Introduction
We take our responsibilities regarding your personal data seriously, and would like you to have complete confidence in this.
So, in this in this document we aim to be totally transparent about what personal data we process, how we handle it, and the different tasks we use it for.
In summary, we use your personal data only for the legitimate purposes you might reasonably expect, take good care of it, and respect your rights regarding it.
In each case below, we’ve indicated our lawful basis for data processing under UK data protection legislation.
We’ve aimed to express this information in a clear and straightforward manner, but if you have any queries regarding it or need any further explanation, please don’t hesitate to contact us.
About Us
The Loates brands linked to from this website are all trading identities of Loates Business Solutions Ltd, a company registered in England with number 7752261 and office at Middle Mill, Darley Abbey Mills, Derby, DE22 1DZ.
Consequently, Loates Business Solutions Ltd is a data controller in relation to the personal information that we collect as from you as part of the services provided by these trading identities.
Scope
This privacy policy covers general topics that are equally applicable to all our trading identities.
For topics that only apply to a particular trading identity, please see the privacy policy on the website of that particular identity.
Website Visitors
• Cookies
As with most other organisations, our websites use ‘cookies’, which are small files saved by your browser when you visit them.
You can find out more about ‘cookies’ from the Information Commissioner’s Office.
This allows us to…
- ensure the proper functioning of our websites
- analyse the effectiveness of our marketing campaigns
We don’t use tracking for third-party advertising purposes.
Our lawful basis for data processing in this case is legitimate interest.
• Logging
As with most other organisations, we log your access to our websites, which may include such technical information as your IP address, device used, browser type, and pages visited.
This allows us to…
- protect the security of our websites
- carry out analytics relating to the use and performance of our websites
Such technical information is logged by our webserver, which is provided by one of our third-party data sub-processors.
Our lawful basis for data processing in this case is legitimate interest.
• Security
As with most other organisations, we use the logged technical information relating to your visit to our website for security purposes.
This allows us to…
- maintain the availability and performance of our websites
- protect data stored within our websites
- prevent malicious alteration of our website code
- block malicious users from accessing our websites
- contact the appropriate external agencies in the event of suspected illegal activity taking place
Such technical information is processed by our security service, which are provided by one of our third-party data sub-processors.
Our lawful basis for data processing in this case is legitimate interest.
• Analytics
As with most other organisations, we use the logged technical information relating to your visit to our website for analytic purposes.
This allows us to…
- maintain the availability and performance of our websites
- optimise the design of our websites
- analyse the effectiveness of our marketing campaigns
Such technical information is processed by our analytics service, which are provided by one of our third-party data sub-processors.
Our lawful basis for data processing in this case is legitimate interest.
• Retention
Data collected from website visitors will be retained for the minimum period necessary to perform the outlined tasks, which is unlikely to be longer than 12 months.
Other Personal Data
• Testimonials
If you leave us a testimonial then we may…
- publish it on our websites
- publish it on our social media
- publish it in other forms of marketing material
Published testimonials may include…
- your comments
- your name
- your job title
- your company name
- your image
Testimonials will be retained indefinitely.
If you’d like a previously submitted testimonial to be amended or removed at any point, just let us know.
Our lawful basis for data processing in this case is consent.
Data Sharing
• Website hosting
Our websites are hosted by Webmate.
Consequently, Webmate acts as a data sub-processor for your personal information.
However, such personal information is restricted to only technical data regarding your access to our websites, and does not include any job application related details.
We are confident from the Webmate privacy policy that such sub-processing is carried out in a way that is fully compliant with UK data protection legislation.
Our lawful basis for data processing in this case is legitimate interest.
• Website analytics
Our website analytics are provided by Google Analytics.
Consequently, Google Analytics acts as a data sub-processor for your personal information.
However, such personal information is restricted to only technical data regarding your access to our websites, and does not include any job application related details.
We are confident from the Google privacy policy that such sub-processing is carried out in a way that is fully compliant with UK data protection legislation.
Our lawful basis for data processing in this case is legitimate interest.
• Website security
Our website security is provided by WordFence.
Consequently, WordFence acts as a data sub-processor for your personal information.
However, such personal information is restricted to only technical data regarding your access to our websites, and does not include any job application related details.
We are confident from the WordFence privacy policy that such sub-processing is carried out in a way that is fully compliant with UK data protection legislation.
Our lawful basis for data processing in this case is legitimate interest.
• Client companies
If we shortlist you for a position, we may share your job application related personal information with our client, the end-company seeking to fill the vacancy.
This is so that they can fully participate in the selection process.
Consequently, our client acts as a data sub-processor for your personal information..
As part of our onboarding process for new clients, we ensure that they complete a third-party data processing agreement.
This is so we can have complete confidence that they will treat your personal data with the same care that we do, and fully respect your data protection rights.
If we’ve matched your details from our candidate database as a potential fit for a vacancy, as opposed to you directly applying for that vacancy, then we will explicitly ask for your consent before sharing any of your details with our client.
Our lawful basis for data processing in this case is consent.
• Other third-parties
We don’t share your personal details with any other third-parties, such as those seeking to sell you goods or services.
Data Security
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third-parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. As part of our onboarding process for new clients that may need to process your personal information, we ensure that they complete a third-party data processing agreement.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Withdrawing Consent
You have the right to withdraw your consent for the processing of your personal data at any time. To withdraw your consent, just let us know.
Once we receive notification that you have withdrawn your consent, we will no longer process your application and, subject to our retention policy, dispose of your personal data securely.
Your Rights
By law, you have the right under certain circumstances to…
- Request access to your personal information (commonly known as a data subject access request). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to sone other third-party, please just let us know.
You can find out more about your rights relating to the processing of your personal data from the Information Commissioner’s Office.