1. Information About Us
Our Site is owned and operated by Qualify Ltd, a limited company registered in England under company number 14083000.
Registered address: 3rd Floor, 86-90 Paul Street, EC2A 4NE, London, United Kingdom
Main trading address: 3rd Floor, 86-90 Paul Street, EC2A 4NE, London, United Kingdom
VAT number: 411 3418 44
We do not have a Data Protection Officer, but if you have any questions about this privacy notice or issues arising from it then you should contact Neil Marley, who is responsible for matters relating to data protection at our organisation, including any matters in this privacy notice. You can contact them using the details set out above.
We may issue you with other privacy notices from time to time, including when we collect personal information from you. This privacy notice is intended to supplement these and does not override them.
2. What Does This Policy Cover?
3. What Is Personal Data?
Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified.
Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
4. What Are My Rights?
Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:
b) The right to access the personal data we hold about you. Part 9 will tell you how to do this.
c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 10 to find out more.
d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. Please contact us using the details in Part 10 to find out more.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us using your personal data for a particular purpose or purposes.
g) The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
h) The right to data portability. This means that, if you have provided personal data to us me directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
i) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 10.
It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves however, so please contact us first, using the details in Part 10.
5. What Personal Data Do You Collect and How?
We collect personal data from or about you in a variety of ways:
· Information you supply to us directly, such as your name, job title, contact details (email, address, telephone number), information about your business/employer, experience and qualifications etc – including when you register to receive our email newsletter updates, make an online enquiry, apply for a job, or establish a business relationship.
· Information received from other sources – including information we receive about you from third parties such as employment references and website visits for the purposes of applying for a job and improving your user experience when visiting our Site respectively.
Our Site collects certain information automatically, including your IP address, the type of browser you are using, and certain other non-personal data about your computer or device such as your operating system type or version, and display resolution.
We use technical methods such as cookies to collect this information. Please see the ‘Cookies’ section below for further information.
The lawful basis under the Data Protection Legislation that allows us to use such information is article 6(1)(f) of the UK GDPR which allows us to process personal data when it is necessary for the purposes of our legitimate interests, in this case, the proper operation and functionality of Our Site. If you contact us as described above, you will be required to consent to our use of your personal data to contact you. In this case, our lawful basis for using your personal data will be article 6(1)(a) of the UK GDPR, which allows us to use your personal data with your consent for a particular purpose or purposes.
6. How Do You Use My Personal Data?
We use this information in a variety of ways including:
· To provide you with information, products or services that you request from us, or which we think may interest you;
· For the purposes of seeking qualified candidates for our recruitment activities;
· To manage and further our business relationships and contracts with our clients and suppliers and to receive services from our suppliers;
· To produce management information and create reports to assist with future marketing; and
· For statistical, research, business and product development purposes.
We only keep your information for as long as is necessary to fulfil the purposes for which we originally collected it. We also retain personal data for so long as we consider it necessary for the purposes of complying with our legal or contractual obligations including those relating to our statutory and regulatory obligations and our financial, business or tax affairs. To determine the appropriate retention period for your personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and the applicable legal requirements.
Please note that, unless required to fulfil a contractual commitment to you, we do not accept any obligation to you to retain any or all of your personal data and we may delete it from our systems at any time.
7. How and Where Do You Store My Data?
We may store some or all of your personal data in countries outside of the UK. These are known as “third countries”. We will take additional steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation as follows:
We will only store or transfer personal data in or to countries that are deemed to provide an adequate level of protection for personal data. For further information about adequacy decisions and adequacy regulations, please refer to the Information Commissioner’s Office.
Personal data security is essential to us and to protect personal data we take the following measures:
· limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
· procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so;
8. Do You Share My Personal Data?
We may contract with third parties for hosting and data storage purposes.
If any of your personal data is transferred to a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above in Part 7.
If any personal data is transferred outside of the UK, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation, as explained above in Part 7.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
9. How Can I Access My Personal Data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 10. This is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
10. How Do I Contact You?
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details (for the attention of Neil Marley):
Email address: email@example.com.
Telephone number: +44 (0) 203 475 3374
Postal Address: 3rd Floor, 86-90 Paul Street, EC2A 4NE, London, United Kingdom
The following types of cookies may be used on the Website:
All Cookies used by and on our Site are used in accordance with current Cookie Law.
Before Cookies are placed on your computer or device, you will be shown a prompt requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of our Site may not function fully or as intended.
Certain features of our Site depend on Cookies to function. Cookie Law deems these Cookies to be “strictly necessary”. These Cookies are shown in the table below. Your consent will not be sought to place these Cookies, but it is still important that you are aware of them. You may still block these Cookies by changing your internet browser’s settings as detailed below, but please be aware that our Site may not work properly if you do so. We have taken great care to ensure that your privacy is not at risk by allowing them.
The first-party Cookies that are placed on your computer or device: are shown here.
In addition to the controls that we provide, you can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all Cookies or only third-party Cookies. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.
You can choose to delete Cookies on your computer or device at any time, however you may lose any information that enables you to access Our Site more quickly and efficiently including, but not limited to, login and personalisation settings.
It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.
Data controller: Qualyfi Ltd
During the recruitment process, Qualyfi Ltd (the Company) collects and processes personal data relating to job applicants.
The Company is committed to being clear and transparent about how it collects and uses that data and to meeting its data protection obligations.
2. What information does the Company collect and process?
The Company collects and processes a range of personal information (personal data) about you. Personal data means any information about an individual from which the person can be identified. This includes:
The Company collects this information in a variety of ways during the application and recruitment process. For example, data may be contained in application forms and CVs, obtained from identity documents, such as your passport and collected through interviews, online tests and assessment tests.
In some cases, the Company collects personal data about you from third parties, such as references supplied by former employers, information from employment background check providers and information from criminal records checks permitted by law.
Data is stored in a range of different places, including on your application record, in the Company's HR management systems and in other IT systems (including the Company's email system).
3. Why does the Company process personal data?
The Company needs to process data prior to entering into a contract with you. We also need to process data to enter into an employment contract with you and to meet our obligations under that employment contract.
In addition, the Company needs to process data to ensure that we are complying with our legal obligations. For example, we are required to check an employee's entitlement to work in the UK before employment begins.
The Company has a legitimate interest in processing personal data during the recruitment process and in keeping records of that process. Processing such data from job applicants enables the Company to manage the recruitment process, assess the suitability of candidates and make informed decision as to whom we wish to recruit. The Company may also have to process data from job applicants in order to defend legal claims.
The Company processes health information if we need to make reasonable adjustments to the recruitment process for candidates with a disability.
For certain positions, it is necessary to carry out criminal records checks to ensure that individuals are permitted to undertake a particular role.
4. If you fail to provide personal information
You are under no obligation to provide the Company with data during the recruitment process. However, if you do not prove certain information when requested, the Company may not be able to process your application for employment properly or at all.
You are under no obligation to provide information for equal opportunities monitoring purposes and there are no consequences for you if this information is not provided.
5. Automated decision-making
Other than your right to work in the UK, you will not be subject to decisions that will have a significant impact on you based solely on automated decision making.
6. For how long do you keep data?
The Company will only hold your personal data for as long as is necessary to fulfil the purposes for which we collected it. If your application for employment is unsuccessful, the Company will hold your data on file for a period of one year after the end of the recruitment process. At the end of that period, your data is deleted or destroyed.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and we shall issue a new privacy notice which sets down the periods for which your data will be held.
7. Who has access to data?
Your information will be shared internally for the purposes of the recruitment process, including with members of the senior leadership team and interviewers.
The Company will not share your data with third parties unless we make you an offer of employment. In those circumstances, the Company shall share your data with third parties where required by law and where it is necessary in order to administer the working relationship with you or where we have another legitimate interest in doing so. The Company will then share your data with former employers to obtain references about you.
We ordinarily collect, process and store personal data in the UK or within the EEA (and reserve the right to continue to do so, where legally permitted, following any withdrawal of the UK from the EU). However, as we operate on a global basis, it may also be necessary to transfer your information to recipients located anywhere around the world. As such we may transfer some of your information to our third-party service providers based outside the European Economic Area (“EEA”) that may include countries which do not have as developed data protection laws. If we transfer your data to the United States of America, we will endeavour to only send the data to companies which are Privacy Shield registered and certified, and we will always ensure that we have put in place appropriate safeguards for the protection of your personal data, as required by the GDPR, before transferring it outside of the EEA.
8. How does the Company protect data?
The Company takes the security of your data seriously. The Company has internal policies and controls in place to prevent your data being lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.
However, since the internet is not a completely secure environment, we cannot ensure or warrant the security of any information you transmit to us. There is no guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. Please note that emails, instant messaging, and similar means of communication with other users of the Website are not encrypted, and we strongly advise you not to communicate any confidential information through these means.
9. Your rights
As a data subject, you have a number of rights. You can:
If you believe that the Company has not complied with your data protection rights, you have the right to make a complaint to the Information Commissioner’s Office.