Starling Recruitment Ltd Privacy Policy
Our contact details
Name: Evie Levin
Address: 279 Stamfordham Road, Westerhope, Newcastle
Phone Number: 07966884385
E-mail: evie@starlingrecruitment.com
As a recruitment company Starling Recruitment Ltd processes personal data in relation to its own staff, work-seekers and individual client contacts. It is vitally important that we abide by the principles of the Data Protection Act 1998 and GDPR set out below.
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics for example name and contact details
- CV and work history, references for employment,
- Right to work documents, proof of address
- DBS information and suitability to work with vulnerable children and adults
Starling Recruitment Ltd holds data on individuals for the following general purposes:
- Staff Administration
- Advertising, marketing and public relations
- Accounts and records
- Administration and processing of work-seekers personal data for the purposes of work-finding services
The Data Protection Act 1998 and GDPR requires Starling Recruitment Ltd as data controller to process data in accordance with the principles of data protection. These require that data shall be: –
- Fairly and lawfully processed
- Processed for limited purposes
- Adequate, relevant and not excessive
- Accurate
- Not kept longer than necessary
- Processed in accordance with the data subjects rights
- Kept securely
Personal data means data, which relates to a living individual who can be identified from the data or from the data together with other information, which is in the possession of, or is likely to come into possession of, Starling Recruitment Ltd.
Processing means obtaining, recording or holding the data or carrying out any operation or set of operations on the data. It includes organising, adapting and amending the data, retrieval, consultation and use of the data, disclosing and erasure or destruction of the data. It is difficult to envisage any activity involving data, which does not amount to processing. It applies to any processing that is carried out on computer including any type of computer however described, main frame, desktop, laptop, mobile etc.
Data may only be processed with the consent of the person whose data is held. Therefore if they have not consented to their personal details being passed to a third party this may constitute a breach of the Data Protection Act 1998 and GDPR. By instructing Starling Recruitment Ltd to look for work and providing us with personal data contained in a CV work-seekers will be giving their consent to processing their details for work-finding purposes and confirmation of written consent to share their personal data will be obtained before submitting a CV each time. If you intend to use their data for any other purpose you must obtain their specific consent.
However caution should be exercised before forwarding personal details of any of the individuals on which data is held to any third party such as past, current or prospective employers; suppliers; customers and clients; persons making an enquiry or complaint and any other third party.
The personal information we process is provided to us directly by the candidate for one of the following reasons:
- Application for a permanent position via one of our clients
We also receive personal information indirectly, from the following sources in the following scenarios:
- Social Media or Job Sites such as Linked In and Indeed CV Search
We use the information that you have given us in order to ascertain suitability for employment positions and to introduce to clients on the candidate’s behalf with their permission. We may share this information with variety of organisations who are our clients and written is obtained each time. Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting evie@starlingrecruitment.com
- We have a contractual obligation to our clients to provide full candidate information
- We have a legal obligation to provide information relating to right to work, DBS information as we are supplying candidates to work with vulnerable children and adults.
- We have a legitimate interest We pass your details to a third party only with your consent to put you forward for an existing or potential job role with a client. In order to do this you will need to confirm in writing that you’re happy for us to do this. You can change your mind at any time and ask in writing to be withdrawn from the role.
Your information is securely stored on a computer with a password required for access.
We keep CV’s and registration documents for 3 months, occasionally longer if you have a 3 month notice period to ensure we have passed all the information onto the client that we need to during this time. We will then delete the data.
From a security point of view, only those staff listed in the appendix should be permitted to add, amend or delete data from the database. However all staff are responsible for notifying those listed where information is known to be old, inaccurate or out of date. In addition all employees should ensure that adequate security measures are in place. For example:
- Computer screens should not be left open by individuals who have access to personal data
- Passwords should not be disclosed
- Email should be used with care
- Personnel files and other personal data should be stored in a place in which any unauthorised attempts to access them will be noticed. They should not be removed from their usual place of storage without good reason.
- Personnel files should always be locked away when not in use and when in use should not be left unattended
- Any breaches of security should be treated as a disciplinary issue.
- Care should be taken when sending personal data in internal or external mail
- Destroying or disposing of personal data counts as processing. Therefore care should be taken in the disposal of any personal data to ensure that it is appropriate. For example, sensitive written data must be shredded and a certificate of destruction obtained.
It should be remembered that the incorrect processing of personal data e.g. sending an individual’s details to the wrong person; allowing unauthorised persons access to personal data; or sending information out for purposes for which the individual did not give their consent, may give rise to a breach of contract and/or negligence leading to a claim against Starling Recruitment Ltd for damages from an employee, work-seeker or client contact. A failure to observe the contents of this policy will be treated as a disciplinary offence.
Data subjects, i.e. those on whom personal data is held, are entitled to obtain access to their data on request and after payment of a fee. All requests to access data by data subjects i.e. staff, members, customers or clients, suppliers, students etc should be referred to Evie Levin whose details are also listed on the appendix to this policy.
Any requests for access to a reference given by a third party must be referred to the Director and should be treated with caution even if the reference was given in relation to the individual making the request. This is because the person writing the reference also has a right to have their personal details handled in accordance with the Data Protection Act 1998 and GDPR and not disclosed without their consent. Therefore when taking up references an individual should always be asked to give their consent to the disclosure of the reference to a third party and/or the individual who is the subject of the reference if they make a subject access request. However if they do not consent then consideration should be given as to whether the details of the individual giving the reference can be deleted so that they cannot be identified from the content of the letter. If so the reference may be disclosed in an anonymised form.
Under data protection law, you have rights including
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact us at 279 Stamfordham Road, Westerhope, Newcastle upon Tyne or 0796684385 if you wish to make a request.
If you have any concerns about our use of your personal information, you can make a complaint to us at Evie Levin, 279 Stamfordham Road, Westerhope,. Newcastle upon Tyne..
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk