Glue Resourcing’s Privacy Notice
We ask that you read this privacy notice carefully as it contains important information about who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
Who we are
We are Glue Resourcing Limited. Glue Resourcing collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
The personal information we collect and use
Information collected by us
In the course of our activities as a recruitment and staffing specialist, we collect different kinds of information depending on whether you are a job seeker wishing to use our recruitment services to find your dream job, or whether you are a client who has contacted us to help you to find your next star employee or temporary worker. When we refer to “clients” in this policy, we also refer to our commercial business suppliers, partners and vendors.
For our clients, we store the following personal information when you provide it to us:
Your name, your job title and role within your organisation, your office or head office address, your professional contact details (such as telephone numbers, fax numbers and email addresses).
For our candidates, we have set out a table at the Schedule below which sets out the information collected by us or from third parties.
Information collected from other sources
In general, we do not generally obtain personal information from our clients from other sources, but this can occur occasionally, such as:
• From professional social media sites where such information is in the public domain.
• From any professional marketing materials or other publications (including your company’s website) which have been issued and maintained by your company.
• From information that may have been gained or exchanged from trade fairs, industry talks or networking forums.
• From your company itself, where we have initially been dealing with another department or another group entity.
In respect of our candidates, sometimes we will collect information from third parties such as previous employers, your school, university or college, professional regulators or government bodies based on information that has been provided by the candidates themselves. More information about this is set out in the Schedule below.
On some occasions, we obtain information about candidates from third parties, such as from Job Boards with which the candidates may be registered, or from publically available, professional networking sites.
In this case, if one of our candidates uploads their CV to a jobs board website and we consider that the candidate may have the skills that our clients are looking for we might decide to collect that candidate’s information in order to pass the CV to those companies.
Similarly, if a candidate creates a profile on a social networking website designed specifically for professional networking and selects a specific option to let recruiters like us know that the candidate is open to job opportunities, then we may use their contact details as published on that website, for recruitment purposes.
How we use your personal information
In respect of our clients, we use any information we collect about you to:
• Best provide our recruitment services, tailor-made to suit the needs of our respective businesses;
• To contact you in order to provide our recruitment services;
• To negotiate and enter into a commercial agreement with you which governs the provision of our recruitment services to you and sets out yours (and our) rights and obligations, such as dealing with payment, and sending related correspondence.
In respect of our candidates, we have set out a table in the Schedule below which sets out how we use your information in order to provide you with the highest quality recruitment services.
Who we share your personal information with
Typically, for our candidates, the types of organisations with whom we share your information include our clients, who are seeking individuals with a profile similar to yours in order to offer employment opportunities.
This data sharing enables us to best help you in your job search, and also allows us to fulfil our sourcing obligations to our clients.
Candidates - Please rest assured! We are proud to take our data protection obligations seriously and will not share your personal information with any other third party or forward on your CV to a client, unless we have your express consent to do so.
Similarly, we share client data with our candidates when we think that we have found a good fit. This data is limited to information about the role, the company, any specific requirements or details. If the candidate is offered an interview with you, we will also provide the candidate with the hiring manager’s name, professional contact details and office address. Again, we will only ever share such information provided that our client contact has confirmed to us that we can do so, and that they are happy to meet with the candidate.
We might also share data pursuant to data processing agreements, such as on external IT servers or on cloud-based storage. We might also give your details to our third-party providers, such as external finance, external marketing managers or external lawyers to make sure that we are able to complete our contractual obligations to you, or indeed for the smooth running of our business in the event that we do not have an adequate back-office or administration support system internally. In any case, we always make sure that we have appropriate technical, security and organisational methods in place to secure the confidentiality and proper processing of your data, and we require that our third-party providers adhere to these guarantees too.
Sometimes, some of those third-party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.
We will also share candidate and client information with law enforcement or other government or official authorities, and our external lawyers, if required by applicable law or in pursuit or defence of a claim.
Whether information has to be provided by you, and if so why
The provision of details sent to us by our clients, such as the name, job title and professional contact details of the hiring manager, or account manager, as well as the appropriate office address (for billing or interview purposes) is required from our clients to enable us to ensure the proper administration of our services to you, to prepare the terms of business, to enter into a contract, to respect billing and payment procedures, to fulfil our general obligations to you (for example, by discussing your needs, requirements and providing you with our recruitment expertise), and administer the contract generally.
In respect of our candidates, in the table set out in the Schedule below we have explained how and when we are required to seek certain information from you as part of the recruitment process, either by law, or pursuant to contractual obligations with our clients, and once we are at the final selection stage, to ensure that the client has all of the relevant information at their disposal to be able to properly hire you.
How long your personal information will be kept
For our clients:
We will hold any personal data about our client contacts for no longer than is reasonable in order to carry out our recruitment services pursuant to the intended conclusion of a contract, during the performance of the contract, and after its termination (for example, keeping any data in accordance with legal or fiscal obligations to in pursuit or defence of a claim). It may be that some personal data is retained on these documents, but this is purely incidental to documents which are generally required strictly for commercial purposes. Where possible, we will ensure that any personal data is anonomysed where it is not strictly necessary.
As a general rule and outside of legal obligations, we will keep all client contacts on our active file for a period of 3 years following our last meaningful contact with you, unless you expressly tell us otherwise, and before we delete your data we will always periodically check with you to see whether our recruitment services are still of interest, unless you tell us otherwise.
For our candidates:
We keep the personal information that we obtain about you during the recruitment process for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on whether your application is successful and whether you become employed by one of our clients, the nature of the information concerned and the purposes for which it is processed.
Generally, we will keep recruitment information (including interview notes) for 3 years following our last meaningful contact with you, but before we delete your personal data, we will check with you to see whether you still want us to keep your details on file should you wish to use our services for your future job hunt.
Sometimes we may hold some data for longer than this, taking into account the limitation periods for potential legal or contractual claims. For example, if your application is successful, we will keep only the recruitment information that is necessary in relation to your employment with the client and pursuant to our contractual obligations with them.
In all cases, when checking with clients and candidates as to whether you still want to remain on our data base, and for all other direct marketing activities we carry out, we always respect the rules surrounding electronic communications and the use of new technologies (such as information gathered by cookies) and security breaches pursuant to the Privacy and Electronic Communications (EC Directive) Regulations 2003 (also known as “PECR”). In this case, we will always ask you at the outset and will always provide you with the possibility to opt-in and opt-out.
Reasons we can collect and use your personal information
As far as our clients are concerned, we process your personal information (i) with a view to entering into a commercial contract or to perform that commercial contract; (ii) in accordance with our legal obligations (for example, our accounting and HMRC obligations); and (iii) in our mutual legitimate interests – we both have the same or similar legitimate interests in collaborating together – to make sure we can secure you top talent!
In respect of our candidates, the table at the Schedule below sets out the reasons we can collect and use your personal information. We have nonetheless provided a couple of scenarios below which we hope are helpful, and which also complement the information in the table.
If a candidate has posted their CV on a job board, the Information Commissioner (the UK Data Protection Authority, also known as the ICO) says that it is likely that the lawful basis for processing is legitimate interests. We agree with this approach.
The candidate has made their CV available on a job board website for the purpose of employers and recruiters being able to access this data. They would clearly expect that recruitment agencies, such as us, would access the CV and share it with our clients. Our legitimate interests are likely to align with the interests of the candidate in circulating their CV in order to find a job and candidate privacy rights are respected.
- Social Media Profiles (such as LinkedIn):
We also agree with the ICO, that when a candidate has selected an “Available for Work Option” or “Please Notify Recruiters”, the candidate would clearly expect viewers of their profile to use their details for recruitment purposes. As above, this means our legitimate interests are likely to align with the interests of the candidate in their search for a job.
If a candidate has not selected the “Available for Work Option”, then even if that candidate has the most fantastic profile for one of our clients, we will never assume that they expect to be contacted for work. In this case, we would always seek the individual’s consent before any information is taken from their profile.
In any case, any contact we make with candidates or clients via job boards or social media is always carried out in compliance with the GDPR and other legal requirements (such as the "PECR") which govern how we can contact you by electronic means or by using new technologies.
Transfer of your information out of the EEA
For both clients and candidates, we may transfer your personal information to locations outside the European Economic Area (EEA), for example, for storage on servers or CRM systems which might be based outside of the EEA from time to time.
Sometimes, countries outside of the EEA do not have the same data protection laws as the United Kingdom and the EEA. Therefore, if we do transfer your personal information outside of the EEA, we will always ensure that appropriate or suitable relevant safeguards, such as the Standard Contractual Clauses, or as otherwise specified in the General Data Protection Regulation are applied, in order to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.
If you would like further information, please contact us (see ‘How to contact us’ below). We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
Under the General Data Protection Regulation you have a number of important rights, including:
• Fair processing of information and transparency over how we use your use personal information
• access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
• Ask us to correct any mistakes in your information which we hold
• Ask us to erasure your personal information in certain situations
• Obtain a copy of your personal information which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
• Object at any time to processing of your personal information for direct marketing
• Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
• Object in certain other situations to our continued processing of your personal information
• Restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
• email, call or write to us
• let us have enough information to identify you
• let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
• let us know the information to which your request relates.
If you would like to unsubscribe from any emails you receive from us, you can also click on the ‘unsubscribe’ button at the bottom of the email. It may take up to 30 days for this to take place.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or by telephone: 0303 123 1113.
Changes to this privacy notice
This privacy notice was published on 22nd May 2018 and last updated on 22nd May 2018.
We may change this privacy notice from time to time, when we do we will inform you via the email address that we hold on file for you.
How to contact us
Please contact us if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us, please send an email to firstname.lastname@example.org, write to 11 Bliss Close Nether Heyford. NN7 3ND marking your correspondence “Privacy Rights” or call 01604930355