Hirobe Privacy Notice 

Hirobe is a recruitment company that helps work seekers find new job opportunities and helps companies to hire for their job vacancies.

What types of information do we collect?

Candidates (to be placed with our clients)

We process certain personal information from you so that we can connect you with present and future job opportunities from our clients. This allows us to provide you with the services you would expect from us as an employment and recruitment business. We will only ever collect information that we genuinely need and which is necessary to be able to provide our work finding services.

Depending on how you engage with us, the personal information we might collect is listed below:

• Full Name
• Address Details
• Contact Details
• Email Address
• LinkedIn Profile
• CV / Resume
• Skills & Experience
• Spoken Languages
• Salary Details and Expected Salary Details
• Video Interview Recordings
• Notice Period / Availability Dates
• The type of jobs that are of interest to you
• Correspondence History
• Job Application History
• Feedback from our Clients on your interviews
• Feedback from our Client on your CV
• References
• Placement History
• Contract Assignment History
• Identification Documents
• Right to Work Documents
• Bank Details / Payment Details
• National Insurance Number
• Limited Company Details
• VAT Number
• Umbrella Company Details
• Employment Business Conduct Regulations Opt Out Agreements
• IR35 Status Determinations
• Contracts
• Invoices
• If you are a candidate applying for a particular vacancy where our client or the nature of the vacancy requires any successful candidates to complete a financial history or background check we may process information about these checks. We will always ask for your explicit consent to complete these checks.

The main ways we may collect your personal data:

• When you apply for a vacancy that we are or a client is listing. This may be directly through our website, email or phone, via a job board, LinkedIn or by visiting our offices in person.
• When you send us your details via our website. This may be by registering with us, uploading a CV or contacting us.
• When we conduct a recorded video interview with you. This is part of our video interview service we offer to our clients and candidates where we conduct a video interview with you to support your job search. This is conducted through our video interview platform and we rely on your explicit consent to record the interview.
• If you are referred to us by a third party e.g. a colleague at work. We will always inform you that we have received your data and will provide you with an option to object to your data being added to our database.
• If we have identified you as a prospective candidate. This may be from a job board listing, LinkedIn, other social media sources or market research. We will always inform you that we have collected your data and will provide you with an option to object to your data being processed.

The main ways we process your data:

• To update our internal records and database. We add your details to our database so that we help you with your job search and match your skills against our client’s job vacancies.
• So that we can communicate with you. We may contact you via email, phone or through social media to contact you about relevant job opportunities, to discuss your interest in job opportunities, or send you information that is relevant to your job search.
• Sharing your personal data with prospective employers. We will only do this with your consent and where we have discussed the employer with you.
• Sharing a video interview recording with prospective employers. As part of our video interview service where we conduct a video interview with you to support your job search. This is conducted through our video interview platform and we rely on your explicit consent.
• So that we can send you job alerts. If you have selected to receive automatic job alerts.
• So that we can send you our newsletter. If you have consented to receive our newsletter.
• If we enter into a contract with you. Contractors provide us with further information under the obligation to fulfil a contract so that we can manage their payment as a service to our clients. As part of this arrangement, we will share the data with the client and the HMRC under a legal obligation.

Candidates (for Internal Hirobe Job Positions)

•  Full Name
• Address Details
• Contact Details
• Email Address
• LinkedIn Profile
• CV / Resume
• Skills & Experience
• Salary Details and Expected Salary Details
• Notice Period
• References
• Interview Feedback
• Interview Notes

The main ways we may collect your personal data:

• When you apply for an internal vacancy that we are listing. This may be directly through our website, email or phone, via a job board, LinkedIn or by visiting our offices in person.
• If you are referred to us by a third party e.g. a colleague at work. We will always inform you that we have received your data

The main ways we process your data:

• To keep a record of your application and to review your CV and experience.
• So that we can communicate with you. We may contact you via email or phone to discuss your application, and to send you information about the recruitment process.
• Conducting the interview process. We will process your data in order to conduct interviews through the various stages in order to consider your suitability for the role for which you have applied.
• If we enter into a contract with you. Following successful completion of the recruitment process, we will process your data in order to enter into an employment contract with you. Some data may also need to be shared with the HMRC under a legal obligation.

Prospective Clients and Clients

As a client or prospective client of Hirobe we process some personal data so that we can approach you about our services and so that we can match work seekers for your job vacancies. We only collect the information we genuinely need, which is necessary for us to be able to offer and provide you with our services to you.

Depending on how you engage with us the personal information we might collect is listed below:

• Full Name
• Company Name
• Company Email Address
• Job Title
• Contact Details
• Company Address Details
• LinkedIn Profile
• Correspondence History
• Contracts
• Invoices

The main ways we may collect your personal data:

• When you contact us. This may be direct through our website, email or phone, LinkedIn or by visiting our offices in person.
• When we contact you about our services.
• If you are referred to us by a third party. In case you are referred to us as a prospective client, we will inform you that we have received your business data via a referral and will provide you with an option to object to your data being processed if you are not interested in engaging our services and becoming a client.
• If we have identified you as a prospective client. This may be from an event we have held, LinkedIn, other social media or online sources such as third-party providers of business data. We will always inform prospective clients that we have collected their data and will provide them with an option to object to their data being processed.
• To send you marketing material. We may send you marketing material that we deem relevant to supporting you with your hiring strategy. You are able to opt out of this at any time.

The main ways we process your data:

• So that we can offer our services to you.
• To update our internal records and database.
• When we enter into a contract with you or in preparations to enter a contract with you.
• So that we can share information with our candidates when you have engaged with our services.
• To send you relevant marketing material about campaigns that we may run from time to time.

Suppliers

We collect the information about you that is necessary to make sure that contract arrangements between us are properly managed. This ensures that the relationship runs smoothly, and we comply with legal requirements. Typically, this will be names, contact numbers, addresses of people within your organisation and payment details.

The main ways we process your data:

• When we enter into a contract with you.
• To perform our contract with you.
• To process payment services.

If you use our website

This applies to all users of our websites – the general public, candidates, clients and suppliers.

We only collect the information we genuinely need, which is necessary for legitimate interests to be able to provide a great website experience and our work-finding services.

This includes:

• Any information you provide to us via our website (for example "contact us", "subscribe", “register", “upload a cv” and “submit a brief”)
• Cookies on our website Cookie Policy
• Your IP Address (automatically collected),
• Times, dates, frequency and the way you use and interact with its content.

Where any data is collected through cookies which are not strictly necessary, we first obtain your consent.

Where any links within our website redirect you to other websites, please read the privacy notices of those websites to understand how they process your personal data. This privacy notice does not extend to your use of such websites.

Our lawful reasons for processing your personal data

In order to comply with our privacy obligations, we need to have lawful grounds for processing your personal data. The lawful reasons which we rely on for the purposes of processing your data which were noted above are:

• Legitimate Interests. This means that we have determined to have grounds for processing your personal data that outweigh your interests as an individual. To rely on this lawful basis, we have balanced the two interests and always take your interests into consideration. As a Candidate searching for a job placement, we may process some data with the interest of your work placement and to manage your data within our internal systems. As a client or Supplier, we have business interests in processing your data so that we can enter into and fulfil legal agreements.
• Contract. This means that we need to process your personal data in order to enter into a contract with you.
• Legal Obligation. This means that we have a legal obligation to process personal data in order to comply with a requirement imposed on us by law.
• Consent. This applies where we are processing your personal data on your consent and agreement for the specific purpose for which the data is being processed.

Disclosure of personal data to third parties

Other than to our own service providers, Hirobe will not pass on your personal data to any other third parties without your consent unless the law requires us to do so.

We may pass on your personal data to service providers contracted to Hirobe in the course of dealings with you. They act as a data processor on our behalf and are obliged under contract to keep your details securely, and only use them to fulfil the services they provide on our behalf. When they no longer need your data to fulfil this service and their legal obligations they dispose of the information.

This includes cloud services, marketing services, communications management services, video interview software services, CRM services, timesheet software, accountancy and financial service providers, security services providers, as well as service providers for background checks and right to work checks.

How long we keep your information for

Candidates for Client job placement

We keep your data whilst we have meaningful contact with you, this includes written and verbal communication, updated CV’s, job vacancies, job applications, subscriptions to our newsletters and marketing or until you know longer want us to. When we’ve not had meaningful correspondence with you for a 5-year period we will delete your information.

Where we have recorded a video interview with you through our video interview platform, all recordings will be automatically deleted 1 year after the date of the recording unless you ask us to delete your recording sooner.

Candidates for Internal Hirobe roles

Where you have applied for an internal role within Hirobe, we will keep your application data for a period of 6 months. Further retention may occur in line with our retention timeframes for employee data if your application is successful and you are offered a role.

Prospective Clients

We keep your data whilst we have meaningful contact with you, this includes written and verbal communication, subscriptions to our newsletters and marketing or until you know longer want us to. When we’ve not had meaningful correspondence with you for a 3-year period we will delete your information.

Clients, Contractors, Suppliers

Where we’ve entered into a contract with you, certain information may persist on backup or archival systems for legal, tax or regulatory purposes for six years after the contract ceases. This includes contact, identity, financial and transactional data.

We store all personal data in line with our retention timeframes.

Information security

We will do our utmost to keep your information secure, for example we store your data on secure servers and have taken organisational and technical measures to safeguard your information. We have contracts in place with our service providers that provide sufficient guarantees that the requirements of the UK GDPR and GDPR will be met and the rights of data subjects protected.

We have procedures in place to deal with any suspected personal data breach, and we will notify you and the Information Commissioners Office (ICO) of a breach where we are legally required to do so.

The transmission of information over the internet can never be completely secure. If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

If you suspect any misuse, loss or unauthorised access to your data, please contact us immediately via privacy@hirobe.io

Transfers outside the UK and European Economic Area

Information which we collect from you may be stored and processed in and transferred to countries outside of the United Kingdom (UK) or European Economic Area (EEA). For example, this could occur if one of our service providers is situated in a country outside the UK or EEA.

We will only transfer information outside the UK or EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your information, e.g. by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission.

To ensure that your information receives an adequate level of protection we have put in place appropriate safeguards and procedures with the third parties we share your data with. This ensures your data is treated by those third parties in a way that is consistent with the data protection legislation.

Your rights

It is important that the information we hold about you is accurate and current. Please keep us informed if your information changes during the period for which we hold it.

You have the following rights in relation to your information:

• Right to correct - the right to have your information rectified if it is inaccurate or incomplete.
• Right to erase - the right to request that we delete or remove your information from our systems in certain circumstances.
• Right to restrict our use of your info - the right to "stop" us from using your information or limit the way in which we can use it.
• Right to data portability - the right to request that we move, copy or transfer your information.
• Right to object - the right to object to our use of your information including where we use it for our legitimate interests.
• Right to access - the right to request access and copies of the information we hold about you at any time.

To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your information (where consent is our basis for processing your information), please contact us via this e-mail address: privacy@hirobe.io

Complaints

If you are not satisfied with the way that we handle your personal data or have questions about this privacy notice, we ask you to please contact us. However, you also have the right to make a complaint to the relevant data protection authority. For the UK, this is the Information Commissioner's Office (ICO). The ICO's contact details can be found on their website at https://ico.org.uk

EU Representative

If you are located in the EU we have appointed IT Governance Europe Limited to act as our EU Representative. If you wish to exercise your rights under the EU General Data Protection Regulation (GDPR), or have any queries in relation to your rights or privacy matters generally please email our Representative at eurep@itgovernance.eu or post your request or query to:

EU Representative:
IT Governance Europe,
The Mill,
Newtown Link Rd,
Stagreenan,
Drogheda,
Co. Louth,
A92 CD3D,
Ireland.

UK Data Protection Officer

The contact details for our designated external Data Protection Officer for the UK are:

By post: DataCo International UK Limited

Suite 1, 7th Floor, 50 Broadway

London, United Kingdom

SW1H 0BL

By email:             privacy@dataguard.co.uk

By phone:            +442035146557