• Introduction

• Who We are

• The Types of Personal Data we Collect

• How do we collect your personal data?

• How do we use your personal data?

• Purposes of the Processing and the Legal Basis for Processing;

• Withdrawing Consent;

• When we Share Personal Data;

• Where we Store and Process Personal Data;

• How we Secure Personal Data;

• Policies and Procedures;

• Personal Data Retention;

• Your Rights Relating to your Personal Data;

• Links and Connections to Third-Party Services;

• Contacting Information Security Solutions Ltd;

• Changes to our Privacy Policy

 

Your privacy and trust are important to us and this Privacy Policy provides important information about how Information Security Solutions Ltd. (Information Security Solutions) handles Personal Data.

 

This Privacy Policy explains what we do with your Personal Data, whether we are starting our relationship, continuing our relationship with you, providing you with a service, receiving a service from you, or you are visiting our website.

 

It describes how we collect, use and process your Personal Data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.

 

This Privacy Policy applies to the Personal Data of our website users, employees, Clients and suppliers.

For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679 - the "General Data Protection Regulations") and its enactment into Law in England and Wales (The Data Protection Act) the company responsible for your Personal Data is Information Security Solutions, whose contact details can be found at the end of this policy.

 

It is important to point out that we may amend this Privacy Policy from time to time. Please just visit this page if you want to stay up to date, as we will post any changes here.

Information Security Solutions is committed to the responsible handling and protection of Personal Data.

 

If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights and, where relevant, we have described these as well. Our contact details are given at the end of this Policy.

 

Please read this Policy carefully and contact our Data Protection Officer if you have any questions about our privacy practices or your Personal Data choices. It is important that you check back often for updates to this Policy. If we make changes we consider to be important, we will contact you using other methods such as email. 

 

 

Information Security Solutions has been in business since April 2000.  We are a Recruitment Agency and Events Company for Cyber/Information Security professionals. We maintain a very strong service ethos and commit to operating with transparency and integrity at all times.

Information Security Solutions has a substantial quantity of clients, candidates, events guests and suppliers. 

 

• Candidate Data

• Client Data

• Guest

• Supplier Data

• People whose data we receive from candidates (e.g. referees):

• Website Users:

 

In order to provide the best possible employment opportunities that are tailored to you, we need to process certain information about you. We only ask for details that will genuinely help us to help you, such as your name, age, contact details, education details, employment history, emergency contacts, immigration status, financial information (where we need to carry out financial background checks), and National Insurance number (and of course you may choose to share other relevant information with us). Where appropriate and in accordance with local laws and requirements, we may also collect information related to your health, diversity information or vetting checks. We also need other information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).

 

If you are an Information Security Solutions customer, we need to collect and use information about you, or individuals at your organisation, in the course of providing you services such as, finding Candidates who are the right fit for you or your organisation, information regarding your sponsored event requirements.

 

We need a small amount of information from our Suppliers to ensure that things run smoothly. We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).

 

People whose data we receive from candidates (e.g. referees)

In order to provide Candidates with suitable employment opportunities safely and securely and to provide for every eventuality for them, we need some basic background information. We only ask for very basic contact details, so that we can get in touch for references and employment dates verification. 

 

We collect a limited amount of data from our Website Users which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes information such as how you use our website, the frequency with which you access our website, and the times that our website is most popular.

A number of elements of the personal data we collect from you are required to enable us to fulfil our contractual duties to you or to others. Where appropriate, some, for example Candidates' National Insurance numbers, and, religious affiliation, are required by statute or other laws. Other items may simply be needed to ensure that our relationship can run smoothly.

Depending on the type of personal data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfil our contractual requirements or, in extreme cases, may not be able to continue with our relationship.

 

 

There are two main ways in which we collect your personal data:

1. Directly from you

2.From third parties

To the extent that you access our website or read or click on an email from us, we may also collect certain data automatically or through you providing it to us.

 

There are two main ways in which we collect your personal data:

1 Directly from you

2 From third parties (e.g. our Candidates) and other limited sources (e.g. online and offline media).

To the extent that you access our website or read or click on an email from us, we may also collect certain data automatically or through you providing it to us. 

 

We collect your personal data during the course of our work with you or you provide a service to us.

To the extent that you access our website or read or click on an email from us, or contact us, we may also collect certain data automatically or through you providing it to us. People whose data we receive from candidates (e.g. referees): We collect your contact details only where a Candidate or event guest gives them to us in order for you to provide information e.g. serve as a referee.

 

We collect your data automatically via cookies when you visit our website, in line with cookie settings in your browser. We will also collect data from you when you contact us via the website.

 

How do we use your personal data?

 

The main reason for using your personal details is to help you find employment or other work roles that might be suitable for you. The more information we have about you, your skillset and experiences, the more focused we can make our service. Where appropriate and in accordance with local laws and requirements, we may also use your personal data for things like marketing, profiling and diversity monitoring. Where appropriate, we will seek your consent to undertake some of these activities. 

 

The main reason for using information about Clients is to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly. This may involve:  identifying Candidates who we think will be the right fit for you or your organisation. The more information we have, the more tailored we can make our service. 

 

The main reasons for using your personal data are to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly, and to comply with legal requirements.

 

People whose data we receive from candidates (e.g. referees)

We use referees’ personal data to help our Candidates to find employment which is suited to them. If we are able to verify their details and qualifications, we can make sure that they are well matched with prospective employers. We may also use referees' personal data to contact them in relation to recruitment activities that may be of interest to them.

 

We use your data to help us to improve your experience of using our website, for example by analysing your recent job search criteria to help us to present jobs to you that we think of our websites to enhance other aspects of our communications with, or service to, you. 

 

 

We need certain personal information primarily to allow us to perform our contract with you and to enable us to comply with legal obligations. In some cases, we may use your personal information to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests. 

 

The situations in which we will process your personal information are listed below.

• Providing our recruitment services

• To maintain business relationships with clients and candidates

• To submit your CV to third parties

• Checking you are legally entitled to work in the UK

• Assessing qualifications for a particular job

• To determine your suitability for a particular job

• Send you marketing communications and information relating to our services which we think may be of interest to you (which you have the right to opt-out of)

• Improving our services: We may use your Personal Data for auditing, data analysis, and research to improve our products, services and content.

• Legal obligations: 

   o We may be required to use and retain Personal Data for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. We may also use Personal Data to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate:

   o under applicable law;

   o to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence;

• to enforce our terms and conditions

• to protect our rights, privacy, safety, or property, or those of other persons.

If you are engaged as an employee or contractor through Information Security Solutions we may also need additional information for the following reasons:

• Administering the contract, we have entered into with you

• Paying you, deducting tax and National Insurance contributions

• Dealing with legal disputes involving you, or other employees, workers and contractors

• To prevent fraud

• Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

 

 

If you fail to provide certain information when requested, we may not be able to represent you as a recruitment agency, or we may be prevented from complying with our legal obligations.

 

 

In certain circumstances we will share your personal information with other parties.  Details of those parties are set out below along with the reasons for sharing it.

 

We will share your personal information as above for any or all of the following purposes:

• to provide you with recruitment services;

• for business development;

• for development and marketing of other products and services;

• to improve our customer service and to make our services more valuable to you

 

We disclose your personal information to clients who have vacancies for jobs in which you are interested.

 

• We will share your personal information and, where necessary, your sensitive personal information with trusted third parties where we have retained them to provide services that you or our clients have requested, such as:

• employment reference checking;

• qualification checking;

• criminal reference checking (as required);

• verification of details you have provided from third party sources; and/or

• psychometric evaluations or skills tests. 

We will also share your personal information with third parties who perform functions on our behalf and provide services to us such as:

• professional advisors;

• data analytics providers;

• IT consultants carrying out testing and development work on our business technology systems;

• research and mailing houses

• function co-ordinators.

Regulatory and Law Enforcement Agencies

• As noted above, if we receive a request from a regulatory body or law enforcement agency, and if permitted under GDPR and other laws, we may disclose certain personal information to such bodies or agencies.

New business owners

If we or our business merges with or is acquired by another business or company, we will share your personal information with the new owners of the business or company and their advisors.  If this happens, you will be sent notice of such event.

 

 

Information Security Solutions is a UK organisation, and we take steps to ensure that the information we collect is processed according to this Privacy Policy and the requirements of applicable law wherever the data is located.

We collaborate with third parties such as cloud hosting services, suppliers, and technology support located in UK and Europe to serve the needs of our business and Clients. We take appropriate steps to ensure that Personal Data is processed, secured, and transferred according to applicable law.

 

 

Information Security Solutions takes data security seriously, and we use appropriate technologies and procedures to protect Personal Data. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology and regulatory requirements.

 

For example: Policies and Procedures

We have measures in place to protect against accidental loss and unauthorised access, use, destruction or disclosure of data.

We have a Business Continuity and Disaster Recovery strategy that is designed to safeguard the continuity of our service to our Clients and to protect our people and assets and is subject to regular testing to ensure it is fit for purpose and remains so.

We place appropriate restrictions on access to Personal Data, which is subject to regular review for continued business need.

We implement appropriate measures and controls, including monitoring and physical measures, to store and transfer data securely.

 

 

Information Security Solutions retains Personal Data for as long as we reasonably require it for legal or business purposes. In determining data retention periods, Information Security Solutions takes into consideration local laws, contractual obligations, and the expectations and requirements of our Clients, including the right to erasure. When we no longer need Personal Data, we securely delete or destroy it.

 

 

We respect your right to access and control your Personal Data, and we will respond to requests for information and, where applicable, will correct, amend, or delete your Personal Data. The Data Subject has the following rights:

• Access to personal information: If you request access to your personal information, we will gladly comply, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data.

• Correction and deletion: You have the right to correct or amend your personal information if it is inaccurate or requires updating. You also have the right to request deletion of your personal information; however, this is not always possible due to legal requirements and other obligations and factors. Remember that you can update your account information by using the “Contact Us” as defined in our Privacy Policy on our website.

• Marketing preferences: Where you have provided your consent to opt in to receiving our newsletter and other marketing material, to opt out of newsletter and other marketing material, you can use the “Contact Us” as defined in our Privacy Policy on our website.

• Object to processing:  Of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

• Request the restriction of processing:  Of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

 

 

Our Services may contain links to and may be used by you in conjunction with third-party apps, services, tools, and websites that are not affiliated with, controlled, or managed by us. Examples include FaceBook, LinkedIn, Twitter and, third-party apps like voice recruitment software and event management software. The privacy practices of these third parties will be governed by the parties’ own Privacy Policies. We are not responsible for the security or privacy of any information collected by these third parties. You should review the privacy statements or policies applicable to these third-party services.

 

 

Any changes we make to our Privacy Policy in the future will be posted on our website and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy.

 

 

If you want to contact use relating to this cookie policy, you can email:

 

enquiries@informationsecuritysolutions.com