Privacy Policy
1.Introduction:
TechStream Group are committed to protecting the privacy of our candidates, clients and users of our website. We want to provide a safe and secure user experience.
We will ensure that the information you submit to us via our website or through any of our offices or through other group members (CyberStream, CloudStream, EarthStream and AutoStream) or international websites or offices is only used for the purposes set out in this policy.
TechStream Group is a recruitment business which provides work-finding services to its clients and work-seekers. TechStream Group must process personal data (including sensitive personal data) so that it can provide these services – in doing so, TechStream Group act as a data controller.
You may give your personal details to TechStream Group directly, such as on an application or registration form or via our website, or we may collect them from another source such as a jobs board. For the purposes of providing you with work-finding services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement.
2.At a glance:
This Policy explains when and why we collect personal information about people who enquire about roles we advertise. The policy also explains how we use that information, the conditions under which we may disclose information to others and how we keep personal information secure.
At TechStream Group Limited we’re committed to protecting and respecting your privacy and are transparent in everything we do. We may change this Policy from time to time so please check this page to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.
3Who is the controller of the data that you provide to us?
TechStream Group is the data controller for the purposes of the Data Protection Act 2018 and the General Data Protection Regulations (GDPR). We ensure that the data you supply to us is processed
fairly and lawfully, and with skill and care and used only for the purposes set out in this policy.
The Company collect your personal data (which may include sensitive personal data) and will process your personal data for the purposes of providing you with work-finding services. The legal bases we rely upon to offer these services to you are:
·Consent
·Legitimate interest
·Legal obligation
·Contractual obligation
4What type of data will we collect?
We will collect data about you, bothpersonal data(such as your name and contact details) andsensitive personal data(such as information in your CV). Depending on the relevant circumstances and applicable local laws and requirements, we may collect some or all of the information listed below to enable us to offer you employment opportunities which are tailored to your circumstances and your interests. In some jurisdictions, we are restricted from processing some of the data outlined below. In such cases, we will not process the data in those jurisdictions.
·Name;
·Age/date of birth;
·Birth number;
·Sex/gender;
·Photograph;
·Marital status; details;
·Education details;
·Employment history;
·Professional qualifications;
·Emergency contacts and details of any dependants,
·Referee details;
·Immigration status (whether you need a work permit);
·Nationality/citizenship/place of birth;
·A copy of your driving licence and/or passport/identity card;
·Financial information (where we need to carry out financial background checks);
·Social security number (or equivalent in your country) and any other tax-related information;
·Diversity information including racial or ethnic origin, religious or other similar beliefs, and physical or mental health, including disability-related information;
·Details of any criminal convictions if this is required for a role you are applying for;
·Details about your current remuneration, pensions and benefits arrangements, Information on your interests and needs regarding future employment, both collected directly and inferred, for example from jobs viewed or articles read on our website;
·Extra information that you choose to tell us;
·Extra information that your referees chooses to tell us about you;
·Extra information that our clients may tell us about you, or that we find from other third-party sources such as job sites;
·The dates, times and frequency with which you access our services; and CCTV footage if you attend our premises.
5Lawful Basis for Collecting Data
a)The lawfulness ofprocessingconditions forpersonal dataare:
Consent of the individual for one or more specific purposes.
Processingis necessary for the performance of a contract with the individual or in order to take steps at the request of the individual to enter into a contract.
Processingis necessary for compliance with a legal obligation that the controller is subject to.Processingis necessary to protect the vital interests of the individual or another person.
Processingis necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in thedata controller.
Processingis necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of the individual which require protection ofpersonal data, in particular where the individual is a child.
b)The lawfulness ofprocessingconditions forsensitive personal dataare:
Explicitconsent of the individual for one or more specified purposes, unless reliance onconsentis prohibited by EU or Member State law.
Processingis necessary for carrying out data controller’s obligations under employment, social security or social protection law, or a collective agreement, providing for appropriate safeguards for the fundamental rights and interests of the individual.
Processingis necessary to protect the vital interests of the individual or another individual where the individual is physically or legally incapable of givingconsent.
In the course of its legitimate activities, processingis carried out with appropriate safeguards by a foundation, association or any other not-for-profit body, with a political, philosophical, religious or trade union aim and on condition that the processingrelates only to members or former members (or those who have regular contact with it in connection with those purposes) and provided there is no disclosure to a third party without theconsentof the individual.
Processingrelates to personal datawhich are manifestly made public by the individual.
Processingis necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.
Processingis necessary for reasons of substantial public interest on the basis of EU or Member State law which shall be proportionate to the aim pursued, respects the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and interests of the individual.
Processingis necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of EU or Member State law or a contract with a health professional and subject to the necessary conditions and safeguards.
Processingis necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of healthcare and of medicinal products or medical devices, on the basis of EU or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the individual, in particular professional secrecy.
Processingis necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, which shall be proportionate to the aim
pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard fundamental rights and interests of the individual.
6How do we use your personal data?
The personal data and sensitive personal data will be stored, processed, used and disclosed by us in the following ways.
·Provision of services and account management:
·To provide our recruitment services to you and to facilitate the recruitment process
·To assess data about you against vacancies which we judge may be suitable for you
·To send your information to clients to apply for jobs or assess your eligibility for jobs
·To answer your questions and enquiries
·To pay you for employment related goods and services
·To use your information on an anonymised basis to monitor compliance with our equal opportunities policy
·To carry out our obligations arising from contracts entered into between you and us
·From time to time we may seek your consent to process, use or disclose your information for any other purpose not listed above.
7How do we share your personal data?
TechStream Group may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process products and send you mailings). These third parties may include:
·We use third party service providers to provide a recruiting software system.
·We also share your personal data with other third-party service providers that may assist us in recruiting talent, administering and evaluating pre-employment screening and testing, and improving our recruiting practices.
·To third parties where we have retained them to provide services that we, you or our client have requested including references, qualifications, credit and criminal reference checking services.
·To third parties, regulatory or law enforcement agencies if we believe in good faith that we are required by law to disclose it in connection with the detection of crime, the collection of taxes or duties, in order to comply with any applicable law or order of a court of competent jurisdiction, or in connection with legal proceedings.
We may also pass your information to, or allows access to such information to the TechStream Group of companies (CloudStream, EarthStream, CyberStream and AutoStream) whose locations can be found atwww.techstreamgroup.comin order that they may use your personal information in the same way as we process, use and disclose your information as described above. We reserve the right to transfer your information to a third party in the event of a sale, merger, liquidation, receivership or transfer of all or substantially all the assets of our company, provided that the third party agrees to adhere to the terms of this Privacy Policy and provided that the third party only uses your Personal Data for the purposes that you provided it to us. You will be notified in the event of any such transfer and you will be afforded an opportunity toopt-out.
8How do we safeguard your personal data?
Data security is of great importance to TechStream Group and to protect your Data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collected via this Website. Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password, which enables you to access certain parts of our websites, you are responsible for keeping this password confidential.We ask you not to share your password with anyone.
9How long do we keep your personal data for?
We will hold your data for no longer than it is required and in accordance with our data retention and disposal policy. We will use reasonable endeavours to ensure that your Personal Data is maintained and up to date. We rely on you to inform us of all changes to your Personal Data to ensure that it is up to date and we will update or delete your Personal Data accordingly.
The Conduct of Employment Agencies and Employment Businesses Regulations 2003 require us to keep work-seeker records for at least one year from (a) the date of their creation or (b) after the date on which we last provide you with work-finding services.
We must also keep your payroll records, holiday pay, sick pay and pensions auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security
and tax legislation.
Where the Company has obtained your consent to process your personal and sensitive personal data, we will do so in line with our retention policy. Upon expiry of that period the Company will seek further consent from you. Where consent is not granted the Company will cease to process your personal data and sensitive personal data.
10How do we access/amend your personal data?
The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you.
In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at:gdpr@techstreamgroup.com
You have the right to ask for a copy of the information we hold about you.
If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter. Our Data Protection Officer details are as
follows:
Data Privacy Advisory Service
E:mailto:mdpo@dataprivacyadvisory.com
Tel: 01392 914019
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
11How
do we store and transfer your personal data?
Data, which we collect from you, may be stored and processed in and transferred to countries outside of the European Economic Area (EEA). For example, this could occur if our servers are located in a country outside the EEA or one of our service providers is situated in a country outside the EEA. We also share information with our group companies, some of which are located outside the EEA. These countries may not have data protection laws equivalent to those in force in the EEA.
If we transfer Data outside the EEA in this way, we will take steps with the aim of ensuring that your privacy rights continue to be protected as outlined in this privacy policy. You expressly
agree to such transfers of Data.
12What are cookies and how are they used?
Like many other websites, TechStream Group website uses cookies. Cookies are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to store your
country preference. This helps us to improve our website and deliver a better more personalised service. It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our website.
13Profiling
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you.
We may make use of additional information about you when it is available from external sources to help us do this effectively.We may also use your personal information to detect and reduce fraud and credit risk.
14Links to other websites
Our website may contain links to other websites within our group, this privacy policy applies to our Group.If there are links to other organisations, then our privacy policy only applies to the TechStream Group‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if
you access them using links from our website.
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend
that you check the policy of that third-party site.
15Service improvements:
·To ensure that content from our site is presented in the most effective manner for you;
·To administer our site and for internal business administration and operations, including
·Troubleshooting, data analysis, testing, research, statistical and survey purposes;
·To notify you about changes to our service;
·As part of our efforts to keep our site safe and secure
16Consent - Your individual rights
Please be aware that you have the following data protection rights:
·The right to be informed about the personal data the Company processes on you;
·The right of access to the personal data the Company processes on you;
·The right to rectification of your personal data;
·The right to erasure of your personal data in certain circumstances;
·The right to restrict processing of your personal data;
·The right to data portability in certain circumstances;
·The right to object to the processing of your personal data that was based on a public or legitimate interest;
·The right not to be subjected to automated decision making and profiling; and
·The right to withdraw consent at any time.
The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change your
email address, or any of the other information we hold is inaccurate or out of date, please contact us at:gdpr@techstreamgroup.com.
17Complaints or Queries
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO). Details can be found here:https://ico.org.uk/concerns.
18Changing and reviewing this Privacy Policy
TechStream Group reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations.
We keep this Policy under regular review. This Policy was last updated in August 2019.
You may contact TechStream Group Ltd by email atinfo@techstreamgroup.com
Any questions regarding our privacy policy should be sent to our DPO, Nigel Gooding at info@dataprivacyadvisory.com.
You may contact the GDPR team for TechStream Group Ltd by email atgdpr@techstreamgroup.com