Privacy Policy

The Company = NC Associates

This Privacy Notice tells you what to expect in relation to personal information about you which is collected, handled and processed by The Company.

The Company’s Human Resources function is the Data Controller.

We acknowledge and agree that any personal data of yours that we handle will be processed in accordance with all applicable data protection laws in force from time to time.  With effect from 25 May 2018, the General Data Protection Regulations (“GDPR”) will come into force, which will change the law.

The information about you we may collect, hold and process is set out below:

(a) Information collected and processed for finding you a suitable role is as follows:

  • Your name
  • Your address
  • Your email address
  • Your telephone number
  • CV/work history
  • Job preferences including role, geographical areas and salary
  • Any other work related information you provide, for example, education or training

(b) Information in respect to individuals that have worked for us previously or `may work for us is as follows:

  • Passport (if applicable, permits and visas)
  • Date of Birth
  • National Insurance Number
  • Full detail of job offers and placements
  • Outcome of DBS and security clearance for certain roles (these will be supplied by the Disclosure and Barring Service or other external company applicable to the placement.
  • Medical information (in specified cases – medical information may be supplied by a third party such as your GP, Consultant or Occupational Health)
  • References (these will be from your previous employer or personal references as appropriate).
  • Financial information (including but not limited to payroll details and terms, HMRC data, pension scheme details, court orders and statutory payments)
  • A log of our communications with you by email and telephone

This information will have been provided, or will be provided, by you or a third party who we work with, such as a Job Board Company or another employment business or agency.

How we use the information

The above information is used to provide our services to you in our capacity as an employment business / agency to find you suitable work whether on a temporary or permanent basis based on your requirements as set out below.

The information under A above may be used as follows:

  • To match your skill sets with job vacancies to assist in finding you the positions that best match your expertise.
  • To put forward your details to our clients and prospective employers for you to be considered for vacancies.
  • To place you with our clients and prospective employers
  • To keep you informed for available opportunities as they arise
  • To keep you informed of the services offered by us

The information under B above may be used as follows:

  • To establish that you have the right to work
  • To undertake relevant security and DBS checks as required by our clients and as permitted by law.
  • To deal with any medical and health and safety issues relating to specific positions
  • To put in place contractual arrangements and documentation once a role has been secured
  • To pay you if we find you work

How we hold the information

All the personal data we have is stored on our database in the UK.

Disclosure of your information

  • Your CV and related information will be shared or sent to prospective employers and our clients. Once you have secured a placement additional information will be provided to them to enable the placement to proceed.
  • Such employers and clients will usually be located inside the European Economic Area (EEA) but may be outside of the EEA.
  • Personal data shall not be transferred to a country or territory outside the EEA unless that country or territory ensures an adequate level of protection or the appropriate safeguards are in place for your rights and freedoms.  Before such a transfer takes place outside of the EEA, we will provide you with further information concerning this.
  • Other trusted third parties that we may share your data with are as follows: pension scheme providers, HM Revenue and Customs, Umbrella companies, legal advisors and other companies for the purpose of undertaking pre engagement checks for the role or for paying you.

What is the legal basis for processing the information?

  • We will rely on your consent to process the information which is collected at the outset of the recruitment process.
  • Information and documentation to establish your right to work is processed by us as we are legally obliged to do so.
  • In respect of medical information, the basis for us processing this will depend on the circumstances, but will usually be for one of the following reasons: it is necessary to protect health and safety within the work environment or to prevent discrimination on the grounds of disability or where consent has been obtained, if required.
  • Information in relation to criminal record checks, which are relevant for some roles, will be processed on the basis that it is necessary for us to comply with the law or consent will be obtained, if required.
  • Once a position has been found for you, we will process your personal data, including financial information, for the purpose of you entering into a contract to fulfil your role and to enable us to pay you, depending on the specific contractual arrangements and circumstances.
  • For the purposes of paying you, where relevant, we are legally obliged to provide information to HMRC.
  • Once a placement has been secured, we may also process your data on the basis of our legitimate interests i.e. for administrative purposes.

Your rights

You currently have the right at any time to ask for a copy of the information about you that we hold in addition to your right to be forgotten. If you would like to make a request for information please go to our website.

Retention of your data

Your data will be retained for no longer than is necessary and in accordance with our Data Retention Policy.

Withdrawal of consent

If you have provided us with your consent to process your data, for the purpose of using our services and us finding you suitable work, you have the right to withdraw this at any time.  In order to do so you should contact us via the website.

Concerns

If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to Information Commissioners Office at
https://ico.org.uk/concerns

Cookies

During the course of any visit to The Company’s website, the pages you see, along with a short text file called a ‘cookie’, are downloaded to your computer. Many websites do this, because cookies enable website publishers to do useful things like find out whether you have visited the website before.

A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a website’s computer and stored on your computer’s hard drive. Each website can send its own cookie to your browser if your browser’s preferences allow it, but (to protect your privacy) your browser only permits a web site to access the cookies it has already sent to you, not the cookies sent to you by other sites. Cookies record information about your online preferences. Users have the opportunity to set their computers to accept all cookies, to notify them when a cookie is issued, or not to receive cookies at any time.

Contact

Please address any questions, comments and requests regarding our data processing practices to Human Resources.

Changes to the Privacy Notice

This Privacy Notice may be changed by us at any time.

Information Disclosed to Third Parties 

We request that all third-party suppliers confirm that they work within the boundaries of the EU General Data Protection Regulation (GDPR) and that any agreements entered are compliant. We assume that the supplier is acting in the capacity of a ‘data processor’.

In the event of a data breach the supplier will be required to notify The Company without undue delay after becoming aware of the breach. The supplier would be required to cooperate with The Company to investigate and remediate the breach, cooperate with any supervisory authorities and law enforcement.

The Supplier’s data processing approach should be made available to The Company allowing us to access all the information necessary to demonstrate the supplier’s compliance with its processing obligations.