This Privacy Policy describes how we collect, use and process your personal data, whether we are in the process of helping you find a job, continuing our relationship with you once we have found you a role, providing you with a service, receiving a service from you or if you are visiting our website.

 

This Privacy Policy applies to the personal data of our:

Candidates 

Applicants for roles advertised or promoted by us, including permanent, part-time and temporary positions with Clients of Profile as well as people who have supplied a speculative CV to Profile not in relation to a specific job.

Clients 

Our customers, clients and prospective customers and clients to whom we provide or market our recruitment services in the course of our business.

Suppliers

Partnerships and companies (including sole traders) contractors and consultants, who provide services to Profile. The Supplier will be responsible for communicating this Privacy Policy to their or its employees.

Website

Users: any individual who accesses our website. It does not apply to PROFILE-TS staff and employees who will be issued with separate fair processing information. Our Data Protection Representative (DPR) can be reached at dataprotection@prco.com.

 

What kind of information do we collect?

Candidate data

Depending on the circumstances, we may collect some or all of the information listed below to enable us to offer you employment opportunities tailored to your circumstances and interests. This may include: your name, contact numbers, email addresses, curriculum vitae, photograph, education details, employment history, links to your professional profiles available in the public domain e.g. LinkedIn, Twitter, business Facebook or corporate website) immigration status, financial information (where we need it to carry out financial background checks or pay you), social security number and tax related information, referee details, details about your current remuneration, pensions and benefits arrangements and emergency contact details. 

In addition, you may choose to share other information with us that you think is relevant. Where appropriate or necessary (and in accordance with legal requirements) we may also collect information related to your health or details of any criminal convictions (where this is required for a role that you are applying for). We may ask you to provide diversity information (on a voluntary basis) for the reasons and in the circumstances set out below.

Finally, the building in which our office is located has CCTV installed and therefore if you visit us at our premises we may collect CCTV footage.

 

Client data

We collect your personal data (such as name and contact details) when we receive it directly from you such as where you contact us proactively (by phone, email, in person) or where you connect with our consultants on business networking sites or through our consultant’s business development activities more generally.

 

Supplier data 

We need a small amount of personal data to ensure our relationship with you runs smoothly such as contact details of relevant individuals at your organisation so that we can communicate with you.

 

Website users data

When you visit our website there is certain information that we may automatically collect, whether or not you decide to use our services. This includes your IP address, the date and the times and frequency with which you access the website and the way you browse its content. We will also collect data from you automatically via cookies in line with the cookie settings in your browser.  If you would like to know more about cookies including how we use them and the choices available please refer to the Cookies Policy (Link to Cookie Policy).

 

How do we collect personal data?

We collect information about Candidates when you register as a Candidate with Profile by completing the registration form on our website or by sending us your CV or by corresponding with our consultants by phone, e-mail or in person.

You may also provide us with your personal data when you use our website, subscribe to our services, participate in salary and other market surveys, attend our events, participate in discussion boards or other social media functions on our site, apply for jobs with us via a job board which then redirects you to our website and if you report a problem with our website.

 

How do we use your personal data?

We use Candidate data as follows:

  • Providing you with our recruitment services and to facilitate the recruitment process.
  • Sending your information to Clients (with your prior consent) in order to apply for jobs or to assess your eligibility for jobs.
  • Enabling you to submit your CV, apply online for jobs or to subscribe to alerts about jobs we think may be of interest to you.
  • Carrying out our obligations arising from any contracts entered into between us.
  • Carrying out our obligations arising from any contracts entered into between PROFILE-TS and third parties in relation to your recruitment.
  • Facilitating our payroll and invoicing processes (when PROFILE-TS is responsible for paying you).
  • Carrying out market surveys and market reports.
  • To request information (such as references, qualifications and potentially any criminal convictions, to the extent that this is appropriate and necessary with respect to roles you are applying for).
  • Complying with our legal obligations in connection with the detection of crime or the collection of taxes or duties.
  • From time to time, we may also ask you to undertake a customer satisfaction survey.
  • Sometimes it may be necessary for us to process personal data and, where appropriate and in accordance with local laws and requirements, special category personal data in connection with exercising or defending legal claims

 

To opt out, please contact dataprotection@prco.com. Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

 

Equal opportunities monitoring

We are committed to ensuring that our recruitment processes are aligned with our approach to equal opportunities.   We may ask you to provide personal data about your ethnic background, gender, disability, age, sexual orientation, religion or other similar beliefs in order that we can use this information on an anonymised basis - to monitor our compliance with our equal opportunities policy.

 

We may also disclose this anonymised data to Clients where this is contractually required or the Client specifically requests such information to enable them to comply with their own diversity goals and employment processes.

 

You will be asked to explicitly and clearly tell us that you agree to us collecting and using this information.  You have the right to withdraw your consent at any time, in which case we will cease to carry out the particular activity that you previously consented to unless we consider that there is an alternative reason to justify our continued processing of your data for this purpose in which case we will inform you of this condition.

 

Legal basis and legitimate business interests

Our legal basis for the processing of personal data is our legitimate business interests, although we will also rely on contract, legal obligation and consent for specific uses of data.

Our legal basis and legitimate interests to process personal data are described below:

  • Consent,should we want or need to rely on consent to lawfully process your data we will request your consent orally, by email or by an online process for the specific activity we require consent for and record your response on our system.  Where consent is the lawful basis for our processing you have the right to withdraw your consent to this particular processing at any time (as set out below).
  • In order to support our Candidates’ career aspirations and our Clients’ resourcing needs we require a database of Candidate and Client personal data containing historical information as well as current resourcing requirements.
  • As a recruitment business and recruitment agency we introduce Candidates to Clients for permanent employment, temporary worker placements or independent professional contracts.  The exchange of personal data of our Candidates and our Client contacts is a fundamental, essential part of this process.
  •  We think that it is reasonable to expect that if you are looking for employment or have posted your professional background and information on a job board or professional networking site which allows the public (including recruiters) to view your information - that you are happy for us to collect and otherwise use your personal data to offer or provide our recruitment services to you

We will disclose your personal information to third parties:

To whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.

 

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions of service and other agreements; or to protect the rights, property, or safety of PROFILE-TS our Candidates, Clients or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

 

Other third parties may include: Clients, other recruitment companies or intermediaries involved in managing the supply of personnel, sub-contractors of recruitment services, external-vetting bodies.

 

Disclosure of your information inside and outside of the EEA

  • We may share your personal information within our organisation both in the EEA and outside of the EEA and with selected third parties including:
  • Clients for the purpose of introducing Candidates to them.
  • Candidates for the purpose of arranging interviews and engagements with Clients.
  • Clients, business partners, suppliers and sub-contractors for the performance and compliance obligations of any contract we enter into with them or you.
  • Cloud based storage providers.
  • Subcontractors including email-marketing specialists, event organizers, payment and other financial service providers.
  • Credit reference agencies, our insurance broker, compliance partners and other sub-contractors for the purpose of assessing your suitability for a role where this is a condition of us entering into a contract with you.

Where a third party processes your personal data

  • The lawful basis for the third party processing will include:
  • Their own legitimate business interests in processing your personal data, in most cases to fulfil their internal resourcing needs.
  • Satisfaction of their contractual obligations to us as our data processor.
  • For the purpose of a contract in place or in contemplation.
  • To fulfil their legal obligations.

We require all third parties to respect the security of personal data and to treat it in accordance with the law. We do not allow third-party service providers with whom we may work to use your personal data for their own purposes and we only permit them to process your personal data for specified purposes and in accordance with our instructions.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection.

 

Data security

The transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.   Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.  All information you provide to us is stored on secure servers.

 

In addition, we limit access to your personal data to those employees; agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 

Retention of your data

We understand our legal duty to retain accurate data and only retain personal data for as long as we need it for our legitimate business interests and where you are happy for us to do so.  We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We may archive part or all of your personal data or retain it on our financial systems only, deleting all or part of it from our main Customer Relationship Manager (CRM) system.

 

We may pseudonymize parts of your data, particularly following a request for suppression or deletion of your data, to ensure that we do not re-enter your personal data on to our database, unless requested to do so.

 

Taking identifying fields within a database and replacing them with artificial identifiers, or pseudonyms creates pseudonymized Data.

 

Your legal rights 

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a new regulation, which replaces the Data Protection Regulation (Directive 95/46/EC).  It enhancing privacy rights for EU citizens or individuals who resides in the EEA and providing a strict framework within which commercial organisations can legally operate. Under the GDPR you have the right to:

  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below). We shall communicate any rectification or request for erasure of personal data or restriction of processing carried out to each recipient (third Party) to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The controller shall inform the data subject about those recipients if the data subject requests it.
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.  To stop receiving marketing communications from change or us your preferences please contact us at dataprotection@prco.com.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party in certain formats, if practicable.
  • Withdraw consent to processing at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • Make a complaint to a supervisory body that in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted through this link: https://ico.org.uk/concerns/ If you wish to exercise any of the rights set out above, please contact the us at dataprotection@prco.com

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within a reasonable time period. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

 

Opt-out procedures

You have the option to opt-out of receiving information from Profile-ts or withdrawing your consent to the processing of your data or if you no longer wish to take advantage of this Site or to receive any form of direct contact from Profile-ts, whether it is email, discounts, newsletters, or other promotional offers or materials, or wish us to delete your personally identifiable information from our database of active users, send us a request marked dataprotection@prco.com.

We shall communicate any rectification or request for erasure of personal data or restriction of processing carried out to each recipient (third Party) to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The controller shall inform the data subject about those recipients if the data subject requests it.

 

Changes to our Privacy Policy 

This Privacy Policy is effective as of 25 May 2018.  Any changes we make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy.

 

Contact  Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to dataprotection@prco.com.