Core Tech Recruitment our registered address is 137, Sawmill Court, Manchester, M4 6LQ registration no. 12079303 and you can contact us for all personal data privacy matters by email at firstname.lastname@example.org or by telephone on 02080320600.
Core Tech provides talent solution services, including permanent and temporary recruitment services to clients looking to recruit personnel for their businesses.
Core Tech Recruitment takes data protection seriously and aims to comply with all applicable Data Protection legislation, industry best practice and all local laws.
WHAT DOES THIS POLICY COVER?
We at Core Tech take your personal data seriously. This Privacy Notice:
sets out the types of personal data that we collect about you
explains how and why we collect and use your personal data
explains how long we keep your personal data for
explains when, why and with who we will share your personal data
sets out the legal basis we have for using your personal data
explains the effect of refusing to provide the personal data requested
explains the different rights and choices you have when it comes to your personal data
explains how we may contact you and how you can contact us.
WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU?
We collect information about you which enables us to find available opportunities and assess your suitability throughout the recruitment process. This is collected in our capacity as a recruitment agency, recruitment business and talent consultancy as well as an employer if you want to work for us.
We collect personal information including but not limited to your first name, surname, email address (both personal and business), telephone number, residential address, job title, company name, financial information, job function, location, sector, CV, identification documents, evidence of right to work (RTW), educational records, work history, next of kin and emergency contact details, references and links to your professional profiles available in the public domain and on social media, such as LinkedIn, GitHub and corporate websites.
We may also collect some sensitive personal data about you, in the form of health or medical information (including details of any special assistance you may need or any sick leave taken during previous roles) to fulfil our employment, social security and other regulatory or legal obligations. With your express consent, we may also collect other sensitive personal data from you such as your ethnic origin. Where you have been required to give your explicit consent, you will always be entitled to withdraw such consent at any time.
WHERE DO WE COLLECT PERSONAL DATA ABOUT YOU FROM?
The following are the different sources we may collect your personal data from:
Directly from you. This is information you provide whether searching for a new opportunity, during the different recruitment stages or at a recruitment or networking event. This may be by telephone, email or in person.
From an agent/third party acting on your behalf. This may be your own limited company, an umbrella company or another recruitment agency.
From third party sources. We may obtain your personal information from the following third party source(s):
Job Boards that you have registered your details with and where we are clearly and specifically named as a recruitment company with whom your data may be shared.
By Reference or word of mouth. For example, you may be recommended by a friend, a former employer, a former colleague or even a present employer. However, we will always seek your prior valid consent before processing your data.
Where we collect your information through some of the sources mentioned above, we may do this with the aid of software programmes such as Vincere.io and Lusha. These programmes are given parameters on the requirements of a role and search through the lawfully collected data to find suitable candidates for a given role. They are designed to only output information on candidates that meet the search criteria. Where we use these programmes, their use is restricted to only searching for information (e.g. job title, location, skillset) from the data sources we have provided it and solely based on the criteria we have set for that search.
HOW AND WHY WE USE YOUR PERSONAL DATA?
We will use your data so that we can provide our services to you, including:
To match your skills, experience and education with a potential employer or client or current job opportunities.
To provide more detailed information to a client, should you be chosen by the client to go through to the next stage.
To keep you informed of job opportunities which we think may be of interest to you.
To send you other information that may be of interest to you, such as workshops, events and newsletters from Core Tech.
To provide career guidance and management.
To respond to your requests or questions when you contact us.
To carry out our contractual obligations with you or with a client, including under any contracts we intend to enter with you.
To analyse trends in industry, although this information will be anonymised.
To third parties (see below).
If you work for a client or a potential employer looking to fill roles, to contact you about prospective candidates or leads and to share your contact details with a candidate, at interview stage and beyond.
To provide services relating to talent management, including recruitment, talent consultancy, market mapping and research and salary surveys.
To manage our relationship with you and with our clients and perform administrative and operational tasks.
To comply with our legal obligations and rights, under contracts and at law, and to cooperate with authorities and investigations.
WHAT MARKETING COMMUNICATIONS DO YOU SEND?
We may periodically send you marketing information that we think you may find interesting and beneficial. These messages may suggest other jobs to you alongside the specific one you may have applied for, thereby significantly increasing the likelihood of us finding you a new position.
Our lawful basis for sending you any direct marketing information via electronic means - by email, social media, SMS - falls into two categories of ‘consent’:
By obtaining your valid, expressed, consent through an opt-in mechanism at the time of collecting your personal data and providing you with the opportunity to opt-out in all subsequent communication by clicking the “unsubscribe” link in an email received from Core Tech Recruitment or by contacting us at info@CoreTechRecruitment.com
Via the Soft opt-in consent route which applies where you have previously engaged with us (for example by submitting a job application or a CV or registering to fill a job vacancy we have posted), and we are marketing other recruitment-related services. Under ‘soft opt-in’ consent we view your consent as implied unless or until you opt out.
HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?
We keep your personal information only for as long as is necessary in line with the reason for which we process it, as described above. Please note that we may retain some of your information after you cease to use our services if it is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes, health and safety, or employment regulations.
When determining the relevant retention periods, we will take into account:
Our contractual obligations and rights in relation to the relevant information;
Legal obligations under applicable law to retain data for a certain period;
Our legitimate interest where we have carried out a balancing test;
Statute of limitations under applicable law;
Disputes, whether potential or actual;
If you have made a request to have your information deleted;
Guidelines issued by relevant data protection authorities.
If we determine that we can delete your data, we will do so securely.
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
Your personal data may be shared with certain third parties who will be subject to contractual obligations of confidentiality and compliance with all relevant data protection laws, including
Our client who has a position to fill or who you may have been placed with.
The end client or customer who you may be placed with through another agency or intermediary (for example where there is a managed service arrangement or where our client is a consultancy firm)
Other recruitment agencies or service providers such as umbrella companies, RPO or PSL providers.
Other companies and employees within the Core Tech.
Suppliers, contractors and agents who may perform services for us, including payroll providers, umbrella companies, professional advisers such as accountants or lawyers, insurance brokers, consultants, background check agencies, email marketing agencies, event organisers.
Government or law enforcement authorities or any other third party in any jurisdiction, if we believe that we have an obligation to do so or that such action is necessary to protect, defend or enforce our rights.
In the event of a sale, merger, liquidation, receivership or transfer of assets of any member of our group, to any third party provided they are obliged to only use your personal data for the purposes that you have provided it to us.
We may also conduct checks on you to verify the accuracy of the information you have provided and where we do this we may share your information with former employers or clients.
WHAT LEGAL BASIS DO WE HAVE FOR USING YOUR INFORMATION?
For prospective employees, candidates, contractors, referees and clients, our processing is necessary for our legitimate business interests in that we need the information in order to be able to assess suitability for potential roles, to find potential candidates and to contact clients and referees.
We carry out a balancing test to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing. We keep a record of these balancing tests which you can find out more about by contacting us using the details below.
If you are interviewed and submitted as a candidate, then to comply with our employment, social security or other legal and regulatory obligations, we may need to process more detailed personal data including sensitive data such as health information that you or others provide about you. Where there is no legal obligation to collect and process any of your sensitive personal data we always ask for your express consent before undertaking such processing.
We may also rely on our processing being necessary to perform a contract for you, if you are a client or a candidate or contractor and we are negotiating or have entered into an agreement with you to provide services to you or receive services from you.
Processing may also be necessary to fulfil our legal and regulatory obligations, such as disclosure to public authorities, regulators and investigations.
We may also use your information if we must establish, exercise or defend legal claims or where the personal information is in the public domain.
WHAT HAPPENS IF YOU DO NOT PROVIDE US WITH THE INFORMATION WE REQUEST OR ASK THAT WE STOP PROCESSING YOUR INFORMATION?
If you do not provide the personal data we request or withdraw your consent, if consent is the sole lawful basis we rely on for processing your information, we may not be able to match you with available job opportunities.
DO WE MAKE ANY AUTOMATED DECISIONS CONCERNING YOU?
No, we do not carry out automated profiling as there is an element of human intervention in all our processing.
WHAT SECURITY MEASURES DO WE HAVE IN PLACE?
We have appropriate technical and organisational security measures in place to protect your personal information under our control and to prevent unauthorised access, destruction, transmission, misuse or alteration of it. However, we cannot guarantee that such unauthorised access, destruction, transmission, misuse or alteration will not happen.
Transfer of data via the internet is not completely secure and while we do our best to protect your personal data, any data you transmit to us is at your own risk. Once we have received your data we will follow our procedures and policies to protect it securely.
If we share any links to external websites operated by other organisations (such as clients, training providers etc) with you, any data you submit to those websites (including clicking on any link) is outside our control and will be subject to that third party’s data protection and privacy policies. We cannot guarantee that any third party will be compliant with relevant laws and best industry practice and accept no responsibility or liability for these third parties.
WHAT RIGHTS DO YOU HAVE IN RELATION TO THE DATA WE HOLD ON YOU?
By law, you have several rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country.
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. Therefore we’re providing you with the information in this Privacy Notice.
2. The right of access
You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Notice).
This is so you’re aware and can check that we’re using your information in accordance with data protection law.
3. The right to rectification
You are entitled to have your information corrected if it’s inaccurate or incomplete.
4. The right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. Please note however that In line with applicable data protection legislation such as the GDPR, Data Protection Act 2018 and the Privacy and Electronic Communications Regulation 2003 (PECR – which regulates direct marketing activities via digital means), rather than delete all your personal information we may need to retain some of your basic personal information on an internal suppression list to respect your request and prevent any inadvertent future marketing contact.
5. The right to restrict processing
You have the right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability
You have the right to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
7. The right to object to processing
You have the right to object to certain types of processing, including processing for direct marketing or if you no longer want to be contacted with potential opportunities.
8. The right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator. In the UK, this is the Information Commissioner’s office (ICO) whose contact details are provided at the end of this Notice.
9. The right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
baseless or excessive/repeated requests, or
further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request. In the limited circumstances where we may need to do this, we will provide you with a full explanation at the time of our lawful basis for doing so along with your referral rights to lodge a complaint with the relevant data protection authority.
Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but if the request is going to take longer to deal with, we’ll let you know in a timely manner.
HOW WILL WE CONTACT YOU?
We may contact you by phone, email or via social media or networking sites. If you prefer a particular contact means over another, please just let us know.
HOW CAN YOU CONTACT US?
We will review your personal data periodically to ensure it is up to date and accurate but rely on your cooperation to keep us informed if any such data changes. If you would like to change any information you have provided to us, please just let us know.
If you are unhappy with how we’ve handled your information, or have further questions on the processing of your personal data to:
FAO the Data Privacy Specialist
By email: info@CoreTechRecruitment.com