PrimePRO Software Ltd, together with any group companies ("we" us" "our") are committed to protecting and respecting privacy. For the purposes of data protection legislation, we are the data controller and we will process personal data in accordance with the General Data Protection Regulation (EU) 2016/679, national laws which relate to the processing of personal data and the Department of Health Information Governance and Framework Guidelines (where applicable). Please read the following carefully to understand our views and practices regarding personal data and how we will treat it.
2. CANDIDATES, RECRUITMENT AGENTS AND OTHER VISITORS TO OUR WEBSITE
2.1 We may collect and process personal data in the following circumstances:
2.1.1 when completing forms on our website ("Site"). This includes name, email address and telephone number which is provided at the time of submitting an enquiry form on our Site;
2.1.2 when logging into to our Site. This includes information such as; name and email address and, if you are a candidate, it may also include information such as your bank account details, pension details, proof of identification and other documents as maybe required;
2.1.3 whenever providing information to us when reporting a problem with our Site, making a complaint, making an enquiry or contacting us for any other reason. When contacting us, we may keep a record of that correspondence;
2.1.4 details of visits to our Site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise, and the resources that are accessed (see section 2.2.2 on Cookies below); and
2.1.5 whenever disclosure of information to us, or we collect information in any other way, through our Site.
2.2 We may also collect data in the following ways:
2.2.1 We may collect information about any device, including where available, Internet Protocol address, for reasons of fraud protection. We may also collect information about any device's operating system and browser type, and location for system administration. This is statistical data about our users' browsing actions and patterns and does not identify any individual.
2.3 We may use personal data for our legitimate interests in order to:
2.3.1 provide information, or services that are requested from us;
2.3.2 allow participation in interactive features of our Site, when choosing to do so;
2.3.3 ensure that content from our Site is presented in the most effective manner for users and for devices;
2.3.4 improve our Site and services; and
2.3.5 process and deal with any complaints or enquiries made.
2.4 In order to perform our contracts with our clients, we will need to share candidates' and/or recruitment agents' personal data with our clients to assist in the delivery of services our clients have requested. For example, we may need to provide such personal data that enables the client make payment for hours worked by the candidate. We will retain information as long as we require this to provide our client with the services our client has requested from us and for a period of no less than 6 years.
Our Site may, from time to time, contain links to and from the websites of third parties. Please note that if following a link to any of these websites, such websites will apply different terms to the collection and privacy of personal data and we do not accept any responsibility or liability for these policies. When you leave our Site, we encourage you to read the privacy notice/policy of every website you visit.
3.1 We will collect details such as candidate's contact information and other information required in order to process payments. We will use this information to process the services processed via the system and comply with our contractual obligations.
3.2 In order to perform our contract, we may also need to share personal data with third parties such as recruitment agencies to assist in the delivery of services requested
3.3 We may also advertise your feedback on our website and marketing materials (subject to obtaining your prior consent where necessary);
3.4 We will retain your information as long as we require this to provide you with the services requested from us and for a period of no less than 6 years.
We will collect details such as; your contact information and bank account details in order to contact you about goods or services ordered with you, to place further orders and to pay you for the goods and/or services supplied. We will keep the personal data for no less than 6 years.
5. IF YOU FAIL TO PROVIDE PERSONAL DATA
Where we need to collect personal data by law, or under the terms of any contract and there is a failing to provide the data when requested, we may not be able to perform the contract we have or are trying to enter (for example to provide goods or services). In this case, we may have to cancel a service, but we will notify if this is the case at the time.
6. MONITORING AND RECORDING
We do not monitor or record telephone calls. We store emails trails as part of our ongoing system to resolve any service issue.
7. AUTOMATED PROCESSING
We do not undertake automated decision making with any personal data.
8. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
8.1 We will only use personal data where the law allows us to. Most commonly, we will use personal data in the following circumstances:
8.1.1 for performance of a contract we enter into;
8.1.2 where necessary for compliance with a legal or regulatory obligation we are subject to; and
8.1.3 for our legitimate interests (as described within this policy), candidates, supplier interests and fundamental rights do not override these interests.
9. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
9.1 In addition to the third parties mentioned above, we may disclose personnel information to third parties for our following legitimate interests as follows:
9.1.1 to staff members in order to facilitate the provision of goods or services;
9.1.2 to our affiliated entities to support internal administration;
9.1.3 IT software providers that host our website and store data on our behalf;
9.1.4 professional advisers including consultants, lawyers, bankers and insurers who provide us with consultancy, banking, legal, insurance and accounting services;
9.1.5 HM Revenue and Customs, regulators and other authorities who require reporting of processing activities in certain circumstances; and
9.2 We may disclose personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share personal data in order to comply with any legal obligation, or in order to enforce or apply our website terms and conditions and other agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
9.3 We will not sell or distribute personal data to other organisations without approval.
10. CROSS-BORDER DATA TRANSFERS
We will not transfer or allow transfer personal data outside the European Economic Area for private sector clients. In respect of the NHS, such transfer is not allowed outside the UK.
11. DATA SECURITY
11.1 Where we have given (or where chosen) a password which enables access certain parts of our Site, the user is responsible for keeping this password confidential. Passwords should not be shared.
11.2 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect personal data, we cannot guarantee the security of information transmitted to our Site; any transmission is at user's own risk.
11.3 Information provided to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access.
12. ACCESS TO, UPDATING, DELETING AND RESTRICTING USE OF PERSONAL DATA
12.1 It is important that the personal data we hold is accurate and current. Please keep us informed if any personal data we hold changes.
12.2 Data protection legislation gives the right to object to the processing of personal data in certain circumstances or withdrawing consent to the processing of personal data where this has been provided. There is also the right to access information held and for this to be provided in an intelligible form. If you would like a copy of some or all personal information held, please send an email to email@example.com. In certain circumstances we reserve the right to charge a reasonable fee to comply with any request.
12.3 You can also ask us to undertake the following:
12.3.1 update or amend personal data if you feel this is inaccurate;
12.3.2 remove personal data from our database entirely;
12.3.3 send copies of personal data in a commonly used format and transfer information to another entity where this has supplied this to us, and we process this electronically with consent or where necessary for the performance of a contract; or
12.3.4 restrict the use of personal data.
12.4 We may request specific information to help us confirm identity and right to access, and to
provide the personal data that we hold or make requested changes. Data protection legislation may allow or require us to refuse to provide access to some or all the personal data that we hold or to comply with any requests made in accordance with rights referred to above. If we cannot provide access to personal data, or process any other request we receive, we will advise the reasons why, subject to any legal or regulatory restrictions.
12.5 Please send any requests relating to the above to our Data Protection Officer at firstname.lastname@example.org, specifying your name and the action you would like us to undertake.
13. RIGHT TO WITHDRAW CONSENT
Where there is provided consent to the collection, processing and transfer of personal data, there is the legal right to withdraw consent under certain circumstances. To withdraw consent, if applicable, please contact us at email@example.com.
15. CONTACT US
Last updated: May 2018.