Recruitment | InvitISE | UK

Privacy Policy

 

What do we do?

InvitISE Ltd (“Invitise”) provides permanent, temporary and interim talent / recruitment services to clients seeking to recruit professional staff across a range of specialist areas.  

What does this policy cover?

InvitISE is committed to respecting your right to privacy. As such, this policy: 
·       sets out the types of Personal Data that we collect about you;
·       explains how and why we collect and use your Personal Data;
·       explains how long we keep your Personal Data for;
·       explains when, why and with whom we will share your Personal Data;
·       sets out the legal basis we have for using your Personal Data;
·       explains the effect of refusing to provide the Personal Data requested;
·       explains the different rights and choices you have when it comes to your Personal Data; and
·       explains how we may contact you and how you can contact us.

It is important to note that we may amend this Privacy Policy from time to time. Please visit this page if you want to stay up to date as we will post any changes here. 

Who are you?

We collect Personal Data from the following types of people (aka “Data Subjects”) to carry out our business. As such, you are likely to be one of the following: 
·       A candidate – either existing or prospective;
·       A client – either existing or prospective;
·       A user of our website;
·       A referee or emergency contact provided by our candidates or staff;
·       A supplier to our organisation; 
·       An InvitISE employee, a contractor or an interim worker.

Who is the Data Controller?

The Information Commissioner’s Office (ICO) recognises InvitISE as a Data Controller i.e. we determine the purposes and means of processing an individual’s Personal Data. InvitISE Ltd is a company registered in the UK:
·       Company No: 13345316
·       VAT No: 381151123
·       Head Office Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
·       Contact No: +44 (0)345 163 0135
·       Email: dataprotection@invitise.com
·       Information Commissioner’s Office certificate no: ZB058757

What is Personal Data?

Personal Data refers to any data that can identify you as a living individual. This can comprise of generic information which relates to a person who can be identified directly or indirectly (e.g. email and contact details, information held about that individual such as job role, comments and references). It can also include Sensitive Personal Data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data concerning an individual’s health, sex life or sexual orientation. Sensitive Personal Data must be protected to a higher standard than generic Personal Data. 

What legal basis do we have for using your information?

If you are a candidate, a client, a user of the InvitISE website, a referee or emergency contact, a supplier to InvitISE or an InvitISE employee, contractor or interim worker, the legal basis on which we rely for processing your information will be our legitimate interests. 

For candidates

In the majority of cases, we will be using your personal data to:
·       match your skills, experience and education with a potential employer
·       source potential opportunities or roles as part of our recruitment services
·       collate market information or trends including providing analysis to potential or actual clients
·       personalise your experience and our offering with appropriate content, whether via our website or otherwise
·       collect further information needed to assess your eligibility through the various stages of recruitment. 
·       for temporary workers we engage with on a contract in particular for those temporary workers we supply to London Borough Council’s; we will share your data with The London Fraud Hub (Cabinet Office) to prevent & detect fraud. The Cabinet Office runs the Fraud Hub.  
The Cabinet Office will be responsible for carrying out data matching exercises which allows potentially fraudulent claims and payments to be identified.  Where a match is found, it indicates that there is an inconsistency and further investigation is required.  No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.  The use of data by the cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014.  It does not require the consent of the individuals concerned under the Data Protection Act 2018. Data Matching by the Cabinet Office is subject to a code of practice.​ Further information on the National Fraud Initiative is available on the government’s website.

For clients and suppliers

We retain records of our dealings and transactions with you and where applicable, we use such records for the purposes of:
·       establishing compliance of contractual obligations; 
·       addressing any query or dispute that may arise (including establishing, exercising or defending any legal claims);
·       protecting our reputation;
·       maintaining a backup of our systems, with the purpose of being able to restore them to a particular point in the event of a system failure or security breach;
·       evaluating quality and compliance (including compliance with this Privacy Policy);
·       to provide you with networking opportunities and industry information.

From where do we source this Personal Data?

The following include the different sources from which we may collect your Personal Data: 
Directly from you. 
For example:
·       the information you provide to us while searching for a new opportunity 
·       the information provided to us during the different stages of the recruitment process. 
From an agent/third party acting on your behalf. 
For example:
·       a Contractor’s Ltd Company
Through publicly available sources. 
For example: 
·       LinkedIn 
·       Job Boards
·       CV databases
·       Data Marketing Companies 

·       your organisation’s website

By reference or word of mouth. 
For example:
·       you may be recommended by a friend, a former employer, a former colleague or even a present employer.

For how long do we retain your Personal Data?

We hold your data with a view to providing future recruitment services to you and to manage our business relationship with you.
 
We retain personal data for varying time periods in order to assist us in complying with legal and regulatory obligations, to enable compliance with any requests made by regulators or other relevant authorities and agencies, to enable us to establish, exercise and defend legal rights and claims, and for other legitimate business reasons. After this period, if no meaningful contact has been made, we will delete your data from our systems.  The only exception to this is where we have had meaningful contact with you, if we have placed you in a permanent or interim role, or if we believe (in good faith) that the relevant regulators and/or legal obligations requires us to keep it for longer.  Examples of “meaningful contact” includes (but is not necessarily Ltd to):
·       When we obtain your details via a third-party company (such as a CV database), meaningful contact is defined as any verbal or written communication between us and yourself;
·       If you are a Candidate who has applied for a job through our website or have submitted your CV to us by any other means, we will consider this to be meaningful contact; 
·       If there is two-way communication via verbal or written communication or through any of our marketing communications, we will also consider this to be meaningful contact. 

Your data can also be removed at any time by request.  

Is your personal data sent outside of the EEA?

Your personal data may be shared, stored and processed outside the European Economic Area (EEA). We will however only transfer your data outside the EEA to countries which the European Commission believes offer an adequate level of protection to you or where appropriate safeguards have been put in place to preserve the privacy of your data. 

What are your rights?

By law, you have a number of rights when it comes to your Personal Data. Further information and advice about your rights can be obtained from the Information Commissioner’s Office. 

What rights do you have in relation to the data we hold on you?

The right to be informed 

You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Policy.

The right of access

You have the right to obtain access to your information (if we are processing it), and certain other information (similar to that provided in this Privacy Policy). If you would like to make a request for information, please contact dataprotection@invitise.com.
This is so you are aware and can check that we are using your information in accordance with the GDPR.
 
The right to rectification

You are entitled to have your information corrected if it is inaccurate or incomplete. We will respond to such a request within 1 month.
 
The right to erasure

This is also known as ‘the right to be forgotten’ and in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
 
The right to restrict processing

You have the right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but cannot use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.

The right to data portability

You have the right to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT system and theirs safely and securely, without affecting its usability.

The right to object to processing

You have the right to object to certain types of processing, including processing for direct marketing (e.g. if you no longer want to be contacted with potential opportunities).

The right to lodge a complaint

You have the right to lodge a complaint about the way we handle or process your personal data with the ICO https://ico.org.uk.

The right to withdraw consent

If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.

We will continue to contact you regarding recruitment related services which we believe will be of interest to you.
The basis for these communications will be our legitimate interest and/or “soft opt-in” consent.
In the interests of clarity, a “soft opt-in” applies where you have previously either actively engaged with us:
1.     by submitting a job application/CV or
2.     by briefing us on a job vacancy.

We are permitted to market relevant products and services to you unless you inform us of your wish to opt out (which you are entitled to do at any stage).
Please note that should we receive any requests from you to erase data or stop processing your information, we may retain a record of such requests as well as the actions taken by us. This will serve as both evidence of our compliance to your request as well as enable us to take steps to curtail any future processing of your data should it be received again from a third-party source. 

It is our usual practice to provide information free of charge. However, we reserve the right to charge a reasonable fee in order to cover our administrative costs of providing the information for:
·       baseless or excessive/repeated requests, or
·       further copies of the same information.
Please consider your request responsibly before submitting it. We will respond as soon as is practicable. This will be within one month of the date when your request is received; however, in the event that the request is likely to take longer for any reason, we will inform you of the likely timeframe at the time. For any questions surroundings your rights or should you wish to exercise any of these rights, please contact dataprotection@invitise.com.   

Cookies and IP Address Policy

IP addresses

·       We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and as a consequence of the communications standards on the internet. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

Cookies

·       Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

Complaints

If you are unhappy about any aspect of the way in which your Personal Data is processed by us, in the first instance please contact us at dataprotection@invitise.com. This does not affect your right to make a complaint to the Information Commissioner’s Office https://ico.org.uk. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
 
This Policy was last updated on 27th November 2023