Privacy Policy

Privacy policy

 

The Company is a recruitment business which provides work-finding services to its clients and work-seekers. The Company must process personal data (including sensitive personal data) so that it can provide these services – in doing so, the Company acts as a data controller.

 

You may give your personal details to the Company directly, such as on an application or registration form or via our website, or we may collect them from another source such as a jobs board. The Company must have a legal basis for processing your personal data. For the purposes of providing you with work-finding services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement.

 

  1. Collection and use of personal data

 

  1. Purpose of processing and legal basis

 

The Company will collect your personal data (which may include sensitive personal data) and will process your personal data for the purposes of providing you with work-finding services. The legal bases we rely upon to offer these services to you are:

 

  • Consent
  • Legitimate interest
  • Legal obligation
  • Contractual obligation

 

  1. Legitimate interest

 

Where the Company has relied on a legitimate interest to process your personal data our legitimate interests is/are as follows:

 

  • The agency provides work-finding services for individuals seeking work

 

  1. Recipient/s of data

 

The Company will process your personal data and/or sensitive personal data with the following recipients:

  • Clients of the agency who offer work opportunities both on a temporary and on a permanent basis. This would normally confined to EEA recipients although may be expanded with your consent.

 

  1. Statutory/contractual requirement

 

Your personal data is required by law and/or a contractual requirement (e.g. our client may require this personal data), and/or a requirement necessary to enter into a contract. You are obliged to provide the personal data and if you do not the consequences of failure to provide the data are:

 

  • Our inability to offer you the opportunity of work

 

  1. What Data Do We Collect?

Depending upon your use of Our Site, We may collect some or all of the following personal and non-personal data:

  • name;
  • date of birth;
  • gender;
  • business/company name
  • job title;
  • profession;
  • contact information such as email addresses and telephone numbers;
  • demographic information such as post code, preferences, and interests;
  • details entered on Our detailed registration form or Our web based registration form
  • CV details
  • Psychometric or similar testing results
  • References information
  • Interview notes
  • Academic and professional qualification certificates
  • Bank, tax and NI details for payroll processing
  • Sensitive personal data in cases where a signed consent has been given by you.
  1. Overseas Transfers

The Company may transfer only the information you provide to us to countries outside the European Economic Area (‘EEA’) for the purposes of providing you with work-finding services or for computer software and cloud storage purposes. We will take steps to ensure adequate protections are in place to ensure the security of your information. The EEA comprises the EU member states plus Norway, Iceland and Liechtenstein.

 

The transfer of personal data to a country outside of the EEA shall take place only if one or more of the following applies:

  1. The transfer is to a country, territory, or one or more specific sectors in that country (or an international organisation), that the European Commission has determined ensures an adequate level of protection for personal data;
  2. The transfer is to a country (or international organisation) which provides appropriate safeguards in the form of a legally binding agreement between public authorities or bodies; binding corporate rules; standard data protection clauses adopted by the European Commission; compliance with an approved code of conduct approved by a supervisory authority (e.g. the Information Commissioner’s Office); certification under an approved certification mechanism (as provided for in the Regulation); contractual clauses agreed and authorised by the competent supervisory authority; or provisions inserted into administrative arrangements between public authorities or bodies authorised by the competent supervisory authority;
  3. The transfer is made with the informed consent of the relevant data subject(s);
  4. The transfer is necessary for the performance of a contract between the data subject and the Company (or for pre-contractual steps taken at the request of the data subject);
  5. The transfer is necessary for important public interest reasons;
  6. The transfer is necessary for the conduct of legal claims;
  7. The transfer is necessary to protect the vital interests of the data subject or other individuals where the data subject is physically or legally unable to give their consent; or
  8. h) The transfer is made from a register that, under UK or EU law, is intended to provide information to the public and which is open for access by the public in general or otherwise to those who are able to show a legitimate interest in accessing the register

 

  1. Data retention

 

The Company will retain your personal data only for as long as is necessary. Different laws require us to keep different data for different periods of time.

 

The UK Conduct of Employment Agencies and Employment Businesses Regulations 2003, require us to keep work-seeker records for at least one year from (a) the date of their creation or (b) after the date on which we last provide you with work-finding services.

 

We must also keep for 6 years your payroll records, holiday pay, sick pay and pensions auto-enrolment records for as long as is legally required by the Isle of Man Tax Authorities and associated national minimum wage, social security and tax legislation.

 

Where the Company has obtained your consent to process your personal/and sensitive personal data we will do so in line with our retention policy. Upon expiry of that period the Company will seek further consent from you. Where consent is not granted the Company will cease to process your personal data/and sensitive personal data.

  1. Your rights

Please be aware that you have the following data protection rights:

 

  • The right to be informed about the personal data the Company processes on you;
  • The right of access to the personal data the Company processes on you;
  • The right to rectification of your personal data;
  • The right to erasure of your personal data in certain circumstances;
  • The right to restrict processing of your personal data;
  • The right to data portability in certain circumstances;
  • The right to object to the processing of your personal data that was based on a public or legitimate interest;
  • The right not to be subjected to automated decision making and profiling; and
  • The right to withdraw consent at any time.

 

Where you have consented to the Company processing your personal data/and sensitive personal data you have the right to withdraw that consent at any time by contacting the data protection officer.

  1. Automated decision-making

An individual has the right not to be subjected to an automated decision making process, including profiling, that produces a legal effect or a similarly significant effect on the individual.

 

However, it is possible to subject an individual to automated decision making processes, including profiling, where:

 

  1. It is necessary for entering into or performance of a contract between the employer and the individual;
  2. It is authorised by law; or
  3. The individual has given their explicit consent.

 

Where a) and c) apply the Company will ensure that suitable measures are in place to safeguard the individual’s rights and freedoms and legitimate interests, under both Data Protection Laws and the Human Rights Act 1998, before this type of processing occurs for personal data.

 

Where a) to c) apply the Company will only process sensitive personal data where the Company has received either the explicit consent to do so or there is a substantial public interest to do so. Again the Company will ensure that suitable measures are in place to safeguard the individual’s rights and freedoms and legitimate interests, under both Data Protection Laws and the Human Rights Act 1998, before this type of processing occurs for sensitive personal data.

 

  1. Other sources

 

Where data is not collected from you personally we will make available to you the source(s) of such data.

 

  1. Complaints or queries

 

If you wish to complain about this privacy notice or any of the procedures set out in it please contact: the data protection officer.

You also have the right to raise concerns with Information Commissioner’s Office or at https://www.inforights.im, or any other relevant supervisory authority should your personal data be processed outside of the IOM, if you believe that your data protection rights have not been adhered to.

 

What is a cookie?

A cookie is a small text file created by the web server and saved on your PC’s hard drive. The next time you visit the web site the web server will check to see if you have this cookie. If you do, the web server will be able to read its contents.

If you do not want to receive cookies or if you would prefer to be prompted first you should check the settings in the ‘Internet Options’ of your web browser. If you are not sure on how to check or alter these setting you should contact your software provider or support engineer.
What is aggregate information?
Aggregate information is used to show us the total number of visits to our web site and which parts of the site are used the most. Aggregate information does not identify individuals, as is does not contain any personal data. This information helps us in developing our web site and improving the service we offer you.
Use and disclosure of personal information
Your information and personal data is not disclosed, sold or shared with any other organisations.
Some information is held and processed by our Internet Service Provider, but it is only held and processed for and on our behalf and under our instruction.

Further information

If you have any questions, please contact Hamblin at dpo@hamblin.co.im

Security notice

Please remember that Internet communications are not secure unless the data being sent is encrypted.
Hamblin cannot guarantee the privacy of any information or accept any responsibility for the unauthorised access by a third party and/or the corruption of data being input on this site or sent to us on the Internet.
Any information, communications, or material you transmit to this website by electronic mail or otherwise, including data, questions, comments, or suggestions will be treated as non-confidential and non-proprietary and will become the property of Hamblin.

Further information

If you have any questions, please contact Hamblin at dpo@hamblin.co.im

Copyright information

Content

All materials contained in this website are copyright of Hamblin Limited, unless otherwise specified.

The content within or downloadable from this site is for informational purpose only, and subject to change without notice.

You may not modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer, or sell any information, software, products or services obtained from the website without the written permission from Hamblin Limited.

Further information

If you have any questions, please contact Hamblin at dpo@hamblin.co.im