy will be treated as a disciplinary offence.

 

Subject access requests:

Under the GDPR, individuals will have the right to obtain:

  • confirmation that their data is being processed;
  • access to their personal data; and
  • other supplementary information – this largely corresponds to the information that should be provided in a privacy notice (see Article 15)

Fees:

The company will provide a copy of the information free of charge, however, the company reserves the right to charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.

The company may also charge a reasonable fee to comply with requests for further copies of the same information, though there will be no charge for all subsequent access requests.

Any fee will be based on the administrative cost of providing the information.

Timescales:

Information will be provided without delay and at the latest within one month of receipt.

Where requests are complex or numerous the period of compliance will be extended by a further two months. If this is the case, the individual will be informed within one month of the receipt of the request with an explanation of why the extension is necessary

Where requests are manifestly unfounded or excessive, in particular because they are repetitive, the company will:

  • charge a reasonable fee taking into account the administrative costs of providing the information; or
  • refuse to respond.

Where response to a request is refused, a clear explanation will be given to the individual who will, within one month be informed of their right to complain to the supervisory authority and to a judicial remedy without undue delay.

APPENDIX:

List names of those responsible for adding, amending or deleting data; and responsible for responding to subject access requests

 

Ken Kemp; Julie Wigglesworth

Recruitment Matters International Ltd

Sleaford Station Business Centre

Station Road

Sleaford

Lincs NG34 7RG

 

E: info@recruitmentmatters.com

T:  +44(0) 1529 410586

 

Recruitment Matters International Ltd is registered for VAT in the United Kingdom: 714864521

Cookies In Use on This Site

Cookies and how they Benefit You

Our website uses cookies, as almost all websites do, to help provide you with the best experience we can.
Cookies are small text files that are placed on your computer or mobile phone when you browse websites

Our cookies help us:

  • Make our website work as you’d expect
  • Remember your settings during and between visits
  • Improve the speed/security of the site
  • Allow you to share pages with social networks like Facebook
  • Continuously improve our website for you
  • Make our marketing more efficient (ultimately helping us to offer the service we do at the price we do)

We do not use cookies to:

  • Collect any personally identifiable information (without your express permission)
  • Collect any sensitive information (without your express permission)
  • Pass data to advertising networks
  • Pass personally identifiable data to third parties
  • Pay sales commissions

You can learn more about all the cookies we use below

Granting us permission to use cookies

If the settings on your software that you are using to view this website (your browser) are adjusted to accept cookies we take this, and your continued use of our website, to mean that you are fine with this. Should you wish to remove or not use cookies from our site you can learn how to do this below, however doing so will likely mean that our site will not work as you would expect.

More about our Cookies

Website Function Cookies

Our own cookies

We use cookies to make our website work including:

  • Remembering your search settings
  • Remembering if you have accepted our terms and conditions

There is no way to prevent these cookies being set other than to not use our site.

Third party functions

Our site, like most websites, includes functionality provided by third parties. A common example is an embedded YouTube video. Our site includes the following which use cookies:

Disabling these cookies will likely break the functions offered by these third parties

Social Website Cookies

So you can easily “Like” or share our content on the likes of Facebook and Twitter we have included sharing buttons on our site.

Cookies are set by:

  • Twitter – Privacy Policy

The privacy implications on this will vary from social network to social network and will be dependent on the privacy settings you have chosen on these networks.

Visitor Statistics Cookies

We use cookies to compile visitor statistics such as how many people have visited our website, what type of technology they are using (e.g. Mac or Windows which helps to identify when our site isn’t working as it should for particular technologies), how long they spend on the site, what page they look at etc. This helps us to continuously improve our website. These so called “analytics” programs also tell us if how people reached this site (e.g. from a search engine) and whether they have been here before helping us to put more money into developing our services for you instead of marketing spend.

We use:

Turning Cookies Off

You can usually switch cookies off by adjusting your browser settings to stop it from accepting cookies (Learn how here). Doing so however will likely limit the functionality of our’s and a large proportion of the world’s websites as cookies are a standard part of most modern websites

It may be that you concerns around cookies relate to so called “spyware”. Rather than switching off cookies in your browser you may find that anti-spyware software achieves the same objective by automatically deleting cookies considered to be invasive. Learn more about managing cookies with antispyware software.

The cookie information text on this site was derived from content provided by Attacat Internet Marketing http://www.attacat.co.uk/, a marketing agency based in Edinburgh. If you need similar information for your own website you can use their free cookie audit tool.