GDPR Compliance statement
We are committed to putting the rights of our candidates and clients first; by becoming GDPR compliant, we are doing just that. Transparency is a vital part of GDPR; but should there be any information that you require and cannot find, do not hesitate to contact us and we will do our best to fulfil your request.
We have a dedicated team who aim to implement the highest standards of GDPR in practice. The ways we do this include ongoing training, appointing a Data Protection Lead who is overseeing all aspects and maintaining a log of all GDPR compliance work which is regularly updated and reviewed.
Conrad Consulting are a controller who process and store Personal Data on behalf of the Candidate (person applying for role) to help place them in relevant roles with clients (company offering role).
As stated on the ICO website, the seven key principles are at the front of our minds when providing our service. The key principles are as follows:
- Lawfulness, fairness, and transparency – lawfulness means that we are required to have a lawful basis for any personal data we collect and process. Fairness means that we use the data we store and process in the ways listed in our Candidate Privacy Notice and Website Privacy Notice. Transparency means that we must be as clear, open, and honest as possible.
- Purpose limitation – means that we must be transparent about our purposes for processing, this can be found in our Candidate Privacy Notice and the Website Privacy Notice.
- Data minimisation – means that we need to ensure that the data we store, and process is only what is needed for us to fulfil our services, and this is stated in the Candidate Privacy Notice and the Website Privacy Notice.
- Accuracy – means that the personal data we store, and process needs to be up to date and accurate. When we request refresher consent from candidates we ask if any personal data needs to be updated.
- Storage limitation – means that we must only keep data for as long as it is necessary to provide our services, more information can be found in our Candidate Privacy Notice and Website Privacy Notice. We regularly ask Candidates for updated consent, which is required for us to assist with work searches.
- Integrity and confidentiality (security) – means that we need to have sufficient security measures in place to protect any personal data we store, such as limiting access on a ‘need to know’ basis and having regularly updated passwords.
- Accountability – means we need to ensure that we take full responsibility for the personal data we store and process. This includes having appropriate measures and records showing our compliance to all aspects of GDPR and staying up to date with any changes that are put in place.
If you have any queries regarding our GDPR policy or would like additional information regarding data handling, please email our Data Protection Lead, Paula Moyse
paula@conradconsulting.co.uk.