The Data ControllerThe Company is a recruitment business which provides work-finding services to its clients and work-seekers. The Company must process personal data (including sensitive personal data) so that it can provide these services – in doing so, the Company acts as a data controller. Optic Group is the data controller for any personal information you supply to us in relation to enquiries about our products, services and when registering as a client or a candidate. Our full postal address is: Optic Group 6 St Pauls Court, Stony Stratford, Milton Keynes, Buckinghamshire, MK11 1LJ Email Address: firstname.lastname@example.org Data Protection Officer: Claire Tapp
What We CollectOptic Group may collect your personal and sensitive personal data such as your name, address, date of birth, contact details, e-mail address obtained from your CV. You may give your personal details to the Company directly, such as on an application or registration form or via our website, or we may collect them from another source such as a jobs board including but not limited to: Car Design News, JobServe, Jobsite, and LinkedIn. The Company must have a legal basis for processing your personal, we will only use your personal data in accordance with the terms of the following statement.
Purpose of processing and legal basisThe Company will collect your personal data (which may include sensitive personal data) and will process your personal data for the purposes of providing you with work-finding services and/or information relating to roles relevant to you. The legal bases we rely upon to offer these services to you are:
- Legitimate Interest
- Consent is collected from data subjects and can be given through the consent data form via our website.
- Consent can be withdrawn by contacting the Data Protection officer using the contact details provided in this policy.
- Consent is renewed after 12months of holding personal data unless it is withdrawn within that period.
b. Legitimate interestWhere the Company has relied on a legitimate interest to process your basic personal data our legitimate interests is/are as follows: As reasonably expected by a job seeker, the legitimate interests of the company to hold basic data (non-sensitive) on file with regards to the contact details and work history of data subjects with a view to keep communication channels in pursuance of the general business processes and notification when suitable positions become available.
Recipient(s) of dataThe Company will not process your data with any third party without prior discussion and consent provided to do so.
Statutory/Contractual requirementYour personal data is not required as part of a statutory and/or contractual requirement, and/or a requirement necessary to enter into a contract
What We Use Your Information ForThe Company will use the data you have supplied to help you obtain the best service for you. We also require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record-keeping.
- We may use the information to improve our services to you.
- To contact you via email, SMS or phone, about vacancies we believe you may be interested in.
- Maintain our business relationship, where you are a user of our website as a client or candidate.
- To assess data about you against vacancies which we believe may be suitable for you.
- To send your information to clients for potential jobs or to assess suitability for the role. We will obtain consent before presenting your details to a client.
- To enable you to submit your CV for general applications, to apply for specific roles or to subscribe to our job alerts which we believe may be of interest to you.
- Where we do so, you will be able to unsubscribe at any time from receiving any further communications from us.
- To fulfil contractual obligations with our clients.
- To third parties where we have retained them to provide services that we, you or our client have requested including references, qualifications and criminal references checking services (as required), verification of the details you have provided from third party sources, psychometric evaluations or skills test. These third parties comply with similar undertakings of privacy and confidentiality as Optic Group.
- We may also release your personal information to regulatory or law enforcement agencies, if they require us to do so by law.
- We may share Data with banks and financial Institutions.
How long do we keep your information for?The Company will retain your personal data only for as long as is necessary. Different laws require us to keep different data for different periods of time. The Conduct of Employment Agencies and Employment Businesses Regulations 2003, require us to keep work-seeker records for at least one year from (a) the date of their creation or (b) after the date on which we last provide you with work-finding services. We must also keep your payroll records, holiday pay, sick pay and pension auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security and tax legislation. Where the Company has obtained your consent to process your personal data we will do so in line with our retention policy which is available on request from the data protection Officer. Upon expiry of that period the Company will seek further consent from you. Where consent is not granted the Company will cease to process your personal date. We will only retain your data for as long as there is either a statutory requirement for us to do so or to be able to provide a service to you. This will usually require us to retain your personal data for a period of 5 years after any business relationship has ended for accounts and records purposes and to deal with any account support questions.
SecurityWe are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. Our services are all hosted from a datacentre within the EEA. We undertake regular vulnerability scans of our website and services to ensure your data is safe. Only authorised employees will have access to your data for the purposes specified in this privacy statement. We make sure that your data is only accessed for legitimate purposes by people who are facilitating your best interests.
Links to other websitesThis privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit. Your rights to your information You can object to withdraw your consent to the use of your personal information at any time. This may affect the services we are able to supply you. Where Optic Group is the data controller you are entitled to the following subject to some legal exemptions:
- The right to be informed about the personal data the Company processes on you;
- The right of access to the personal data the Company processes on you;
- The right to rectification of your personal data;
- The right to erasure of your personal data in certain circumstances;
- The right to restrict processing of your personal data;
- The right to data portability in certain circumstances;
- The right to object to the processing of your personal data that was based on a public or legitimate interest;
- The right not to be subjected to automated decision making and profiling; and
- The right to withdraw consent at any time.