Global Tech Collective Ltd Privacy Policy
Purpose of this policy
This Privacy Policy explains how Global Tech Collective Ltd processes your personal data, in order to meet our obligations under the General Data Protection Regulation (Regulation (EU) 2016/679).
Global Tech Collective Ltd upholds the highest standards when processing your personal data. We only process your personal data in accordance with this Privacy Policy. If we process your data for any other reason, we will let you know. If you do not want us to process your personal data, then please do not provide it and confirm you do not want us to process your personal data.
When communicating with Global Tech Collective Ltd, we are likely to gather and record information about you so we can provide our services effectively. This Privacy Policy guides you through what personal data we may collect, or you provide to us, that is processed by us. It also lets you know how you can get in touch if you have any concerns or questions.
Please read the following carefully to understand how we process your personal data.
Who are we and what we do
We are Global Tech Collective Ltd with company number 11585005 of 57a Broadway, Leigh On Sea, Essex, England, SS9 1PE (‘Global Tech Collective Ltd’, ‘we’, ‘us’, ‘our’, and ‘ours’), and we process any personal data we hold about any of our data subjects (‘you’ and ‘your’).
Global Tech Collective Ltd is registered as a data controller with the Information Commissioner’s Office (ICO), with registration number: ZA541457
Global Tech Collective Ltd is a recruitment agency that provides contract and permanent recruitment services to its clients and candidates. We identify our clients’ requirements and match suitably skilled candidates, to either be engaged to provide services to those clients, or we introduce candidates for direct employment with clients. Therefore, in the day-to-day running of our business, we need to process personal data of all related individuals, whether they operate through a company or not.
What information do we collect
As a recruitment agency, the (electronic or hardcopy) information we collect includes:
Candidate/client/supplier/employee contact details, including: name, address, date of birth, email address, phone or mobile numbers, job title, other contact details such as website or Skype addresses, next of kin and emergency contact details.
Candidate work history, education, training, qualifications and skills, usually in the form of a CV.
Current/expected salary/rate, and pension and benefits information.
Confirmation of candidate identity, including date of birth, passport, or right to work documentation such as visas.
Information from third parties, such as references, opinions, or statements from a client about a candidate and, sometimes, background, credit reference, and criminal record checks.
Sensitive personal data you may share, such as medical history (including genetic or biometric data), race, gender, marital status and dependents, sexual orientation, philosophical or religious beliefs, political opinions, trade union membership.
Details about the business relationship between us, where you are a client or supplier.
Notes of any calls, correspondence, or meetings between you and us, including any business transactions.
Financial details, including bank details, national insurance number (where applicable), payroll records, and any information required for tax purposes, to make or receive payments.
Any marketing preferences you may have provided to us.
Sensitive data
We understand sensitive data creates more significant risks to a person’s fundamental rights and freedoms, and therefore we do not use sensitive personal data unless we have to, so please do not send it to us, unless you want us to process it. The exception to this is where sensitive data is used for the purpose of establishing a candidate’s suitability to a client role. Where this is the case, we will always inform you before any sensitive data is communicated to a client.
Where do we obtain your personal data
Directly from you, including information you provide via face-to-face meetings and telephone conversations (and any notes following a meeting or conversation), emails, or website application or registration.
A referral from a candidate, client, or supplier.
Through publicly available sources including corporate websites, online job boards, and social media sites such as LinkedIn. (If your personal data is received from a third party, we will let you know of the source at the first point we contact you.)
Providers of marketing lists and databases.
How we use your personal data
Personal data we collect from you is used for the purpose of providing our recruitment services, such as:
Matching candidate skills to client requirements, i.e. suitability for roles, such as through processing job applications, which may be stored in either electronic or hardcopy format.
Contacting candidates, clients, or suppliers, to help them through the recruitment process.
Carrying out background, credit reference, and criminal record checks, where required.
Recording any business transactions between us including all relevant administration, e.g. issuing of contracts to meet our obligations, processing of timesheets in order to make or receive payments, and keeping on file any compliance documentation or any role-specific information that is required.
Confirmation of your identity, address, and right to work.
Providing information to HMRC or ICO, and other professional advisors such as our insurers, accountants, auditors, or IT suppliers, where required.
Non-personally identifiable details of your website usage data and computer when you visit our website (please see Usage Data and Cookies section).
For secure data storage and back up.
For quality, training, and continual improvement purposes.
Information you voluntarily provide if you take part in any of our competitions and surveys, which are used for research or promotional purposes.
To supply you with articles, insight, news, jobs, relevant information and products we feel may be of interest to you, and to provide interactive features of our service that you choose to take part in.
To market and improve the services we offer to our clients and candidates, and to notify you about changes to our service.
The purpose and legal basis for processing your data
We process your personal data in accordance with the following lawful bases:
Legitimate interest: the main reason for our collection, use, processing, transferring, and disclosure of your personal data is for the purpose of providing our recruitment services to our candidates, clients and suppliers, letting them know about potential opportunities when they may arise. For the commercial feasibility of our business, the storage and exchange of personal data relating to our candidates and clients is an essential part of this process. When using this as a lawful basis to process your data, we will balance our legitimate interests against yours, taking into account if the provision of our services would cause unjustified harm to your rights and interests, and where they are likely to override our legitimate interests.
Legal obligation: as a recruitment agency, we are also required to meet, where necessary, certain legal or regulatory obligations; for example, we may be required to provide information about payments made or received to HMRC, or to prove our compliance with meeting our obligations under this Privacy Policy to the ICO.
Contract: where we intend to or have entered into a contract with you, we will need to process relevant personal data in order to fulfil our obligations under the agreement; for example, where processing will be necessary for the performance of a contract with you and we need to include such personal data in order to create and issue contracts to you, whether you are a candidate, client, or supplier.
Consent: where you have provided your specific consent for a purpose, we will process your personal data according to your instructions; for example, you may only want us to forward your details for a specific client or a specific role. Where you have provided us with sensitive personal information, we will ask your permission if we can forward it to a client. You can of course withdraw your consent at any time by letting us know, but please be aware we may have another lawful basis to process your data, i.e. contractual or legal obligation.
Where and how we store your personal data
Any personal data we collect from you will be transferred to, and stored by, a third-party database system with which we have contractual arrangements with. By submitting your personal data, you agree to this transfer, storing, and processing of your data. We will take all reasonable steps necessary to ensure your data is handled securely and in accordance with this Privacy Policy. Should you not wish us to process your data, then simply let us know.
Keeping your personal data secure
We take the safety and protection of your personal data very seriously and take all reasonable steps to ensure your data is protected. However, the transmission of information via the internet is never completely secure and therefore we cannot give an absolute guarantee as to the safety of data transmitted to our site or any third party.
Your data will only be accessed by our staff and third parties where authorised to do so. This will be in circumstances where access is required in order for us to effectively provide our services.
We will ensure appropriate organisational and technical measures are taken against any unauthorised or illegal processing of your personal data, including the accidental loss of or damage to it.
We have the technology, procedures to keep your personal data secure and safe from when we collect it, until it is no longer processed or required, or removed at your request.
Where we share your personal data with a third party, we will only make transfers where they too have appropriate technical and organisational measures to keep your personal data secure.
Data removal
We do not hold personal data for longer than we are required to do so. Generally, we hold information for six years from the last point of engagement. Where we are contractually obliged to do so, where we are required by law, or where your personal data indicates you have specialist skills likely to lead to an opportunity or engagement with one of our clients, we may hold information for longer.
If we believe your data is no longer of use to us, for example, if your skills are not appropriate to the services we offer, or where we feel your data is out of date, we will take steps to remove or update your information to ensure it is relevant and accurate in our third-party database.
You may request we remove or update your information as necessary (please see Your rights in relation to personal data).
If your data has not been accessed in 36 months, either through use of our services or where we have not contacted each other, relevant records will be archived as appropriate.
Where you do not wish to share your personal data with us
In order for us to meet our legal or contractual obligations, there may be occasions where we request personal data from you in order to provide our services.
In the event you do not wish to provide us with such personal data, please let us know. In such circumstances, it may mean that we are unable to continue to provide you with our recruitment services as the non-provision of such data may lead to a breach of contract we have with you or the party we are engaged with and you represent.
Data transfers outside of EEA
We may need to transfer your personal data outside of the European Economic Area (EEA) should one of our clients, candidates, or suppliers require such transfer, as we may be contractually obliged to do so in such circumstances. Where such information is to be transferred, we will incorporate the current standard contractual clauses adopted by the European Commission for the transfer of personal data by data controllers in the EEA to data controllers and processors in jurisdictions without adequate data protection laws, where there is an adequacy decision from the European Commission, or where there is appropriate data protection legislation in place (e.g. US Privacy Shield). Where there is no such adequacy decision, we will take appropriate steps as far is reasonably practicable to understand how the data will be processed, and, where we identify any risks, we will try to ensure your data is protected in line with any applicable data protection legislation.
Your rights in relation to personal data
Where we process data, we understand that you have certain rights listed as follows:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- Rights in relation to automated decision making and profiling.
- Right to be informed
Where you provide your personal data directly to us, we will communicate our Privacy Policy to you at the earliest opportunity or as soon as is reasonably practicable. We will usually do this at the first point we correspond with each other. Our usual format for this is via email where you will find a link to this to this Privacy Policy, which can also be found on our website.
Right of access
If you wish to receive a copy of personally identifiable data we store about you, this can be made available on request. To do this, please email hello@globaltechcollective.com and title your email ‘Data Subject Access Request’, including your name and contact details, and your reason for requesting a copy of the data we store about you. To ensure we are sending your personal data to you, we may need to contact you to verify your identity. Once we have verified your identity, we will supply you with a digital record of all your personal data as soon as we can, but in any event it will be within 30 days.
We will not charge you for supplying copies of your personal data in the first instance. However, in the event we find data subject access requests to be manifestly unfounded or excessive, particularly where repetitive, we will need to consider the effort required to handle such requests and charge a reasonable administrative fee.
Right to rectification
Where you feel the personal data we hold about you is inaccurate or incomplete, you have the right to advise us and we will rectify such data in accordance with your instructions. Please email hello@globaltechcollective.com and title your email ‘Data Rectification Request’. We will endeavour to action your request as soon as is reasonably practicable thereafter, and in any event within 30 days.
Right to erasure
If you no longer want us to process your personal data, we can remove your personally identifiable data from our databases on request. To do this please email hello@globaltechcollective.com and title your email ‘Data Erasure Request’, including your name, contact details, and reason why you no longer want us to process your data. To ensure we are sending your personal data to you, we may need to contact you to verify your identity. Once we have verified your identity, we will aim to erase all related personally identifiable data as soon as we can. We will aim to action your request within two working days, though we will contact you to let you know once completed.
Please note, we will need to store some basic information including your full name and basic contact details, which may include your email address or telephone number. This is in order to ensure we do not duplicate process and have a sufficient record to ensure we do not unnecessarily contact you or further process your personal data. Should you change your mind or require our services at a later date, simply let us know.
Right to restrict processing
If at any point you object to us using your data in a particular way, you have the right to suppress or block us from processing your data. For example, if you do not want us to use your data for marketing purposes, simply let us know.
You can exercise this right at any time: please email hello@globaltechcollective.com and title your email ‘Data Restriction Request’, including your name and contact details, the reason for your request, and how you want us to restrict the processing of your data. We will attempt to action your request as soon as is reasonably practicable thereafter, and in any event within 30 days.
Right to data portability
Where you have provided your data directly to us and it is processed by automated means, you have the right to receive personal data back from us in a structured machine readable format and, where you request (and if possible), we will transmit your personal data to another data controller. We will always try to facilitate such requests where it is technically feasible to do so.
Please note this right is only applicable where the processing is based on the individual’s consent or for the performance of a contract.
Should you wish to exercise this right at any time, please email hello@globaltechcollective.com and title your email ‘Data Portability Request’, including your name and contact details, and the reason for your request. Where possible, we will attempt to action your request as soon as is reasonably practicable to do so, and in any event within 30 days.
The right to object
In the event you object to our processing of your data, where we have identified that such processing is based upon legitimate interest and you believe there are no grounds for us to continue to process your data, then you have the right to object.
Should you wish to exercise this right at any time, please email hello@globaltechcollective.com and title your email ‘Data Objection Request’, including your name and contact details, and the reason for your request. We will attempt to action your request as soon as is reasonably practicable to do so, and in any event within 30 days.
Rights in relation to automated decision making and profiling
In the event we use automated decision-making software in the future, and if you disagree with any decision that affects you, you will have the right to object.
Should you wish to exercise this right at any time, please email hello@globaltechcollective.com and title your email ‘Automated Decision Clarification Request’, including your name and contact details, and the reason for your request. We will attempt to action your request as soon as is reasonably practicable to do so, and in any event within 30 days.
Additional comments in relation to your rights
While we understand your rights as detailed above and will assist you with them wherever possible, please note that we may continue to store, or otherwise use, your personal data, where we have a legitimate interest or a legal or contractual obligation to do so. Our processing in that respect will be limited to what is necessary to perform those interests or obligations.
We may also need to retain a record where we help you with any of the rights detailed above to keep a record of the request along with the action taken, so we can evidence our compliance, as well as ensure that where we receive your data in the future, i.e. from a third-party source, we will know that we should not process your data. Should you wish to change your mind at any point, simply contact us and we will be happy to help.
Usage data and cookies
Cookies are small text files that are downloaded onto your device when using the internet. They are intended to collect information about a user’s browsing habits, and make websites work more efficiently.
Accordingly, we may collect information about your computer, including (where available) your IP address, geographical location, operating system, and browser type. This will be for the purpose of system administration and the internal reporting of aggregate information. We may also collect and store usage data, including referral source, length of visit, page views, and website navigation paths, as well as information about the timing, frequency, and pattern of service use. Our usage data is monitored and handled by Google Analytics, where the data may be processed for the purposes of analysing the use of our website and services. We use such usage data to make improvements to our website and services. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual actions in particular.
Disclosure of your data to third parties
We will never rent or sell your data. We only share data we collect from you with third parties where:
You have specifically consented to us sharing your data with third parties.
You are using our services to seek an engagement or employment with one of our clients where the data will only be shared for the purpose of evaluating your suitability to the client’s role.
It is needed to provide a product or service you have requested from us.
We need to protect the rights, property, or safety of Global Tech Collective Ltd, our employees, clients, suppliers, or others, including the exchange of information with other organisations for the purposes of fraud protection and credit risk reduction.
We have a legitimate interest or a legal or contractual obligation to do so.
Our website (or emails we send) may contain links to and from websites of organisations we deal with including clients, suppliers, partner networks, advertisers, and associated affiliates. Please note, when using links to such third-party websites, they will have their own privacy and cookie policies, which you should familiarise yourself with. Global Tech Collective Ltd does not take any responsibility or accept liability for such third-party privacy and cookie policies. Please ensure you are happy with such third-party privacy policies before submitting your personal data to these third-party websites.
Changes to this policy
We may need to modify and update the terms of this Privacy Policy to comply with changes to the law or to match our product and service offerings. If a substantial or material change is made to this Privacy Policy and the way in which we intend to use your personal data, we will inform you by email.
Complaints
In the event you wish to make a complaint about the way your data is processed by us, we request that you email john@globaltechcollective.com in the first instance who will try to help resolve your query.
You do of course have the option to raise the matter with the ICO at any point where you feel we have not acted in accordance with this Privacy Policy.
Global Tech Collective Ltd
57a Broadway,
Leigh On Sea,
Essex,
England,
SS9 1PE