Welcome to Badenoch and Clark trading as LHH Recruitment Solutions part of the Adecco Group. We look forward to working with you to help you to further develop your career. As you’d expect, to properly perform our services, we collect and use information about you.
We are committed to protecting and respecting your privacy. This Candidate Privacy Information Statement describes your privacy rights in relation to the information about you that we process, as well as the steps we take to protect your privacy. We know it’s long, but please read this Statement carefully. There is an index below so you can go straight to the relevant sections if you prefer.
Index
Some terms to be clear about
First we need to be clear about how we use some words in this statement.
It may seem obvious, but in this Statement you will be referred to as ‘the Candidate' or ‘You’.
When we talk about ‘us’ or the ‘Company’ we mean Badenoch and Clark trading as LHH Recruitment Solutions. We have our registered offices at 10 Bishops Square, London, E1 6EG. The Company is part of the Adecco Group, the largest HR services provider in the world. Through its various companies and business lines the Adecco Group provides several HR (Human Resources) activities like staffing, secondment, payroll services, recruitment & selection, testing solutions, career transition, talent development, training & education, outplacement and international mobility (‘our Activities’).
To carry out our Activities the Company uses several IT systems. In some cases, the Company provides a Self-Service Portal (‘Portal’) for its candidates/personnel. The Portal allows you to search and apply for jobs the Company and its sister companies advertise which match your interests, skills and/or experience, in the locations where you have expressed an interest in working.
Finally, this is a statement about information and people. It includes facts about you, but also opinions about you and that you hold (“I’m a football fan” for example). It’s not about information about the Company (although sometimes the two overlap). This type of information is sometimes called ‘Personal information’, ‘Personally Identifiable Information’ or ‘PII’. We use the term ‘Personal Information’ in this Statement.
What personal information does the company collect and use?
Personal information that the company usually collects includes, but is not limited to:
your name, date and place of birth, contact details and qualifications (education, training courses and internships), documents evidencing your identity and right to work and any other information you listed on your resume or CV;
if you log on to the Portal using your LinkedIn or any other social media account: your profile data;
if you contact us, in some cases we will keep a record of that correspondence;
if you contact us, we will keep a record of that correspondence;
your feedback about us and our services through our satisfaction surveys;
we also collect information on your visits to our website/Portal including (but not limited to) your IP address, browser, timestamp, location, country traffic data, location data, weblogs and other communication data and the resources that you access. This information will make your visit to our website/Portal easier in the future. We will, for example, suggest jobs to you which are being handled by branches local to where you were when you contacted us;
we also collect information for marketing purposes and analysis, including information on how your respond to email, sms, phone and other marketing campaigns. We will have asked you for your explicit consent before sending marketing communication via these means;
photos and videos of your attendance at a video interview or training or similar sessions (you will be given a chance at the session to ask not to be videoed or photographed);
- details of any disabilities and any accommodations we may need to make for you in the workplace; and
- in some cases, we will also collect other sensitive data than only details related to disability, when we are permitted to do so by law (so in some countries we will ask you about your background for equal opportunities monitoring).
- We would like also to inform you that the Company will perform whatever assessment are necessary as part of the selection process, which may require the data submitted to be processed, and that it will include the results of the assessment in its recruitment database as part of the selection process.
- You are also informed that, as part of the selection process, the hiring entity may consult details of your public profile on social media (Facebook, Twitter, LinkedIn, etc.), and other public information and records, with the sole purpose of assessing and ascertaining your experience and professional skills, and to know whether your profile is consistent with our culture and values.
Why do we use personal information about you?
The company collects and processes personal information:
To provide you with the services you expect us to, like finding you suitable jobs/assignments to apply for, helping you with training, or facilitating the process of applying for jobs/assignments. This includes sending your CV to prospective employers for their consideration and keeping you informed of future work opportunities by email, telephone, mail and/or other communication methods;
with your consent we may also use your contact data for direct marketing for example via e-mail, messaging or telephone;
to to further develop, test and improve our website/Portal, or other existing or new systems/processes to better serve you;
this takes place in the context of new IT systems and processes, so that information about you will be used in the testing of those new IT systems and processes where dummy data cannot fully replicate the operation of that new IT system;to perform studies and statistical and analytical research, for example to compare the effectiveness of our placement of candidates between different business sectors and geographies and seek to identify factors that can influence any differences we identify;
transfer data to third parties (see below);
where necessary, to comply with any legal obligation; and
we will also process your information to:
a. promote the security and protection of people, premises, systems and assets;
b. monitor compliance with internal policies and procedures;
c. administer communications and other systems used by the Adecco Group (including internal contact databases);
d. investigate or respond to incidents and complaints;
e. to promote internally that training sessions have taken place and utilise their content (in the case of photos or videos of training sessions), to market similar sessions internally and externally to third parties. In this case we will ask you for explicit consent; and
f. to comply with obligations and rights and cooperate with investigations carried out by the police, government or regulators; and
g. participate in any potential or actual purchase or sale, or joint venture, of all or part of a business or company, that any member of the Adecco Group wishes to participate in.Photos and/or videos collected from you for the purposes of identification and right to work verification
Why and on which basis do we use personal data?
We are required by law to have a ground set out in the law to process the information we hold about you. The legal grounds can be:
1.Performing a contract or taking steps prior to entering a contract
When you are already working with or about to engage through us, our processing of personal information for all these purposes is based on processing grounds like the performance of a contract, or about to enter into a contract (purposes 1 and 67 above). These services can be such as providing you with suitable jobs to apply for or helping and assisting you with training and the application process.
2. Compliance with legal obligations
Sometimes the processing is necessary to comply with legal or regulatory obligations (purpose 6-). Public authorities, such as tax, finance or data protection authorities may request personal data from us, and provide us with a statutory reason to disclose information about you (e.g. the prevention or detection of a crime). In these circumstances, we are forced by law to provide the authorities with your data.
3. Fulfilment of our legitimate interest
The processing is necessary in the legitimate interests of the Company in exercising its and its staff fundamental rights to run a business in a way which does not unduly affect your interests or fundamental rights and freedoms (purposes 1;3-5- 7 above). This means that when processing is necessary for the legitimate interests of the Company, we balance your interests or fundamental rights and freedoms against our legitimate interest in processing. This ensures that we are not processing data in a manner that your interest and fundamental rights override our interest in such processing.
We shall only process your personal information other than on these grounds with your consent, which is a further processing ground.
Do you have to give us the personal information we ask for?
You are not obliged to provide your personal information to us, but it would not be possible for us to work with you, or provide our services to you, if you do not provide us with a required minimum. It may also limit the Services that you can receive from us if you in some instances choose to provide us with limited personal information.
Do we process information about you without any human intervention at all?
Yes, we do at times. The Company uses automated systems/processes and automated decision-making (like profiling) to provide you, and our clients, with the services you request from us. For example, when our clients are looking for candidates for jobs, we can conduct a search of our lists of candidates using automated criteria which takes into account your availability, skillset, pay rate and in some circumstances previous feedback we have received from clients to compile a shortlist which ranks which candidates are most likely to fulfil the client’s requirement. This means that sometimes your position in the rank may be higher than others, depending on how these factors match the clients’ needs.
How long do you keep my personal information for?
The Company can keep your personal information for up to 2 years after you register with us. If you are successful in finding work through us, the Company will need to keep your personal information for a longer period in order to comply with its on-going legal and contractual obligations. Generally, we retain your personal data concerning taxes, contracts of employment and any financial information (including payroll data and data relating to pay, etc.) for 7 years after your employment ends, and other personal information for 2 years.
Do we transfer your data to third parties?
As mentioned above, we usually disclose your data to third parties. This is done to complete the purposes set out above. We do this in the following circumstances:
To our suppliers. We will, for example, engage a supplier to carry out administrative and operational work in support of our relationship with you. The supplier(s) will be subject to contractual and other legal obligations to preserve the confidentiality of your data and to respect your privacy, and will only have access to the data they need to perform their functions; the relevant suppliers are typically IT suppliers (who host or support our IT systems, including information about you), premises management companies (who look after physical security at our buildings, and therefore need to know about you to allow access to our buildings) and back office finance and accounting management providers (who need to handle details of candidates in order to process accounts payable and receivable). We also engage suppliers who provide IT technology services and solutions, which might include video interview and skills assessment tools.
To members of the Adecco group of companies in other countries. These are located in- or outside the European Union; different members of the group fulfil different functions and as result your information will be shared with them for different reasons:
information is shared with members of the Adecco group that provide IT functions for the Adecco companies world-wide; those IT functions are located among others; in the Netherlands, Prague, Czech Republic and France.
information is also shared with our affiliates worldwide where you have expressed an interest in opportunities in that market, or members of the Adecco Group identify that you may have particular skills required or helpful in that market. A list of the countries in which we operate is available here.
To our clients/prospective employers: we will share your data with clients of ours who are offering jobs/assignments you may be interested in, or who are interested in your profile. They owe contractual and other confidentiality obligations in relation to your data to us, and to you;
We will share your data with government, police, regulators or law enforcement agencies if, at our sole discretion, we consider that we are legally obliged or authorised to do so or it would be prudent to do so; and
As part of due diligence relating to (or implementation of) a merger, acquisition or other business transaction, we may need to disclose your data to the prospective seller or buyer and their advisers.
Do we transfer your data outside the European Union?
Your data can be transferred and processed in one or more other countries, in- or outside the European Union. A full list of the countries in which we operate is available here.
We shall only transfer your data outside the EU to countries which the European Commission believes offers an adequate level of protection to you (a list of those countries is available here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en, or where Adecco Group has put in place appropriate safeguards to seek to preserve the privacy of your information (for which we usually use one of the forms of data transfer contracts approved by the European Commission, copies of which are available here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
What are your rights?
Right to access and obtain a copy of your personal information
You are entitled to request confirmation whether we process any of your personal information. Where this is the case, you have the right to access to some of your personal information (via the Portal) and to certain information about how it is processed. In some cases, you can ask us to provide you with an electronic copy of your information. In some limited circumstances, you also have the right to request portability of your personal information, which means, we will provide them to a third party upon your request
Right to correct your personal information
If you can demonstrate that personal information we hold about you is not correct, you can request that this information is updated or otherwise corrected. We would encourage you to access the self-service Portal where possible and update your personal information directly.
Right to delete/right to be forgotten
In certain circumstances you have the right to request that your personal data is deleted. You can make such a request at any time and the Company will evaluate if your request should be granted, however this right is subject to any legal rights or obligations where we need to retain data. For situations where in accordance with the law, we determine that your request to have your personal information deleted must be granted, we will do so without undue delay. Please bear in mind, once your data is deleted – that the Company might not be of service to you anymore once this data about you has been deleted. If you want to re-register with the company again, you will need to re-enter your data.
Right to restrict
In certain circumstances, you have the right to restrict the processing of your Personal Data. However, in some instances such restriction of processing may limit the Services that you can receive from us.
Right to object
As far as the company’s processing of your data is based on the company’s legitimate interest (and no other processing ground) or relates to direct marketing, you are entitled to object to the Company processing your data by reference to your particular situation.
If you want to exercise any of your rights, please log into our self-service Portal (here) so that we may action your instruction as soon as possible.
Finally, you have the right to lodge a complaint with the data protection authority in the place where you live or work, or in the place where you think an issue in relation to your data has arisen.
What about data security when using our Systems?
You are responsible for keeping your login details to the Portal safe, in particular the password that we have given you or that you have chosen. These login credentials are for your own use. You are not permitted to share your credentials or other account details with any other person(s).
How could you contact us?
If you have any questions or concerns regarding our Statement, would like further information about how we protect your information (for example when we transfer it outside Europe) and/or when you want to contact the company’s Group Data Protection Officer (DPO) and your local Privacy Lead, please email us at adecco.globalprivacy@adecco.com or your local Privacy Lead privacy@adecco.co.uk.
How do we handle changes to this Statement?
The terms of this Statement may change from time to time. We shall publish any material changes to this Statement through appropriate notices either on this website or contacting you using other communication channels.