Privacy Policy

 

Purpose of collecting data

In order to work with you, PeerLink Ltd will collect and process personal data about you.

When it comes to capturing and using data relating to individuals there are some key legal requirements with which the PeerLink Ltd needs to comply. The purpose of this statement is to set out how PeerLink Ltd meets these requirements and to ensure that every individual who provides data to PeerLink Ltd understands the legal basis on which that data is held, what the data is used for, how it is stored and who has access to it.

The legislation which details the legal requirements that PeerLink Ltd must follow in relation to data is the General Data Protection Regulation 2016 ("GDPR").

Cookies

Our Website uses cookies and similar technologies to distinguish you from other users. This helps us to provide you with a good experience when you browse the Website and also allows us to improve our site.

Cookies are small text files stored on your device that help us understand how the Website is being used and improve functionality and performance.

We may use cookies to:

  • Ensure the Website functions properly
  • Analyse website traffic and usage
  • Improve performance and user experience

You can control and manage cookies through your browser settings at any time. Most browsers allow you to refuse or delete cookies.

Our Business and Use of Data

PeerLink Ltd is a recruitment agency and recruitment business as defined in the Employment Agencies and Employment Businesses Regulations 2003.

To perform our business activities, we may collect personal information about the following individuals:

  • Prospective and placed candidates for permanent or temporary roles
  • Prospective and current client contacts
  • Supplier contacts to support our services
  • Employees, consultants, temporary workers

Although individuals do not have to provide personal information to us, this may restrict or prevent our ability to provide our services.

As individuals may at points in their relationship with us be a candidate and/or a client contact, we may use the personal data provided to contact the individual in regard to either of these services unless the individual advises us to restrict use to specific service.

Sources of Data

The sources we may collect personal data about individuals from are:

  • The individual as a candidate while searching for a new role and going through the recruitment process, or as a client contact when looking to place an individual in a job role
  • Public sources, including LinkedIn, job boards, and CV databases
  • Referrals from third parties who know the individual, either professionally or personally

Where we collect information through public sources, we may do this with the aid of software which searches publicly available sources of data using specific parameters to find candidates and contacts. The search parameters are restricted to searching for name, contact details, job role, technical skills, experience and location, which is information available on public sites or provided by individuals, where there is a reasonable expectation that such information may be collected and processed by recruiters for the purpose of sourcing candidates for client job roles.

If data regarding individuals is obtained from a third party or public source, the privacy rights are the same as if collected from the individual.

Data Processing for Candidates

We collect the information necessary to find available opportunities for candidates and to assess a candidate's eligibility through the recruitment process. This information may include CVs, identification documents, educational records, work history, employment, comments, references, email addresses and contact details.

The personal data is used to match skills, experience and education with a potential employer. We will initially collect basic information on candidates including contact details, job role and experience. Upon the candidate's confirmation that we may represent them, we then pass this information to the client for them to determine alignment of skills and experience to the available position. We may require from the candidates, and provide to the clients, additional information regarding the candidate as they progress through the recruitment process.

For candidates applying for contract roles

Checks may be conducted at appropriate points in the process to ensure the information provided is complete and correct. 

Data will never be sold but may need to be disclosed to a third party as part of the recruitment process.

Privacy Principles

GDPR sets out privacy principles with which PeerLink Ltd must comply. These principles are:

Purpose Limitation

PeerLink Ltd must clearly state the reason that data is being held and can then only process data for that reason. If PeerLink Ltd wants to use the data for a different reason to that for which the data was collected, then we must inform the data subject.

Data Minimisation

PeerLink Ltd must only collect the data that is needed.

Accuracy

PeerLink Ltd must take all reasonable steps to ensure that the data held is accurate.

Storage Limitation

PeerLink Ltd must only keep the data for as long as it is necessary.

Integrity and Confidentiality

PeerLink Ltd must take all reasonable steps to ensure that the data held is kept securely and is only shared with people who have a legitimate need to have access to it.

Lawfulness, Fairness and Transparency

PeerLink Ltd must have a legal basis for processing data and must be transparent about the data held, why it is held, how it is held, who has access to it and for how long it is retained.

Legal Bases for Processing Data

GDPR states that data can only be processed for one of six reasons – consent, contract, legal obligation, vital interests, public task and legitimate interests. Of these, there are four which are applicable to PeerLink Ltd. These are:

Contract

Contract is a lawful basis for processing data if a company is required to hold the data to fulfil their contractual obligations to the data subject. Much of the data that PeerLink Ltd holds on you falls under this basis.

Legal Obligation

Legal obligation, as the name implies, relates to data that is needed for a company to fulfil a legal obligation. Some of the data that PeerLink Ltd holds on you falls under this basis.

Vital Interests

Vital Interests means there is a need to process data to save someone's life. It is extremely unlikely that this will ever apply to PeerLink Ltd. It is possible, however, that PeerLink Ltd may need to share information with the emergency services should something happen to you and it would be on this basis that PeerLink Ltd would rely.

Legitimate Interests

Legitimate Interests refer to situations where data is used in a way that an individual would reasonably expect.

The Rights of Data Subjects

You, as a data subject, have particular rights under GDPR. These are:

The Right to Be Informed

You have the right to know what data PeerLink Ltd holds about you, how it is held, what it is used for, who has access to it, how long it is held for, how you can see the data and the legal basis on which the data is held. PeerLink Ltd will meet the obligations under this right through this Privacy Statement.

The Right of Access

You have the right to see the data that PeerLink Ltd holds about you. PeerLink Ltd will meet the obligations under this right through the Subject Access Request Procedure.

The Right to Rectification

You have the right to have any errors in the personal data held about you corrected.

The Right to Erasure

You have a right to request that personal data is deleted or destroyed where there is no compelling reason for PeerLink Ltd to continue to hold this data. It is important to note that if PeerLink Ltd is required to keep the data to fulfil a legal obligation, then the right to erasure does not exist.

The Right to Restrict Processing

You have a right to 'block' the processing of personal data. This means that PeerLink Ltd can continue to store it but can no longer process it. This applies in very specific circumstances and cannot be applied if the restriction would prevent PeerLink Ltd from meeting any obligations under your contract of employment or from meeting a legal obligation.

The Right to Data Portability

You have a right to move, copy or transfer data from one IT environment to another. This is unlikely to be relevant to the data held by PeerLink Ltd.

The Right to Object

You have the right to object to data being processed where the legal basis for that processing is either one of legitimate interest or the performance of a task in the public interest. You can also object if the processing of that data is for direct marketing.

Rights in Relation to Automated Decision Making and Profiling

You have a right to request that a human be involved in automated decision making. This is unlikely to be applicable in relation to PeerLink Ltd as no automated decision-making processes are used.

The Data We Typically Hold

   Collected Personal Data

In all cases, PeerLink Ltd collect and process personal data about you, including your name, address, telephone number and email address.

   Recruitment review process

All candidate CVs and applications are reviewed by PeerLink Ltd. 

   Breach Notification

It is the PeerLink Ltd's policy to be fair and proportionate when considering the actions to be taken to inform affected parties regarding breaches of personal data. In line with the GDPR, where a breach is known to have occurred which is likely to result in a risk to the rights and freedoms of individuals, the relevant Data Protection Authority (DPA) will be informed within 72 hours. This will be managed in accordance with the Data Breach Notification Procedure which sets out the overall process of handling information security incidents.

   Addressing Compliance to the GDPR

The following actions are undertaken to ensure that PeerLink Ltd always complies with the accountability principle of the GDPR:

   Concerns and Questions

PeerLink Ltd will always endeavour to ensure on-going compliance but any individual who has concerns regarding any of the actions that are taken or feels that they are unclear as to how PeerLink Ltd is complying with elements of the legislation should raise their concerns with us. Your concerns will be investigated and responded to within 28 days.

 

 


 

©Copyright. All rights reserved.

Information icon

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.