This Policy is intended to apply across the SSQ Group of companies as listed in the appendix.
We help candidates find employment with our clients as employers and we also engage candidates to provide services to our clients as agency workers. In this Policy, “we” and “our” refers to each of these companies as they handle your data (as applicable).
Our data protection lead (DPL) responsible for communicating with you about our use of your data can be contacted at [email protected].
When you visit our website, interact with us (via social media or otherwise) or use our services to help you find a job or enter into a contract with us as an agency worker, you will be giving us your information in a variety of ways as described in this policy (your personal data). This isn’t about giving you the small print. It is our commitment to you that we want to protect and respect your privacy. We want to try and make it as clear as possible to you what you are agreeing to when you visit our site and when you use our services. If you have any questions, simply email us at [email protected] and we will try and answer them.
Sometimes in this policy, we will get technical with a few terms such as referring to:
– the General Data Protection Regulation (2016/679) (the GDPR)
– data processors (third parties who handle your data on our behalf)
– a data controller (the company which makes decisions about how it wishes to use your data) – in the UK, that’s either Shilton Sharpe Quarry Limited (if you are dealing with our search and recruitment business) or SSQ Contracts Limited or Pivot People Limited (if you are dealing with our in-house and interims business). Please see the list of SSQ Group entities in the Appendix to identify the relevant entity for you.
We may need to update this Policy at any time and without notice and when we do this we will advertise this by including notices on the website.
We will collect and process the following data about you:
This is the information about you that you give us by:
We need this information to operate our business effectively which is in our legitimate interests. For further details of how we use your data for marketing purposes, please see the Marketing section of this policy.
You know what information you are giving us and why we need the information as you are filling in the forms and requesting us to do things for you.
In order to see if you might be interested in our services, we gather data in two ways:
Our first contact with you will depend on a number of factors including the roles that may be of interest and your seniority.
This use is for our legitimate interests of establishing if we can provide you with advice on the legal market and identify suitable opportunities for you or place you in work as an agency worker. We will always make it clear to you how you may opt out of hearing from us again. See ‘Opting out’ below. If, after we are in first contact with you, you inform us that you are not pro-actively looking for a new role at that time, we will keep your records on our system for only as long as we consider this necessary in order to advise you on suitable roles that may occur in the future. This database is cleansed periodically in accordance with the law to ensure that we do not store your details for longer than necessary. If you inform us that you do not wish to hear from us again, we will of course, respect this. Please see ‘Opting Out’ below.
Taking the next step
If after speaking with us, you do wish to engage with us or use our services then we begin the process of advising you on the market and/or potentially suitable roles. At this point, our collection of your personal data naturally expands. We may:
If you are a candidate for direct employment by a third party or seeking an assignment as an agency worker, then our reason for processing such data is our mutual legitimate interests of finding you a role.
Discussing roles with a client
Where we wish to discuss your profile with a client, and you are registered with us, we only ever do with this with your express permission (sometimes we may discuss publicly available information about you with clients in relation to a generic search before we speak to you, such as your details made publicly available on LinkedIn). We never share candidates’ or workers’ private personal details with clients without their consent.
Securing a role
Where you are successful in securing an offer for a role, we may use your data to:
We may also ask you for your banking details so we can pay you and this is necessary to perform our contract with you.
If you are engaged by us to perform an assignment as an agency worker, then our reasons for processing such data will include (i) to perform our contract with you; and (ii) for the mutual legitimate interest of managing the performance of your services; and (iii) for compliance with legal obligations including but not limited to the Employment Agencies Act 1973 and the Conduct of Employment Agencies and Employment Businesses Regulations 2003, the Working Time Regulations 1998, prevailing law relating to tax, National Insurance contributions, pensions auto-enrolment and the statutory sick pay scheme. If you need further information about which condition applies to our use of your information then please email [email protected]
We also offer our clients an executive search function whereby we will proactively identify potential highly skilled candidates for a role who may be working in other places of employment and who have not contacted us themselves. This is in our mutual legitimate interests. We protect your interests at all times by ensuring that if, when contacted, you have informed us that you do not wish to be contacted again by us, we will opt you out immediately from our services. See ‘Opting Out’ below. Where you choose to engage with us in relation to a role then we will obtain your consent to proceeding either verbally or in writing by email.
Where you are an actual or prospective supplier of services to us, we will process relevant personal data about the individuals with which we have contact (such as name, contact details and role). Our reason for such processing is our legitimate interests of operating our business and managing our suppliers.
If, at any time, you inform us that you do not wish to be contacted by us in relation to our services, we will, of course, promptly delete your records from our system although we will keep a note that you were not interested in our services so we do not contact you again unless you later contact us or you exercise your right to erasure (see Rights section below). To exercise this opt out, please inform the consultant you speak to or email us at any time at [email protected].
You always have the right to withdraw any consent you have given us. To do this, simply inform the consultant you are dealing with or email [email protected].
We will delete your records upon your request or if we have not heard from you for an extended period in accordance with our data retention policy and the principles of data minimisation with which we are bound to comply by law. We only hold records for as long as necessary. Different retention periods apply to different categories of data and are too numerous to set out here but depend on the legal requirements for our records, the nature of and amount of the data contained in the record, its sensitivity and the potential risk for harm from unauthorised use or disclosure of the data and whether we can achieve our purposes without holding onto that data. Please note that:
Please avoid providing us with any data relating to any of the following ‘sensitive’ types of data (also known as special category data) unless we have expressly asked for it as we will need your separate express consent to capture this data:
If you wish to provide us with this sensitive data then please contact [email protected] and we will provide you with the relevant consent forms.
If you are engaged by us to provide services as an agency worker, we may require and process details of your health in order to comply with and process any entitlement to statutory sick pay.
If you provide us with information about your disability status, we may use this to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during interview and we may store this with your other records and pass this to clients so that they can use this for the same legally required purposes also.
Any information captured in equality monitoring forms is anonymous and not stored with your other records.
We process data about our clients as well as our candidates. This comprises: contact details (name, email address), title, career history and details of and relating to any meetings between our clients and our candidates and information from publicly available sources such as the client’s website. We process this data for our legitimate interests of finding clients suitable candidates. We also send clients marketing from time to time – please refer to the Marketing section of this policy below.
Each time you visit our site, we collect certain technical data about you. This includes details about your equipment (such as mobile device type), your operating software, browsing behaviour (including your browser type and version, geographical location, referral source, time zone setting, browser plug in types and versions, IP address URL, clickstream to and from out site including date and time, pages you viewed or searched for, page response times, page interaction information such as scrolling, clicks and mouse-over and methods to browse away from the page. When you enter our website, the cookies policy explains how we share this with others and how we use it for our own purposes. The source of this data is our analytics tracking system and we require this to pursue our legitimate interests of improving our website and personalise your experiences on it as well as for our own business intelligence.
We may also monitor and record our communications with you for the purpose of quality assurance and training and for fraud prevention. This is in our legitimate interests of our business quality and security standards.
As described above in the ‘Candidate Data’ section of this policy, we undertake background searches of publicly available information on you from websites such as LinkedIn, legal news websites and any professional societies relevant to your role such as the Law Society of England and Wales and overseas equivalents. This is in our legitimate interests of finding suitable roles for both you and our clients.
We may have to conduct credit referencing checks as part our recruitment services. We may search the files of credit reference and fraud prevention services and we may share our results with them. These searches will be recorded. Your information may be linked to others living at your address. Other credit providers may search these records. If you provide false information and we suspect fraud we will record this and report our suspicions to appropriate law enforcement agencies. This use of your information is needed for anti-fraud and money laundering purposes which are in our legitimate interests.
Criminal records checks – We may also conduct DBS criminal records checks with your consent and where this is relevant for your role only. This may occur where your role requires a high degree of trust and integrity.
References: We may also ask any named referees you have given to us for references. We will ask for your consent for this.
It may not be possible to complete your application without these checks.
Service Providers: Sometimes, other businesses give us data about you which we need for our legitimate interests of conducting business with you and, on occasion, they are necessary to perform our contract with you. This happens when we engage third party contractors to provide us with technical support or to deliver services that we require to provide you with our services. We need these providers to provide us with their services for our legitimate interests of operating our business and our website effectively.
Professional Advisers: We may also share your data with professional advisers such as our lawyers, accountants and insurers to manage our business, risks and legal claims. This is in our legitimate interests.
Partnerships: We may also enter partnerships with third parties to exchange information about you where we think it will give you an opportunity to get a great product or service but we will always inform you about this and ask for your express permission to participate in this.
Group: We share your data within our group in order to provide or improve our products and services and because some of our internal support services are shared across the group. This is in our legitimate interests. A full list of our group companies and their locations is available on our website. Where the UK/EU has not assessed a third country to have adequate data protection rules in place, we have implemented model contracts in the form prescribed by applicable law. It is possible we could sell our business to a third party or re-organise our business or enter into a joint venture or become insolvent. In that scenario, our database of customers is an important part of that business and so we would need to share it with the third-party buyer/joint venture partner and their advisers. This is in our legitimate interests of selling our business.
Law Enforcement/Legal Compliance: We will cooperate with all third parties to enforce their intellectual property or other rights. We will also cooperate with law enforcement requests from within or outside your country of residence. This may include disclosing your personal information to government or law enforcement agencies, or private parties, when we have a good faith belief that disclosure is required by law or when we, in our discretion, believe that disclosure is necessary to protect our legal rights, or those of third parties and/or to comply with a judicial proceeding, court order, fraud reduction or legal process served on us. In such cases, we may raise or waive any legal objection or right available to us. These uses of your data are in our legitimate interests of protecting our business security. We may also use your data and share it with the recipients listed in this policy for the purpose of complying with our legal obligations.
Sending existing clients and our existing candidates and agency workers direct marketing about our services (such as job alerts emails, newsletters and information about events we are holding) is in our legitimate interests of growing our business although we will always ask new candidates and workers with whom we have not worked before for their consent to receive any electronic (email, text, fax, phone or OTT) marketing and will review this consent regularly.
We may on occasion send out marketing communications for the purpose of growing our business which is in our legitimate interests and in this scenario we will rely on you to let us know if you do not want to receive this by opting out of the marketing by emailing us at [email protected].
We may conduct candidate profiling using automated means when building up a profile of appropriate candidates from online sources and screening them against the required set of skills, experience and qualifications. This is in our legitimate interests of finding the right candidate for a client and the right role for our candidates. It is not a solely automated process as there will always be a person making the final decisions about eligibility.
WHERE WE SEND YOUR PERSONAL DATA
The data that we collect from you will be kept in the location where we interact with you except as follows:
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
All information you provide to us which is recorded electronically is stored on our servers and we have implemented reasonable and appropriate security measures to protect the data including making any site hypertext transfer protocol (https) secure which means that any communications between our website and your browser are encrypted. Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee that data breaches will never occur. Our site may, from time to time, contain links to other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. Please do not provide us with any other person’s data unless we have specifically prompted you to do so.
Our services are not aimed at children and neither is our website.
You have various rights under law that assist you with verifying our lawful use of your data. The simplest way of exercising any of these rights is by emailing [email protected]. A full list is below.
The right to be informed of our use of your data. This is met by the provision of this Policy.
The right of access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. Please note that we may ask you to specify what you wish to see in order to focus our search, and we may have to verify your identity/authority. If you require other information, please contact our DPL using the details given in this policy.
The right to rectification – This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
The right to erasure – This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. For example:
You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
The right to restrict processing – This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
The right to data portability – We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
The right to object where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Consent – where we are relying on consent to process your personal data you may of course withdraw it. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Shilton Sharpe Quarry Limited (branches in UK, Germany, France and Australia)
Company registered in England and Wales with company number 04575013
Treviskey Furzefield Road, Reigate, Surrey, RH2 7HG
SSQ Contracts Limited
Company registered in England and Wales with company number: 08233510
Treviskey Furzefield Road, Reigate, Surrey, RH2 7HG
Pivot Law Limited
Company registered in England and Wales with company number: 12941663
Treviskey Furzefield Road, Reigate, Surrey, RH2 7HG
Pivot People Limited
Company registered in England and Wales with company number: 13490923
Treviskey Furzefield Road, Reigate, Surrey, RH2 7HG
Shilton Sharpe Quarry Hong Kong Limited
Unit 1609 16/F Two Chinachem Central, 26 Des Voeux Road Central, Central, Hong Kong
Shilton Sharpe Quarry Singapore PTE Limited
77 Robinson Road, #16-00, Robinson 77, Singapore, 068896
Shilton Sharpe Quarry (Shanghai) Business Consulting Limited
3005, 30/F, Tower 2, Jing An Kerry Centre, 1539 Nanjing Road (West), Shanghai, 200040
SSQ Middle East Recruitment Limited
RME Business Centre, C1 Building, One Central, Dubai World Trade Centre, Dubai, UAEShilton
Shilton Sharpe Quarry Spain SL
Gran Vía 6, Madrid 28013 Spain
SSQ Legal Interims GmbH
Oper46, Bockenheimer Anlage 46, 60322 Frankfurt am Main
SSQ France Sarl
16 cours Albert 1er, 75008 Paris, France
End of Policy
Last Revised January 2023.