Privacy Policy

Telfer Partners Ltd Privacy Policy

 

Introduction

Telfer Partners (“TP”, “we”, “us”) is committed to protecting the privacy of our candidates, clients and users of our website.  This Privacy Policy sets out how we will process any personal data that we collect from you or that is provided to us.

All activity on www.telferpartners.com (our website) is logged and monitored to help keep personal information secure and to ensure that TP complies with its obligations under the Data Protection Act 1998 (the DPA) and, from May 2018, the General Data Protection Regulations 2018 (the GDPR).

By using our website or any of our services, you agree to your personal information being used and disclosed in the manner set out in this Policy.

Our principles

TP will adhere to the following principles in relation to the processing of your personal data:

  • We will only collect and use your information where we have lawful grounds and legitimate business reasons to do so;
  • We will be transparent in our dealings with you and tell you how we’ll collect and use your information;
  • If we collect your information for a particular purpose we'll only use it for that purpose, unless you’ve been otherwise informed and given your permission where relevant;
  • We won’t ask for more information than we need for the purposes for which we’re collecting it;
  • We will update our records when you tell us that your details have changed;
  • We will periodically review your personal information to ensure we don’t keep it for longer than is necessary;
  • Where appropriate, we'll ensure that your information is securely disposed of at the end of the appropriate retention period;
  • We will observe your rights under applicable privacy and data protection laws and will ensure that queries relating to privacy issues are dealt with promptly and transparently;
  • We will train our staff on their privacy obligations;
  • We will ensure we have appropriate physical and technological security measures to protect your information regardless of where it’s held.

Our legal bases for processing your data

TP processes your data when it is in our legitimate interest to do this and when these interests are not overridden by your data protection rights. 

The information that we collect and how we use it

TP may collect your personal details, including, but not limited to, your name and contact details and other relevant information from your CV. 

This personal data will be stored, processed, used and disclosed by us in the following ways:

  • To provide our recruitment services to you;
  • To maintain our business relationship with you, where you are a candidate, client or user of our website;
  • To enable you to submit your CV or apply online for jobs.  Please see separate section on your CV below which outlines additional uses and disclosures;
  • To assess data about you against vacancies where we believe you hold the relevant skills and experience;
  • To send your information (including CV) to our clients - this means that where you have agreed to be put forward for a job role, we may pass your details on to the relevant client to proceed with the application and you understand that this means you may receive further direct correspondence from them;
  • To keep you updated;
  • To answer your questions and enquiries;
  • To fulfil contractual obligations with our clients;
  • To trusted third parties where we have retained them to provide services that we, you or our clients have requested including reference, qualification and criminal reference checking services, verification of the details you have provided from third party sources, psychometric evaluations or skills tests;
  • To third parties who perform functions on our behalf and who also provide services to us, such as professional advisors and IT consultants carrying out testing and development work on our business technology systems;
  • We may also release personal information to regulatory or law enforcement agencies, if they require us to do so.  We will also disclose your information where we are permitted and requested to do so by law;
  • To carry out our obligations arising from any contracts entered into between you and us; and
  • From time to time we may seek your consent to process, use or disclose your information for any other purpose not listed above.

Curriculum vitae (“CV”)

  • TP gives you the option of submitting your CV via our website or by providing your CV to one of our Researchers or Consultants.  You can do this either to apply for a specific advertised job role or for consideration by one of our Consultants for positions as and when they arise.  Your CV will be stored in our database, and will be accessible by members of our team.
  • You can update your CV at any time, simply by following the same procedure to submit a new CV. 

 

Security

Once we’ve received your information, we'll use appropriate procedures and security features to try to prevent unauthorised access.

Unfortunately, the transmission of information via the internet isn’t completely secure. Although we endeavour to protect your personal data, we can't guarantee the security of data transmitted over the internet. Any transmission of data is at your own risk.

We may monitor the use and content of emails, calls and secure messages sent from and received by us so that we can identify and take legal action against unlawful or improper use of our systems. The main examples of unlawful or improper use are attempting to impersonate TP, the transmission of computer viruses and attempts to prevent this website or its services from working.

 

Passing on information about you to third parties

To operate effectively as a business we may need to pass your information on to selected and trusted third parties. The third parties we may share information with are:

  • our clients for recruitment purposes;
  • third-party processors;
  • any third party to whom we may need to disclose personal information in order to comply with our legal, regulatory and statutory obligations (e.g. a request from a law enforcement agency); and
  • any third party where you’ve given your consent.

Please be assured that when we outsource any processes we ensure that any supplier or contractor has adequate security measures in place.

How long we hold information about you

We are required by law to hold your information for as long as is necessary to comply with our statutory and contractual obligations and in accordance with our legitimate interests as a data controller.

We will use reasonable endeavours to ensure that your personal data is maintained and up to date. If we have not had any contact with you (or, where appropriate, the company you are working for or with) for three years (or for such longer period as we believe in good faith that the law or relevant regulators require us to preserve your data), we will make contact with you and will update or delete your data as appropriate.

How can you access, correct your information and withdraw consent?

One of the GDPR's main objectives is to protect and clarify the rights of EU citizens and individuals in the EU with regards to data privacy. This means that you retain various rights in respect of your data, even once you have given it to us. These rights are as follows:

  • Right to object 
  • Right to withdraw consent 
  • Data Subject Access Requests (DSAR)  
  • Right to erasure
  • Right to restrict processing
  • Right to rectification 
  • Right of data portability
  • Right to lodge a complaint with a supervisory authority

More detail about these rights can be found in Appendix A.  To get in touch about these rights, please contact us using the contact details at the end of this Policy. We will seek to deal with your request without undue delay, and in any event within one month (subject to any extensions to which we are lawfully entitled).

It is important that the personal information we hold about you is accurate and current.  Please keep us informed if your personal information changes during the period for which we hold your data.

Third party sites

Our website may, from time to time, contain links to and from third-party websites, including those of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies. We don’t accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

 

Changes to the policy

We regularly review this policy and update it from time to time.  Please therefore review this policy periodically for changes. 

 

Contact

If you have any questions about this Policy or would like to exercise your rights with respect to your personal data, please contact us by email: enquiries@telferpartners.com or write to: Telfer Partners, Milton Hall, Milton Hall, Ely Road, Milton, Cambridge, CB24 6WZ, United Kingdom.



Appendix A

 

Right to object: this right enables you to object to us processing your personal data where we do so for one of the following four reasons: (i) our legitimate interests; (ii) to enable us to perform a task in the public interest or exercise official authority; (iii) to send you direct marketing materials; and (iv) for scientific, historical, research, or statistical purposes.

 

If your objection relates to us processing your personal data because we deem it necessary for your legitimate interests, we must act on your objection by ceasing the activity in question unless:

- we can show that we have compelling legitimate grounds for processing which overrides your interests; or

- we are processing your data for the establishment, exercise or defence of a legal claim.

 

Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, for our marketing arrangements), you may withdraw this consent at any time and we will cease to carry out the particular activity that you previously consented to unless we consider that there is an alternative reason to justify our continued processing of your data for this purpose (in which case we will inform you of this condition).


Data Subject Access Requests (DSAR): You may ask us to confirm what information we hold about you at any time, and request us to modify, update or delete such information. We may ask you to verify your identity and for more information about your request.  If we provide you with access to the information we hold about you, we will not charge you for this unless your request is "manifestly unfounded or excessive".  If you request further copies of this information from us, we may charge you a reasonable administrative cost where legally permissible.  Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so. 
  

Right to erasure: You have the right to request that we erase your personal data in certain circumstances. Normally, the information must meet one of the following criteria:

- the data is no longer necessary for the purpose for which we originally collected and/or processed it;

- where previously given, you have withdrawn your consent to us processing your data, and there is no other valid reason for us to continue processing it;

- the data has been processed unlawfully (i.e. in a manner which does not comply with the GDPR);

- it is necessary for the data to be erased in order for us to comply with our legal obligations as a data controller; or

- if we process the data because we believe it necessary to do so for our legitimate interests, you object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.

 

Right to restrict processing: You have the right to request that we restrict our processing of your personal data in certain circumstances. This means that we can only continue to store your data and will not be able to carry out any further processing activities with it until either: (i) one of the circumstances listed below is resolved; (ii) you consent; or (iii) further processing is necessary for either the establishment, exercise or defence of legal claims, the protection of the rights of another individual, or reasons of important EU or Member State public interest.

 

The circumstances in which you are entitled to request that we restrict the processing of your personal data are:

- where you dispute the accuracy of the personal data that we are processing about you. In this case, our processing of your personal data will be restricted for the period during which the accuracy of the data is verified;

- where you object to our processing of your personal data for our legitimate interests. Here, you can request that the data be restricted while we verify our grounds for processing your personal data;

- where our processing of your data is unlawful, but you would prefer us to restrict our processing of it rather than erasing it; and

- where we have no further need to process your personal data but you require the data to establish, exercise, or defend legal claims.


Right to rectification: You also have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort.  Where appropriate, we will also tell you which third parties we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.

 

Right of data portability: If you wish, you have the right to transfer your personal data between data controllers. In effect, this means that you are able to transfer your TP account details to another online platform. To allow you to do so, we will provide you with your data in a commonly used machine-readable format that is password-protected so that you can transfer the data to another online platform. Alternatively, we may directly transfer the data for you. This right of data portability applies to: (i) personal data that we process automatically (i.e. without any human intervention); (ii) personal data provided by you; and (iii) personal data that we process based on your consent or in order to fulfil a contract.

 

Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with your local supervisory authority.