Policy Review Date: September 2020
Next Review Date: September 2021
Clarus Education Ltd is committed to protecting the privacy and security of personal information. All information collected used during and after any working relationship with us is held in accordance with the General Data Protection Regulation. This applies to all employees, workers, contractors, candidates, and individuals as clients or potential clients of ours.
Below is a summary of our Data Protection, Processing, and Record Retention procedures. Further detail can be found in the GDPR Data Protection Policy- Resourcing Capital Ventures and our GDPR Privacy Notice.
Data Protection
Clarus Education Ltd is a “Data Controller”. This means that we are responsible for deciding how we hold and use personal information about those with who with have working relationships or potential working relationships.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed.
We will always comply with data protection laws. This says that personal information that we hold must be:
Depending on the circumstances, we may collect, store, and use a range of personal information. For a full list please refer to our Privacy Notice.
Collecting Information
We may collect personal information about employees, workers, contractors, candidates, and individuals at clients or potential clients of ours in a number of different ways. This includes recruitment, directly from candidates, or sometimes via another employment agency. We may sometimes collect information from third parties including former employers, credit reference agencies, or other background check agencies. We may also collect personal data that is publicly available on websites.
Using Personal Information
We will only use your personal information when the law allows us to. Most commonly, we may use it in the following circumstances:
Processing Data
We may have to share personal data with third parties, including third-party service providers and other entities in the group. We require third parties to respect the security of your data and treat it in accordance with the law.
Data Security
We have put in place measures to protect the security of personal information that we hold, for example to backup and protect the integrity of our electronic communications and data storage systems.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Data Retention
We will only retain personal information for as long as it is necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting, or reporting requirement. Full details of the retention of personal information can be found in our GDPR Privacy Notice.
All regulatory information must be kept for six years from the end of the last company financial year. As Clarus is not yet 7, we currently keep all of our information recorded.
Rights of Access, Correction, Erasure, and Restriction
Under certain circumstances, by law, you have the right to:
Any wish to exercise these rights must be communicated in writing.