Blue Personnel Ltd Data Processing Policy

Privacy notice

GDPR has replaced the data privacy law, giving more rights to you as an individual; we are committed to safeguarding the privacy our customers, individuals and other website visitors. This privacy notice explains how we handle your personal data.
Blue Personnel Limited asks that you read the notice carefully and contact gdpr@bluepersonnel.com with any questions or concerns about privacy practices.

How we use your information

This privacy notice tells you what to expect when Blue Personnel Limited collects personal information. It applies to information we collect about:

• visitors to our websites
• people who email us, including suppliers and customers
• people who use our services, e.g. consultants or candidates who apply for employment/project positions/contract opportunities or send their CVs to us speculatively

 

Visitors to our websites
When someone visits www.bluepersonnel.com we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. This information is processed in a way that does not disclose visitor identity. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

People who email us

Blue Personnel will monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Suppliers and customers: Blue Personnel require a small amount of information from our suppliers and customers to ensure that things run smoothly. We need contact details of relevant individuals at your organisation so that we can communicate effectively. We also require information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).

People who use our services, e.g. consultants or candidates who apply for employment/project roles/contract opportunities or send their CVs to us speculatively
Blue Personnel are the data controller for the information provided during the process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us at gdpr@bluepersonnel.com.

Contact Data
Blue Personnel may collect your details from third-party sources such as LinkedIn, Jobsite, Monster or a similar website, this information may include your name, email address or telephone number. We may do this where we identify that you are suitable for an available vacancy. We may use the contact data to contact you to ask whether you would like us to provide you with recruitment services. Our use of the contact data in these circumstances is limited to making contact with you to determine whether you are interested in receiving our services. The legal basis for this processing is our legitimate interest as a business to maintain a viable talent pool.
What will we do with the information you provide to us?
All information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors.

We will use the contact details you provide to us to contact you to progress your application or for further suitable opportunities. We will use the other information you provide to assess your suitability for the role you have applied for.

What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes. The information we ask for is used to assess your suitability for employment or contract opportunities. You don’t have to provide what we ask for but it might affect your application if you don’t. 

If we make a conditional offer of employment or offer of engagement, we will ask you for information so that we can carry out pre-employment/engagement checks. You must successfully complete pre-employment/engagement checks to progress to a final offer. We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.

You will therefore be required to provide:
Photographic evidence of your identity
Proof of address
Proof of qualifications
A completed criminal records declaration declaring any unspent convictions.
A completed application for a Basic Criminal Record check via the Disclosure and Barring Service, or proof of current security clearances.
Contact details of referees

For opportunities involving a corporate to corporate relationship, we will also ask for details of your limited company; this does not constitute personal data.

Upon acceptance of a position:
Bank details – to process salary payments
Emergency contact details – so we know who to contact in case you have an emergency at work

People whose data we receive from candidates and staff, such as referees and emergency contacts: We use referees’ personal data to align our candidates with suitable opportunities. If we can verify their details and qualifications, we can make sure that they are well matched with prospective project work or specific clients. We use the personal details of a candidate’s or staff member's emergency contacts in the case of an accident or emergency affecting that candidate or member of staff.

How long is the information retained for?
We will only retain your personal data for as long as necessary to fulfil the purposes for which it has been collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your personal data are available by contacting gdpr@bluepersonnel.com.

By law we must keep basic information about all our commercial relationships (including Contact, Identity, Financial and Transaction Data) for six years post relationship for tax or other financial reporting purposes.

In some circumstances you can ask us to delete your data (Right to Erasure) see below for further information.

Your rights
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you.

Right to object: If we are using your data because we deem it necessary for legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.
 
Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, for profiling your suitability for certain positions), you may withdraw your consent at any time.
 
Data Subject Access Requests (DSAR): Just so it's clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or delete such information. At this point we may comply with your request or, additionally do one of the following:

• we may ask you to verify your identity, or ask for more information about your request; and
• where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.

Right to erasure: In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to "erase" your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data but will generally assume that you would prefer us to keep a note of your name on our register of individuals who would prefer not to be contacted. That way, we will minimise the chances of you being contacted in the future where your data is collected in unconnected circumstances. If you would prefer us not to do this, you are free to say so.

Right of data portability: If you wish, you have the right to transfer your data from us to another data controller. We will help with this - either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format. 

Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with your local supervisory authority – The Information Commissioner’s Office.

You can read more about these rights here:
https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/.

How do we safeguard your personal data?
We are committed to taking all reasonable and appropriate steps to protect the personal information that we hold from misuse, loss, or unauthorised access. We do this by having in place a range of appropriate technical and organisational measures. These include measures to deal with any suspected data breach. If you suspect any misuse or loss of or unauthorised access to your personal information please let us know immediately.

Complaints or queries
Blue Personnel tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information, is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects collection and use of personal information. However, we are happy to provide any additional information or explanation needed.
Any requests for this should be sent to gdpr@bluepersonnel.com

If you want to make a complaint about the way we have processed your personal information, you can contact us to discuss your concerns. If appropriate concerns can also be raised to the Information Commissioner’s Office (ICO) in their capacity as the statutory body which oversees data protection law – www.ico.org.uk.

Access to personal information
Blue Personnel tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:
give you a description of it
tell you why we are holding it
tell you who it could be disclosed to
should you ask, let you have a copy of the information in an intelligible form.

To make a request for any personal information we may hold you need to put the request in writing
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

If we do hold information about you, you can ask us to correct any mistakes.

Disclosure of personal information
In most circumstances we will not disclose personal data without consent.

Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 30 May 2018.

How to contact us
If you want to request information about our privacy policy you can email us or write to:
Blue Personnel Limited, Dial House, Govett Avenue, Shepperton, Middx, TW17 8AG
gdpr@bluepersonnel.com