S-SA Digital Recruitment

Head Office

Vulcan Works

34-38 Guildhall Rd

Northampton, NN1 1EW

01604 347777

Manchester

76 King Street, M2 4NH

01614 414 810

01604 347777

info@s-sa.co.uk

SSA

Committed to protecting and respecting your privacy.

Privacy Policy

What we do with your personal data.

INTRODUCTION

This Privacy Policy explains what we do with your personal data, whether we are in the process of helping you find a job, continuing our relationship with you once we have found you a role, providing you with a service, receiving a service from you, using your data to ask for your assistance in relation to one of our candidates, or you are visiting our website.

It describes how we collect, use, and process your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.

This Privacy Policy applies to the personal data of our Website Users, Candidates, Clients, Suppliers, and other people whom we may contact in order to find out more about Candidates or who they indicate is an emergency contact. It also applies to the emergency contacts of our Staff. For definitions, see Glossary.

For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”), the company responsible for your personal data (“S-SA” or “us”) can be found here.

It is important to point out that we may amend this Privacy Policy from time to time. Please just visit this page if you want to stay up to date, as we will post any changes here.

If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights and, where relevant, we have described these as well.

This Privacy Policy applies in relevant countries throughout our international network. Different countries may approach data privacy in slightly different ways and so we also have country-specific parts to this Privacy Policy. You can find country-specific terms for your jurisdiction here. This allows us to ensure that we are complying with all applicable data privacy protections, no matter where you are.

Several elements of the personal data we collect from you are required to enable us to fulfil our contractual duties to you or to others.

Depending on the type of personal data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfil our contractual requirements or, in extreme cases, may not be able to continue with our relationship.

YOUR PERSONAL DATA 

CANDIDATE DATA

What kind of personal data do we collect?
To provide the best possible employment opportunities that are tailored to you, we need to process certain information about you. We only ask for details that will genuinely help us to help you, such as your name, age, contact details, education details, employment history, emergency contacts, immigration status, in some cases financial information (where we need to carry out financial background checks), and NI number (and of course you may choose to share other relevant information with us). Where appropriate, we may also collect information related to your health, diversity information or details of any criminal convictions.

How do we collect your personal data?
There are two main ways in which we collect your personal data: –

  • Directly from you
  • From third parties

How do we use your personal data?
The main reason for using your personal details is to help you find employment or other work roles that might be suitable for you. The more information we have about you, your skillset, and your ambitions, the more bespoke we can make our service. Where appropriate and in accordance with local laws and requirements, we may also use your personal data for things like marketing, profiling, and diversity monitoring. Where appropriate, we will seek your consent to undertake some of these activities.

Who do we share your personal data with?
We may share your personal data with various parties, in various ways and for various reasons. Primarily we will share your information with prospective employers to increase your chances of securing the job you want. Unless you specify otherwise, we may also share your information with any of our group companies and associated third parties such as our service providers where we feel this will help us to provide you with the best possible service.

CLIENT DATA

What kind of personal data do we collect?
If you are an S-SA Digital customer, we need to collect and use information about you, or individuals at your organisation, in the course of providing you services such as:

  • Finding candidates who are the right fit for you or your organisation.
  • Providing you with a Managed Service Provider (“MSP”) programme (or assisting another organisation to do so).
  • Providing you with Recruitment Process Outsourcing (“RPO”) services (or assisting another organisation to do so).
  • Notifying you of content published by S-SA Digital which is likely to be relevant and useful to you.

How do we collect your personal data?

There are two main ways in which we collect your personal data:

  • Directly from you.
  • From third parties (e.g. our candidates) and other limited sources (e.g. online and offline media).

How do we use your personal data?

The main reason for using information about clients is to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly. This may involve:

  • Identifying Candidates who we think will be the right fit for you or your organisation.
  • Providing you with an MSP programme (or assisting another organisation to do so).
  • Providing you with RPO services (or assisting another organisation to do so). The more information we have, the more bespoke we can make our service. 

Who do we share your personal data with?
We will share your data:

  • Primarily to ensure that we provide you with a suitable pool of candidates.
  • To provide you with an MSP programme (or assist another organisation to do so).
  • To provide you with RPO services (or assist another organisation to do so). Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers to help us meet these aims.

SUPPLIER DATA

What kind of personal data do we collect?

We need a small amount of information from our Suppliers to ensure that things run smoothly. We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).

How do we collect your personal data?

We collect your personal data while working with you.

How do we use your personal data?

The main reasons for using your personal data are to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly, and to comply with legal requirements.

Who do we share your personal data with?

Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers and organisations to whom we provide services.

PEOPLE WHOSE DATA WE RECEIVE FROM CANDIDATES AND STAFF, SUCH AS REFEREES AND EMERGENCY CONTACTS

What kind of personal data do we collect?
To provide candidates with suitable employment opportunities safely and securely and to provide for every eventuality for them and our staff, we need some basic background information. We only ask for very basic contact details, so that we can get in touch with you either for a reference or because you’ve been listed as an emergency contact for one of our candidates or staff members.

How do we collect your personal data?

We collect your contact details only where a candidate or a member of our staff puts you down as their emergency contact or where a candidate gives them to us in order for you to serve as a referee.

How do we use your personal data?

We use referees’ personal data to help our candidates to find employment which is suited to them. If we can verify their details and qualifications, we can make sure that they are well matched with prospective employers. We may also use referees’ personal data to contact them in relation to recruitment activities that may be of interest to them. We use the personal details of a candidates or staff member’s emergency contacts in the case of an accident or emergency affecting that candidates or member of staff.

Who do we share your personal data with?

Unless you specify otherwise, we may share your information with any of our group companies and associated third parties such as our service providers and organisations to whom we provide services.

WEBSITE USERS

What kind of personal data do we collect?
We collect a limited amount of data from our website users which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes information such as name, email address, telephone number, salary/day rate, location, gender, nationality, and your formatted CV.

How do we collect your personal data?

We collect your data when you visit our website and all information is voluntarily entered by the user in the Application Form, Contact Us and Upload Your CV page. 

How do we use your personal data?

We use your data to help us to improve your experience of using our website, for example by analysing your recent job search criteria to help us to present jobs to you that we think you’ll be interested in. Please note that communications to and from S-SA’s staff including emails may be reviewed as part of internal or external investigations or litigation. 

Who do we share your personal data with?

Unless you specify otherwise, we may share your information with providers of web analytics services, marketing automation platforms and social media services to make sure any advertising you receive is targeted to you.

HOW DO WE SAFEGUARD YOUR PERSONAL DATA?

We care about protecting your information. That is why we put in place appropriate measures that are designed to prevent unauthorised access to, and misuse of, your personal data.

HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?

If we have not had meaningful contact with you (or, where appropriate, the company you are working for or with) for a period of three years, we will delete your personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it (for example, because of our obligations to tax authorities or in connection with any anticipated litigation).

HOW CAN YOU ACCESS, AMEND OR TAKE BACK THE PERSONAL DATA THAT YOU HAVE GIVEN TO US?

Even if we already hold your personal data, you still have various rights in relation to it. To get in touch about these, please contact us. We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of any applicable laws. Please note that we may keep a record of your communications to help us resolve any issues which you raise.

Right to object – If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.

Right to withdraw consent – Where we have obtained your consent to process your personal data for certain activities (for example, for profiling your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.

Data Subject Access Requests (DSAR) – Just so it’s clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or Delete such information. At this point we may comply with your request or, additionally do one of the following: 

– We may ask you to verify your identity or ask for more information about your request.

– Where we are legally permitted to do so, we may decline your request, but we will explain why if we do so. 

Right to erasure – In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data but will generally assume that you would prefer us to keep a note of your name on our register of individuals who would prefer not to be contacted. That way, we will minimise the chances of you being contacted in the future where your data are collected in unconnected circumstances. If you would prefer us not to do this, you are free to say so.

Right of data portability – If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.

Right to lodge a complaint with a supervisory authority – You also have the right to lodge a complaint with your local supervisory authority:

Details of your local supervisory authority: The Information Commissioner’s Office.

You can contact them in the following ways:

Phone: 0303 123 1113
Email: casework@ico.org.uk 

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. 


If your interests or requirements change, you can unsubscribe from part or all of our marketing content (for example job role emails) by clicking the unsubscribe link in the email, or by updating your preferences by sending an email to info@s-sa.co.uk.  

HOW DO WE STORE AND TRANSFER YOUR DATA INTERNATIONALLY?

For us to continue operating in this way, we may have to transfer or store your data internationally.   

WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA ON THE S-SA WEBSITE?

S-SA controls the processing of personal data on its website(s).  

HOW TO CONTACT US

S-SA is responsible for processing the personal data of website users, candidates, clients, suppliers and the emergency contacts and referees of candidates. 

How you can get in touch with us:

  • To access, amend or take back the personal data that you have given to us.
  • If you suspect any misuse or loss of or unauthorised access to your personal information.
  • To withdraw your consent to the processing of your personal data (where consent is the legal basis on which we process your personal data).
  • With any comments or suggestions concerning this Privacy Policy.
  • You can write to us at the following address: S-SA Digital, MEPC Silverstone Park, Innovation Centre, Silverstone Park, Silverstone, Towcester, NN12 8GX.
  • Alternatively, you can send an email to: info@s-sa.co.uk.  
  • To unsubscribe to any marketing emails, click on the unsubscribe link in the email or contact us by emailing info@s-sa.co.uk

DATA RETENTION POLICY

INTRODUCTION

Effective data management is vital to allow S-SA Digital to carry out its business functions. To comply with the principles of General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the Data Protection Act 1998, records containing personal data must be:

  • Disposed of appropriately to ensure that copyrights are not breached and to prevent them falling into the hands of unauthorised personnel.
  • Retained for as long as necessary.
  • Retrievable and easily traced.
  • Stored appropriately having regard to the sensitivity and confidentiality of material recorded. 

This policy applies equally to paper, electronic media and any other method used to store personal data.

OUR DATA RETENTION POLICY

  • We will only hold data on candidates that is relevant to our business relationship e.g. CV, contact details and meaningful contact.
  • If a candidate has been engaged on assignment by S-SA Digital, we will keep relevant data for HMRC purposes for seven years.
  • We will delete your personal data from our systems if we have not had any meaningful contact with you for three years (or for a longer period as we believe in good faith that the law or relevant regulators require us to preserve your data).
  • For those candidates, whose services are provided via a third-party company or other entity, “meaningful contact” with you means meaningful contact with the company or entity which supplies your services. Where we are notified by such company or entity that it no longer has that relationship with you, we will retain your data for no longer than three years from that point or, if later, for the period of three years from the point we subsequently have meaningful contact directly with you.
  • At any time, a candidate may request that we delete their personal information. The candidate will be informed of what deletion means for them and their relationship with S-SA Digital, and what personal data can be deleted within 30 days of their request.

When we refer to “meaningful contact”, we mean, for example, communication between us (either verbal or written), or where you are actively engaging with our services. If you are a candidate, we will consider there to be meaningful contact with you if you submit your updated CV onto our website or via our Recruitment Consultants. We will also consider it meaningful contact if you communicate with us about potential roles, either by verbal or written communication or click through from any of our marketing communications.

GLOSSARY

  • Candidates – includes applicants for all roles advertised or promoted by S-SA, including permanent and contract roles with S-SA’s Clients; as well as people who have supplied a speculative CV to S-SA not in relation to a specific job. Individual contractors and employees of suppliers or other third parties put forward for roles with S-SA, Clients as part of an MSP offering or otherwise will be treated as candidates for the purposes of this Privacy Policy.
  • Clients – while it speaks for itself, this category covers our customers, clients, and others to whom S-SA provides services too.
  • Delete – while we will endeavour to permanently erase your personal data once it reaches the end of its retention period or where we receive a valid request from you to do so, some of your data may still exist within our systems, for example if it is waiting to be overwritten. For our purposes, this data has been put beyond use, meaning that, while it still exists on an archive system, this cannot be readily accessed by any of our operational systems, processes, or staff.
  • General Data Protection Regulation (GDPR) – a European Union statutory instrument which aims to harmonise European data protection laws. It has an effective date of 25 May 2018, and any references to it should be construed accordingly to include any national legislation implementing it.
  • Managed Service Provider (MSP) programmes – Clients’ outsourcing of the management of external staff (including independent contractors) to an external recruitment provider.
  • Other people whom S-SA may contact – these may include Candidates’ and S-SA’s Staff emergency contacts and referees. We will only contact them in appropriate circumstances.
  • Recruitment Process Outsourcing (RPO) services – full or partial outsourcing of the recruitment process for permanent employees to a recruitment provider.
  • Staff – includes employees and interns engaged directly in the business of S-SA (or who have accepted an offer to be engaged) as well as certain other workers engaged in the business of providing services to S-SA (even though they are not classed as employees). For these purposes we also include employees of S-SA who are engaged to work on Clients’ premises under the terms of RPO or MSP agreements. To be clear, ‘Staff’ does not include individuals hired by S-SA for the purpose of being placed with Clients outside of an RPO/MSP arrangement. These individuals are treated in the same way as S-SA’s Candidates and are covered by this Privacy Policy. Likewise, independent contractors and consultants performing services for S-SA fall within the definition of a ‘Supplier’ for the purposes of this Privacy Policy.
  • Suppliers – refers to partnerships and companies (including sole traders), and typical workers such as independent contractors, who provide services to S-SA. In certain circumstances S-SA will sub-contract the services it provides to Clients to third party suppliers who perform services on S-SA’s behalf. In this context, suppliers that are individual contractors or employees of suppliers will be treated as Candidates for data protection purposes. Please note that in this context, S-SA requires Suppliers to communicate the relevant parts of this Privacy Policy (namely the sections directed at Candidates) to their employees.
  • Website Users – any individual who accesses the S-SA website.