Privacy Policy
This Privacy Policy outlines how IntroSecurity Recruitment Services ("we," "us," or "our") collects, uses, and protects personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. As a recruitment agency based in the United Kingdom, we are committed to safeguarding the privacy of individuals who interact with our services. This policy explains our practices regarding the collection, storage, processing, and sharing of personal information.
Data Controller
IntroSecurity Recruitment Services is the data controller responsible for the processing of personal data under this Privacy Policy. If you have any questions, concerns, or requests regarding your personal data, you can contact us using the information provided at the end of this policy.
Types of Personal Data We Collect
We collect and process various types of personal data necessary for the provision of our recruitment services. The personal data we may collect includes but is not limited to:
-
Contact information (such as name, address, email address, phone number)
-
Professional information (such as resume/CV, employment history, qualifications, skills)
-
Identification information (such as passport or national ID details)
-
References and background checks (with your consent)
-
Any other information you voluntarily provide to us during the recruitment process
How We Collect Personal Data
We collect personal data through various methods, including:
-
Directly from candidates: When you submit your information through our website, email, or other means of communication.
-
From third parties: Such as referees, educational institutions, and professional networking platforms, with your consent.
-
Purpose and Legal Basis for Processing
We process personal data for the following purposes, relying on the corresponding legal bases as provided under the GDPR:
-
Providing recruitment services: We process personal data to assess and match candidates with job opportunities (legitimate interest).
-
Communication and notifications: We use personal data to communicate with candidates regarding job applications, interviews, and other relevant recruitment-related information (legitimate interest).
-
Compliance with legal obligations: We process personal data to comply with applicable laws, regulations, or legal obligations.
-
Consent-based processing: In certain cases, we may seek your consent to process personal data for specific purposes, which will be clarified at the time of collection. You have the right to withdraw consent at any time.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. The specific retention periods may vary depending on the nature of the information and the legal requirements applicable to our operations.
Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure. These measures include but are not limited to firewalls, secure servers, encryption, access controls, and regular security assessments. Despite our efforts to protect personal data, please note that no security measure is completely foolproof, and we cannot guarantee the absolute security of your data.
Sharing Personal Data
We may share personal data with third parties under the following circumstances:
-
: We may disclose personal data to clients for potential job placements or employment opportunities, with your explicit consent.
-
Service Providers: We may engage trusted service providers who process personal data on our behalf, such as IT and cloud service providers. These providers are contractually bound to handle personal data in accordance with our instructions and applicable data protection laws.
-
Legal Compliance: We may share personal data if required to comply with applicable laws, regulations, or legal processes, or in response to valid and enforceable requests from public authorities.
-
Business Transfers: In the event of a merger, acquisition, or other corporate restructuring, we may transfer personal data to the relevant third parties involved, provided they agree
Your Data Protection Rights
Under data protection law, you have rights including:
-
Your right of access - You have the right to ask us for copies of your personal information.
-
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
-
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
-
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
-
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
-
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we shall endeavour to process your request within a maximum of 30 days.
To correct your personal data, withdraw your consent or object to the processing of your personal data please contact karl.dimascio@introsecurity.com