PRIVACY POLICY

INTRODUCTION

This Privacy Policy explains what we do with your personal data, whether we are in the process of helping you find a job, continuing our relationship with you once we have found you a role, providing you with a service, receiving a service from you, using your data to ask for your assistance in relation to one of our Candidates, or you are visiting our website.

It describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.

This Privacy Policy applies to the personal data of our Website UsersCandidatesClientsSuppliers, and other people whom we may contact in order to find out more about our Candidates or who they indicate is an emergency contact. It also applies to the emergency contacts of our Staff. For definitions, see Glossary.

For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”), the company responsible for your personal data (“ON IT RECRUITMENT LIMITED” or “us” or “we”) can be found here.

It is important to point out that we may amend this Privacy Policy from time to time. Please just visit this page if you want to stay up to date, as we will post any changes here.

If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights and, where relevant, we have described these as well.

This Privacy Policy applies in relevant countries throughout our international network. Different countries may approach data privacy in slightly different ways and so we also have country-specific parts to this Privacy Policy. You can find country-specific terms for your jurisdiction here. This allows us to ensure that we’re complying with all applicable data privacy protections, no matter where you are.

A number of elements of the personal data we collect from you are required to enable us to fulfil our contractual duties to you or to others.

Depending on the type of personal data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfil our contractual requirements or, in extreme cases, may not be able to continue with our relationship.

WHO WE ARE AND WHAT WE DO

We are a recruitment agency and recruitment business as defined in the Employment Agencies and Employment Businesses Regulations 2003 (our business).  We collect the personal data of the following types of people to allow us to undertake our business;

Prospective and placed candidates for permanent or contract roles;
Prospective and live client contacts;
Supplier contacts to support our services;
Employees, consultants, temporary workers;

We collect information about you to carry out our core business and ancillary activities.

INFORMATION YOU GIVE TO US OR WE COLLECT ABOUT YOU

This is information about you that you give us by filling in forms on our site https://www.onitrec.com/ (our site) or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our site, to enter our database, subscribe to our services, attend our events, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey and when you report a problem with our site.

The information you give us, or we collect about you may include your name, address, private and corporate e-mail address and phone number, financial information, compliance documentation and references verifying your qualifications and experience and your right to work in the United Kingdom, curriculum vitae and photograph and links to your professional profiles available in the public domain e.g. LinkedIn, Twitter, business Facebook or corporate website.

Information we collect about you when you visit our website.

WITH REGARDS TO EACH OF YOUR VISITS TO OUR SITE WE WILL AUTOMATICALLY COLLECT THE FOLLOWING INFORMATION

Technical information including:

The Internet protocol (IP) address used to connect your computer to the Internet, your login information if applicable, browser type and version;

Browser plug-in types and versions
Operating system and platform

Information about your visit including:

The full Uniform Resource Locators (URL)
Clickstream to, through and from our site (including date and time)
Products you viewed or searched for’
Page response times
Download errors
Length of visits to certain pages
Page interaction information (such as scrolling, clicks, and mouse-overs)
Methods used to browse away from the page
Any phone number used to call our contact number

INFORMATION WE OBTAIN FROM OTHER SOURCES.

This is information we obtain about you from other sources such as LinkedIn, corporate websites, job board websites, online CV libraries, your business card and personal recommendations.

We are working closely with third parties including companies within our Group, business partners, sub-contractors in technical, professional, payment and other services, advertising networks, analytics providers, search information providers, credit reference agencies, professional advisors. We may receive information about you from them for the purposes of our recruitment services and ancillary support services.

PURPOSES OF THE PROCESSING AND THE LEGAL BASIS FOR THE PROCESSING

We use information held about you in the following ways:

To carry out our obligations arising from any contracts we intend to enter into or have entered into between you and us and to provide you with the information, products and services that you request from us or we think will be of interest to you because it is relevant to your career or to your organisation.

To provide you with information about other goods and services we offer that are similar to those that you have already purchased, been provided with or enquired about.  

The core service we offer to our candidates and clients is the introduction of candidates to our clients for the purpose of contract or permanent engagement.  However, our service expands to supporting individuals throughout their career and to supporting businesses’ resourcing needs and strategies.

Our legal basis for the processing of personal data is our legitimate business interests, described in more detail below, although we will also rely on contract, legal obligation and consent for specific uses of data.

We will rely on contract if we are negotiating or have entered into a placement agreement with you or your organisation or any other contract to provide services to you or receive services from you or your organisation.

We will rely on legal obligation if we are legally required to hold information on to you to fulfil our legal obligations.

We will in some circumstances rely on consent for particular uses of your data and you will be asked for your express consent, if legally required.  Examples of when consent may be the lawful basis for processing include permission to introduce you to a client (if you are a candidate).

OUR LEGITIMATE BUSINESS INTERESTS

Our legitimate interests in collecting and retaining your personal data is described below:

As a recruitment business and recruitment agency we introduce candidates to clients for permanent employment, temporary worker placements or independent professional contracts.  The exchange of personal data of our candidates and our client contacts is a fundamental, essential part of this process.

In order to support our candidates’ career aspirations and our clients’ resourcing needs we require a database of candidate and client personal data containing historical information as well as current resourcing requirements.

CONSENT

Should we want or need to rely on consent to lawfully process your data we will request your consent orally, by email or by an online process for the specific activity we require consent for and record your response on our system.  Where consent is the lawful basis for our processing you have the right to withdraw your consent to this particular processing at any time.

YOUR PERSONAL DATA CANDIDATE

What kind of personal data do we collect?
In order to provide the best possible employment opportunities that are tailored to you, we need to process certain information about you. We only ask for details that will genuinely help us to help you, such as your name, age, contact details, education details, employment history, emergency contacts, immigration status, in some cases financial information (where we need to carry out financial background checks), and NI number (and of course you may choose to share other relevant information with us). Where appropriate, we may also collect information related to your health, diversity information or details of any criminal convictions.

How do we collect your personal data?
There are two main ways in which we collect your personal data:

Directly from you; and
From third parties


How do we use your personal data?
The main reason for using your personal details is to help you find employment or other work roles that might be suitable for you. The more information we have about you, your skillset and your ambitions, the more bespoke we can make our service. Where appropriate and in accordance with local laws and requirements, we may also use your personal data for things like marketing, profiling and diversity monitoring. Where appropriate, we will seek your consent to undertake some of these activities.

Who do we share your personal data with?
We may share your personal data with various parties, in various ways and for various reasons. Primarily we will share your information with prospective employers to increase your chances of securing the job you want. Unless you specify otherwise, we may also share your information with any of our group companies and associated third parties such as our service providers where we feel this will help us to provide you with the best possible service.

YOUR PERSONAL DATA – CLIENT

What kind of personal data do we collect?
If you are a Client of ON IT RECRUITMENT, we need to collect and use information about you, or individuals at your organisation, in the course of providing you services such as:

Finding Candidates who are the right fit for you or your organisation
Providing you with a Managed Service Provider (“MSP”) programme (or assisting another organisation to do so)
Providing you with Recruitment Process Outsourcing (“RPO”) services (or assisting another organisation to do so); and/or
Notifying you of content published by ON IT RECRUITMENT which is likely to be relevant and useful toyou.

How do we collect your personal data?

There are two main ways in which we collect your personal data:

Directly from you; and
From third parties (e.g. our Candidates) and other limited sources (e.g. online and offline media).

How do we use your personal data?
The main reason for using information about clients is to ensure that the contractual arrangements between us can be implemented properly so that the relationship can run smoothly. This may involve:

Identifying Candidates who we think will be the right fit for you or your organisation;
Providing you with an MSP programme (or assisting another organisation to do so); and/or
Providing you with RPO services (or assisting another organisation to do so). The more information we have, the more bespoke we can make our service. 

How do we share your personal data with?
We will share your data:

Primarily to ensure that we provide you with a suitable pool of Candidates;
To provide you with an MSP programme (or assist another organisation to do so); and/or
To provide you with RPO services (or assist another organisation to do so). Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers to help us meet these aims.

YOUR PERSONAL DATA SUPPLIER DATA

What kind of personal data do we collect?
We need a small amount of information from our Suppliers to ensure that things run smoothly. We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).

How do we collect your personal data?
We collect your personal data during the course of our work with you.

How do we use your personal data?
The main reasons for using your personal data are to ensure that the contractual arrangements between us can be implemented properly so that the relationship can run smoothly, and to comply with legal requirements.

Who do we share your personal data with?
Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers and organisations to whom we provide services.

YOUR PERSONAL DATA – PEOPLE WHOSE DATA WE RECEIVE FROM CANDIDATES AND STAFF, SUCH AS REFEREES AND EMERGENCY CONTACTS

What kind of personal data do we collect?
In order to provide Candidates with suitable employment opportunities safely and securely and to provide for every eventuality for them and our Staff, we need some basic background information. We only ask for very basic contact details, so that we can get in touch with you either for a reference or because you’ve been listed as an emergency contact for one of our Candidates or Staff members.

How do we collect your personal data?
We collect your contact details only where a Candidate or a member of our Staff puts you down as their emergency contact or where a Candidate gives them to us in order for you to serve as a referee.

How do we use your personal data?
We use referees’ personal data to help our Candidates to find employment which is suited to them. If we are able to verify their details and qualifications, we can make sure that they are well matched with prospective employers. We may also use referees’ personal data to contact them in relation to recruitment activities that may be of interest to them. We use the personal details of a Candidates or Staff member’s emergency contacts in the case of an accident or emergency affecting that Candidates or member of Staff.

Who do we share your personal data with?
Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers and organisations to whom we provide services.

YOUR PERSONAL DATA – WEBSITE USERS

What kind of personal data do we collect?

We collect a limited amount of data from our Website Users which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes information such as name, email address, telephone number, salary/day rate, location, gender, nationality and your formatted CV.

How do we collect your personal data?
We collect your data when you visit our website and all information is voluntary entered by the user in the Contact Us / Upload Your CV page. 

How do we use your personal data?
We use your data to help us to improve your experience of using our website, for example by analysing your recent job search criteria to help us to present jobs to you that we think you’ll be interested in. Please note that communications to and from ON IT RECRUITMENT’s Staff including emails may be reviewed as part of internal or external investigations or litigation. 

Who do we share your personal data with?
Unless you specify otherwise, we may share your information with providers of web analytics services, marketing automation platforms and social media services to make sure any advertising you receive is targeted to you. 

HOW DO WE SAFEGUARD YOUR PERSONAL DATA?

We care about protecting your information. That’s why we put in place appropriate measures that are designed to prevent unauthorised access to, and misuse of, your personal data.

HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?

If we have not had meaningful contact with you (or, where appropriate, the company you are working for or with) for a period of five years, we will Delete your personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it (for example, because of our obligations to tax authorities or in connection with any anticipated litigation).

HOW CAN YOU ACCESS, AMEND OR TAKE BACK THE PERSONAL DATA THAT YOU HAVE GIVEN TO US?

Even if we already hold your personal data, you still have various rights in relation to it. To get in touch about these, please contact us. We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of any applicable laws. Please note that we may keep a record of your communications to help us resolve any issues which you raise.

Right to object – If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.

Right to withdraw consent – Where we have obtained your consent to process your personal data for certain activities (for example, for profiling your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.

Data Subject Access Requests (DSAR) – Just so it’s clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or Delete such information. At this point we may comply with your request or, additionally do one of the following:

We may ask you to verify your identity, or ask for more information about your request; and
Where we are legally permitted to do so, we may decline your request, but we will explain why if we do so. 

Right to erasure – In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data but will generally assume that you would prefer us to keep a note of your name on our register of individuals who would prefer not to be contacted. That way, we will minimise the chances of you being contacted in the future where your data are collected in unconnected circumstances. If you would prefer us not to do this, you are free to say so.

Right of data portability – If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.

Right to lodge a complaint with a supervisory authority – You also have the right to lodge a complaint with your local supervisory authority:

Details of your local supervisory authority: The Information Commissioner’s Office.

You can contact them in the following ways:

Phone: 0303 123 1113
Email: casework@ico.org.uk 

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 

If your interests or requirements change, you can unsubscribe from part or all of our marketing content (for example job role emails) by clicking the unsubscribe link in the email, or by updating your preferences by sending an email to info@onitrec.com  


HOW DO WE STORE AND TRANSFER YOUR DATA INTERNATIONALLY?

In order for us to continue operating in this way, we may have to transfer or store your data internationally.   

WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA ON THE ON IT RECRUITMENT WEBSITE? 

ON IT RECRUITMENT controls the processing of personal data on its website(s).  

HOW TO CONTACT US

ON IT RECRUITMENT is responsible for processing the personal data of Website Users, Candidates, Clients, Suppliers and the emergency contacts and referees of Candidates. 

How you can get in touch with us:

To access, amend or take back the personal data that you have given to us;
If you suspect any misuse or loss of or unauthorised access to your personal information;
To withdraw your consent to the processing of your personal data (where consent is the legal basis on which we process your personal data);
With any comments or suggestions concerning this Privacy Policy
You can write to us at the following address: ON IT RECRUITMENT, No.1 Spinningfields, WeWork, Quay Street, Manchester, M3 3JE
Alternatively, you can send an email to: info@onitrec.com.  
To unsubscribe to any marketing emails, click on the unsubscribe link in the email or contact us by emailing info@onitrec.com.  

DATA RETENTION POLICY

INTRODUCTION

Effective data management is vital to allow ON IT RECRUITMENT LIMITED to carry out its business functions. To comply with the principles of General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the Data Protection Act 1998, records containing personal data must be:

Disposed of appropriately to ensure that copyrights are not breached and to prevent them falling into the hands of unauthorised personnel.
Retained for only as long as necessary.
Retrievable and easily traced.
Stored appropriately having regard to the sensitivity and confidentiality of material recorded. 
This policy applies equally to paper, electronic media and any other method used to store personal data.

OUR DATA RETENTION POLICY

We will only hold data on candidates that is relevant to our business relationship e.g. CV, contact details and meaningful contact.
If a candidate has been engaged on assignment by Stafford-Sharp Associates Limited, we will keep relevant data for HMRC purposes for seven years.
We will delete your personal data from our systems if we have not had any meaningful contact with you for three years (or for such longer period as we believe in good faith that the law or relevant regulators require us to preserve your data).
For those candidates whose services are provided via a third-party company or other entity, “meaningful contact” with you means meaningful contact with the company or entity which supplies your services. Where we are notified by such company or entity that it no longer has that relationship with you, we will retain your data for no longer than three years from that point or, if later, for the period of three years from the point we subsequently have meaningful contact directly with you.
At any time, a candidate may request that we delete their personal information. The candidate will be informed of what deletion means for them and their relationship with ON IT RECRUITMENT, and what personal data can be deleted within 30 days of their request.
When we refer to “meaningful contact”, we mean, for example, communication between us (either verbal or written), or where you are actively engaging with our services. If you are a candidate, we will consider there to be meaningful contact with you if you submit your updated CV onto our website or via our Recruitment Consultants. We will also consider it meaningful contact if you communicate with us about potential roles, either by verbal or written communication or click through from any of our marketing communications.

GLOSSARY

Candidates – includes applicants for all roles advertised or promoted by ON IT RECRUITMENT, including permanent and contract roles with ON IT RECRUITMENT’s Clients; as well as people who have supplied a speculative CV to ON IT RECRUITMENT not in relation to a specific job. Individual contractors and employees of suppliers or other third parties put forward for roles with ON IT RECRUITMENT, Clients as part of an MSP offering or otherwise will be treated as candidates for the purposes of this Privacy Policy.
Clients – while it speaks for itself, this category covers our customers, clients, and others to whom ON IT RECRUITMENT provides services in the course of its business.
Delete – while we will endeavour to permanently erase your personal data once it reaches the end of its retention period or where we receive a valid request from you to do so, some of your data may still exist within our systems, for example if it is waiting to be overwritten. For our purposes, this data has been put beyond use, meaning that, while it still exists on an archive system, this cannot be readily accessed by any of our operational systems, processes or Staff.
General Data Protection Regulation (GDPR) – a European Union statutory instrument which aims to harmonise European data protection laws. It has an effective date of 25 May 2018, and any references to it should be construed accordingly to include any national legislation implementing it.
Managed Service Provider (MSP) programmes – Clients’ outsourcing of the management of external staff (including independent contractors) to an external recruitment provider.
Other people whom ON IT RECRUITMENT may contact – these may include Candidates’ and ON IT RECRUITMENT’s Staff’s emergency contacts and referees. We will only contact them in appropriate circumstances.
Recruitment Process Outsourcing (RPO) services – full or partial outsourcing of the recruitment process for permanent employees to a recruitment provider.
Staff – includes employees and interns engaged directly in the business of ON IT RECRUITMENT (or who have accepted an offer to be engaged) as well as certain other workers engaged in the business of providing services to ON IT RECRUITMENT (even though they are not classed as employees). For these purposes we also include employees of ON IT RECRUITMENT who are engaged to work on Clients’ premises under the terms of RPO or MSP agreements. To be clear, ‘Staff’ does not include individuals hired by ON IT RECRUITMENT for the purpose of being placed with Clients outside of an RPO/MSP arrangement. These individuals are treated in the same way as ON IT RECRUITMENT’s Candidates and are covered by this Privacy Policy. Likewise, independent contractors and consultants performing services for ON IT RECRUITMENT fall within the definition of a ‘Supplier’ for the purposes of this Privacy Policy.
Suppliers – refers to partnerships and companies (including sole traders), and typical workers such as independent contractors, who provide services to ON IT RECRUITMENT. In certain circumstances ON IT RECRUITMENT will sub-contract the services it provides to Clients to third party suppliers who perform services on ON IT RECRUITMENT’s behalf. In this context, suppliers that are individual contractors or employees of suppliers will be treated as Candidates for data protection purposes. Please note that in this context, ON IT RECRUITMENT requires Suppliers to communicate the relevant parts of this Privacy Policy (namely the sections directed at Candidates) to their employees.
Website Users – any individual who accesses the ON IT RECRUITMENT website.