Privacy Policy

Introduction

This document sets out how we collect and use personal data in the course of running our recruitment business. It also sets out how we protect your personal data and what rights you have under legislation to control the use of your personal data.

Who we are and what we do.

We are in the business of providing recruitment services. In doing so we process personal data to enable the best possible service to clients and candidates. Clients retain us to find top talent to drive their businesses forward, we find candidates who best fit the role description and for candidates we present great opportunities to advance their careers.

Our commitment to privacy and protecting your personal data

This privacy policy describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights. At all times we act responsibly keeping your personal data secure and confidential.

Personal information we gather in normal course of service

We gather a range of personal data in the normal course of business. As a job seeker, or even someone who is passive in the jobs market, none of this will come as a surprise. All of the information is necessary to provide the service and none is surplus to our needs in doing our job well for candidates or clients.

We process these details about candidates; name, age, contact details, education details, employment history and any other information contained in the CV supplied by you. Added to this are details gleaned from interviews with you such as interview notes, details of compensation and other information from call and email communications. We also add to information supplied by you with information you put on job boards, social networking sites and notes of meetings with referees supplied by you.

We build our database of candidates through an active research market mapping process to identify talent pools of interest to us and our clients. We use variety of sources for this including asking for referrals, Linkedin and other publicly available sources to build out this market mapping. We share such mappings with our clients to help direct our joint recruitment effort. We may use your personal data for these purposes if we deem this to be necessary for our legitimate interests.

Why we process your personal data

We process personal data to deliver an excellent service to candidates and clients. For candidates we process personal data to present you with very relevant job opportunities we have been retained to fill. For clients we process candidate personal data to effectively present candidates that we consider a good fit for a vacancy.

Candidates should note that we never submit their profile for a role with a client without your prior consent.

What that means in practice is that we never present you as a candidate to a client without confirming your interest and seeking your explicit permission. This is plain common sense and good business practice. In doing this we will always check with you that we have all your up-to-date information such job history and compensation prior to making a client submission.

We freely share personally data internally via our ATS (applicant tracking system), so any member our our staff can access your personal data.

We also process personal data for marketing purposes to send periodic email updates on matters of interest related to jobs, job searches, career advice, offers, promotions and research. We apply Soft opt-in consent for these activities not otherwise covered by Legitimate Interests.

How long do we keep your data?

We keep candidate data until estimated date of retirement.

Where we are submitting your profile for a role, we will take care to ensure that your profile is uptodate.

If we do not contact you about a role during the course of a calendar year, we will make contact to update your data towards the end or beginning of each calendar year.

Security of your personal data

We are a paperless office and all data is held electronically in cloud based systems.

Access to data is achieved through laptops and mobile devices. Access is controlled via secure login to laptop and secure login to the cloud services. If a mobile device or laptop goes missing, we immediately change all passwords for the device and cloud services. Furthermore we remotely wipe the G-Suite drive on the device.

Our ATS database is supplied by Bullhorn who are our Data Processors. They meet the highest standards of data security which you can check out here.

We also store personal data on Dropbox and G Suite. Again they meet the highest standards of data security which you can check out here and here.

Lawful basis of processing personal data.

Legitimate Interests

We rely on Article 6(1)(f) of GDPR, which provides that we can process personal data where “is necessary for the purposes of the legitimate interests pursued by us, except where such interests are overridden by the interests or fundamental rights or freedoms of [you] which require protection of personal data.” We believe it is not unreasonable to process your personal data in a recruitment process where such process can result in a big benefit, namely a new and valuable career opportunity.

Consent

There are circumstances where we will need your consent to process your data. We will always seek your consent prior to submitting your CV to a client. If you have applied for a specific role, consent will sought and received at point of application.

Your rights over the personal data we hold under law

Where we hold your personal data, you have various rights in relation to it. To get in touch about these, please contact us. We will deal with your request within 30 days.

Right to object: If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases).

Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, for profiling your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.

Data Subject Access Requests (DSAR): Just so it’s clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or Delete such information. At this point we may comply with your request or, additionally do one of the following:
– we may ask you to verify your identity, or ask for more information about your request; and
– where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.

Right to erasure: In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will Delete your data but will generally assume that you would prefer us to keep a note of your name on our register of individuals who would prefer not to be contacted. That way, we will minimise the chances of you being contacted in the future where your data are collected in unconnected circumstances. If you would prefer us not to do this, you are free to say so.

Right of data portability: If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.

Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with your local supervisory authority, details of which can be found here.

If your interests or requirements change, you can unsubscribe from part or all of our marketing content (for example job role emails or newsletters) by clicking the unsubscribe link in the email.

Contact

If you have questions, contact our Data Protection Officer, Conor Jones on cjones@peoplesource.ie or call +353 1 631 6065

 

Follow us on our LinkedIn page: