PRIVACY POLICY

PRIVACY POLICY STATEMENT
This Privacy Notice sets out: the types of personal data that we collect about you; how and why we use it; how long we will keep it for; when, why and with whom we will share it; the legal basis for us using your personal data and your rights under Article 13 / 14 of the General Data Protection Regulation. It also explains how we may contact you and how you can contact us.

STAR ASCEND UK LIMITED (Star Ascend) is committed to protecting your privacy and we aim to respect your personal data you share with us.Your personal information will be held and process by Star Ascend. We are registered as a data controller with the ICO in the United Kingdom for the purposes of the Data Protection legislation and General Data Protection Regulation (GDPR).Our registered address is 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ. We collect a wide range of personal information depending upon the nature of our relationship with you as the data subject.

Our website might include links to other companies' websites, however, Star Ascend is not responsible for the privacy practices of others and we encourage you to read their privacy notices. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.


WHAT DOES THIS POLICY COVER?
We at Star Ascend take your personal data seriously. This Privacy Notice:

  • sets out the types of personal data that we collect about you
  • explains how and why we collect and use your personal data
  • explains how long we keep your personal data for
  • explains when, why and with who we will share your personal data
  • sets out the legal basis we have for using your personal data
  • explains the effect of refusing to provide the personal data requested
  • explains the different rights and choices you have when it comes to your personal data
  • explains how we may contact you and how you can contact us.

WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU?
We collect information about you which enables us to find available opportunities and assess your suitability throughout the recruitment process. This is collected in our capacity as a recruitment agency and recruitment business as well as an employer if you want to work for us.We collect personal information including but not limited to your first name, surname, email address (both personal and business), telephone number, residential address, job title, company name, financial information, job function, location, sector, CV, identification documents, evidence of right to work documents,, educational records, work history, Disclosure and Barring Service (DBS),reference, employment and references, date of birth, driving license; bank account details and national insurance number, next of kin and emergency contact details, references and links to your professional profiles available in the public domain and on social media, such as LinkedIn and corporate websites.

We may also collect some sensitive personal data about you, in the form of health or medical information (including details of any special assistance you may need or any sick leave taken during previous roles) to fulfil our employment, social security and other regulatory or legal obligations. With your express consent, we may also collect other sensitive personal data from you such as your ethnic origin. Where you have been required to give your explicit consent, you will always be entitled to withdraw such consent at any time.


WHERE DO WE COLLECT PERSONAL DATA ABOUT YOU FROM?
The following are the different sources we may collect your personal data from:

  • Directly from you. This is information you provide whether searching for a new opportunity, during the different recruitment stages or at a recruitment or networking event. This may be by telephone, email or in person.
  • From an agent/third party acting on your behalf. This may be your own limited company, an umbrella company or another recruitment agency.
  • From third party sources. We may obtain your personal information from the following third party source(s):
  • Job Boards that you have registered your details with and where we are clearly and specifically named as a recruitment company with whom your data may be shared.
  • By Reference or word of mouth. For example, you may be recommended by a friend, a former employer, a former colleague or even a present employer. However, we will always seek your prior valid consent before processing your data.

HOW AND WHY WE USE YOUR PERSONAL DATA?
We will use your data so that we can provide our services to you, including:

  • To carry out our contractual obligations with you or with a client, including under any contracts we intend to enter with you.
  • To match your skills, experience and education with a potential employer or client or current job opportunities.
  • To provide more detailed information to a client, should you be chosen by the client to go through to the next stage.
  • To keep you informed of job opportunities which we think may be of interest to you.
  • To send you other information that may be of interest to you, such as workshops, events
  • To respond to your requests or questions when you contact us.
  • To notify you of changes in our services or in this Privacy Policy.
  • To notify you about changes to our service;
  • To provide services relating to recruitment, mentoring , including tuition ,market mapping and research and salary surveys.
  • Collect information about the device you are using to view the Star Ascend website, such as your IP address or the type of internet browser or operating system you are using
  • To manage our relationship with you and with our clients and perform administrative and operational tasks.
  • To comply with our legal obligations and rights, under contracts and at law, and to cooperate with authorities and investigations.
  • To analyse trends in industry, although this information will be anonymised.
  • If you work for a client or a potential employer looking to fill roles, to contact you about prospective candidates or leads and to share your contact details with a candidate, at interview stage and beyond.
  • For the detection and prevention of fraud, crime, or other malpractice;
  • To conduct market or customer satisfaction research or for statistical analysis;

WILL WE CONTACT YOU FOR MARKETING PURPOSES?
We do not collect personal data for marketing purposes, but with a legitimate interest in maintaining and developing a professional relationship with potential customers (taking into consideration their individual rights and freedoms). We will only send you direct marketing emails that promote our company or services if you have opted in to this. You will have the option to opt in when you are provided with a copy of our Privacy Notice. You can also manage your direct marketing preferences by contacting a Star Ascend consultant, updating your preferences or clicking the unsubscribe link on an email. To clarify, contacting you about specific job opportunities is not marketing because we are not advertising or marketing our services.

We also publish news and updates from time to time and simply post these on our website and/or on social media sites to assist and generate interest in our business. We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Of course, we also use personal data as part of our service delivery, procurement management and to best manage our very valuable human resource.


HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION?
We keep your personal information only for as long as is necessary in line with the reason for which we process it, as described above. Please note that we may retain some of your information after you cease to use our services if it is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes, health and safety, or employment regulations. When determining the relevant retention periods, we will take into account:

  • Our contractual obligations and rights in relation to the relevant information;
  • Legal obligations under applicable law to retain data for a certain period;
  • Our legitimate interest where we have carried out a balancing test;
  • Statute of limitations under applicable law;
  • Disputes, whether potential or actual;
  • If you have made a request to have your information deleted;
  • Guidelines issued by relevant data protection authorities.
  • If we determine that we can delete your data, we will do so securely

LEGISLATION AND GUIDANCE
The General Data Protection Regulation (GDPR) governs how information about people (Personal Data) should be treated. It also gives rights to individuals whose data is held. The Regulation came into force on 25 May 2018 and applies to all personal data collected at any time whether held on computer or manual record. The Regulation is enforced by the Information Commissioner. The GDPR makes a distinction between personal data and "sensitive" personal data. Sensitive personal data is subject to stricter conditions of processing.


DATA PROTECTION PRINCIPLES
The GDPR contains 6 principles for processing personal data with which organisations must comply. Personal data shall be:

  • processed lawfully, fairly and in a transparent manner in relation to the data subject('lawfulness, fairness and transparency')
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes ('purpose limitation');
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data minimisation');
  • accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay('accuracy');
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject ('storage limitation');
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality').

WHAT LEGAL BASIS DO WE HAVE FOR USING YOUR INFORMATION?
For prospective employees, candidates, contractors, referees and clients, our processing is necessary for our legitimate business interests in that we need the information in order to be able to assess suitability for potential roles, to find potential candidates and to contact clients and referees. We carry out a balancing test to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing. We keep a record of these balancing tests which you can find out more about by contacting us using the details below.

If you are interviewed and submitted as a candidate, then to comply with our employment, social security or other legal and regulatory obligations, we may need to process more detailed personal data including sensitive data such as health information that you or others provide about you. Where there is no legal obligation to collect and process any of your sensitive personal data we always ask for your express consent before undertaking such processing. We may also rely on our processing being necessary to perform a contract for you, if you are a client or a candidate or contractor and we are negotiating or have entered into an agreement with you to provide services to you or receive services from you. Processing may also be necessary to fulfil our legal and regulatory obligations, such as disclosure to public authorities, regulators and investigations. We may also use your information if we must establish, exercise or defend legal claims or where the personal information is in the public domain.


WHO WILL WE SHARE CANDIDATES INFORMATION WITH?
Your personal data may be shared with certain third parties who will be subject to contractual obligations of confidentiality and compliance with all relevant data protection laws, including

  • Our client who has a position to fill or who you may have been placed with.
  • The end client or customer who you may be placed with through another agency or intermediary (for example where there is a managed service arrangement or where our client is a consultancy firm)
  • Other recruitment agencies or service providers such as umbrella companies, RPO or PSL providers.
  • Suppliers, contractors and agents who may perform services for us, including payroll providers, umbrella companies, professional advisers such as accountants or lawyers, insurance brokers, consultants, background check agencies, email marketing agencies, event organisers.
  • Government or law enforcement authorities or any other third party in any jurisdiction, if we believe that we have an obligation to do so or that such action is necessary to protect, defend or enforce our rights.
  • In the event of a sale, merger, liquidation, receivership or transfer of assets oof our company , to any third party provided they are obliged to only use your personal data for the purposes that you have provided it to us.
  • We may also conduct checks on you to verify the accuracy of the information you have provided and where we do this we may share your information with former employers or clients.

WHAT HAPPENS IF YOU DO NOT PROVIDE US WITH THE INFORMATION WE REQUEST OR ASK THAT WE STOP PROCESSING YOUR INFORMATION?
If you do not provide the personal data we request or withdraw your consent, if consent is the sole lawful basis we rely on for processing your information, we may not be able to match you with available job opportunities.


WHAT SECURITY MEASURES DO WE HAVE IN PLACE?
Our company takes every precaution to protect our users' information. We have appropriate technical and organisational security measures in place to protect your personal information under our control and to prevent unauthorised access, destruction, transmission, misuse or alteration of it. However, we cannot guarantee that such unauthorised access, destruction, transmission, misuse or alteration will not happen. Transfer of data via the internet is not completely secure and while we do our best to protect your personal data, any data you transmit to us is at your own risk. Once we have received your data we will follow our procedures and policies to protect it securely. If we share any links to external websites operated by other organisations (such as clients, training providers etc) with you, any data you submit to those websites (including clicking on any link) is outside our control and will be subject to that third party's data protection and privacy policies. We cannot guarantee that any third party will be compliant with relevant laws and best industry practice and accept no responsibility or liability for these third parties. If you have any questions about the security of our website, you can email info@starascend.co.uk


IMPLEMENTATION

  • The responsibility for implementation of this policy rests with us. We will ensure that:
  • Everyone managing and/or handling personal information understands that they are contractually responsible for following good data protection practice.
  • Everyone managing and/or handling personal information is appropriately trained to do so.
  • Everyone managing and/or handling personal information is appropriately supervised.
  • Anyone wanting to make enquiries about handling personal information, whether a member of staff or a member of the public, is given advice as necessary
  • Queries about handling personal information are promptly and courteously dealt with.
  • Methods of handling personal information are regularly assessed and evaluated.
  • Performance with handling personal information is regularly assessed and evaluated.
  • Employees are aware of the action required in the event of a Data Breach.

WHAT RIGHTS DO YOU HAVE IN RELATION TO THE DATA WE HOLD ON YOU?
You have the following rights as a Data Subject:

  • Right to access - you have the right to request a copy of all data we hold about you;
  • Right to rectification - where any data we hold is incorrect, you have the right to ensure it is correct;
  • Right to be forgotten - if you no longer wish for us to hold your data, we will delete it;
  • Right to portability - you can ask us to provide your data to a third party in machine-readable formats;
  • Right to restrict processing- since we only use this to contact you, there is no processing to restrict, we would simply delete the information wherever possible and in keeping with our own obligations.

TRANSFERRING INFORMATION OUTSIDE THE EEA
The personal data and sensitive data identified above is only processed by us in the UK. We do not generally transfer your data out of the EEA. However, Third parties may on occasion have access to personal data only when they are under contract and following the signature of a non-disclosure agreement and only in line with the services, these third parties are contracted to do so in order for Star Ascend to function as a business.Subject to the two exceptions below your data will not be processed outside of the European Economic Area (EEA).Your data will only be processed outside of the European Economic Area (EEA) in the following circumstances:

  • In this situation data is transferred outside of the EEA on the basis that our service provider has signed up to the EU-US Privacy Shield Framework. More information about the Privacy Shield Framework can be found here: PRIVACY SHIELD
  • Where we need to obtain reference information where the referee is not based within the EEA this will require basic data transfer outside of the EEA. In this situation you will have provided the relevant contact details for the referee.

WILL WE PROCESS SPECIAL CATEGORIES OF PERSONAL DATA AND CRIMINAL CONVICTIONS?
We avoid processing special categories of data (these are sensitive personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership) and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person's sex life or sexual orientation. However, by taking copies of passports or ID it may be that racial or ethnic origin can be revealed. Processing this data is necessary for us to comply with employment law obligations and the data is only used for this specific purpose. We are under an obligation to ensure that the candidates we submit to clients are suitable. As part of our registration process we require individuals to disclose any unspent convictions and may need to make further enquiries if necessary.


COOKIES & LINKS TO EXTERNAL WEBSITES
To provide better service to you on our websites, we use cookies to collect your personal data when you browse. See our cookie policy on our website here for more details. Some external links appear on our website, to websites owned and operated by third parties. These websites have their own privacy policies and we encourage you to review them. Our company accept no responsibility or liability for the privacy practices of such third parties and you use them at your own risk. When you leave our site we encourage you to read the privacy statements of each and every website that collects personally identifiable information.


AMENDMENTS
We may update this Privacy Policy from time to time by publishing a new version on our website. Any changes will be immediately posted on our site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of our site following the alterations. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy by e-mail if you have provided us with the means to do so.


LOG FILES
We use IP addresses to analyse trends, administer the site, track user's movements, and to gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


ACCESSIBILITY
This Privacy Policy is available on our website


COMPLAINTS OR QUERIES
Complaints about Star Ascend's processing of personal data and rights under the General Data Protection Regulation will be dealt with in accordance with this Policy. Complaints will be fully dealt with after a formal review. The clarification and review procedure contained in the school's Freedom of Information and Environmental Requests Policy and Procedures should be used when dealing with reviews under this policy (Data Protection) and for Freedom of Information and Environmental Information requests. Individuals have a right to request that the Information Commissioner make an assessment of compliance of particular circumstances with the General Data Protection Regulation. If individuals are not happy about how we have handled their information they can contact the ICO via the following means:
Sent to
Customer Contact
Information Commissioner's Office
Wycliffe House,
Water Lane
Wilmslow
Cheshire
SK9 5AF
Alternatively visit their website - at ICO or contact them by phone on 0303123111
We will respond promptly and fully to any request for information about data protection compliance made by the Information Commissioner.


HOW WILL WE CONTACT YOU?
We may contact you by phone, email or via social media or networking sites. If you prefer a particular contact means over another, please just let us know.


HOW DO I CONTACT YOU?
We will review your personal data periodically to ensure it is up to date and accurate but rely on your cooperation to keep us informed if any such data changes. If you would like to change any information you have provided to us, please just let us know. If you are unhappy with how we've handled your information, or would like to enact your rights, make a complaint or contact our Data Controller, you can do so by submitting a request to
By email:info@starascend.co.uk
By telephone:0208 221 2728
By post: 71-75,Shelton Street, Covent Garden, London, WC2H 9JQ,UK