Who are we?
Secure Source Ltd, 3 Barnfield Crescent, Exeter, EX1 2UE We provide executive search and recruitment services to clients looking to recruit personnel for their businesses.
What does this Policy cover?
We at Secure Source take your personal data seriously. This policy:
- sets out the types of personal data that we collect about you
- explains how and why we collect and use your personal data
- explains how long we keep your personal data for
- explains when, why and with who we will share your personal data
- sets out the legal basis we have for using your personal data
- explains the effect of refusing to provide the personal data requested
- explains the different rights and choices you have when it comes to your personal data; and
- explains how we may contact you and how you can contact us.
What personal data do we collect about you?
We collect the information necessary to be able to find available opportunities and further information needed to assess your eligibility through the different stages of recruitment. This information includes CV’s, identification documents, educational records, work history, employment and references.
We may also collect sensitive personal data about you This information is not requested by Secure Source and is not categorised or recorded internally, however it may be present on information sent through to us in the form of a CV or email.
Sensitive personal data’ is defined as personal data consisting of information relating to the data subject with regard to racial or ethnic origin; political opinions; religious beliefs or other beliefs of a similar nature; trade union membership; physical or mental health or condition; sexual life; the commission or alleged commission by the data subject of any offence; or any proceedings for any offence committed or alleged to have been committed by the data subject, the disposal of such proceedings or the sentence of any court in such proceedings.
Where do we collect personal data about you from?
The following are some of the different sources we may collect personal data about you from:
- Directly from you. This is information you provide while searching for a new opportunity and/or during the different recruitment stages [or coaching, where relevant].
- Through publicly available sources. We use the following public sources amonst other publicly availabile online data:
- Job Sites
- By Reference or word of mouth. For example, you may be recommended by a friend, a former employer, a former colleague or even a present employer.
How and why we use your personal data?
We use your personal data to match your skills, experience and education with a potential employer. We will initially collect basic information on you such as contact details, job role and experience and then pass this on to the client in search of personnel. If Secure Source selects you to be sent to the client and go through to the next stage we will then be collecting more information from you at the interview (or equivalent) stage and onwards in that manner. We always gain permission from the candidate before passing any details to a client.
How long do we keep your personal data for?
We keep your information in accordance as follows:
Candidate data: 5 years from last contact
Client contact details: 5 years from last contact
Who do we share your personal data with?
Your personal data is shared with the client who initiates a search for personnel. The search for which you are considered, to ascertain if you are a good fit for the available position. We work with companies involved within the Cyber security and Security cleared arena, supporting them with executive level and specialist hiring, throughout the world. We ALWAYS provide candidates with details on which clients we are sending their details to and NEVER send a CV to a client without a candidates permission.
We only share details to relevant clients that work within the wider security scope which can fit with many different sectors.
What legal basis do we have for using your information?
For prospective candidates, interim managers, referees and clients, our processing is necessary for our legitimate interests in that we need the information in order to be able to assess suitability for potential roles, to find potential candidates and to contact clients and referees.
If you are shortlisted as a candidate [or if you are coached by us], then this may involve the processing of more detailed personal data including sensitive data such as health information that you or others provide about you. In that case we always ask for your consent before undertaking such processing.
We carry out a ‘balancing test’ to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing. We keep a record of these balancing tests. You have a right to and can find out more about the information in these balancing tests by contacting us using the details below.
For clients, we may also rely on our processing being necessary to perform a contract for you, for example in contacting you.
What happens if you do not provide us with the information we request or ask that we stop processing your information?
If you do not provide the personal data necessary or withdraw your consent for the processing of your personal data, we may not be able to match you with available job opportunities.
Do we make automated decisions concerning you?
No, we do not carry out automated profiling.
Do we transfer your data outside the EEA?
To better match your employee profile with current opportunities we may transfer your personal data to clients and partners in countries outside the EEA. These countries privacy laws may be different from those in your home country. Where we transfer data to a country which has not been deemed to provide adequate data protection standards we always have security measures and approved model clauses in place to protect your personal data. To find out more about how we safeguard your information as related to transfers contact us on GDPR@secure-source.com
What rights do you have in relation to the data we hold on you?
By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country.
Rights – What does this mean?
- The right to be informed – You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.
This is so you’re aware and can check that we’re using your information in accordance with data protection law.
- The right to rectification – You are entitled to have your information corrected if it’s inaccurate or incomplete.
- The right to erasure – This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
- The right to restrict processing – You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
- The right to data portability – You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
- The right to object to processing – You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
- The right to lodge a complaint – You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
- The right to withdraw consent – If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
- baseless or excessive/repeated requests, or
- further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
Contact & Communication
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.
Although this website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
How will we contact you?
We may contact you by phone, email or social media. If you prefer a particular contact means over another, please just let us know.
How can you contact us?
If you are unhappy with how we’ve handled your information, or have further questions on the processing of your personal data, contact us at – Secure Source Ltd, 3 Barnfield Crescent, Exeter, EX1 2UE or GDPR@secure-source.com
v.1.1 Mar 2018 Edited & customised by: Secure Source Ltd. Registered in England and Wales under number 07577751
Registered office at: Ground Floor 3 Barnfield Crescent, Exeter EX1 1QT