Privacy Policy

Data Privacy Policy

The Harvey Nash Group, including all Harvey Nash Group subsidiary companies together, (“Harvey Nash”) is a leading global recruitment consultancy and outsourcing company working on an annual basis with thousands of candidates and clients worldwide.

 

Our reputation is reliant on the trust of people we work with and, consequently, the effective and professional use of the information you provide us is paramount.

 

Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.

 

Overview

This Privacy Policy explains what we do with your personal data, whether as part of helping you find a job, developing your career, providing you with a service that may be of interest, or simply as a result of you visiting our website.

 

We respect your right to privacy. Our overall aim is to ensure that our collection and use of personal information is appropriate to the provision of services to you and is in accordance with applicable data protection laws.


Important definitions in this policy

“You” are a candidate, potential candidate, consultant, client contact or contact at any other organisation involved in the introduction and/or supply of a services.

 

References in this policy to “client contact” means a responsible owner at a client.

 

Specifically, this privacy policy provides you with details about the personal information we collect and hold about you, how we use your personal information and your rights regarding your personal information.


What does Harvey Nash do?

The core of what we do is twofold.

  1. To provide services to help candidates develop their careers
  2. We work with clients to provide consultancy and outsourcing services to help them solve technology challenges

Where does Harvey Nash collect data from?

This privacy policy applies to the collection, storage and use of personal information collected by Harvey Nash (“we” or “us”):

  • via our website at www.nashtechglobal.com; or any other website operated by us (the “site”); or
  • as a result of you responding to an advertisement posted by us on a job board, online CV library or via social media; or
  • as a result of personal recommendations; or
  • from company websites; or
  • from your business card; or
  • in the course of us providing recruitment, resourcing, outsourcing or consultancy services to you (“Services”)


What information do we collect on Client contacts?

Client contacts:  the personal information we collect about you where “you” are a contact at one of our clients.

 

We need to collect information about you as an essential part of providing our services.

 

We may collect personal information about you when:

  • we contact you with a view to providing services to you; or
  • you email us expressing an interest in working with us;
  • you provide us with your business card or other information provided to us, given to our employees at sales and marketing events;
  • you post information or advertisements on job boards or social media websites;
  • we provide services; or
  • we complete contractual documentation relevant to the services,

 

We will usually collect the following information from or about you:

  • your name;
  • your postal address;
  • your phone and e-mail details;
  • details of your role, title and responsibilities within your organisation;

 

Where “you” are a client:

  • any opinion or feedback you share with us regarding our services;
  • details of any queries you raise with us regarding the services;
  • details of any outsourcing requirements or plans you share with us.

What is our lawful basis for processing your personal data?

We use the data we gather to perform a number of tasks, including:

  • placement of a candidate into a particular employment role as defined by our clients; or the provision of resourcing, outsourcing or consultancy
  • maintaining our records of our candidates, clients and contacts;
  • conducting marketing, profiling and business development activities as well as market research and statistical analysis regarding our products and/or services;
  • complying with any legal or regulatory requirements and to make the necessary disclosure under the requirements of any applicable law, regulation, direction, court order, guideline, circular or code which are applicable to us for the prevention of crime.

 

Client contacts: We use the information collected from clients to ensure that we provide business services to you. This will involve identifying candidates that will meet your requirements, or providing other business services from our portfolio.

 

Suppliers: we use the data collected to ensure the business arrangements between us run smoothly.

 

Our lawful basis for processing your data
We consider that it is necessary, for our legitimate interests as a business, to process your personal data. At different stages in the outsourcing processes we also have other lawful grounds for processing your data such as compliance with our legal obligations and where it is necessary for the performance of contracts related to the outsourcing process.

 

A full statement of our legitimate interest may be found here.

 

Where we are required, by law, to obtain your consent to the processing of your personal data we will obtain it.

 

All users of the site and our services

We collect, store and use your personal information for the following purposes:

  • to make the site available to you; and
  • to provide any services that you request.

 

Sometimes, our use of your personal information is for purposes which are ancillary to the provision of the site and services, or which are desirable in order to make them to operate more effectively. In those circumstances, we believe we have a legitimate interest in handling your personal information, and do not believe that this storage and use of your personal information will unduly prejudice your rights or freedoms.

 

For more detail about these circumstances please see appendix 3 below.


How do we share your personal information and who do we share it with?

Your personal data provided to us is processed by Harvey Nash Group plc. We will ensure that:

  • access to your personal data is restricted to staff who are required to process such data as part of their job;
  • only necessary information is released to the relevant employees;
  • we seek your consent before sharing your details with any prospective employer or user of your services.

 

We will disclose information under the following circumstances:

 

Service and site usage information: When we share anonymous information generated by our services with our clients.

 

Third-party service providers: When we share information with third-party service companies for them to facilitate and support us in the provision of the services. This includes:

  • IT support service providers;
  • providers of credit reference, vetting and screening services;
  • payment processors and software providers;

 

These organisations are appointed by Harvey Nash as data processors and authorised to use your personal information only as necessary to provide the relevant services to us. These organisations are required to process such information based on our instructions and in accordance with this privacy policy. They do not have any independent right to share this information.

 

Group companies: We provide your personal information to our subsidiaries or affiliated companies for the purpose of processing personal information on our behalf to provide the site and the services. These parties are required to process such information based on our instructions and in accordance with this privacy policy. They do not have any independent right to share this information.

 

Compliance with laws and legal proceedings: When we respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. When we believe it is necessary to share information in order to investigate, prevent or take actions against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of use, or as otherwise required by law.

 

Merger or acquisition: When we need to transfer information about you if we are acquired by or merged with another company.  If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified by email and/or a prominent notice on our Site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

 

Recruitment and resourcing services: When we are using your personal information in the context of our recruitment and resourcing services, then we may share your personal information with clients where we believe that you may be appropriate for a particular role or vacancy with that client.

 

Umbrella companies and personal service companies:  When you inform us that you are supplying or intend to supply your services via Harvey Nash to a client through an umbrella company or personal service company.

 

Recruitment Process Outsourcing and Managed Service Providers:  In certain cases, there may be an organisation such as a managed service provider acting as a gateway for the supply of Services made via Harvey Nash to the hirer.  Where this is the case, we will share your information with such organisations to the extent that it is necessary for the purposes of the supply.

Where personal information is shared with clients, hirers, umbrella companies, personal services companies or managed service providers in the circumstances described above, then those organisations will handle your personal information in line with their own privacy policies.


International transfers

We want to make sure that your data is stored and transferred in a way which is secure. We will only transfer data outside of the European economic area where the recipient is compliant with the data protection legislation and the means of transfer provides approved safeguards. These will include contractual clauses, the EU – US privacy shield framework, or where the country concerned has been found adequate by the European commission in respect to the levels of data protection.

 

We may send your information between Harvey Nash entities which may exist outside of Europe, to overseas clients or to clients within your country who may in turn transfer your data internationally.

 

The data may also be stored on cloud-based storage for parts of our overall business process.

 

Please be aware that countries which are outside the European Economic Area may not offer the same level of legal protection for your personal information as under UK law, although any collection, storage and use of your personal data by us (or on our behalf) will continue to be governed by this privacy policy.


Personal information, cookies and websites

Our website may offer you the opportunity to pass your personal information to us in relation to a particular role which is of interest to you. This information may be routed through one of our 3rd party suppliers before it is delivered electronically to us. All of our 3rd party suppliers have been vetted to ensure that they will meet our own privacy and security standards in the collection and processing of your personal information.

 

Our website may also link or direct you to other websites or external content which are not within our control. Links to other websites may be provided for your convenience and information. While we will use our best endeavor to ensure that we link or direct you only to websites that share our privacy and security standards, we are not in the position to guarantee the same and we will not be responsible for the protection and privacy of any personal data which you provide on those websites. These sites have their own privacy statement in place, and we recommend you review these if you visit any linked website. You should therefore exercise caution including reviewing the privacy policy of those websites before disclosing any personal data.

 

Technologies such as cookies, beacons, tags and scripts are used by us and our affiliates, or analytics or service providers. These technologies are used in analysing trends, administering the Site, tracking users’ movements around the Site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

 

We use cookies, for example, to remember users’ settings (e.g. language preference) and for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Site, but your ability to use some features or areas of our Site may be limited.

 

Please read more about how we use cookies in appendix 4 below.


How we safeguard your personal data

Harvey Nash is passionate about protecting your information. To this end we have put in place appropriate measures that are designed to prevent unauthorised access to and misuse of your personal data. These include measures to deal with any suspected data breach. If you suspect any misuse or loss of or unauthorised access to your personal information, please let us know immediately by emailing DPO@harveynash.com.

 

Your information is held on servers hosted by us or our Internet Services Provider. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.


Data retention

We don’t keep data for any longer than is necessary. For most people where we have limited contact it will be for a maximum of two years from the date of last contact with us. Where we have engaged with you more extensively, for instance we have worked with you as client, or interviewed / placed you as a candidate, we may retain data longer.

 

We will delete it after that time except where we need to keep any personal information to comply with our legal obligations, resolve disputes, or enforce our agreements.

 

For more information on our data retention policy please contact DPO@harveynash.com.


Your rights, complaints, questions and suggestions

You have certain rights in relation to your personal information. If you would like further information in relation to these or would like to exercise any of them, please contact us via email at any time.

 

Email: DPO@harveynash.com

 

More details on your rights may be found in appendix 5 below.

 

Harvey Nash tries to meet the highest standards when collecting and using personal information. We take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.

 

If you wish to complain about this policy or any of the procedures set out in it please contact our Data Protection Officer via email, DPO@harveynash.com.

 

In the EEA, you may also make a complaint to our supervisory body for data protection matters (the Information Commissioner’s Office in the UK) or seek a remedy through local courts if you believe your rights have been breached.


Marketing activities

Periodically we may send you information that we think you will find interesting or to ask for your expertise in completing a survey. We may also send you information to:

  • market our full range of services
  • send you details of networking and client events and information about the industry sectors we think may be of interest to you.

 

Subject to any applicable local laws and requirements we will not, as a matter of course, seek your consent when sending marketing materials relating to the above but we will always give you the option to unsubscribe of any such mails.

 

Where we have previously engaged with you, for example where you have submitted an online enquiry or CV to us, we will assume that you have given permission for us to contact you with details of services which we believe will be of interest to you.  You will have the right to withdraw such permission at any time.


Profiling, anonymous data & third party sites

Profiling:

Harvey Nash does not utilise any form of automated profiling at this time. All of our activities involve human decision-making during the process. This may change in the future if we implement automated technologies or machine learning, but we will only do so where appropriate and in accordance with local laws and regulations.  Any changes to this policy will be notified as set out below.

 

Anonymous data:

We collect anonymised details about visitors to our website for the purposes of aggregate statistics or reporting purposes.  However, no single individual will be identifiable from the anonymised details we collect for these purposes.

 

Third party sites:

This website contains links to other websites operated by third parties.  Please note that this privacy policy applies only to the personal information that we collect through the site or the services, and we cannot be responsible for personal information that third parties may collect, store and use through their website. You should always read the privacy policy of each website you visit carefully.


Changes to our Privacy Policy

This privacy policy was last updated on 04/05/2018.

 

Please check back regularly to keep informed of updates to this privacy policy. Where we make significant changes to this privacy policy, and we have your email address, we will send you notification of the changes.


Appendix

Appendix 1

We may collect personal data when :

  • you access and browse the site (including when you submit personal information to us through data entry fields on the site); or
  • you respond to an advert posted by us whether via a job board, LinkedIn or other social networking site; or
  • we download details uploaded by you onto a job board, LinkedIn or other social networking site in connection with  our internal market research ; or
  • you contact us by phone, email or otherwise; or
  • we provide services to you; or
  • we contact you with a view to providing services to you; or

 

We may collect the following information from or about you:

  • your name;
  • your postal address;
  • your phone and e-mail details;
  • a copy of your passport details including your passport photograph;
  • any information which has been published or made available on a social media profile or job board (whether by you or a third party), or in any news media;
  • any e mail communications, including attachments, which you send to us.

 

You can update your personal data at any time by forwarding a copy to info@harveynash.com.


Appendix 2

We collect, store and use information that we obtain in relation to you for our legitimate interests:

  • so that we can contact you (via email, SMS or phone) about opportunities and assignments that we believe you may be interested in;
  • to enter into contracts which are necessary in order for your service to be supplies;
  • to carry out market research for our internal use;
  • for internal record keeping purposes;
  • to carry out services that we, you or our client have requested.

 

This storage and use of your personal information allows you to be contacted about roles which may be of interest to you, now or in the future, and we do not believe that this storage and use will unduly prejudice your rights or freedoms.

 

We will store and use your personal information in order to comply with relevant legal obligations to which Harvey Nash is subject.

 


Appendix 3

The relevant circumstances are:

  • detecting and preventing fraud;
  • keeping our site, apps, products and IT systems secure;
  • ensuring that our own processes, procedures and systems are as efficient as possible;
  • analysing and enhancing the information that we collect;
  • determining the effectiveness of our promotional campaigns and advertising; and
  • contacting you with products and services which we think may interest you.

 

In some, relatively limited, circumstances we need to handle your personal information in a certain way to be able to comply with our legal obligations.  For example if we:

  • are requested to disclose your personal information to regulatory bodies;
  • need to demonstrate our compliance with applicable law;
  • are subject to any enquiry from the Employment Agencies Standards Inspectorate or HMRC.

Appendix 4

A cookie (small text files that store information on your hard drive) may be used in the processing of your personal data. A copy of this text file is sent to your computer and/or device whenever it communicates with our server. Cookies help us to understand which sections of our websites are frequently visited. With this information we are able to adapt our website to suit your demands and provide you with a more customised and personalised user experience. We may collect the following information during your visit to our website and/or the fully qualified domain name from which you accessed our site, or alternatively, your IP address:

  • the date and time you access each page of our website
  • the URL of any web page from which you accessed our site (the referrer)
  • the web browser that you are using and the pages you accessed.

Some webpages may require you to provide a limited amount of personal information in order to enjoy certain services on a website (system login credentials, email addresses and contact information). This personal information will only be used for its intended purpose, i.e. to respond to your message or deliver the requested services. You may configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is sent.


Appendix 5

You have the right to request that we:

  • provide access to any personal information we hold about you;
  • update any of your personal information which is out of date or incorrect;
  • delete any personal information which we are holding about you;
  • restrict the way that we process your personal information;
  • prevent the processing of your personal information for direct-marketing purposes;
  • provide your personal information to a third party provider of services;
  • provide you with a copy of any personal information which we hold about you; or
  • consider any valid objections which you have to our use of your personal information.

 

We will consider all such requests and provide our response within a reasonable period (and in any event within any time period required by applicable law). Please note, however, that certain personal information may be exempt from such requests in certain circumstances.

 

If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.

 

You may request to unsubscribe from marketing material at any time. If you wish to contact us with respect to the above matters please email us at DPO@harveynash.com.