• LinkedIn Social Icon
  • Twitter Social Icon

© 2017 by PureVision IT. Proudly created with Wix.com

Tel: +44 330 22 10 590

                                                                        Purevision IT Limited: Privacy Notice

 

 

 

 

This Privacy Notice describes what personal information we hold about you, why we hold it, what we do with it, and to whom we may transfer it.

 

This notice has been updated in line with current data protection regulations, and is current as of 25 May 2018. We keep our practices under review, and in the event of any changes – whether by us, or as a result of changes in laws/regulations, we may amend this notice from time to time. For that reason we encourage you to check this notice periodically.

Personal Data

In this privacy notice “Personal Data” means data which relates to a living individual who can be identified from that data.

Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”) which will be implemented in the UK under the Data Protection Act 2018.

 

Who we are

 

Purevision IT Limited (“Purevision IT”) is the data controller in respect of information we gather about you. This means we decide how your Personal Data is processed and for what purposes.

Purevision Limited, company number 11023139, is registered in the United Kingdom at the following address: 337 High Road, Ilford, Essex IG1 1TE England. Trading address: BLOOM.SPACE, 52 Gower Street, WC1E 6EB, England

We comply with our obligations under the GDPR by:

  • taking steps to ensure personal data is accurate and up to date

  • storing it securely, and destroying it when necessary

  • taking steps to ensure we do not collect or keep more personal data than necessary

  • taking technical and practical steps to protect personal data, so that it is kept secure and is not lost or inadvertently/unlawfully disclosed or accessed.

  • taking steps to ensure that you are aware of what we do with personal data

  • giving you the opportunity to change how, what or whether we hold personal data about you (subject to the terms of this privacy notice).

How we collect Personal Data

How personal information is collected, held and processed (including transferred) depends upon the type of information we hold – that is, who provided it, and why it is needed.

  • Personal Information about individuals applying for roles (see “Candidate Information” below)

  • Personal Information about individuals who have carried out services on behalf of Purevision IT (see “Contractor Information” below)

  • Personal Information about individuals who work for clients or suppliers (see “Client Information” below)

Candidate Information

We may hold the following information about Candidates:

  • personal identification (passport, driving licence, work permit, residence permit)

  • contact details (address, telephone numbers and email)

  • work history (which may include references)

  • details of qualifications and experience

 

This is how we receive Candidate Information:

  • it may be provided by the Candidate

  • the Candidate’s referees’ (in respect of work history or qualifications)

  • public bodies (such as regulatory bodies, health professionals or the police)

  • third party websites (for example LinkedIn, or online job boards), where a Candidate has posted their CV/resume or other details of their qualifications/experiences for consideration for roles, or has otherwise consented to be contacted in relation to roles

  • via mutual contacts/networking

 

Candidate Information is held for the following purposes:

  • to consider a candidate for current or future roles

  • to comply with regulatory requirements

 

Transfers of Candidate Information

Purevision IT uses most information for its internal purposes only – that is, to check suitability of a Candidate for actual and potential roles with Clients.

If a candidate is considered suitable for a potential role we may transfer your Personal Data to the potential client, but ONLY if you have agreed to be put forward for the role (in accordance with the “consent” basis for processing (described below))

Purevision IT may also transfer Candidate information to the following entities for the following specific purposes, which are also lawful under Article 6 of the GDPR):

  • to a payroll, umbrella or personal or managed services company, in order to facilitate payment to the Candidate if they become a Contractor (see Contractor Information below) (in accordance with the “contract” basis for processing (described below));

  • to the police, court or regulatory bodies (in accordance with the “legal obligation” basis for processing data (described below));

  • to a third party online provider of document management services which provides and operates an encryption tool used by Purevision in order to ensure all documents are encrypted and all communications between Purevision IT and its Clients, Candidates and Contractors are encrypted.

  • to a third party Customer Relationship Management software provider which facilitate the communication and/or provision of services by Purevision IT to Clients and communication with Candidates (as part of our “legitimate business interest”, see below). Such providers would only be used where they have agreed to:

    • treat all data securely;

    • process data in accordance with the GDPR (or the EU’s approved standard model contracts or other approved basis, if the provider is outside of the EU);

    • use the data only in relation to Purevision IT, and not sell or transfer personal information to any third parties.

 

Contractor Information

 

Purevision IT may hold the following information about Contractors:

  • Their relevant Candidate Information, being

    • personal identification (passport, driving licence, work permit)

    • contact details (address, telephone numbers and email)

    • work history (including references)

    • details of qualifications and experience

  • Details of work on assignments, including:

    • Remuneration

    • Days/Hours worked

    • Performance record

    • Disciplinary record

    • Absenteeism

 

This is how we obtain Contractor Information:

  • from you as part of Candidate Information (see Candidate Information, above)

  • from a Client or other line manager reports

  • from a Client’s HR departments

  • from the Contractor’s payroll, umbrella, or managed or personal service company

  • from public bodies (such as regulatory bodies, health professionals or the police)

 

Contractor Information is held for the following purposes:

  • to consider the Contractor’s suitability in their current role

  • to consider the Contractor for alternative current or future roles

  • to comply with regulatory requirements

 

Transfers of Contractor Information

Purevision IT uses most information for its internal purposes only – that is, to check suitability of a Contractor in their current role, and for any alternative actual and potential roles with Clients.

If a Contractor wishes to be considered for alternative roles, they will become a Candidate in respect of that role – in such cases the processing is dealt with in the Candidate Information section.

Purevision IT may also transfer Contractor Information to the following entities for the following specific purposes, which are also lawful under Article 6 of the GDPR):

  • to the Contractor’s payroll, umbrella or managed or personal services company, in order to facilitate payment to the Contractor or to deal with any contractual issues with the Contractor (see the “contract” basis for processing data)

  • to the police, court or regulatory bodies (in accordance with the “legal obligation” basis for processing data see below)

  • to third parties if we have been nominated by the Contractor as a referee (as listing us as a referee inherently is a matter determined by the Contractor themselves, this would be under the lawful basis of “consent” under the GDPR or where we are required to provide a reference by law/regulation, this will be on the basis of “legal obligations).

  • to a third party online provider of document management services which provides and operates an encryption tool used by Purevision in order to ensure all documents are encrypted and all communications between Purevision IT and its Clients, Candidates and Contractors are encrypted.

  • to a third party Customer Relationship Management software provider which facilitate the communication and/or provision of services by Purevision IT to Clients and communication with Contractors (as part of our “legitimate business interest”, see below). Such providers would only be used where they have agreed to:

    • treat all data securely;

    • process data in accordance with the GDPR (or the EU’s approved standard model contracts or other approved basis, if the provider is outside of the EU);

    • use the data only in relation to Purevision IT, and not sell or transfer personal information to any third parties.

 

Client Information

 

Purevision IT may hold the following Client Information

  • name

  • contact details (address, telephone numbers and email)

 

How we obtain Client Information

  • it may be provided by the Client themselves

  • it may be provided by a Candidate or Contractor

  • third party websites, where a Client’s contact details have been posted

 

We hold Client Information for the following purposes:

  • to consider whether a client may wish to receive services from Purevision IT;

  • to consider whether Purevision IT may wish to receive services from a supplier;

  • to manage the provision of services by Purevision IT or our contractors to the Client;

  • where the Client is a supplier, to manage the provision of Services to Purevision IT; and

  • to comply with regulatory requirements

 

Transfers of Client Information

Purevision IT uses Client Information for our legitimate internal business purposes only – that is, to manage the provision of services pursuant to an actual or potential contract with the client.

We will only transfer Client Information for the following specific purposes, which are also lawful under Article 6 of the GDPR):

  • to a Candidate or Contractor as is necessary for fulfilling the contractual obligations between us, the Client and/or the Contractor/Candidate (see the “contract” basis below); or

  • to the police, court or regulatory bodies (in accordance with the “legal obligation” basis for processing data below).

  • to a third party online provider of document management services which provides and operates an encryption tool used by Purevision in order to ensure all documents are encrypted and all communications between Purevision IT and its Clients, Candidates and Contractors are encrypted.

  • to a third party Customer Relationship Management software provider which facilitate the communication and/or provision of services between Purevision IT and its Clients (as part of our “legitimate business interest”, see below). Such providers would only be used where they have agreed to:

    • treat all data securely;

    • process data in accordance with the GDPR (or the EU’s approved standard model contracts or other approved basis, if the provider is outside of the EU);

    • use the data only in relation to Purevision IT, and not sell or transfer personal information to any third parties.

 

Lawful Basis for Processing Personal Data

GDPR Article 6 sets out the only basis on which processing of Personal Data is lawful.

We rely on the following basis, as is relevant for the particular situation described above:

  1. Consent

We will ALWAYS ask for explicit consent prior to putting forward a Candidate for a role.

We will also always ask for consent prior to adding a Candidate’s (who may become a Contractor) Personal Data to our database.

You may withhold or withdraw your consent at any time, in accordance with the procedure set out in this privacy notice.

PLEASE NOTE: if you withhold or withdraw your consent, Candidate/Contractor Information will not be used or transferred for the purpose of searching for appropriate roles (that specific type of processing). However, the Personal Data held as part of Candidate or Contractor Information may still be stored and processed, if and to the extent necessary to fulfil our other obligations (for example, in relation to legal claims or in relation to financial record keeping) – such further processing will be on one of the following basis.

 

  2. Contract

Where we are processing Personal Data in order to fulfil obligations under a contract with you, then this will be the lawful basis for such processing.

Purevision IT has contracts with candidates and Contractors (which may include the Contractor’s representatives/employers/companies). We will process Candidate and Contractor Information in order to fulfil our obligations under those contracts. That would include, for example, transferring Personal Data to an umbrella company in order to ensure a Contractor is paid for the work they have done.

Purevision IT also has contracts with its clients and suppliers (as set out above, this is collectively known as Client Information). In order to fulfil our obligations to clients, we will need to pass certain Client Information to Candidates or Contractors (for example, the contact details of Human Resource staff for Candidate interviews, Line Managers to Contractors when the commence work, or Client Representatives for queries from our client relationship team) or to payroll (for example, contact details from the client’s finance department).

   3. Legal Obligation

Purevision IT will process Personal Data in order to comply with the law. This includes obligations to maintain accurate and historic financial records and /or respond to and manage legal claims or threats (in each case subject to relevant statutory limitation periods).

   4. Legitimate Interests

Purevision IT maintains a database of Candidate, Contractor and Client Information. It does not transfer or sell this information to any third parties, save in the instances set out above. However, it does hold this information, and may use it for searching for business opportunities.

PLEASE NOTE - As explained in relation to consent – no Candidate or Contractor Information will be transferred to actual or potential clients in respect of job / assignment opportunities without the Candidate or Contractor’s consent.

All database information will be held securely, and not kept for longer than is necessary.

How Long we keep Your Personal Data

Purevision IT stores Personal Data for periods which are necessary and reasonable depending upon the nature of the data, and the reason for which it is being stored.

The following table sets out the current retention periods being used for various purposes. Please note, these periods are subject to review and the table may be amended from time to time:

REASON

Period Data Kept

If you have provided services to, or on behalf of Purevision IT

7 years from conclusion

If you have been a Client

7 years from the last date on which services were provided

If you applied for an Assignment but were unsuccessful

3 years from the date of the most recent application

If your CV is on our database but you have not been put forward for consideration for a role

3 years from registering your CV if there has been no contact. Alternatively, 2 years from the most recent contact.

In addition to the above retention periods, we may retain archive copies of Personal Data beyond those dates, but only in relation to handling legal claims or legal obligations. It will not be sold or transferred or otherwise used for alternative purposes

Procedural and Technical Safety Measures

In order to ensure all Personal Data is held securely, Purevision IT takes the following procedural and technical safety measures:

  • access to Purevision IT’s electronic communication systems and files are controlled by secure log-in procedures, and passwords are regularly changed

  • Purevision IT uses an encryption tool on its internal database

  • Purevision IT operates an encryption tool in respect of all external communications

  • all staff/contractors are trained in Data Protection laws and regulations, and have obligations to keep data secure in their contracts

  • our corporate website is secured with SSL encryption

Contacting us about Personal Data we hold

If you want to contact us in respect of this notice, or the data we may hold about you, we can be reached at the following email address: contact@purevision-it.com

In addition to general questions you may have about either this notice or our processing of personal data, you may wish to ask about the following:

  • receiving copies of certain personal data (“Relevant Information”) we hold about you

    • This is known as a “data subject access request”. If you would like to make a data subject access request:

      • you must write to Purevision IT at the trading address set out at the top of this notice;

      • in order to ensure that we only provide copies of information to you, please enclose a certified colour copy of either your passport or driving license;

      • Purevision IT will carry out a reasonable search for Relevant Information held, so when making the request, it would be helpful for you to be as specific as possible in respect of the information you are seeking: for example, in terms of periods covered, and types of data held. This makes it more likely that we can locate the information which is most relevant for you. If you do not provide any detail as to the information you are seeking, we may contact you to ask for further details about your request;

      • the search will be carried out within a month of receiving the confirmation set out in the above bullet points, unless the search you have requested is particularly complex, or the amount of information is unusually large (we will inform you of such within the month);

      • “Relevant Information” is information on our electronic or structured manual files which is about you. This means that it will be information which records something tangible about you, rather than just listing your name. For example, a file recording your conduct during an Assignment with a Client is likely to be Relevant Information, whereas your email address being in a recipient list of a mailshot for job opportunities is unlikely to be Relevant Information;

      • there are various exemptions which mean that your personal information may not be disclosed as Relevant Information. These can be found on the Information Commissioner’s Website https://ico.org.uk, but some common exemptions are when the information contains a third party’s personal information (and such third party does not consent to disclose such), where searching for and disclosing information requires a disproportionate effort, or where a document has legal professional privilege.

  • updating or amending personal data we hold about you:

    • if you believe the Personal Data we hold is inaccurate or out of date, we would be grateful if you could let us know. This will also help ensure that Purevision IT is not processing incorrect data about you.To update or amend your Personal Data:

      • please contact us via email to contact@purevision-it.com;

      • we may ask to verify your identity;

      • within one month of receiving such verification, we will review the amended or updated information provided by you, including where relevant, asking for confirmation/verification from relevant third parties;

      • if there is a delay in verification or otherwise amending the Personal Data, we will contact you within the one month period, explaining the grounds for any such delay;

      • once the updated or amended information has been verified, Purevision IT shall amend its systems accordingly. The expired/inaccurate Personal Information shall be removed from the active systems, but a copy may be retained for archive and maintenance of records only;

      • please note, during any period of verification your Personal Data will continue to be processed in the unamended form until verification has been complete;

      • at the end of any verification, we shall contact you to inform you how your Personal Data has been updated/amended.

  • You have the right to request for your Personal Data to be blocked, pending the above requests. This would mean that we will not contact you about any services or otherwise process your data (save to the extent necessary to meet its legal or regulatory obligations, or deal with actual or potential litigation), until the above steps have been completed.

  • Removing your consent for Purevision IT to process certain data about you:

  • You are free at any time to amend or withdraw your consent to all or part of the relevant processing (being, processing we carry out on the “contract” basis). If you wish to do so, the following process applies:

    • you must contact contact@purevision-it.com informing us that you have changed your preference in respect of our processing in one of the areas where the basis of processing is “consent” or “contract”;

    • we will respond within 10 working days, to verify your identity and request;

    • once your identity and request has been acknowledged and confirmed, we will amend our system processes in relation to your Personal Data accordingly. Please note, if you withhold or withdraw your consent to processing carried out due to our contractual relationship, your Candidate or Contractor Information will not be used or transferred for the purpose of providing or offering services. However, the Personal Data may continue to be stored and processed by us, if and to the extent necessary to fulfil our other obligations as set out elsewhere in this notice (for example, in relation to legal claims or in relation to financial record keeping) – such further processing will be on one of the lawful basis set out above.

  • Requesting that Purevision IT transfers your Personal Data to another entity.

    • Where you have provided us with Personal Data, you can request that we transfer that Personal Data to a third party (for example, another consultancy) (the “Transferring Data”). In order to do this, the following process applies:

      • you must write to us at the Trading address at the top of this privacy notice providing details of the third party to whom you wish to transfer the “Transferring Data”;

      • the Transferring Data should include Personal Data which:

        • is processed via an automated means; and

        • you provided to us; and

        • has been processed under the lawful basis of either:

          • “consent”; or

          • "contract";

      • We will contact you within 10 working days to confirm the fact and details of your request;

      • once we have received the above confirmation, we will make a copy of the Transferring Data on a commercially generally available format (for example Microsoft Word, Microsoft Excel) and will send a copy to the contact details you have provided;

      • after carrying out the above bullet points, we will send you an email confirming what Personal Data was transferred to the third party.

  • When making the above request, you may also request for your Personal Data to be blocked, pending the above steps. This would mean that we will not process your Personal Data, save to the extent necessary to meet its legal or regulatory obligations, or deal with actual or potential litigation, until the above steps have been completed.