Our Privacy Policy
At RedLaw we are committed to protecting and respecting your privacy.
RedLaw Recruitment Ltd ("RedLaw") is registered as a data controller in the United Kingdom for the purposes of Data Protection legislation. RedLaw website and services are designed to protect the privacy of all users. We ensure that the data you supply to us is processed fairly and lawfully, and with skill and care. This Data Protection Privacy Notice governs our processing of all personal data provided to us, in all forms. Our purpose is to provide you with recruitment services. By registering your details with us and using our website, you consent to us collecting and processing personal data supplied by you and disclosing this information to prospective employers and clients in connection with the recruitment process.
Introduction
This Privacy Notice provides you with clear information as to how we process your personal data. We are obliged to use your information in line with all applicable laws. We do so in a manner that is fair by using your information in a way that you would reasonably expect when providing our recruitment services or recruiting personnel for you, and being transparent so that you know how it will be used.
This Privacy Notice sets out: the types of personal data that we collect about you; how and why we use it; how long we will keep it for; when, why and with whom we will share it; the legal basis for us using your personal data; and your rights in relation to us storing and processing your personal data. It also explains how we may contact you and how you can contact us.
Part of the recruitment process will involve sharing your personal data with our clients (independent data controllers) who have potential work opportunities that may be suitable for you. These third parties will have their own privacy policies and will also need to comply with all applicable laws. Their websites have their own privacy policies, and we encourage you to review them. We accept no responsibility or liability for the privacy practices of such third parties and you use them at your own risk through the recruitment process.
We encourage you to contact them directly if you have any concerns or questions about how they process your data.
Who we are
RedLaw Recruitment Limited (registration number 06802353) is an employment business and agency. We provide both temporary and permanent recruitment services to clients looking to recruit personnel for their business and provide recruitment services to candidates looking for job opportunities.
We are registered as a data controller with the ICO in the United Kingdom for the purposes of the Data Protection legislation and General Data Protection Regulation (GDPR). Our registered office address is Kinetic Business Centre, Theobald Street, Elstree, Borehamwood, Hertfordshire WD6 4PJ and you can contact us at database@redlawrecruitment.com if you have any queries relating to data protection.
Legal basis for processing your data
The lawful basis we rely on to process your personal data is Article 6 (f) of the UK GDPR. We may also rely on Article 6 (a), (b) and (c) in certain situations.
For prospective candidates, contractors, referees and clients, our processing is necessary for our legitimate interests in that we need the information in order to be able to assess suitability for potential roles, to find potential candidates and to contact clients and referees.
We do not consider our legitimate interests to be overridden by your interests or fundamental rights and freedoms. We take into consideration the reasonable expectations of individuals who are actively applying for jobs or making their personal information publicly accessible on professional networking sites.
If you are submitted as a candidate or requested for interview, then this may involve the processing of more detailed personal data including sensitive data such as health information or any unspent criminal convictions that you or others provide about you. We will ask for your consent before undertaking such processing if we are required to do so.
For clients, it may also be necessary for us to process your data in order to perform a contract for you if one is in place, for example in contacting you.
What information will we collect about you?
We need your personal data in order to find you suitable opportunities and further information may be needed to assess your eligibility through the different stages of the recruitment process. We collect and process personal data only as far as is necessary to facilitate the recruitment process and provide you with work-finding services.
The information we collect may include your name, email address, telephone number, CV, identification and right to work documents, educational records, work history, employment, and references.
In general, we will not ask you about sensitive personal data but there may be times when it is necessary for information to be disclosed to us and for us to share it with potential employers. We will only share the information where you have provided your explicit consent.
We are also under an obligation to our clients to provide suitable candidates. Part of the assessment process will include asking you about any unspent criminal convictions you may have. We consider this to be highly confidential information and will only share this where you have provided your explicit consent.
Where does the information we collect about you come from?
The data we collect about you is obtained from the following sources:
- Directly from you. This may be via our registration process, information requests and applications via our website.
- Publicly available sources. We may also obtain your information from professional networking sites or job boards, where you have actively published or submitted your information.
- Reference or word of mouth. You may be recommended by a friend, former employer or colleague.
How will we use the information collected about you?
We will use your information in such ways to facilitate the recruitment process and provide you with work-finding services, including but not limited to:
- Using your details to match your skills, experience and education with a role that suits your requirements (we use technology in ways to help identify the most suitable candidates for a specific role, but this does not constitute automated decision making);
- Making you aware of current opportunities that may suit your requirements;
- Contacting and updating you about applications you have made or roles you have been submitted for;
- Sharing your details with clients with the aim of securing a potential role (our client may be the company you will provide your services to or an intermediary company that directly supplies to the company you will provide your services to).
If you are selected by the client for an interview or the next stage of the recruitment process, we will need further information from you. This is likely to come directly from you.
We may also analyse the data internally so that we can offer a more relevant service and for marketing purposes. You will also have the opportunity to unsubscribe from any of our marketing material (see below).
- When you are registered with us, your data will be retained for 6 years from the last contact or activity on your record. You can request to have your record deleted (see below).
- If we place you in a temporary assignment or permanent role, we will be required to keep certain information for specific lengths of time up to a maximum of 6 years. The purpose of keeping this information is to comply with our legal obligations.
- Client contact details are retained for 3 years from the last contact or activity on your record. You can request to have your record deleted (see below).
Will we process special categories of personal data and criminal convictions?
We avoid processing special categories of data (these are sensitive personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership) and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person’s sex life or sexual orientation. However, by taking copies of passports or ID it may be that racial or ethnic origin can be revealed.
Processing this data is necessary for us to comply with employment law obligations and the data is only used for this specific purpose.
We are under an obligation to ensure that the candidates we submit to clients are suitable. As part of our registration process, we require individuals to disclose any unspent convictions and may need to make further enquiries if necessary.
Will we contact you for marketing purposes?
We will only send you direct marketing emails that promote our company or services once you are registered with us at RedLaw. You will have the option to opt out at any time. You can also manage your direct marketing preferences by contacting us at database@redlawrecruitment.com. However, updating your preferences or clicking the unsubscribe link on an marketing email received is usually the easiest way.
To clarify, contacting you about specific job opportunities is not marketing because we are not advertising or marketing our services.
Can you refuse to provide your data to us or request that we delete your data?
If you do not provide the personal data requested or use your right to withdraw your consent for the processing of your sensitive personal data, we may not be able to match you with available job opportunities.
You have the right to object to us processing your data based on legitimate interest. If you have not been placed in a role with us, then we will be able to delete your data. You can do so by emailing database@redlawrecruitment.com.
If you have been successfully placed, then we will be under certain legal obligations to retain information for specified periods (up to 6 years). This includes, but is not limited to, ensuring you have the right to work in the UK and allowing us to comply with HMRC reporting requirements regarding payroll information. In such situations you do not have the right to object to us processing your data.
You do also have the right to restrict processing which means that we will stop further use of your data after your current assignment is ended but will still need to store it for legitimate interest purposes up to 6 years. You can do so by emailing database@redlawrecruitment.com.
Please note that we may require you to provide us with proof of your identity and answer security questions before processing your request. If your data is deleted, we will have no record and you may be contacted again in the future for new roles we are recruiting for where your skillset is a match.
Can you find out what data we hold about you?
If any of the data we hold is inaccurate, you have the right to rectify it.
You can make a request to find out what personal data we hold about you. You may exercise this right by making a written subject access request (SAR). You can do so by emailing database@redlawrecruitment.com.
We require you to provide us with proof of your identity and answer security questions before processing your request.
We usually act on such requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
- baseless or excessive/repeated requests, or
- further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it and if you are looking for something specific, please state what this is. Generally, you will receive a response within one month from when we receive your request and your identification documents, but it is possible to extend this to three months if necessary. If this applies, we will let you know.
If after your SAR, you would like to be removed from our database then you will need to contact us again by emailing database@redlawrecruitment.com.
Do you have the right to data portability?
The GDPR includes a right to data portability. The right to data portability only applies when:
- your lawful basis for processing this information is consent or for the performance of a contract; and
- you are carrying out the processing by automated means (ie excluding paper files).
As we rely on the legal basis of legitimate interests and the data is not processed by automated means, this right will not apply to the data we hold about you.
Cookies and external websites
To provide better service to you on our website, we use cookies to collect your personal data when you browse. See our cookie policy on our website for more details.
Changes to this privacy notice
We reserve the right to change our Privacy Notice at any time. Changes to our Privacy Notice will be displayed on our website.
Complaints
If you have any issues or concerns, then we ask that in the first instance you set this out in writing and send this to database@redlawrecruitment.com.
If we are unable to satisfactorily deal with your complaint, you can complain to the ICO which is the UK supervisory authority who we are a member of.