Privacy & GDPR

Communicate Group (Metamorphic) Privacy Notice Policy

Communicate (“We”) is a recruitment business which provides recruitment and work-finding services to its clients. Communicate must process personal data so that it can provide these services and in doing so we act as a “data controller.”

A “data controller” means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in the privacy notice.

This notice informs you of how we protect your personal data and informs you about your legal rights when we obtain your personal data, in accordance with the new General Data Protection Regulation (GDPR). This notice does not act or form part of any contract to provide you with recruitment or workfinding services.

• Who is the Data Protection Officer at Communicate? For more information and/or to exercise any of your rights at any time you can contact our Data Protection Officer, Imogen Paul (“our Data Protection Officer”) on imogen.paul@communicaters.com

• Legal basis for processing my personal data? Communicate holds and processes personal data by obtaining your written or verbal consent wherever possible. We can also hold and process your personal data under a ‘legitimate interest.’ A ‘legitimate interest’ is where there is some good commercial reason for processing your personal data, for example where you have uploaded your personal data to a jobs board and we use this data for the purposes of securing you an interview or job. We will only use your personal data in situations where the law allows us to.

• What personal data do you hold? The categories of personal data we may collect and process are including but not limited to:

o your identity (name, gender, address, date of birth and marital status);

o evidence of right to work in the UK;

o contact information;

o professional experience and employment history;

o education history, skills and other qualifications;

o salary information;

o details of disabilities;

o unspent criminal/motoring convictions.

The holding of this data is required for us to ensure that you are suitable for opportunities being managed by us. We hold this data for the purposes of providing you with work-finding services and/or information relating to roles relevant to you.

• Who will you share my data with? We will share your personal data with clients and sometimes third parties associated with those clients, but only with your permission. We will take steps to make sure that your personal data is adequately protected when passed to our clients or third parties and we may require the recipient to sign a contract confirming that they are compliant with the GDPR. Your data will not be shared outside of the EEA unless for a specific opportunity and with your express permission.

• How will you use my data? We will only use your data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. For example, future job adverts via email around relevant job opportunities. Should you wish to opt-out at any time please contact our Data Protection Officer.

• Where do you find candidate data? You may give your personal details to us directly, such as on an application or registration form or via our website, or we may collect them from another source where your information is available, such as a jobs board database (Reed, Gaap Web, Careers in Audit, Taxation Jobs, Exec Appointments) and/or social media sites, such as, LinkedIn and Twitter.

• Where do you store my data? Communicate uses Bullhorn Inc. (a Customer Relationship Management Company) to manage and store data. Bullhorn uses a cloud database where all data is uploaded onto the cloud system and stored within the UK. We also use an outsourced IT provider to manage our IT systems, with information stored on a Communicate server within the UK. Both the CRM and IT provider that we use are bound by a data privacy and confidentiality contract.

• What about sensitive data? Special category data is personal data which is of a sensitive nature. These include, but are not limited to:

o race;

o ethnic origin;

o politics;

o religion;

o trade union membership;

o health;

o sexual orientation.

"Special categories" of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data. We may process special categories of personal information in the following circumstances:

o In limited circumstances, with your explicit written consent.

o Where we need to carry out our legal obligations or exercise rights in connection with employment.

o Where it is needed in the public interest, such as for equal opportunities monitoring

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public.

• How long will you store my data? Communicate will retain your personal data for as long as necessary in order to fulfil our obligations to you. If you no longer require the services of Communicate we will keep your personal data on file for as long as necessary pursuant to all and any relevant legislation at the time. Upon expiry of that period we will seek further consent from you. Where consent is not granted the Company will cease to process your personal data.

• How do you protect candidate data? Communicate are dedicated as a company to protecting and respecting your privacy and the data you supply to us. Communicate use various security measures such as effective firewalls and anti-virus programs which are monitored daily by our IT support team which enables us to protect the data we store. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. All our data security measures are available upon request from our Data Protection Officer.

• What rights do I have? You have the right to:

o Be informed about the collection and use of your personal data;

o A right of access to copies of any information that may be considered to have been compromised in your personal data;

o A right to object to decisions being taken by automated means;

o A right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed; and

o A right to claim compensation for damages caused by breach of the GDPR or any relevant Data Protection Law at time to time in force.

You also have the right to raise concerns with Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/concerns/, or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.

• Does this site use cookies? The Site uses “cookies” and other tracking technologies to ensure the best possible experience for the user.

• What are cookies and tracking technologies?

o Cookies are pieces of information stored in your hard drive by the web server of the visited website. The server provides the browser with a cookie to save. They are used to make browsing the internet an easier experience. Cookies do not contain any information that personally identifies you, but personal information that we store about you may be linked, by us, to the information stored in and obtained from cookies. For more information about cookies, please see the Interactive Advertising Bureau’s website: http://www.allaboutcookies.org.

o Tracking technologies include web beacons/GIFs, pixels, page tags and scripts. Emails and mobile apps may contain small transparent image files or lines of code to record how you interact with them. This information is used to help website and app publishers better analyse and improve their services. In this Policy, cookies and tracking technologies are collectively referred to as “cookies”.

• How do we use cookies?

o “Strictly necessary” cookies. We use some cookies for purposes which are strictly necessary for your use of the Site. These may include, for example, cookies which remember your preferences and settings; which remember information that you may enter online (so that it does not have to be re-entered every time you move to another page); or which keep you logged in to portals that we may offer where you wish this to happen.

o Performance cookies. Where you have permitted the use of performance cookies, we use Ignite CMS to analyse the use of the Site. Ignite CMS generates statistical and other information about website use by means of cookies, which are stored on users' computers. These cookies collect information such as your IP address or other identifiers, browser information, and information about the content you view and interact with to record how you use the Site. The information generated helps us to know how many users we have, which parts of the Site are most popular, what browsers are used (so we can maximize compatibility), the country or region where our users are located, and the demographics and interests of our users. This enables us to better understand who is using the Site and to improve how we present content.

• How do you manage cookies? When you first visit the Site you will be presented with a banner which offers you a choice about whether to accept or reject cookies of different types, with the exception of those cookies which are strictly necessary for a particular service. If you wish to amend your choice at any time, you can do so by clearing your browser cache. If you wish, you can also choose how web browser cookies are handled by your device via your browser settings. Some devices allow you to control this through your device settings. If you choose not to receive cookies at any time, websites may not function properly and certain services will not be provided. Each browser and device is different, so check the settings menu of the browser or device to learn how to change your settings and cookie preferences.