Privacy and Cookies Policy - Elite Personnel

Candidates and Clients

1. GENERAL
We are committed to protecting your privacy online.

This Privacy Policy sets out how we treat your personal information, allowing you to make informed choices about the personal information that you provide to us via the website www.elitep.co.uk (or its replacement or successor URL or otherwise in relation to the services offered by us via that website www.elitep.co.uk or any information that you may email, post or provide us with at the point of registration or at any point after registration.

Please read this Privacy Policy carefully before you start to use our Website or to convey to us any personal information at any point and by any means. If you have any questions or issues please Contact Us on 0121 354 6684 or email info@elitep.co.uk

By accessing and using our services and/or website and submitting any personal information to us via the Website you will automatically be taken to have read, understood and accepted this Privacy Policy.

If you do not want us to collect, use and transfer your personal information in this way then you should (depending on what it is you object to) Contact Us on 0121 354 6684 or email info@elite.co.uk and ask for your information to be deleted.

We may make changes to this Privacy Policy at any time and such changes will be posted on this page and, where appropriate, notified to you by e-mail. Therefore, you should check this Privacy Policy regularly.

For the purposes of the Data Protection Act 1988 (the “Act”), the data controller is Elite Personnel 14 Boldmere Road Sutton Coldfield B73 5TD

2. WHAT WE MEAN BY PERSONAL INFORMATION
Personal information means any data from which you can be identified (including information such as your name, email address and password) and which concerns you. All personal information that we obtain from you via telephone, email at the point of registration and/or the Website will be dealt with in accordance with the provisions of this Privacy Policy and the Act.

3. PERSONAL INFORMATION THAT WE COLLECT
If you register on the Website as a user, or you send your CV, or when you register with us we ask you for certain basic and personal information in order to build up your user profile, for example your name and email address.

We may collect and process the following data about you:

information you provide via the “Registration” page when registering to use the Website or our recruitment services in general including your name, email address, job title and any updated information you provide from time to time;
any comments you may have about your application to register and/or to use the Website;
Information you provide via uploading your CV
Information you provide when you submit or post content to the Website or when you contact us.
Additional information we may request from you from time to time either by contacting you directly or through the Website or email, although there will be no obligation on you to provide this additional information.
Details of your visits to the Website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own purposes or otherwise and the resources that you access.

We will let you know on the registration page if the provision of certain information is optional.

If you provide us with information about another person you confirm that they have appointed you to act for them, consent to the processing of their personal data including sensitive personal data and that you have informed them of our identity and the purposes (as set out below) for which their personal data will be processed.

By providing us with your personal information, you consent to our processing your personal data for the purposes set out below.

4. How we use your personal information
We use personal information held about you in the following main ways:

To look for a new position for you and to make contact
To invite you in to register with us
To contact you by email and telephone about any positions that may be suitable
To notify you via mailshots about any vacancies
To enable payment to be made into your bank account when you have worked for Elite Personnel
We will hold you assessments scores unless you inform us not to by contacting us on 0121 354 6684 or email us at info@elitep.co.uk
For other purposes to which you have given your consent

We do not sell, trade or rent your information to other parties unless we have first obtained your consent. If you do give us permission, we will only share information with organisations we have carefully selected for your job search and believe to be reputable.

Except in very specific circumstances, we do not disclose any of your information to other parties, except where you have given your consent i.e. reference information or forwarding your CV
Otherwise, we reserve the right to give your personal information to a third party without your consent where we believe that such disclosure is (i) required by law or (ii) necessary to assist in the prevention or detection of any criminal action (including fraud) or (iii) is in the overriding public interest and is permitted by law.

5. HOW WE PROTECT YOUR PERSONAL INFORMATION
We are strongly committed to data security and we take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to seek to safeguard the information you provide to us.

However, owing to the nature of the internet we cannot guarantee the security of any information you transmit to us. We recommend that you take every precaution to protect your personal information while you are using the Website and the internet.

6. HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We will keep and use the personal information for as long as you are registered as a user of the Website and our services, and for at least 3 years afterwards, in order to deal with any consequent queries or complaints you may have. We may retain the personal information for longer than this if there is a legal reason or requirement to keep the information for longer, for example if it is relevant to any current legal proceedings also for payroll information if you have worked for us.

If you are a registered user and cease to access the Website for over 2 years then we shall mark your personal profile as “gone away” and inactivate your registration. If you wish to use the Website after such period has elapsed then you will need to re-register with us.

7. UPDATING YOUR PERSONAL INFORMATION
If you are a registered with us, you can update all the information we hold about you by contacting us on 0121 354 6684 or emailing info@elitep.co.uk . If you have any other queries regarding the information we hold about you then you should contact us at the contact addresses set out in Section 10.

8. LIABILITY
Please read carefully the paragraphs entitled Disclaimers, Our Liability to You and Your Liability to Us in the Terms of Use as they also apply to this Privacy Policy.

9. IP ADDRESSES AND COOKIES
As set out in Section 3 above, we may collect information about your computer, including where available your IP address (which is a unique identifier of the user’s computer or other access device), operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies are small files stored in your computer’s hard drive by your web browser. When you access the Website, if you have enabled cookies, our computer server will access these cookies so that it can recognise your computer. These cookies help us to improve the Website and deliver a better and more personalised service. They enable us:

To speed up your searches; and
When you first access the sites, we will give you the option to choose not to receive cookies, or to allow you to be prompted every time a cookie is sent to you. Most web browsers automatically accept cookies, and you can change your cookie settings at any time. Please note that in a few cases some features of the Website may not function if you remove cookies from your browser.

Please note that external sites including social media sites linked from the Website may also use cookies, and you should check carefully with these external sites what information is being collected using cookies.

10. CONTACT US
If you have any queries about how we use your information you can contact us by emailing: recruitment@elitep.co.uk or by writing to us 14 Boldmere Road Sutton Coldfield B73 5TD Or by emailing us at info@elitep.co.uk

GDPR Privacy Policy

Elite Personnel gather and process your personal information in accordance with this privacy notice and in compliance with the relevant data protection Regulation and laws. This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data.

This policy is relevant to your use of the (“Company”) website and your relationship with the Company. This document also documents our data protection policy and the rights of individuals that the Company engages with (“Data Subjects”) in respect of personal data under the General Data Protection Regulation (“Regulation”). A ‘Data Subject’ may be an individual or an individual acting on behalf of a body corporate (i.e. a company director).

Please read them carefully as they affect your rights and liabilities under the law. If you do not agree to this Privacy Policy, please do not use the Company website or engage with us. If you have any questions on the Terms and Conditions, please contact us.

If you are seeking to instruct the Company for the provision of recruitment services, our standard terms and conditions shall apply.

General Data Protection Regulation (GDPR)

The General Data Protection Regulations defines “personal data” as any information relating to an identified or identifiable natural person (a data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

This Policy sets out the procedures that are to be followed when dealing with personal data. The procedures and principles set out herein must be followed at all times by the Company, its employees, agents, contractors, or other parties working on behalf of the Company.

What Information Do We Collect and How Is That Information Used?

The Company may collect your personal details including, but not limited to, your name and contact details including your e-mail address and any other relevant information with your express permission. This information is held, used and disclosed by us in the following ways until permission is withdrawn:

To continue to provide our services to you.
To maintain our business relationship throughout the lifetime of that relationship, where you are a client or user of our website, services.
To enable us to answer any queries you may have.
To market our products and services to you; to keep you updated on any relevant industry news; to update you on any events, promotions and competitions, reports and any other information we feel may be relevant or of interest to you. You retain the right to unsubscribe from such communications at any time.
To fulfil contractual obligations with you.
To enable the development and marketing of other products and services by company.
To continually improve our customer service efforts and to make our services more valuable to you.
The Company may also release personal information to regulatory or law enforcement agencies, if they require us to do so. We will also only disclose your information where we are permitted and requested to do so by law.
The Company will also seek your consent to collect, hold, use and disclose your personal information for any other purpose not listed above, but will continue to do so only if your permission is given and from which you understand you can withdraw permission.
If we are holding historic data about you or your company that no longer is of use or has any significance it will be deleted unless you have given consent, or there is some kind of legal obligation, to retain it.
Only members of the Company staff that need to have access to your information to carry out their normal duties will be allowed access to the information.
By law we have appointed a representative to oversee the application of our privacy policy. That representative is xxxx and any concerns over the retention, use or disclosure of your information should be addressed to them via our contact page.

How long do we hold personal data?

We retain personal data for as long as a candidate is active and for 1 year afterwards, unless required to retain for a longer period by UK Tax Law; if this is the case we will only retain your basic personal data (name, address and contact information).

Data Processing for Specific Purposes Only

The Company collects and processes the personal data set out in this Policy. This may include personal data received directly from Data Subjects (for example, contact details used when a data subject communicates with us).

The Company only processes personal data for the specific purposes set out in this Policy (or for other purposes expressly permitted by the Regulation). The purposes for which we process personal data will be informed to Data Subjects at the time that their personal data is collected, where it is collected directly from them, or as soon as possible (not more than one calendar month) after collection where it is obtained from a third party.

The Company will only collect and process personal data for and to the extent necessary for the specific purpose(s) informed to Data Subjects.

The Company shall ensure that all personal data collected and processed is kept accurate and up-to-date, so far as reasonably practicable. Where any inaccurate or out-of-date data is found, all steps will be taken without delay to amend or erase that data, so far as reasonably practicable.

The Company shall ensure that all personal data collected and processed is kept secure and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage.

Data Subjects may request that the Company ceases processing the personal data it holds about them. If a data subject makes such a request, the Company shall retain only the amount of personal data pertaining to that data subject that is necessary to ensure that no further processing of their personal data takes place.

Your Right to Access

The law states that you have the right at any time to ask us to share with you the information that we hold that you have supplied to us. If you make such a request we will ask you to verify your identity and possibly ask you to give us more information about such a request. We may need to charge a nominal fee for this service for administrative purposes. We will only refuse your request if we are legally permitted or required to do so. If this is the case then we will give you reasons for doing so. To make a request for information, please contact us.

Please be aware that you also have the right to ask the Company to stop using the information that you supplied us. Under the right to erasure you can also request for deletion of your file, although you should be aware that in some circumstances we may not be required or able to do so, particularly where your file also holds information about our clients or financial information that we need to keep for periods of up to six years; i.e. which relate to tax matters. If, under any circumstances, we cannot comply with your request for information we will provide a full explanation as to why this is so.

Deleting of Your Data

Data Subjects may request that the Company erases the personal data it holds about them in the following circumstances:

It is no longer necessary for the Company to hold that personal data with respect to the purpose for which it was originally collected or processed;
The data subject wishes to withdraw their consent to the Company holding and processing their personal data;
The data subject objects to the Company holding and processing their personal data (and there is no overriding legitimate interest to allow the Company to continue doing so).
The personal data has been processed unlawfully;
The personal data needs to be erased in order for the Company to comply with a particular legal obligation.

Unless the Company has reasonable grounds to refuse to erase personal data, all requests for erasure shall be complied with, and the data subject informed of the erasure, within one month of receipt of the data subject’s request (this can be extended by up to two months in the case of complex requests, and in such cases the data subject shall be informed of the need for the extension).

Right to Suspend or Cancel Your Registration

We may suspend or cancel your registration immediately at our reasonable discretion or if you breach any of your obligations under these Terms and Conditions.

You can cancel your registration at any time by logging onto the Company website through the “unsubscribe” link. The suspension or cancellation of your registration and your right to use the Company website shall not affect either party’s statutory rights or liabilities.

Data Subjects have the right to object to the Company processing their personal data based on legitimate interests (including profiling), direct marketing (including profiling).

Where a data subject objects to the Company processing their personal data based on its legitimate interests, the Company shall cease such processing forthwith, unless it can be demonstrated that the Company’s legitimate grounds for such processing override the data subject’s interests, rights and freedoms; or the processing is necessary for the conduct of legal claims.

Where a data subject objects to the Company processing their personal data for direct marketing purposes, the Company shall cease such processing forthwith.

Where a data subject objects to the Company processing their personal data for scientific and/or historical research and statistics purposes, the data subject must, under the Regulation, ‘demonstrate grounds relating to his or her particular situation’. The Company is not required to comply if the research is necessary for the performance of a task carried out for reasons of public interest.

Notification of a Data Breach

All personal data breaches must be reported immediately to the Company’s data protection officer.

If a personal data breach occurs and that breach is likely to result in a risk to the rights and freedoms of Data Subjects (e.g. financial loss, breach of confidentiality, discrimination, reputational damage, or other significant social or economic damage), the data protection officer must ensure that the Information Commissioner’s Office is informed of the breach without delay, and in any event, within 72 hours after having become aware of it.

In the event that a personal data breach is likely to result in a high risk to the rights and freedoms of Data Subjects, the data protection officer must ensure that all affected Data Subjects are informed of the breach directly and without undue delay.

Data breach notifications shall include the following information:

The categories and approximate number of Data Subjects concerned;
The categories and approximate number of personal data records concerned;
The name and contact details of the Company’s data protection officer (or other contact point where more information can be obtained);
The likely consequences of the breach;
Details of the measures taken, or proposed to be taken, by the Company to address the breach including, where appropriate, measures to mitigate its possible adverse effects.

Data Protection Principles

This Policy aims to ensure compliance with the Regulation. The Regulation sets out the following principles with which any party handling personal data must comply. All personal data must be:

Processed lawfully, fairly, and in a transparent manner in relation to the data subject;
Collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
Adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which they are processed, is erased or rectified without delay;
Kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the personal data is processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the Regulation in order to safeguard the rights and freedoms of the data subject;
Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Lawful, Fair and Transparent Data Processing

The Regulation seeks to ensure that personal data is processed lawfully, fairly, and transparently, without adversely affecting the rights of the data subject. The Regulation states that processing of personal data shall be lawful if at least one of the following applies:

The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract;
Processing is necessary for compliance with a legal obligation to which the controller is subject;
Processing is necessary to protect the vital interests of the data subject or of another natural person;
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Our Obligations

The Company shall ensure that the following measures are taken with respect to the collection, holding, and processing of personal data:

All employees, agents, contractors, or other parties working on behalf of the Company shall be made fully aware of both their individual responsibilities and the Company’s responsibilities under the Regulation and under this Policy, and shall be provided with a copy of this Policy;
Only employees, agents, sub-contractors, or other parties working on behalf of the Company that need access to, and use of, personal data in order to carry out their assigned duties correctly shall have access to personal data held by the Company;
All employees, agents, contractors, or other parties working on behalf of the Company handling personal data will be appropriately trained to do so;
All employees, agents, contractors, or other parties working on behalf of the Company handling personal data will be appropriately supervised;
The performance of those employees, agents, contractors, or other parties working on behalf of the Company handling personal data shall be regularly evaluated and reviewed;
All employees, agents, contractors, or other parties working on behalf of the Company handling personal data will be bound to do so in accordance with the principles of the Regulation and this Policy by contract;

Amendments

We may update our GDPR Privacy Policy from time to time for legal or regulatory reasons or to allow the proper operation of the Company website. We will make reasonable efforts to notify you of any changes. The changes will apply to the use of the Company website after we have given notice. If you do not wish to accept the new Terms and Conditions you should not continue to use the Company website. If you continue to use the Company website after the date on which the change comes into effect, your use of the Company website indicates your agreement to be bound by the new Terms and Conditions.