Our Commitment to Privacy
Austin Fraser is committed to protecting the privacy of our users and clients and your privacy is important to us. This Privacy Notice is intended to inform you how we gather, define and utilise your information. This policy applies to all information provided by you or collected by us on our website, or in any other way (such as by email, telephone or social media). We will process your personal information in accordance with the applicable data protection law and in accordance with this notice.
What information we collect about you
When you visit Austin Fraser’s website or contact us by email or telephone you may choose to provide us with personal information, for example your name, address, company name, private and corporate email address and phone number, financial information, compliance documentation and references verifying your qualifications and experience and your right to work in the United Kingdom, curriculum vitae and photograph, links to your professional profiles available in the public domain e.g. LinkedIn, Twitter, business Facebook or corporate website. This includes information you provide when you register to use our site, enter our database, apply for job vacancy, subscribe to our services, register for our events, participate in discussion boards, roundtable events or other social media functions on our site, for example, enter a competition, promotion or survey. If you communicate with us by email we may retain the content of your email messages together with your email address and our responses.
We may also obtain information about you from other sources such as LinkedIn, Xing, corporate websites, job board websites, online CV libraries, your business card, personal recommendations, and possible referrals. In such cases we will inform you by sending you a privacy notice, within 30 days of collecting the data, advising that we hold personal information about you, letting you know the source of the personal information and whether it was from publicly accessible sources, and for what purpose we intend to retain and process your personal information..
When you visit our website, we may also automatically collect additional such as the server your computer is logged onto and your browser type. We use such information only to assist us in providing an effective service (e.g. to adapt our website to the needs of your end user device or to allow you to log in to our website).
How we use your personal information and the legal basis for processing
As a recruitment business we introduce candidates to clients for permanent employment, temporary worker placements or independent professional contracts. The exchange of personal information of our candidates and our client contacts is a fundamental, essential part of this process.
We maintain a database of relevant personal information of prospective and engaged candidates and clients containing historical information as well as current resourcing requirements, in order to:
- support candidates’ career aspirations throughout their career and support our clients’ resourcing needs and strategies
- carry out our obligations arising from any contracts we intend to enter into or have entered into between you and us and to provide you with the information, products and services that you request from us or we think will be of interest to you because it is relevant to your career or to your organisation.
- provide you with information about other goods and services we offer that are similar to those that you have already purchased, been provided with or may have enquired about.
Our legal basis for the processing of personal information is our legitimate business interests pursuant to Art. 6 (1) sent.1, lit. f GDPR, described in more detail above, although we will also rely on contract pursuant to Art. 6 (1), sent. 1 lit. b GDPR, legal obligation pursuant to Art. 6 (1), sent. 1 lit. c and consent for specific uses of data pursuant to Art. 6 (1), sent. 1 lit. a GDPR.
- We will rely on contract if we are negotiating or have entered into a contract to provide services to, or receive services from you or your organisation.
- We will rely on legal obligation if we are legally required to hold information on you, e.g. by tax law.
We will, in some circumstances, rely on consent for particular uses of your data, Art. 6 (1) sent. 1 lit. a GDPR. Examples of when consent may be the lawful basis for processing include permission to introduce you to a client (if you are a candidate).
Should you apply for a job with Austin Fraser or for one of clients via a job advert we have placed, you may provide us with information about yourself, including educational and employment background; job or career interest data; benefit choices; and other information by answering questions or providing profile information about your career. The legal bases for this processing activity are Art. 6 (1) sent. 1 lit. a GDPR or Art. 6 (1) sent. 1 lit. b GDPR in case you apply for a job with Austin Fraser. Job applications are supported and managed using third party services that are also connected to our website and database.
The personal information automatically collected while visiting our website is necessary for us to provide the website, Art. 6 (1) sent- 1 lit. b GDPR.
Just so you are aware our online recruitment systems do not use Automated Decision Making tools to assess the suitability of applicants but we utilise the skills and experience of our consultants to assess your capability and experience.
However, we ask that you do not send us or disclose any sensitive personal information (for example, social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through our websites or via any other means.
We do not collect or compile personal information for distribution or sale to outside parties for consumer marketing purposes, or host mailings on behalf of third parties.
Data Controller and contact information
Austin Fraser Ltd (a company registered in England under registration number 05684470 and with its registered address at Floor 11, Thames Tower, Station Road, Reading RG1 1LX) is the data controller of any personal information collected through the Austin Fraser web site.
If you have any questions, concerns or issues around how we use and manage your personal information, please get in touch at email@example.com.
Disclosure of your personal information
We may disclose your personal information to other companies in the Austin Fraser group, or to third party service partners and clients, or to government bodies and law enforcement agencies where we are legally required to do so. Although and as a result your personal information may be transferred by them to countries outside the EEA and countries that do not have laws that provide specific protection for personal information. We will seek to mitigate this risk wherever possible by ensuring relevant third party business partners are bound by formal data processing agreements.
The carefully selected third parties we partner with include:
- clients for the purpose of introducing candidates to them. In this case, any data transfer of your personal information is based on your consent, Art. 6 (1) sent. 1 lit. a GDPR;
- clients, business partners, suppliers and sub-contractors for the performance and compliance obligations of any contract we enter into with them or you. Depending on our relationship with those parties any processing and transfer to them is either based on Art. 6 (1) sent. 1 lit. a GDPR or Art. 28 GDPR in conjunction with a data processing agreement;
- subcontractors including email marketing specialists, event organisers, payment and other financial service providers. Any processing and transfer to them is based on Art. 28 GDPR in conjunction with a data processing agreement;
- analytics and search engine providers that assist us in the improvement and optimisation of our site Any processing and transfer to them is based on Art. 28 GDPR in conjunction with a data processing agreement;
- Potentially credit reference agencies, our insurance broker, compliance partners and other sub-contractors for the purpose of assessing your suitability for a role where this is a condition of us entering into a contract with you. Any processing and transfer to them is based on Art. 28 GDPR in conjunction with a data processing agreement.
Other possible reasons for disclosure of your personal information may include:
- In the event that Austin Fraser is to be acquired in whole or part by a third party we may disclose your personal information to the prospective acquirer of such business or assets where permitted by the applicable law.
To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have implemented generally accepted standards of physical, electronic and operational procedures to safeguard and secure the information we collect. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.
Third Party Sites
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Retention of your data
We understand our legal duty to retain accurate data and only retain personal information for as long as it is required for carrying out the data processing activities mentioned above. Accordingly, we have a data retention policy and run data routines to remove data that we no longer have a legitimate business interest in maintaining.
We will keep in touch with you regularly and will contact you via email annually to confirm all the information we hold is accurate and up to date and you still wish for us to hold your data, you can ask us at any stage to remove your information. Prior to making any introduction to our client we will check with you that we have the most up to date and accurate information.
We segregate our data so that we keep different types of data for different time periods. The criteria we use to determine whether we should retain your personal information includes:
- the nature of the personal information;
- its perceived accuracy;
- our legal obligations;
- whether an interview or placement has been arranged; and
- our recruitment expertise and knowledge of the industry by country, sector and job role.
We may archive part or all of your personal information or retain it on our financial systems only, deleting all or part of it from our main Customer Relationship Management (CRM) system. We may pseudonymise parts of your data, particularly following a request for suppression or deletion of your data, to ensure that we do not re-enter your personal information on to our database, unless requested to do so. For your information, Pseudonymised Data is created by taking identifying fields within a database and replacing them with artificial identifiers, or pseudonyms.
Our current retention notice is available upon request by contacting us at firstname.lastname@example.org.
You have a number of legal rights regarding your personal information and we will respect those at all times. Specifically, depending on the individual case, you may have the right to:
- Request (i) information whether your personal information is retained and (ii) access to and/or (iii) duplicates of your personal information retained, including the purposes of the processing, the categories of information concerned, and the recipients or categories of recipients to whom the information is disclosed and where possible, the envisaged period for which the personal information will be stored, or, if not possible, the criteria used to determine that period.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal information or present you our compelling legitimate grounds for an ongoing processing. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Refuse to provide and withdraw consent to processing of your personal information at any time without impact to data processing activities that have taken place before such withdrawal.
- Request to receive the personal information, which you provided to us, in a structured, commonly used and machine-readable format and to transmit those information to antorher controller without hindrance from our side; where technical deasible you shall have the right to have the personal information transmitted directly from us to another controller.
- Require not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose if assessing several personal aspects) which produce legal affects on you or affects you with similar significance.
Please submit all requests or enquiries to email@example.com, whereby you may be required to verify your identity. The information you provide when contacting us (e.g. e-mail address, name) will be processed to handle your request and will be erased when your request was completed. Alternatively, we will restrict the processing of the respective Information in accordance with statutory retention requirements.
If you have a serious concern about how we handle your information, or would like to lodge a complaint, you may do so by contacting the appropriate supervisory body, which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted through this link: https://ico.org.uk/concerns.
Changes to our privacy notice
We reserve the right to change this Policy from time to time by updating our website respectively. Any changes we make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice. This policy was last updated on 20 March 2018.