Skip to content
invitise Logo
ISO 9001 Certified·
Cyber Essentials Certified·
REC Corporate Member·
Public Sector Framework Supplier·
UK Wide
LEGAL

Privacy Policy

invitise Ltd (including M-IFS and Right Matters) · Last updated 1 January 2026

What We Do

invitise Ltd provides contract, SOW, permanent, temporary, and interim recruitment and outcome solutions to clients seeking to recruit professional staff across a range of specialist areas.

invitise Ltd also operates:

  • Right Matters, a careers coaching and mentoring service initiative owned and delivered by invitise Ltd.
  • The Multi-Faith Inclusive Framework Standard (M-IFS), a workplace inclusion framework and assessment standard supporting organisations to demonstrate inclusive, faith-aware employment practices.

All services are delivered in line with applicable UK data protection law and invitise Ltd's ISO 9001 certified Quality Management System.

What Does This Policy Cover?

This Privacy Policy explains:

  • The types of personal data we collect about you
  • How and why we collect and use your personal data
  • How long we keep your personal data
  • When, why, and with whom we share your personal data
  • The legal basis we have for processing your personal data
  • Your rights and choices regarding your personal data
  • How we may contact you and how you can contact us

This Privacy Policy may be updated from time to time. Please check this page periodically to stay informed of any changes.

Who Are You?

We collect and process personal data from the following types of individuals:

  • Candidates (existing or prospective)
  • Clients (existing or prospective)
  • Users of our website
  • Referees or emergency contacts provided by candidates or staff
  • Suppliers to our organisation
  • invitise employees, contractors, or interim workers
  • Individuals and organisations engaging with Right Matters career coaching and mentoring services
  • Organisations applying for Multi-Faith Inclusive Framework Standard (M-IFS) accreditation

Who Is the Data Controller?

invitise Ltd is the Data Controller and determines the purposes and means of processing personal data.

  • Company No: 13345316
  • VAT No: 381151123
  • Head Office: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ
  • Contact No: +44 (0)345 163 0135
  • Email: hello@invitise.com
  • ICO Registration No: ZB058757

What Is Personal Data?

Personal data means any information relating to an identified or identifiable individual, including:

  • Names, contact details, and identifiers
  • Employment history, qualifications, and role information
  • CVs and application data
  • Special category data (e.g. health, religious belief, diversity information), processed only where lawful and necessary

Legal Basis for Processing Personal Data

We primarily rely on legitimate interests as our lawful basis for processing personal data, including in relation to:

  • Recruitment and talent services
  • Client and supplier relationship management
  • Website users and business contacts
  • Right Matters coaching and mentoring engagement
  • M-IFS framework engagement and assessments

Where required, we may also rely on contractual necessity, legal obligation, or explicit consent (e.g. for special category data). We carry out legitimate interest assessments where appropriate.

How We Use Your Data

For candidates and individuals:

  • Matching skills and experience with opportunities
  • Providing recruitment, coaching, mentoring, and career-related services
  • Personalising communications and support
  • Conducting eligibility and compliance checks

For clients and suppliers:

  • Managing contractual and commercial relationships
  • Resolving queries, disputes, or compliance matters
  • Ensuring operational security and continuity

For M-IFS engagement:

  • Reviewing organisational submissions and supporting documentation
  • Managing assessment, review, and framework-related processes
  • Maintaining records of engagement and compliance activity

Data Use Relating to M-IFS

The Multi-Faith Inclusive Framework Standard (M-IFS) is operated by invitise Ltd under an ISO 9001 certified Quality Management System. Personal and organisational data may be processed for framework engagement, assessment and review activity, and ongoing compliance and quality assurance. All data is processed in accordance with UK GDPR and invitise Ltd's internal policies.

Where We Source Personal Data

We may obtain personal data from direct interactions with you, publicly available sources (e.g. LinkedIn, job boards), referrals or third-party introductions, and reputable third-party data providers. Occasionally we may purchase data from reputable providers; such data is processed under legitimate interest, and individuals will be informed of their rights including the right to object or request deletion.

Data Retention Period

We retain personal data for as long as necessary to provide services, meet legal and regulatory obligations, and establish, exercise, or defend legal claims. Where no meaningful contact occurs over a reasonable period, data is securely deleted.

International Data Transfers

Personal data may be processed outside the UK or EEA only where an adequacy decision applies, or appropriate safeguards are in place (e.g. Standard Contractual Clauses).

Cookies and IP Address Policy

IP Addresses: Collected for system administration, security, and statistical analysis. They do not directly identify individuals.

Cookies: Used to improve website functionality and user experience. You can manage cookies through browser settings. Further guidance is available at allaboutcookies.org.

Marketing Communications

We may send recruitment, service-related, or professional communications where you have engaged with us professionally, or submitted a CV, enquiry, or application. Marketing is conducted under legitimate interests and soft opt-in rules, with a clear right to opt out at any time via email links or by contacting us directly.

Fees for Excessive Data Requests

We may charge a reasonable fee for manifestly unfounded, excessive, or repeated data requests.

Your Rights

You have the following rights concerning your personal data: be informed; access your data; rectify inaccurate data; request erasure (subject to legal obligations); restrict processing; data portability; object to processing (including marketing); and withdraw consent.

Complaints

If you have concerns about how your data is processed, please contact us at dataprotection@invitise.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

M-IFS is operated by invitise Ltd under a Quality Management System aligned with ISO 9001:2015. M-IFS™ is a trademark of invitise Ltd.

The 24-hour rule. Why slow Cyber Hiring is now a board risk. Cover and sample spreads of the invitise executive briefing.
New executive briefing · May 2026

The 24-hour rule. Why slow Cyber Hiring is now a board risk.

A 16-page invitise briefing for cyber, risk and people leaders. Why the hiring window has narrowed, what 24-hour mobilisation actually requires, and the four conditions that have to be true for next-morning on-site to mean something.

55%

of senior cyber roles take 6 months or longer to fill in the UK.

46 days

longer than other IT roles, senior cyber vacancies stay open.

68%

of large UK businesses now own cyber at board level.

We'll email you the PDF. No marketing list. See our privacy policy. Protected by Cloudflare Turnstile.