HR:4UK is committed to the protection of individual privacy rights. We hold ourselves to the highest legal and ethical standard for compliance and strive to be a privacy champion in the human resources technology industry. We value the trust our clients, colleagues and suppliers place in us, and we work hard to maintain that trust by building privacy protection into everything we do.
This statement applies to the collection and processing of personal information, which means information about an identifiable individual (you) that HR4UK.com Limited (HR:4UK, we or us) collects while you use our website and other marketing resources such as webinars and newsletters, and while you interact with us as a prospective, current or former customer.
This statement does not apply to the collection and processing of personal information we collect about our clients or users of our website for marketing purposes. It also does not apply to the collection and processing of personal information about our employees or contractors.
What data do we collect and why?
We collect personal information that you instruct us to collect. For more information about what information is being collected and why, please contact us.
Who we share your personal information with and why?
We share your personal information with third party service providers that we use to complete services and to manage our infrastructure. We do not sell or disclose your personal information to governments, marketing or advertising services, other clients or anyone else except as outlined in this statement or as may be required by law.
Why do we collect personal information?
We collect personal information in the course of our business activities. Our primary function is as a service provider to our clients. When we provide our services to you as our client, you are generally responsible for the following aspects of the collection and processing of personal information:
- Determining what personal information we collect and how we use it;
- Establishing a legitimate basis to collect and process personal information and ensuring that the collection and processing complies with the applicable law;
- If appropriate, you are notified of, or provide consent for, the collection and processing of your personal information in accordance with applicable law;
- Complying with any legal obligation you may have as the entity that controls or owns the personal data.
Generally speaking, we will be responsible for the following aspects of the collection and processing of personal information:
- Carrying out the services requested by you in accordance with your instructions;
- Storing and protecting personal information in our custody in accordance with your instructions; and
- Comply with any legal obligation we may have as a data processor, custodian, service provider or similar under applicable law
What types of personal information do we collect?
The type of information we will collect may include the following:
- Your name
- Job title and company
- Contact information (including email address)
We will not reuse personal information for a new purpose other than the original one(s) for which it was collected, unless:
- The new use is compatible with the original one, meaning you should reasonably expect it;
- We have notified you of the new use and given you an opportunity to object to it; or
- The new use is otherwise permitted or required by law.
There are different kinds of cookies with different functions:
- Session cookies: these are only stored on your computer during your web session. They are automatically deleted when the browser is closed. They usually store an anonymous session ID allowing you to browse a website without having to log in to each page. They do not collect any information from your computer.
- Persistent cookies: a persistent cookie is one stored as a file on your computer, and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again.
- First-party cookies: the function of this type of cookie is to retain your preferences for a particular website for the entity that owns that website. They are stored and sent between HR:4UK’s servers and your computer’s hard drive. They are not used for anything other than for personalisation as set by you. These cookies may be either Session or Persistent cookies.
- Third-party cookies: the function of this type of cookie is to retain your interaction with a particular website for an entity that does not own that website. They are stored and sent between the Third-party’s server and your computer’s hard drive. These cookies are usually Persistent cookies.
Our sites use session cookies to track your use of the sites and persistent cookies to remember any preferences you select, such as your location.
The major browsers have attempted to implement the draft “Do Not Track” (“DNT”) standard of the World Wide Web Consortium (“W3C”) in their latest releases. As this standard has not been finalised, our sites are not compatible with DNT and so do not recognise DNT settings.
Where strictly necessary
These cookies are essential in order to enable you to move around the site and use its features, such as accessing secure areas of the site. Without these cookies, services you have asked for, such as viewing certain areas of the site or using web forms, cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.
These cookies collect information about how visitors use a site, for instance which pages visitors go to most often, and if they get error messages from web pages. They also allow us to record and count the number of visitors to the site, all of which enables us to see how visitors use the site in order to improve the way that our site works. These cookies do not collect information that identifies a person, as all information these cookies collect is anonymous and is used to improve how our site works.
These cookies allow our site to remember choices you make (such as your language or the region you are in) and provide enhanced features. These cookies can also be used to remember changes you have made to text size, font and other parts of web pages that you can customise. They may also be used to provide services you have requested such as viewing or commenting on content on the site. The information these cookies collect is usually anonymised.
Please consult your web browser’s ‘Help’ documentation or visit http://www.aboutcookies.org.uk/ for more information about how to turn cookies on and off for your browser.
When, why and how do we communicate personal information outside of HR:4UK?
To complete services
When we provide our services to you, we may transmit personal information back and forth. This is done through our secure web platforms, phone and email and occasionally by fax or mail.
Engage services providers
Whilst most of our work is carried out by our employees or authorised personnel who access personal information directly from our systems and whose activities are under our direct control, we use third party service providers for certain specialised tasks, these include storage of data, information technology support and some services we perform for our clients.
It would be impractical to list all the service providers, however, should you wish to understand which service providers may receive your personal information, please contact us.
When we provide services to a client it is done so in accordance with your instructions.
In exceptional circumstances, we may be asked to communicate personal information to law enforcement agencies, national security agencies, courts or other public bodies in any jurisdiction where we are subject to the law, regardless of where personal information is stored. If we receive a production order, warrant, subpoena or other enforceable demand, we will comply as required by law. If we receive a request to provide information voluntarily, we will consider your interests, our business interests, the interests of our clients, public safety implications and our legal obligations prior to deciding whether to communicate personal information. In any case where the information in question was collected from or on behalf of a client, we will consult with you before proceeding unless prohibited by law.
We may proactively communicate personal information to law enforcement or other third parties if necessary to investigate or report a violation of the law or a contractual agreement, or if otherwise appropriate and permitted by law.
How do we ensure your personal information is accurate?
Much of the personal information we collect comes directly from you, in which case you are in control of its accuracy. Our processes for collecting and transcribing personal information are automated to the greatest extent possible and are subject to rigorous quality controls. Information that is found to be inaccurate, either through our own audits or following your request for correction, is updated.
Do we engage in automated decision-making or profiling using personal information?
We do not make decisions about you, automated or otherwise, and do not attempt to analyse or predict your behavior, preferences, interests, health or other personal characteristics.
Do we conduct research using personal information?
We do not use your personal information to conduct any research. We maintain historical statistical data in anonymised, aggregate format for research and analysis.
How long do we keep personal information?
We keep personal information as long as you are a client of ours or as long as we need to keep it to comply with our legal obligations. For information on how long your personal information may be retained, please contact us.
Do we transfer personal information between countries?
We do not transfer personal information between countries. Your personal information is collected and stored in the United Kingdom.
How do we protect personal information?
We have advanced security measures in place to secure and protect your personal information, such as internal and external firewalls, monitoring and alert systems to prevent and detect intrusion attempts, encryption of data both in transit and at rest. Our servers are located within a securely managed infrastructure, and undergo multiple reviews by independent auditors. Our employees access data through secure desktop interfaces, and our online interfaces are encrypted, password protected and monitored.
We employ equally rigorous physical security policies to prevent physical access to our premises. Our servers and offices, including personal information in hard copy form, are kept in access-controlled and monitored environments.
All of our employees have been carefully screened and have undergone thorough security and privacy training. We restrict access to your personal information to individuals who need it to perform their work functions. Our marketing, sales, customer service and account management teams may have regular access to your information and employees in other departments may access it occasionally as required to manage our relationship with you and fulfill our legal obligations.
We also enter into contractual agreements with service providers with which we may need to share your personal information, which require them to protect your personal information to the same level as we do, and allow us to audit their compliance with those obligations.
How can you choose how and whether we collect and use your personal information?
Providing your information to us is voluntary. The purpose for collecting personal information is to enable us to provide our services to you.
Whenever our legitimate basis for collecting and using personal information is your consent, you can withdraw or modify your consent for future collection or use of your personal information at any time, and we will explain the consequences of doing so.
If we use your personal information for sales or marketing purposes, you can ask us to stop at any time and we will do so.
How can you access or correct your personal information, request that it be deleted, or ask for it to be transferred to another organisation?
At any time, you can request access to your personal information, request that any inaccuracies will be corrected, and request that comments or explanations be added to records about you.
You can also ask about:
- Whether and why we have your personal information;
- How we got your personal information;
- What we have done with your personal information;
- To whom we have communicated your personal information;
- Where your personal information has been stored, processed or transferred;
- How long we will retain your personal information, or how that retention period will be determined; and
- The safeguards in place to protect your information when it is transferred to third parties or third countries.
Finally, you can ask us not to collect or use your personal information for certain purposes, you can ask us to delete your personal information, or you can ask us to provide your personal information to a third party.
Depending on which laws apply to your personal information, we may only be able to do some of these things for you. If you request one of these things and we refuse to do it, we will explain your legal rights, the reason for our refusal and any recourse you may have.
How can you make a complaint about how we have handled your personal information or responded to a request to exercise your rights?
We commit to investigating and resolving complaints about our collection or use of your personal information. To make a complaint, contact us.
St Mary’s Road
+44 (0)1455 444222
Information Commissioner’s Office Registration Number: S6328164
Anonymised means that sufficient information has been removed from personal information so that it can no longer be associated with an identifiable individual.
Client means an organisation that contracts with us to perform background screening or onboarding services.
Consumer means an individual acting on his or her personal capacity.
Individual or you means the individual that personal information is about.
Personal information means information about an identifiable individual.
Processing, handling or use means anything we do with personal information.
Profiling means automated use of your personal information to analyse or predict things like your performance at work, creditworthiness, reliability and conduct.
HR:4UK, HR4UK.com, we or us means HR4UK.com Limited and all of its subsidiaries and affiliates.
Services means the human resources technology services we provide to our clients and consumers, including background screening and onboarding services.
Service provider means a company engaged to process personal information on behalf of another company.
Third party means a person or organisation that is neither you nor us.