Privacy Notice

Privacy Notice

 

Who we are

As a leading provider of recruitment services, Neaves & Neat are committed to be responsible and transparent about the information we collect from you, why we collect it, where we get it from, how it is used, and how it is shared.

 

Data protection

The General Data Protection Regulation was created to protect your ‘personal data’, which is defined as “any information which is related to an identified or identifiable natural person” and was brought into UK law on 25 May 2018 and sits alongside the Data Protection Act 2018, which is an update and replacement for the Data Protection Act 1998.

 

Under Article 6 our legal basis for processing personal information is that it is in our legitimate business interests to do so, or in some case, necessary to meet our legal or regulatory responsibilities, such as disclosures to authorities, regulators or government bodies. This means we collect your information in order to provide you with the recruitment services you seek, either directly from us, or indirectly through job boards.

 

To ensure we provide you with the high level of service that you expect, and can inform you of suitable job opportunities, we will ask you for information that includes your name, address, contact details, you CV, references, job preference (including type of work), salary expectations and geographical limits.

 

Candidates will be required to complete a registration form and provide suitable identification and, if necessary, details of rights to work, as required by UK law. Prior to starting a temporary assignment, we will require further information to pay you, including bank details and national insurance number.

 

We will rely on explicit consent (under Article 9) for the processing of sensitive data, for example a disability or health condition which is relevant to the role, and details of unspent criminal convictions.

 

For more information on your rights, and how to invoke them, go to ‘know your rights.

 

Please note: Do not submit such personal information to us if you do not wish us to collect it. We take all reasonable care to prevent any unauthorised access to your personal data and only process it where required to conduct our recruitment services. Please see below for a breakdown of our privacy notice.

 

If you require any further information, please do not hesitate to contact us using the details at the bottom of this page.

 

Collection of data

All of the data we have access to comes from you, whether directly, or indirectly through a job board. None of it is obtained against your will or without your knowledge. All of the information we hold is used to learn more about your skills and employment history and to ascertain your suitability for roles. We then contact you regarding your employment prospects and any potential roles we believe may be a good fit for you.

 

Any emails sent by Neaves & Neat or any authorised third parties will only be in connection with the provision of agreed services and products. You will only be contacted for marketing purposes by Neaves & Neat if you have requested so.

 

Click here for a full list of all the personal information we collect from you, how we get it and why we need it.

 

Storage and use of data

At Neaves & Neat we appreciate that we require a high volume of information from you in order to carry out the services you require from us. We go to great lengths to protect your information and do everything we can to ensure that it is stored and processed securely and only as far as it is necessary to perform our job to the high standard that you expect from us.

 

Some of the security measures we operate as standard include, but are not limited to: password protection, encryption, remote wiping facilities (where required), physical locks, CCTV.

 

Click here to see a full list of our security measures.

 

Data sharing

Other than potential employers, Neaves & Neat only share your information with third parties that provide us with support services, each of which assist us in one way or another in providing the recruitment services you require. Examples of these external parties are IT support, website management and job boards. We may also share your information with police services should a court order request it.

 

To request a list of our third party suppliers, please click here.

 

Third parties

All third parties are bound by a contractual agreement to process your information within data protection guidelines and we will not sell, share or rent your personal information to any third party or use your email address for unsolicited mail. All contact we have with you will be in relation to provide recruitment services and can be stopped at any time.

 

Any information collected directly from you is owned by Neaves & Neat and we act as the data controller. Any information that comes to us through other means, for example, job boards such as Reed, CV Library or TotalJobs, is owned by the original collector, but once we obtain the data, Neaves & Neat become the data controller. In both scenarios, each party is equally responsible for the protection of the personal data collected and processed.

 

Data retention

Neaves & Neat will retain your personal data only for as long as it is necessary. Various laws require us to keep different data for different periods of time. The ‘Conduct of Employment Agencies and Employment Business Regulations 2003’ requires us to keep work seeker records for at least one year from (a) the date of their creation; or (b) after the date on which we last provide you with work finding services.

 

We must also keep your payroll records, holiday pay, sick pay and pension auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security and tax legislation.

 

Where the company has obtained your consent to process your personal and sensitive data, we will do so in-line with our retention policy. Upon expiry of that period, the company will cease to process your personal and sensitive data.

 

You may ask for the correction and update of your data, withdraw your previous consent for the processing of your data, or fully delete your profile at any time.

 

Changes to our privacy notice

We keep our privacy notice under regular review and we will place any updates on this web page. This privacy policy was last updated on 21 January 2020.

 

Contact details

Kate Palmer, Data Protection Officer

01353 667005

admin@nandn.co.uk

www.nandn.co.uk

Neaves & Neat Employment Services Ltd

80 Broad Street

Ely

Cambridgeshire

CB7 4BE

 

Know your rights

The Data Protection Act 2018 provides you, as an individual, with the following rights:

 

  1. The right to be informed: means that we have to be transparent about how and why we use your personal information
  2. The right of access: you may access any of the personal information that we hold on you and be informed as to why we require it
  3. The right to rectification: if any of the information we have on you is inaccurate or incomplete, we must modify it
  4. The right to erasure: also known as ‘the right to be forgotten’ means you can request to have your information deleted or removed where we have no reason to keep it. In some instances, we have to keep a certain amount of information in case of auditing
  5. The right to restrict processing: you can prevent us from processing your data, but we may continue to store it
  6. The right to data portability: you can ask us to provide you with any data we hold on you in a ‘structured, commonly used and machine-readable format’
  7. The right to object: you can object to direct marketing or processing for certain research and statistical purposes. Ours are only ever internal and we never share or sell your information for marketing purposes
  8. Rights in relation to automated decision making and profiling: this essentially means that we would not use a computer or machine to determine whether you are suitable for a role – which we never do

 

As well as these, you have the right to complain to a supervisory authority, in our case, the ICO (Information Commissioner’s Office), if you think we are handling any of your information in a way that threatens any of your rights.

 

If you would like more information about your rights and how you can invoke them, contact us here, or you can access the ICO’s guide here.

 

Information held How we get it Why we need it How we store it
Bank details ·   From you when you complete the welcome pack To pay you for services rendered as a temporary employee of Neaves & Neat Stored securely on our payroll database. Any hard copies are either scanned and shredded, or kept in a locked, secure cabinet
Contact details ·   Directly from you We need to keep you up to date about potential jobs that may be suitable On our secure, password protected database
Criminal record history ·   From you when you complete the registration form or welcome pack Some roles have restrictions on who can work where. We need to make sure every applicant is suitable for each job On our secure, password protected database.

Hard copies are scanned and then shredded

CV ·   Directly from you

·   From a job board you uploaded it to

·   From you through our website

This allows us to ensure we find the right role for you based on your skills, education and previous experience Digital copies are stored on our secure, password protected database or password protected network drive. Hard copies are scanned and then shredded and securely disposed of
Date of birth ·   From you when you complete the welcome pack We need your date of birth for our compliance records On our secure, password protected database.

Hard copies are scanned and then shredded and securely disposed of

Emergency contact information ·   From you when you complete the welcome pack To ensure we have contact details of designated people to contact in an emergency On our secure, password protected database.

Hard copies are scanned and then shredded

Identification ·   From you, either in the office or via email Right to work check and to identification verification On our secure, password protected database.

Hard copies are scanned and then shredded

Medical and/or health history ·   From you when you complete the registration form or welcome pack To ensure we fulfil any access or work requirements you might have On our secure, password protected database.

Hard copies are scanned and then shredded

References ·   From you when you complete the registration form or welcome pack All potential employers require references to be completed to ensure suitability to a role On our secure, password protected database.

Hard copies are scanned and then shredded

 

 

Information security

Neaves & Neat is committed to protecting the rights of individuals’ privacy with regard to the processing of personal data, and the security of said data. We understand that as a recruitment agency we hold a lot of information about you, and so the storage and processing of personal information will be in accordance with the Data Protection Act 2018. It is in our legitimate business interest to process all of the information we collect and store, and Neaves & Neat adopt all necessary measures to ensure the protection of all information.

 

Key information about security at Neaves & Neat

  • All mobile devices shall be password, PIN, or biometrically protected, as well as encrypted and programmed with remote wiping facilities
  • All office computers will be password protected, with individual employee logins
  • All documents containing personal information on computers will be stored in password protected folders
  • Access to the company CRM Voyager database is password protected with individual employee logins
  • All third parties will enter into agreements involving accessing, processing, communicating or managing personal information provided directly by, or indirectly through, Neaves & Neat
  • The building is locked by keys that only Neaves & Neat employees have access to and has an alarm that only employees know the code for. The rear gate is locked and CCTV monitors entry to the building
  • During the day, a reception desk is manned at all times; outside of office hours, we have a locked rear gate, locked and security gated rear door, alarm and CCTV recording

 

IT and cyber security

  • Neaves & Neat, in conjunction with our IT support function, work together to ensure the protection of information on networks and that any supporting infrastructure is suitably protected
  • All portable devices shall be password protected, encrypted and enabled with remote wiping software to ensure security of equipment off-site
  • Networks shall be adequately managed and controlled to protect from threats and to maintain security for the systems and applications using the network, including information in transit
  • Neaves & Neat endeavours to protect all electronic personal data by ensuring that anti-virus, spyware and system protection software is monitored closed by IT support and updated regularly
  • Neaves & Neat will work closely with IT support to ensure detection, prevention and recovery controls are in place to protect against malicious code. Appropriate user awareness procedures are also implemented
  • Neaves & Neat ensures that mobile devices are only used by authorised people and that these devices will have remote wiping software to ensure high levels of data protection in the instance of attempted unauthorised access to the device
  • Where the use of mobile code is authorised, the configuration shall ensure that the authorised mobile code operates according to a clearly defined security policy and unauthorised mobile code shall be prevented from being executed

 

All third parties sign contractual agreements involving accessing, processing, communicating or managing personal information provided directly by, or indirectly through, Neaves & Neat.

To request a list of all our third party suppliers, please click here.

Privacy Notice

 

Who we are

As a leading provider of recruitment services, Neaves & Neat are committed to be responsible and transparent about the information we collect from you, why we collect it, where we get it from, how it is used, and how it is shared.

 

Data protection

The General Data Protection Regulation was created to protect your ‘personal data’, which is defined as “any information which is related to an identified or identifiable natural person” and was brought into UK law on 25 May 2018 and sits alongside the Data Protection Act 2018, which is an update and replacement for the Data Protection Act 1998.

 

Under Article 6 our legal basis for processing personal information is that it is in our legitimate business interests to do so, or in some case, necessary to meet our legal or regulatory responsibilities, such as disclosures to authorities, regulators or government bodies. This means we collect your information in order to provide you with the recruitment services you seek, either directly from us, or indirectly through job boards.

 

Please note: Do not submit such personal information to us if you do not wish us to collect it. We take all reasonable care to prevent any unauthorised access to your personal data and only process it where required to conduct our recruitment services. Please see below for a breakdown of our privacy notice.

 

If you require any further information, please do not hesitate to contact us using the details at the bottom of this page.

 

Collection of data

All of the data we have access to comes from you, or where it is publicly available. None of it is obtained against your will or without your knowledge. As a valued client, we only hold contact information about you in order to communicate with you regarding positions that you may have available.

 

Any emails sent by Neaves & Neat or any authorised third parties will only be in connection with the provision of agreed services and products contractual agreement deeming lawful basis). You will only be contacted for marketing purposes by Neaves & Neat if you have requested so.

 

Storage and use of data

At Neaves & Neat we go to great lengths to protect your information and do everything we can to ensure that it is stored and processed securely and only as far as it is necessary to perform our job to the high standard that you expect from us.

 

Some of the security measures we operate as standard include, but are not limited to: password protection, encryption, remote wiping facilities (where required), physical locks, CCTV.

 

Click here to see a full list of our security measures.

 

Data sharing

Neaves & Neat only share your information with third parties that provide us with support services, each of which assist us in one way or another in providing the recruitment services you require. Examples of these external parties are IT support, website management and job boards. We may also share your information with police services should a court order request it.

 

To request a list of our third party suppliers, please click here.

 

Third parties

All third parties are bound by a contractual agreement to process your information within data protection guidelines and we will not sell, share or rent your personal information to any third party or use your email address for unsolicited mail. All contact we have with you will be in relation to provide recruitment services and can be stopped at any time.

 

Changes to our privacy notice

We keep our privacy notice under regular review and we will place any updates on this web page. This privacy policy was last updated on 21 January 2020.

 

Contact details

Kate Palmer, Data Protection Officer

01353 667005

admin@nandn.co.uk

www.nandn.co.uk

Neaves & Neat Employment Services Ltd

80 Broad Street

Ely

Cambridgeshire

CB7 4BE

 

Know your rights

The Data Protection Act 2018 provides you, as an individual, with the following rights:

 

  1. The right to be informed: means that we have to be transparent about how and why we use your personal information
  2. The right of access: you may access any of the personal information that we hold on you and be informed as to why we require it
  3. The right to rectification: if any of the information we have on you is inaccurate or incomplete, we must modify it
  4. The right to erasure: also known as ‘the right to be forgotten’ means you can request to have your information deleted or removed where we have no reason to keep it. In some instances, we have to keep a certain amount of information in case of auditing
  5. The right to restrict processing: you can prevent us from processing your data, but we may continue to store it
  6. The right to data portability: you can ask us to provide you with any data we hold on you in a ‘structured, commonly used and machine-readable format’
  7. The right to object: you can object to direct marketing or processing for certain research and statistical purposes. Ours are only ever internal and we never share or sell your information for marketing purposes
  8. Rights in relation to automated decision making and profiling: this essentially means that we would not use a computer or machine to determine whether you are suitable for a role – which we never do

 

As well as these, you have the right to complain to a supervisory authority, in our case, the ICO (Information Commissioner’s Office), if you think we are handling any of your information in a way that threatens any of your rights.

 

If you would like more information about your rights and how you can invoke them, contact us here, or you can access the ICO’s guide here.

 

Information security

Neaves & Neat is committed to protecting the rights of individuals’ privacy with regard to the processing of personal data, and the security of said data. We understand that as a recruitment agency we hold a lot of information about you, and so the storage and processing of personal information will be in accordance with the Data Protection Act 2018. It is in our legitimate business interest to process all of the information we collect and store, and Neaves & Neat adopt all necessary measures to ensure the protection of all information.

 

Key information about security at Neaves & Neat

  • All mobile devices shall be password, PIN, or biometrically protected, as well as encrypted and programmed with remote wiping facilities
  • All office computers will be password protected, with individual employee logins
  • All documents containing personal information on computers will be stored in password protected folders
  • Access to the company CRM Voyager database is password protected with individual employee logins
  • All third parties will enter into agreements involving accessing, processing, communicating or managing personal information provided directly by, or indirectly through, Neaves & Neat
  • The building is locked by keys that only Neaves & Neat employees have access to and has an alarm that only employees know the code for. The rear gate is locked and CCTV monitors entry to the building
  • During the day, a reception desk is manned at all times; outside of office hours, we have a locked rear gate, locked and security gated rear door, alarm and CCTV recording

 

IT and cyber security

  • Neaves & Neat, in conjunction with our IT support function, work together to ensure the protection of information on networks and that any supporting infrastructure is suitably protected
  • All portable devices shall be password protected, encrypted and enabled with remote wiping software to ensure security of equipment off-site
  • Networks shall be adequately managed and controlled to protect from threats and to maintain security for the systems and applications using the network, including information in transit
  • Neaves & Neat endeavours to protect all electronic personal data by ensuring that anti-virus, spyware and system protection software is monitored closed by IT support and updated regularly
  • Neaves & Neat will work closely with IT support to ensure detection, prevention and recovery controls are in place to protect against malicious code. Appropriate user awareness procedures are also implemented
  • Neaves & Neat ensures that mobile devices are only used by authorised people and that these devices will have remote wiping software to ensure high levels of data protection in the instance of attempted unauthorised access to the device
  • Where the use of mobile code is authorised, the configuration shall ensure that the authorised mobile code operates according to a clearly defined security policy and unauthorised mobile code shall be prevented from being executed

 

All third parties sign contractual agreements involving accessing, processing, communicating or managing personal information provided directly by, or indirectly through, Neaves & Neat.

To request a list of all our third party suppliers, please click here.