Cyber Smart Consulting take privacy very seriously and are committed to the security of processing and storing of personal data. By using this website and supplying your details by filling in forms, you consent to Cyber Smart Consulting collecting and processing personal data for marketing communications purposes and to facilitate the recruitment process. In this policy, “we”, “us” and “our” refers to Cyber Smart Consulting.
How we use your personal data: In this section we have set out:
We may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
We may process your personal data that are provided in the course of the use of our services (“service data”).[ The service data may include your name, email address, job title, company and phone number. The source of the service data is you. The service data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business.
We may process information contained in any enquiry you submit to us regarding goods and/or services (“enquiry data”). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is consent.
We may process information that you provide to us for the purpose of subscribing to our email notifications, receiving invitations to events, company updates, or job alerts of suitable vacancies (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications. The legal basis for this processing is consent.
Providing your personal data to others: We may disclose your name and email address to the supplier our CRM system insofar as reasonably necessary for the management of communications we send you. In addition to the specific disclosures of personal data set out above, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We require any company with which we may share Personal Information to protect that data in a manner consistent with this policy and to limit the use of such Personal Information to the performance of services for Cyber Smart Consulting. We do not sell or otherwise provide Personal Information to other companies for the marketing of their own products or services.
International transfers of your personal data: In this section we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA). Some of our Application Service Providers are situated in the United States. Transfers to the united States will be protected by appropriate safeguards, namely in compliance with the conditions for transfer set out in Chapter V of the GDPR, a copy of which can be obtained from http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&qid=1490179745294&from=en . Our Application Service Providers are compliant with Privacy Shield and the GDPR. You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
Retaining and deleting personal data: This section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data. Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
We will retain your personal data as follows: You contact details will be retained for a maximum period of 12 months following the date of original submission. In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria: the period of retention of your contact details will be determined based on the communication types and frequency of communication you chose when submitting your contact details. Notwithstanding the other provisions of this section we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Opt out: You may “opt out” of receiving Cyber Smart Consulting email updates by sending an email to firstname.lastname@example.org, or by choosing the opt-out option on any one of our email communications. The choice to opt out of such communications is also available during the sign-up process.
Your rights: You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
We may withhold personal information that you request to the extent permitted by law. You may instruct us at any time not to process your personal information for marketing purposes. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes
Data protection legislation regulates the way in which certain data about yourself (received as part of registering with Cyber Smart Consulting), both in paper and electronic form is used and held. Cyber Smart Consulting is registered with the information Commissioner’s Office and fully complies with the requirements placed on it as a ‘data controller’.
Information we collect and how we use it
We collect, and process personal data only as far as is necessary to facilitate the recruitment or placement process. Information such as, but not limited to, your name, email address and CV will be used in some of the following ways:
The following statement describes the type of data that Cyber Smart Consulting keeps about Consultants and the purpose for which it is kept and your rights under the GDPR related to data processed about you, should you register as a Consultants with Cyber Smart Consulting. This applies whether your registration details are received direct by telephone, via the Cyber Smart Consulting website contact form, or from another agency. From the point at which we receive your registration contact details, the Cyber Smart Consulting team will need to maintain and process data about you for the purposes of consultant tracking and placement processes, reaching and communicating recruitment decisions and production of offers of employment if appropriate. Such data is normally retained for six months following completion of our tracking and placement process in the event of an offer of employment not being made.
Cyber Smart Consulting tracking, and placement processes include the collection, storage, retrieval, alteration, disclosure or destruction of data. The kind of data that Cyber Smart Consulting will process includes:
Cyber Smart Consulting believes that those records are consistent with the agency, or consultant, and in the event of a project being secured, employer relationship between Cyber Smart Consulting and yourself and with our requirements under data protection legislation. The data Cyber Smart Consulting holds may be held and processed to meet the Cyber Smart Consulting legal responsibilities and also for the purposes of Consultant Tracking, the management and administration of an offer of contract, ascertaining suitability for placement, to comply with equal opportunity, immigration and money laundering legislation and, from time to time, the need to disclose data it holds about you to relevant third parties (or example where legally obliged to do so by HM Revenue and Customs, UK Border or other public authority, or where requested to do so by yourself for the purpose of giving a reference). Cyber Smart Consulting may also share this data with selected third parties, under agreements which strictly govern the use the third party may make of the data, to facilitate the above uses. In some cases, Cyber Smart Consulting will use automated profiling methods to analyse the above data, including against standard industry benchmarks, but will not use such methods as the sole basis for any related decision making. Cyber Smart Consulting does not process or store any sensitive data, as defined by the legislation.
If you wish to view the information held about you, you must make a written request to the Data Protection Officer(DPO) at email@example.com. You may, within a period of thirty days of your written request, inspect and/or have a copy (subject to the requirements of the legislation) of information held about you and, if necessary, require corrections should such records be faulty. Your rights under the GDPR also include the following:
Should you have any complaints regarding the handling of your data you have the right to lodge a complaint with the Data Protection Officer at – The Data Protection Officer, Cyber Smart Consulting Ltd, 85 Great Portland Street, London, W1W 7LT.
The Data Protection Officer, Cyber Smart Consulting Ltd, 85 Great Portland Street, London, W1W 7LT
For details of our Legitimate Interest Assessment please click here