MAKE YOUR FREE Consultant Privacy Notice

CONSULTANT PRIVACY NOTICE

Statement and Purpose of Policy

1.  collects and processes personal data relating to its consultants in order to manage its relationship with them. We are committed to being transparent about how we collect and use that data and to meeting our data protection obligations.

What Information Do We Collect?

1. We collect and process a range of information about you. This may include, but is not limited to:    

   1. your name, address and contact details, including email address and telephone number;

   2. the terms and conditions of your engagement as a consultant;
   3. details of your qualifications, skills, experience and career history, including start and end dates;
   4. information about your remuneration, including details of the services and the days and hours on which you provide services under your engagement;
   5. details of your bank account (and VAT registration details if relevant);
   6. the duration of any periods during which you are unable to provide the services under your engagement
   7. details of insurance contracts maintained and payment of insurance premiums in accordance with your obligations under your engagement;
   8. emergency contact details; and
   9. photographs and videos.
2. We collect this information in a variety of ways. For example, data is collected through CVs or resumes; from forms completed by you at the start of or during your engagement; from correspondence with you; or through interviews or other meetings.
3. Data is stored in a range of different places, including our HR management systems and in other IT systems (including our email system).

Why Do We Process Personal Data?

1. We need to process data to enter into an engagement with you and to meet our obligations under the contractual arrangements between us. For example, we process your data to provide you with a consultancy agreement and to pay you in accordance with the contract.
2. In other cases, we have a legitimate interest in processing personal data before, during and after the end of the consultant engagement. Processing consultant data allows us to:

   1. offer consultant engagements to appropriate and suitably qualified individuals;

   2. maintain accurate and up-to-date HR records and contact details (including details of who to contact in the event of an emergency), and records of contractual rights and obligations;

   3. operate and keep a record of hours to allow effective workforce management;

   4. ensure effective general HR and business administration;

   5. ensure health and safety compliance; and

   6. respond to and defend against legal claims.

3. Where we rely on legitimate interests as a reason for processing data, we have considered whether or not those interests are overridden by the rights and freedoms of consultants and have concluded that they are not.
4. We process special categories of personal data, such as information about health or medical conditions, with your explicit consent, which can be withdrawn at any time by contacting the HR team or your primary point of contact at . Consultants are entirely free to decide whether or not to provide such data and there are no consequences of failing to do so.

Who Has Access To Data?

1. Your information will be shared internally, including with members of the HR team and finance team, your primary point of contact at , managers in the business area to which you provide services and IT staff if access to the data is necessary for the performance of their roles.
2. We share your data with third parties that process data on its behalf in connection with making payments.
3. We may also disclose your personal data to third parties:
   1. when we determine that disclosure is required to protect our rights, property, or personal safety, or to respond to requests by public, regulatory, or law enforcement authorities, including to meet national security or law enforcement requirements; or
   2. if we sell some or all of our business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets, and if the transaction closes, then your personal data may be transferred to the buyer.

Choice

1. We do not currently share your personal data with third parties other than our service providers who act on our behalf. However, if we decide to do so in the future, we will offer you the opportunity to choose (opt out) before your personal data is disclosed to a third party controller (i.e. a non-service provider). Also, if we decide to use your data for purposes that are different from the purpose(s) for which it was originally collected or subsequently authorised by you, we will offer you the opportunity to choose (opt out) before such use.

How Do We Protect Data?

1. We take the security of your data seriously. We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. 
2. Where we engage third parties to process personal data on our behalf, we do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

For How Long Do We Keep Data?

1. We will hold your personal data for the duration of your engagement as a consultant. The periods for which your data is held after the end of your engagement are set out, available.

Your Rights

1. As a data subject, you have a number of rights. You can:

   1. access and obtain a copy of your data on request;

   2. require us to change incorrect or incomplete data;

   3. require us to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;

   4. object to the processing of your data where we rely on our legitimate interests as the legal ground for processing; and

   5. ask us to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override our legitimate grounds for processing data.

2. If you would like to exercise any of these rights, please contact a member of the HR department or your main point of contact at .

Complaint Resolution

1. If you believe that we have not complied with this Privacy Notice or your data protection rights, you have the right to file a complaint with the UK Information Commissioner’s Office (https://ico.org.uk/make-a-complaint/), however, we hope that you will attempt to resolve the complaint with us first.
2. In addition, if you have any inquiries or complaints about the handling of your personal data, or about our privacy practices generally, please contact us at:  and we will respond to your inquiry promptly.

What If You Do Not Provide Personal Data?

1. You have some obligations under your engagement to provide us with data. In particular, you are required to report periods during which you are unable to provide services and may be asked to provide details of the insurance policies you maintain in accordance with your engagement.
2. Certain information, such as contact details and payment details, have to be provided to enable us to enter into an engagement with you. If you do not provide other information, this will hinder our ability to administer the rights and obligations arising as a result of the engagement efficiently.

Changes To This Privacy Notice

1. We reserve the right to change this Notice at any time as we may deem necessary from time to time or as may be required by law. We will provide you with a new Privacy Notice when we make any substantial changes. We may also notify you in other ways from time to time about the processing of your personal data.

    

Attribution

1. This Privacy Notice was created using a document from Rocket Lawyer (https://www.rocketlawyer.com/gb/en).