ProjectPartners is committed to protecting the privacy of all candidates, clients, and employees in accordance with the regulations set out in the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). Project Partners Ltd is registered under the Data Protection Act 2018, and our registration number is ZB372993. All client and candidate data is stored in a secure cloud-based system that is only accessible through ProjectPartners’ secure network. Personal data is accessible to the wider business, but for special personal data, only members of the Compliance Team will be able to view this information with the client/candidate’s prior written consent. We always offer clients and candidates the opportunity to opt-out or manage their communication preferences via our Preference Centre or be removed from our database, e.g., for a request for erasure/right to be deleted. We inform all candidates that personal data is never submitted to a third party unless prior confirmation has been given, e.g., a candidate is first asked about a job opportunity before we forward details for an interview.
We have a dedicated team responsible for the day-to-day management of data. This team monitors employee usage to ensure our guidelines are being upheld, including email monitoring to prevent anyone from sending personal data out of the company, and printing is regularly audited, again to prevent users from taking hard copies of data off company premises. All employees are advised and trained on the company’s Data Protection policy when they join the organization. We regularly review all internal policies and processes to ensure that we fully adhere to legislative changes, and all employees receive advice and guidelines when amendments are made.
The GDPR provides you with the following rights. You have the right to request the correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. You also have the right to request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask Information Security and Data Protection Policy to delete or remove your personal information where you have exercised your right to object to processing. You have the right to object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes. You have the right to request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it. You also have the right to request the transfer of your personal information to another party in certain formats if practical. You can make a complaint to a supervisory body which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted at: https://ico.org.uk/concerns/. The Act and the GDPR give you the right to access information held about you. Your right of access can be exercised in accordance with the Act (and the GDPR once it is in force). Any access request under the Data Protection Act will be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you. A subject access request should be submitted to email@example.com. No fee will apply once the GDPR comes into force.
Project Partners may select partners and service providers to process personal information about individuals on our behalf as described below:
We periodically appoint digital marketing agents to conduct marketing activity on our behalf. Such activity may result in the compliant processing of personal information. Our appointed data processors include:
Please note that we take appropriate measures to ensure that our partners and service providers are GDPR-compliant and maintain appropriate technical and organisational measures to ensure the security of personal data.