Lima44 Ltd Privacy Notice.
Lima44 Ltd is committed to protecting and respecting your privacy.
This Policy sets out the basis on which any personal data we collect from you or retain about you and how it will be used by us.
The General Data Protection Regulation ("GDPR") (Regulation (EU) 2016/679) is a new regulation which replaces the Data Protection Regulation (Directive 95/46/EC).
GDPR aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which commercial organisations can legally collect, retain and use personal information.
For the purposes of GDPR, the data controller is Lima44 Ltd, 20 Harland Avenue, Sidcup, Kent, DA15 7PG.
Information we collect and hold about you:
We collect information about you to carry out activities relating to our core business as a recruitment business. You might be:
A candidate seeking new work opportunities (permanent or temporary)
A client we engage with to find new recruits
A supplier or sub-contractor to support our services
The information we collect and retain about you may be different depending on who you are, but will typically include name, address, private and corporate e-mail address and phone number; position and company details; compliance documentation and references verifying qualifications and experience and right to work in the United Kingdom; or in the jurisdiction in which you are seeking employment; curriculum vitae; salary details and links to professional profiles available in the public domain e.g. LinkedIn, Facebook, Instagram (this list is not exhaustive)
Why we collect and store information about you:
As a recruitment business we are dedicated to supporting your' career opportunities and our clients' resourcing needs, as such require a database of candidate and client personal information containing historical information as well as current recruitment requirements. A fundamental and essential process of our business is to introduce candidates to clients for permanent employment, temporary work placements or independent professional contracts. Using your information in this way is our Legitimate Business Interest.
We also use your information to:
Provide you with information and services that you request from us or we think will be of interest to you because it is relevant to your career or to your organisation.
Notify you about changes to our service.
In addition to using your information for our Legitimate Business Interest, we may rely on contract, legal obligation and consent for specific uses of information:
We will rely on contract information if we are negotiating or have entered into a recruitment agreement with you or your organisation or any other contract to provide services to you or receive services from you or your organisation.
We will rely on legal obligation if we are legally required to hold information about you to fulfil our legal obligations.
We will, in some circumstances, rely on consent for particular uses of your information and you will be asked for your express consent, if legally required
Should we want or need to rely on consent to lawfully process your information we will request your consent orally, by email or by an online process for the specific activity we require consent for and record your response on our systems. Where consent is the lawful basis for processing your information, you have the right to withdraw your consent to this particular processing at any time.
How we collect your personal information:
We collect personal information from a range of sources, including directly from the information you provide to us or through third parties we may work with such as sub-contractors in other services, and through a range of other publicly available sources such as directories, job boards, and LinkedIn.
We do not undertake automated decision-making or profiling. We do use our computer systems to search and identify personal data in accordance with parameters set by a person. A person will always be involved in the decision making process.
Disclosure of personal information:
In the course of running our business, we may need to share your personal information with selected third parties either within or outside of the European Economic Area (EEA). Depending on who you are, these third parties may include:
Any member of our company within or outside the EEA
Clients for the purpose of introducing candidates to them.
Candidates for the purpose of arranging interviews and work placements.
Suppliers or sub-contractors for the performance and compliance obligations of any contract we enter into with them or you.
Suppliers or subcontractors to support our services.
We may also disclose your personal information to third parties in the following circumstances:
The lawful basis for third parties to process your personal information include:
Their own legitimate business interests.
Satisfaction of their contractual obligations to us as our data processor.
For the purpose of a contract in place or in contemplation.
To fulfil their legal obligations.
How we store and process your personal information
The information that we collect from you may be transferred to a destination outside of the EEA, but within the company. It may also be transferred to third parties outside of the EEA for the purpose of providing our services. It may be processed by staff operating outside of the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, our recruitment services and the provision of support services. By submitting your personal information, you agree to this transfer, storing or processing. We will take all reasonable steps to ensure that your information is treated securely and in accordance with this privacy notice.
All information you provide to us is stored on our database on secure servers in the iCloud. If you request it we are able to provide you with a link which enables you to access certain parts of our database, you are responsible for keeping this link confidential. We ask you not to share this access with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of information transmitted to us through email and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
All of the data we capture is stored on a secure server. It is only accessible by authorised users and we deploy security systems to ensure unauthorised access it not permitted, and access is only granted to approved and authorised users. Data transmitted between the internal user and the server is encrypted to ensure it is protected in transit.
Retention of your information:
We understand our legal duty to retain accurate information and only retain personal information for as long as we need it for our legitimate business interests and that you are happy for us to do so. We try to ensure the information we hold about you is accurate by:
Enabling you to manage your information by contacting our Data Protection Officer at firstname.lastname@example.org and to review whether the details we hold about you are accurate.
Enabling you to keep in touch with us so you can let us know of changes to your personal information.
The criteria we use to determine whether we should retain your personal information includes:
The nature of the personal information
The perceived accuracy of the information
Our legal obligations
Whether an interview or placement has been arranged
Whether you have told us you want to be contacted about future job opportunities or we have opportunities that we believe are relevant and will be of interest to you.
Due to legal obligations, we may archive part or all of your personal information or retain it on our financial systems only, deleting all or part of it from our main Customer Relationship Manager (CRM) system. We may anonymise parts of your information, particularly following a request for suppression or deletion of your information. If your information is deleted we will have no records remaining, so may re-engage with you if your information is available in a public location.
Your rights under GDPR:
You have the right to ask us not to process your personal information for marketing purposes. We will usually inform you (before holding your information) if we intend to use your information for such purposes and we will not disclose your information to any third party for such purposes, and we will collect express consent from you if legally required prior to using your personal information for mass marketing purposes.
You can exercise your right to accept or prevent such processing by emailing email@example.com and request this.
The GDPR provides you with the right to:
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing your personal information. This enables you to ask us to suspend the processing of your personal information, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal information to another party in certain formats, if practicable.
Make a complaint. In the first instance we would ask to you to contact us at firstname.lastname@example.org and register the issues, allowing us to respond within 21 days. If you are not satisfied with the response, we suggest you contact a supervisory body.
Access to information:
GDPR gives you the right to access information held about you. We encourage you to contact us to ensure the information we hold about you is accurate and complete.
Your right of access can be exercised in accordance with the Data Protection Act 1998 and the General Data Protection Regulation ("GDPR") (Regulation (EU) 2016/679
A subject access request should be submitted to email@example.com
Changes to our privacy notice:
Any changes we make to our privacy notice in the future will be posted on this webpage and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice.
Questions, comments and requests regarding this privacy notice should be addressed to our Data Protection Officer at firstname.lastname@example.org titled “Privacy details”.
Website statistics are produced, using cookies, allowing us to record visitor numbers, number of pages viewed and referral source. These statistics do not record any personal data. This data simply helps us to administer and enhance the website and service.
You can turn cookies off. Please refer to the help section of your browser software for instructions on how to do this.