Privacy Notice

Privacy Notice

Company Name:

Blue Inn Ltd
Co Reg No: 08618664
the “Company”

Company Contact details:

The Director
Blue Inn Ltd
GDPR Compliance
Unit 1 First Floor
34-36 High Street
Barkingside
IG6 2DQ

Date of Issued and Revision:

 

21/5/18 & V1.0

Blue Inn Ltd (the "Company") is a recruitment business (for supply of temporary or introduction of permanent white and blue collar staff) which provides work-finding services to its clients and work-seekers. The Company must process personal data (including sensitive personal data) so that it can provide these services – in doing so, the Company acts as a data controller.

You may give your personal details to the Company directly, such as on an application form or via our website, or we may collect your personal details from other sources such as a jobs board. The Company must have a legal basis for processing your personal data. For the purposes of providing you with work-finding services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement.  This statement also provides you with certain information that must be provided by the Company under the General Data Protection Regulation (GDPR).

  • We will comply with data protection laws and principles, which means that your personal data will be:

      • * Used lawfully, fairly and in a transparent way.

      • * Collected only for valid purposes that are clearly explained to you in this statement and/or any application form that you complete and not used in any way that is incompatible with those purposes.

      • * Relevant to the purposes we have told you about and limited only to those purposes.

      • * Kept only as long as necessary for the purposes we have told you about.

      • * Kept securely.

  • a. Purpose of processing and legal basis 
    The Company will collect your personal data (which may include ”special categories” of more sensitive personal data – see below) and will process your personal data for the purposes of providing you with work-finding or work-seking services.   In particular, the Company will use the personal information we collect about you to:

    1. Assess your skills, qualifications and suitability for available contracts.
    2. Communicate with you regarding available placements.
    3. Keep records relating to placements and feedback.
    4. Make payments to you, if applicable, deducting tax and national insurance contributions.
    5. Administer the contract we have entered into with you.
    6. Deal with any legal disputes involving you, including incidents whilst on placement.
    7. Comply with our legal, regulatory or contractual obligations.
    8. Prevent fraud.

     

    The Company will be entitled to collect, hold and process this personal data in accordance with one or more of the following lawful grounds:

    1. Your consent has been given.
    2. In order for the Company to comply with legal or other regulatory obligations.
    3. To comply with and perform any contractual obligations the Company has to you and/or in order to be able to take steps at your request to enter into a contract with the Company.
    4. To protect the Company’s legitimate interests including to ensure compliance with the requirement of any trade bodies we are associated with and the provision of data to training providers (e.g. the construction industry training board).  The Company is also entitled to hold and process personal data if it becomes aware of a claim or potential claim relating to any particular placement taken up by you or injury suffered by you.

     


         b. “Special Categories” of Sensitive Personal Data

    This is data which relates to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information relating to your physical or mental health, sex life or sexual orientation, genetic and biometric data that uniquely identifies you as an individual.

    This information requires a higher level of protection and we need to have further justification for collecting, storing and using this type of personal information.  We may process “special categories” of sensitive personal data in the following circumstances:

    1. In limited circumstances, with your explicit consent.  The Company would approach you for your written consent providing you at that time with full details of the information we would like and the reason we need it so that you can carefully consider whether you wish to consent.
    2. Where we need to carry out our legal obligations or exercise rights in connection with your contract with the Company. 
    3. Where it is needed in the public interest, such as for equal opportunities monitoring. 

     

    Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.
    The Company will use such particularly sensitive personal information in the following ways:

    1. We will use information about your physical or mental health, or disability status, to ensure your health and safety, if any reasonable adjustments are required and to assess your fitness for particular placements.
    2. We will use information about your race or nationality or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.

     

         c. Criminal Convictions

    We will only use information relating to criminal convictions where the law allows us to do so.  This is usually where such processing is necessary to carry out our obligations, and which will be done so in line with the Company’s Data Protection Policy.

    Less commonly, we may use information relating to criminal convictions where it is necessary in relation to legal claims, where it is necessary to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

    We will only collect information about criminal convictions if it is appropriate given the nature of any placement and where we are legally able to do so.  We will use information about criminal convictions and offences in the following ways:

    1. Where our contracts with our clients dictate that such disclosure must be made as part of the Company’s standard processes;
    2. Where aggregated responses of candidates' criminal activity is required as part of the submission process for tenders.

    We have in place appropriate safeguards when processing such data.



         d. Personal Information We May Collect From You

    1. In order to provide the best possible employment opportunities that are tailored to you, we need to process certain information about you. We only ask for details that will genuinely help us to help you, such as your name, age, contact details, education details, employment history, emergency contacts, immigration status, financial information (where we need to carry out financial background checks), and national insurance number (and of course you may choose to share other relevant information with us).
    2. Where appropriate and in accordance with local laws and requirements, we may also collect information related to your health including any medical condition, health and sickness records, diversity information or details of any criminal convictions.
    3. In order to provide you with suitable employment opportunities safely and securely and to provide for every eventuality for you and our team we need some basic background information for Emergency Contacts and Referees. We only ask for very basic contact details, so that we can get in touch with them either for a reference or because they been listed as an emergency contact for you.
    4. When you interact with us via our website we collect a limited amount of data from you which we use to help us to improve your experience when using our website and to help us manage the services we provide.  This includes information such as how you use our website, the frequency with which you access our website, and the times that our website is most popular. 

         e. How We Collect Your Personal Data

    We collect personal data about you from the following sources:

    1. You, the candidate;
    2. From third parties (such as job boards, social media) and other candidates under the Company’s candidate referral scheme (including the following data: name, email address, contact numbers, availability dates).
    3. If relevant, the Disclosure and Barring Service in respect of criminal convictions
    4. Your named referees, from whom we collect categories of data which may include (subject to responses) Name, Position/s Held, Dates of Employment, Employer Ratings of Attendance, Technical Knowledge, Quality of Work, Communication Skills, Relationship with Colleagues, Flexibility, Timekeeping, Willingness to Re-employ.

    To the extent that you access our website or read or click on an email from us, we may also collect certain data automatically or through you providing it to us.

    We may collect your data automatically via cookies when you visit our website, in line with cookie settings in your browser.


         f. Recipient/s of Data

    The Company may share your personal data and/or, where appropriate, “special categories” of personal data with the following recipients:

    1. Providers of the Company’s core operating applications/systems (Database, Payroll)
    2. Providers of services to maintain and secure the Company’s IT infrastructure
    3. Providers of services where it is necessary to meet the Company’s obligations under our contract with you
    4. Clients where you have consented to your details being shared with them in advance of them being sent, to fulfil our obligations under our contract with you

    All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies on data protection. 


         g.  If You Fail to Provide Personal Information

    If you fail to provide personal information when requested then the Company may not be able to do the following:

    1. fulfil its obligations under our contract with you
    2. fulfil statutory and legal obligations (including those which arise as a result of our contract with you)


         h. Change of Purpose

    We will only use your personal information for the purposes for which we collect it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.  If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

    Please note that we may process your personal information without your knowledge or consent in compliance with the above rules, where this is required or permitted by law.

  • You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making. However, the Company will use your selected Preferences that you have identified in the database to match your suitability to our Client requirements in order to fulfil our contract with you to find work.

  • The Company may transfer only the information you provide to us to countries outside the European Economic Area (‘EEA’) for the purposes of providing you with work-finding services. Before we do so we will always take steps to ensure adequate protections are in place to ensure the security of your information, and that treatment of that information by third parties is in a way that is consistent with and which respects the EU and UK laws on data protection. 


    If you require further information about the protective measures we have put in place to ensure the protection of your personal information please contact:


    The Data Manager 

    Blue Inn Ltd 

    GDPR 

    Unit 1 First Floor 

    34-36 High Street 

    Barkingside 

    IG6 2DQ

  • We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know.  They will only process your personal information on our instructions and are subject to a duty of confidentiality.

    We have put into place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of any suspected breach where we are legally obliged to do so.

  • The Company will retain your personal data only for as long as is necessary to fulfil the purposes we have collected it for, including for the purpose of satisfying any legal, accounting or reporting requirements. In particular different laws require us to keep different data for different periods of time. Electronic records will be deleted as appropriate and the Company has facilities for the secure disposal of documentation relating to candidates and clients.

    The Company will store candidate data (both personal and sensitive personal data) for:

    1. At least 1-2 years after creation where specific action has been taken to provide work finding services under our contract with you; and
    2. At least 1-2 years after the date on which services are provided to a client with whom your data has been shared as a result of providing work finding services under our contract with you

     

    We may, however, need to hold both your personal and, where appropriate, “special categories” of sensitive personal data for longer, in some cases significantly longer.  This may be because:

    1. We are contractually required to do so under contractual obligations with our clients
    2. As a result of legislative or regulatory requirements, which may require us to retain your personal data for up to seven years
    3. Retention of the information is necessary because of the risk of a negligence or breach of contract claim and which may require us to retain your information until any such claim has either been resolved or has become time barred and can no longer be pursued.

    Where such records could be relevant to a claim for personal injury the Company will retain data for a minimum of 21 (twenty one) years from the expiry of our client contract.

    Where the Company has obtained your consent to process your personal and/or sensitive personal data, you have the right to withdraw it.  Details of how you can do this are given further below at section 8. 

    We will regularly keep any consent given under review in line with our retention policy.   Where the Company considers it appropriate or necessary it will contact you to seek your continued consent to use your personal data.

    Where consent is not granted the Company will cease to process your personal and/or sensitive personal data unless a contractual or legislative obligation remains requiring us to do so.

  • It is important that the personal information we hold about you is accurate and current.  Please keep us informed if your personal information changes during your working relationship with us.

    Under certain circumstances, by law you have the right to:

    1. Request access to your personal information (Commonly known as a “data subject access request”). 
    2. Request correction of the personal information that we hold about you. 
    3. Request erasure of your personal information where there is no good reason for us continuing to process it.  You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
    4. Objecting to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.  You also have the right to object where we are processing your personal information for direct marketing purposes;
    5. Request the restriction of processing of your personal information.  This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
    6. Request the transfer of your personal information to another party.

    If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact the below in writing:

    The Data Manager
    Blue Inn Ltd
    GDPR
    Unit 1 First Floor
    34-36 High Street
    Barkingside
    IG6 2DQ 
    You will not have to pay a fee to access your personal information (or to exercise any of the other rights).  However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.  Alternatively, we may refuse to comply with the request in such circumstances.

    We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights).  This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

  • Where you have consented to the Company processing your personal and/or special categories of personal data you have the right to withdraw that consent at any time by contacting:

    The Data Manager
    Blue Inn Ltd
    GDPR
    Unit 1 First Floor
    34-36 High Street
    Barkingside
    IG6 2DQ

  • If you wish to complain about this privacy notice or any of the procedures set out in it please contact:

    The Data Manager
    Blue Inn Ltd
    GDPR
    Unit 1 First Floor
    34-36 High Street
    Barkingside
    IG6 2DQ

    You also have the right to raise concerns with Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/concerns/, or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.

  • We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial changes. We will also notify you in other ways from time to time about the processing of your personal information.