How do we Collect Information about you?
We collect personal data about you when you register with Purple Placements, apply for our vacancies via our recruitment partners and when we are actively sourcing for candidates on their job boards. We do so in order to provide you with our specialist recruitment services, i.e. introduce you to our clients and find you employment.
We obtain your data in two primary ways; personal data that you give to us and personal data that we receive from other sources.
Personal data you give to us
The ways in which you can share your information with us include:
– Emailing your CV to a Purple Placements consultant or being interviewed by them (phone or face to face)
– Applying for jobs through on of our recruitment partners (reed.co.uk, Total Jobs, Jobsite, Monster, CV Library and Indeed), which then redirects you to our website or database
– Registering or contacting us through our website or social media channels, which redirects you to our email in-box or database
– Giving a hard copy of your CV to a Purple Placements consultant
Personal data we receive from other sources
The ways in which we can receive information about you include:
– Obtaining information about you from searching for potential candidates from third party sources, such as LinkedIn and our recruitment partners (reed.co.uk, Total Jobs, Jobsite, Total Jobs, CV Library and Indeed)
– Your referees may disclose personal information about you when we place you in a temporary assignment or make a successful introduction to a client
– Our clients (employers) may share personal information about you with us
What Information do we collect about you?
The personal data that we collect includes:
– Your name, address, email address, telephone number(s) and your CV
– Details of the kind of work you are looking for and your preferred work location
– If appropriate, a covering letter, personal statement or other similar document
If we make a successful introduction for you with one of our clients and a job offer is accepted, or we place you into a temporary assignment, we will also collect the following:
– National Insurance number and passport information for identification purposes. This will include passport number, expiry, date and place of birth
– Financial details for payment purposes, i.e. your bank account name, account number and sort code
We will process your personal data on the basis set out below as it is in our legitimate interests to do so following your registration.
What do we do with your personal data?
Having collected the data outlined above, we will then use it to facilitate our recruitment services, manage your profile on our database and email you about jobs that are relevant to your employment search. The ways in which we use your information include:
– Upload, store and process data on our Recruit So Simple database (see third-party data processor section)
– Temporarily store data and documents such as CVs on password protected email and folders (these are deleted once added to the database)
– Keep journal records on the database / emails of our recruitment related discussions
– Share your data with relevant third parties such as clients whose role profile matches your job search (see section below – who we share your data with)
– Use financial data to facilitate payroll and invoicing processes
– Undertake appropriate employment checks, such as referencing and security vetting on behalf of clients
Who do we disclose / share your data with?
– We will send your CV to potential employers in order to undertake our recruitment services and help find you work
– In the case of a successful placement or temporary assignment, we will send your personal details to the client
– In order to obtain references, we will send it to companies who you have named as past employers, recruitment agencies and educational bodies
– In the case of a successful temporary assignment, we will send your personal and financial details to our umbrella companies (Focused or Advanced) for payroll and invoicing purposes
Your rights – How can you access, amend or delete your data?
You have various rights regarding the data we hold about you. To get in touch about any of these rights, please refer to our Subject Access Request Policy (SARS) below and contact our Data Protection Officer. We will seek to deal with your request without delay.
Right to object:
If we are using your data because we deem it necessary for our legitimate interests and you do not agree, you have the right to object, except if otherwise permitted by applicable law. If GDPR laws have been infringed upon, please contact Purple Placement’s Data Protection Officer on firstname.lastname@example.org. You also have a right to lodge a complaint with data protection authorities.
Subject Access Request (SARS):
You have the right to ask us to confirm what personal information we hold about you at any time and access, amend or delete any of that data. Following your request, we may ask you to verify your identity and provide further information about your request. We will not charge you for the initial request but may charge a reasonable administrative fee for additional copies of the data, if deemed excessive. We will always do our best to process your request without delay, and always within 30 days, but where we are legally permitted or obligated to do so, we may refuse your request. If we do have to refuse your request, we will always tell you the reasons for doing so. Please follow the SAR process for any requests relating you rights below.
Right to amend:
You have the right to request that we amend any incorrect or incomplete personal information we have on you. Following this request, unless there is a legal reason we cannot do so, we will take all reasonable steps to amend your data. If we have shared this data, we will also take reasonable steps to notify the third party of the request to amend this information. If we are unable to comply with your request, we will advise you of the reason why.
Right to delete:
You have the right to request that we delete the personal information we hold on you in certain situations. Usually, this would be because of one of the following circumstances:
– The data no longer meets the lawful basis which we collected it for initially, i.e. our legitimate interest in providing a recruitment service to you
– The data has been processed unlawfully (in a manner that does not comply with GDPR)
Following this request, unless there is a legal reason we cannot do so, we will take all reasonable steps to delete your data. If we have shared this data, we will also take reasonable steps to notify the third party of the request to delete this information. If we are unable to comply with your request, we will advise you of the reason why.
Right to restrict processing:
You have the right to request that we restrict the processing of your data, which would mean we retained the data, but ceased processing it. This would apply until the circumstance below had been resolved or you gave us consent to continue processing it again. Usually this would be in one of the following circumstances:
– The data has been processed unlawfully (in a manner that does not comply with GDPR), but you request that we cease any processing of it, rather than delete it
– You disagree with the accuracy of the personal information we store. We would then cease any processing until the data had been amended (see right to amend section above)
Right to data portability:
You have the right to request a transfer of your data from one data controller (i.e. Purple Placements) to another. We will always do our reasonable best to process this request, by exporting your data and giving you a copy in an appropriate format.
We will only retain your personal data if it is appropriate to do so in order to provide you with a recruitment service and therefore retain a legitimate interest. If we have not had meaningful contact with you, i.e. contact relating to our recruitment services and finding you a job, for a period of two years, we will delete your data from our database. The only time in which we would not to adhere to this timeframe is when we are legally required to retain the data for longer.
We are committed to following accepted industry standards to protect your data and will take all appropriate and reasonable steps to protect it from loss, unauthorised access, misuse and unlawful processing. We maintain appropriate administrative, technical and physical safeguards to protect the data, including but not limited to password protected folders, accounts and a database and firewalls.
Although we take your data security very seriously and protect your personal information as best we can, no method of data storage or internet communication is 100 per cent secure, so we cannot ensure the security of your personal information. If you suspect your personal data has been accessed or misused by an authorised body, please contact our Data Protection officer and we will log the breach and inform the relevant authorities, in accordance with applicable data protection law.
Data Controller and Third-Party Data Processors
Policy Review and Changes