Privacy Policy

7central Ltd t/a 7central Argan HR

 

Data Controller Mr Richard George

 

In line with the new General Data Protection Regulation (GDPR) all organisations’ that process personal data must ensure that they comply with its regulations and principles.

 

We must ensure that:

  1. We are lawful, fair and transparent in the way that data is processed
  2. Personal data is used for a specific purpose
  3. We only record data that is required
  4. Have a duty to keep data accurate
  5. Data is only kept for as long as is required
  6. All data is stored securely

 

This Privacy Notice will detail how we comply with the above principles as well as your rights as the data owner.

 

1.What data do we collect?

Depending on your relationship with us, we may collect some or all of the information detailed below with reference to your employees, consultants, directors or any other third-party person who you require me to provide advice and guidance for (please note this list is not exhaustive):

 

We collect and process a range of information. This includes:

  1. individuals’ name, address and contact details, including email address and telephone number, date of birth and gender
  2. the terms and conditions of their employment
  3. details of their qualifications, skills, experience and employment history, including start and end dates, with previous employers and with the instructing company
  4. information about their remuneration, including entitlement to benefits such as pensions or insurance cover
  5. details of any bank account and national insurance number details
  6. information about their marital status, next of kin, dependants and emergency contacts
  7. information about their nationality and entitlement to work in the UK
  8. information about their criminal record**
  9. details of their schedule (days of work and working hours) and attendance at work
  10. details of periods of leave taken by them, including holiday, sickness absence, family leave and sabbaticals, and the reasons for the leave
  11. details of any disciplinary or grievance procedures in which they have been involved, including any warnings issued to them and related correspondence
  12. assessments of their performance, including appraisals, performance reviews and ratings, performance improvement plans and related correspondence
  13. information about medical or health conditions, including whether or not you have a disability for which we need to make reasonable adjustments; and
  14. equal opportunities monitoring information including information about your ethnic origin, sexual orientation and religion or belief.

 

**with your consent and when specified as part of the application/recruitment process or where specific advice and guidance has been requested

 

We may collect this information in a variety of ways. For example, data might be collected through verbal or written communications, including emails, application forms, CVs or resumes; obtained from their passport or other identity documents such as their driving licence; from forms completed by them at the start of or during employment (such as benefit nomination forms); from correspondence with you; or through interviews, meetings or other assessments.

 

In some cases, we may collect personal data about them from third parties, such as references supplied by former employers, information from employment background check providers, information from credit reference agencies and information from criminal records checks permitted by law.

 

Data will be stored in a range of different places, including in client files, in the HR management systems and in other IT systems (including our email system).

 

For Clients:

For clients we process minimal information on you and/or employees of your organisation so that we are able to assist with any advice, guidance, recruitment or any other needs you may have.

 

Types of information processed are:

  1. company address
  2. contact number
  3. work emails
  4. job titles

 

We log any interaction between clients and 7central Argan HR in relation to any person employed by the client or candidates in the form of CV submits, interviews, placements and with clients and 7central Argan HR  in the form of written documentation, emails and telephone calls.

 

For Suppliers:

In order to make sure that our relationship runs without any hitches we hold a small amount of information on our suppliers. This information will be held about our contacts within your business and usually relates to name, address, contact number and emails. We will also hold you bank details so that we can pay you.

 

Other Information we may hold:

We also hold emergency contact and next of kin information for our members of staff. If your information is provided to us for this purpose it will only be used for the nature it was given and the information provided is usually name, address, relationship, contact and email.

 

  1. How do we collect your data?

The majority of the data we hold is freely given by our clients and the data owner through the issue of clients own Privacy Statement as required under this Legislation, and can be provided in a number of different ways.

 

For Clients:

  1. when we have been involved in previous business activity within your business
  2. when we have received calls from yourself in relation to business needs within your organisation
  3. when our consultants have contacted you by means of business development activity
  4. when we have attended the same networking events
  5. when you have been identified as a reference provider

 

For Suppliers:

  1. when a purchase has been made
  2. from information provided on your invoice

 

Others:

  1. by the completion of relevant forms by the employee when starting with 7central Argan

 

  1. What is our Legal Basis for Processing your data?

We hope you will agree that we have your best interests at heart when you provide your data and that of any third party you share with we will do our utmost to protect your data and support you in providing the advice and guidance you require.

 

We need to process data to enter into the client/consultant contract with you and to meet our obligations under the consultancy contract.

 

GDPR states that we are required to let you know under which legal basis your data is processed.

We are using Legitimate Interest as our legal basis for processing the following data:

 

Legitimate Interest – Article 6(1)(f) says:

“processing is necessary for the purpose of the legitimate interest pursued by the controller or by the third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data”

 

For Clients:

When you are providing us with your data, requesting advice and guidance, responding to one of our adverts it is reasonable to expect that you will be contacted, you have received authority from any third party as this is the purpose for providing the information in the first place.

 

We will use the information you have provided for any future instructions.

 

Data and information will be collated through telephone conversation, face to face meetings, documentation and emails so we can fully understand the situation so we can provide you with a tailored service and we also provide you with what you can expect from us and how your data with be used. We also arrange face to face meetings but if this is not possible these can be completed by Skype or Facetime.

 

For Clients:

We want to make sure that we provide you with the best possible service so we hold data on you and all other contacts within your business that we may need to speak to. In addition, we also log details of conversations, emails sent and received, meetings, vacancies and placements.

 

For Suppliers:

In order to ensure prompt payment for services you have provided we will need to hold certain information on you and your business so that payments can be made within the required timescales.

 

For Others:

We may hold your information if it has been provided to us to use as a reference for a new employee or a candidate for whom we have secured a new position.

 

For all the above we feel this data is necessary for our legitimate interest as a provider of HR and employment law advice and guidance and to provide a comprehensive service to our candidates, clients and new employees.

 

If you are a member of staff of 7central Argan HR or are working for 7central Argan HR on a temporary contract with one of our clients then there is certain data that we require in order to process payroll – for this information we are using Legal Obligation as the legal basis for processing.

 

Legal Obligation – Article (6)(1)( c) says:

“processing is necessary for compliance with a legal obligation to which the controller is subject.”

 

  1. Why do we collect your data?

Our core business activity is to provide advice and guidance for our clients and to support our clients to enable us to provide the best service to suit their business needs. So we can do this we need to understand:

 

For Clients:

  1. Who you are, what type of business you undertake.
  2. Have means to contact you via phone and/or email
  3. Where client staff live in order to be able to contact them
  4. Their work history and qualifications
  5. Your position within the business to ascertain who is the correct person to speak to
  6. Have means to contact you via phone and/or email

 

For Others:

With regards to an employee of 7central Argan HR:

 

We need to process data to enter into an employment contract with you and to meet our obligations under your employment contract. For example, we need to process your data to provide you with an employment contract, to pay you in accordance with your employment contract and to administer benefits, such as pension and insurance entitlements.

 

In some cases, we need to process data to ensure that we are complying with our legal obligations. For example, we are required to check an employee’s entitlement to work in the UK, to deduct tax, to comply with health and safety laws and to enable employees to take periods of leave to which they are entitled.

 

In other cases, we have a legitimate interest in processing personal data before, during and after the end of the employment relationship. Processing employee data allows us to:

  1. run recruitment and promotion processes;
  2. maintain accurate and up-to-date employment records and contact details (including details of who to contact in the event of an emergency)
  3. records of employee contractual and statutory rights
  4. operate and keep a record of disciplinary and grievance processes, to ensure acceptable conduct within the workplace
  5. operate and keep a record of employee performance and related processes, to plan for career development, and for succession planning and workforce management purposes;
  6. operate and keep a record of absence and absence management procedures, to allow effective workforce management and ensure that employees are receiving the pay or other benefits to which they are entitled
  7. obtain occupational health advice, to ensure that we comply with duties in relation to individuals with disabilities, meet our obligations under health and safety law, and ensure that employees are receiving the pay or other benefits to which they are entitled
  8. operate and keep a record of other types of leave (including maternity, paternity, adoption, parental and shared parental leave), to allow effective workforce management, to ensure that we comply with duties in relation to leave entitlement, and to ensure that employees are receiving the pay or other benefits to which they are entitled;
  9. ensure effective general HR and business administration;
  10. provide references on request for current or former employees; and
  11. respond to and defend against legal claims.

 

Some special categories of personal data, such as information about health or medical conditions, is processed to carry out employment law obligations (such as those in relation to employees with disabilities).

 

Where we process other special categories of personal data, such as information about ethnic origin, sexual orientation or religion or belief, this is done for the purposes of equal opportunities monitoring.

 

Data that we use for these purposes is anonymised or is collected with the express consent of employees, which can be withdrawn at any time. Employees are entirely free to decide whether or not to provide such data and there are no consequences of failing to do so.

 

  1. How do we use your data?

Your data is used for the provision of advice and guidance in the performance of out contract and where applicable Marketing activity.

 

For Clients:

In order to provide you with the best service, your data maybe used in one or more of the following ways:

  1. Storing and updating your information on our system so that we can contact you in relation to contract
  2. Calls in relation to potential issues of concern
  3. Calls in relation to recruitment activity within your business
  4. Emails in relation to potential problems, issues and concerns
  5. Marketing information about events we are holding that maybe of interest to you
  6. Marketing information in relation to the services we can provide
  7. Keeping records of conversations, emails and meetings to refer to if needed in relation to any dispute

 

For some of the above activities your consent is required and for more information on how we get and manage your consent please refer to section 10, in this document.

 

  1. Who do we share your data with?

In some circumstances we may need to share you details with a 3rd party, details of this are listed below:

 

For Clients:

  1. Potential legal and statutory bodies
  2. Umbrella companies used to provide additional specialist advisory services
  3. Our accountant to provide financial support and services
  4. Information may be shared with potential other third party bodies if you have requested us to do so, it is a requirement to meet the contract or legal requirement

 

For Others:

  1. Your information may be shared internally, including with members of the operation and advisory team, legal representatives, acas conciliators, court or tribunal colleagues and IT staff if access to the data is necessary for performance of their roles.
  2. We share your data with third parties in order to obtain pre-employment references from other employers
  3. Obtain employment background checks from third-party providers and obtain necessary criminal records checks from the Disclosure and Barring Service.
  4. We may also share your data with third parties in the context of a sale of some or all of our business. In those circumstances the data will be subject to confidentiality arrangements.
  5. We also share your data with third parties that process data on our behalf, in connection with payroll, the provision of benefits such as pension, childcare vouchers and discount platform and the provision of occupational health services.
  6. We may also share your data with third parties that provide professional services such as specialist employment law guidance
  7. We will not transfer your data to countries outside the European Economic Area.

 

  1. How do we safeguard your data?

Your data is of the upmost importance to us and as such we ensure all relevant security is in place in order to keep your data safe and protected from any potential threats.

 

We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties.

 

Where we engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

 

Correspondence will be addressed to specific persons and email attachments will be password protected where necessary , however, if you think we have not taken care of your data and it has been misused our contact information can be found at the end of this document

 

  1. How long do we keep your data for?

 

Clients:

For more information please refer to our Retention & Erasure Policy.

 

For Others:

We will hold your personal data for the duration of your employment. Such data will be reviewed annually to ensure out-of-date or irrelevant data is removed/updated. The period for which your data is held after the end of employment is 6 years. This will also be reviewed within two years of your leave date to ensure only relevant data is retained.

 

  1. Your Rights.

GDPR provides the following rights.

As a data subject, you have a number of rights. You can:

  1. access and obtain a copy of your data on request;
  2. require us to change incorrect or incomplete data;
  3. require us to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
  4. object to the processing of your data where we are relying on our legitimate interests as the legal ground for processing.

 

If you would like to exercise any of these rights, please contact Mr Richard George, Director at Ric@7central.co.uk.

 

If you believe that we have not complied with your data protection rights, you can complain to the Information Commissioner.

 

All this information is provided by means of this Privacy Notice

  1. The Right of Access – you have the right to access your personal data and any supplementary information. This is known as a Data Subject Access Request (DSAR) and when received we are legally required to provide this information within one month. This information will be provided free of charge unless we feel the request is manifestly unfounded or excessive, particularly if it is repetitive. A fee may also be charged if further copies of the same information are requested.

 

  1. Data rectified or completed if incomplete. You can request this to be done verbally or in writing and we have one calendar month to respond. There is no fee attached to this request however if we feel the request is manifestly unfounded or excessive, particularly if it is repetitive – we can charge a fee or refuse the request. If either of these apply we will provide you with our reasons for such action.

 

  1. The Right to Erasure (this is also known as the right to be forgotten) – you have the right to have your personal data erased if:
  • The data is no longer necessary for the reason it was originally collected or processed
  • Your data has been processed on legitimate interest and you object to the processing of your data and we cannot provide and overriding legitimate interest to continue processing.
  • The data has been processed unlawfully (in breach of GDPR)
  • It has to be erased to comply with a legal obligation

 

If we have to process your data for one of the following reasons, the right to erasure does not apply:

  1. to exercise the right of freedom of expression and information
  2. to comply with a legal obligation
  3. for the performance of a task carried out in the public interest
  4. for archiving purposes in the public interest, scientific research, historic research or statistical purposes
  5. In the defence of a claim

 

The Right to Restrict Processing – you have the right to restrict the processing of your data in certain circumstances.

When processing is restricted we are allowed to store enough information to ensure future restriction is respected. We will stop processing data if:

  1. you do not agree with the accuracy of your personal data
  2. the data has been unlawfully processed
  3. to establish or defend a legal claim
  4. you object to our legal ground for processing your data

 

We can only continue to process your data when the above has been resolved and we will inform you before any restriction is lifted. If your data is restricted it can only be stored unless:

  1. you give your consent to processing
  2. it is defense of a legal claim
  3. it is for the protection of another person
  4. it is for reasons of important public interest

 

  1. The Right to Data Portability

You have the right to transfer your details across different services. This right only applies in certain circumstances and:

  1. To data that has been provided to a controller by an individual
  2. Where processing is based on consent or for the performance of a contract
  3. When processing is carried out by automated means

 

  1. When we receive a portability request we must respond within one month and no fee is applicable. We must provide the information in a structured, commonly used and machine-readable form.

 

  1. The Right to Object

You can object to the processing of your data when it is processed under one of the following:

  1. our legitimate interest
  2. performance of a task in the public interest/exercise of official authority
  3. direct marketing
  4. processing for scientific/historical research or statistical purposes

 

We must stop processing your data unless:

  1. we can demonstrate compelling legitimate grounds for processing which override your interest
  2. it is being processed for the establishment, exercise or defense of a legal claim

 

If your objection relates to direct marketing we must stop this immediately

If your data has been shared with a third party and you request one of your “rights” listed above we will notify them and act upon the requirements of your request unless this is not possible or involves disproportionate effect

If you feel we have not handled your request efficiently or are unhappy with the service we have provided in relation to the processing of your data then you can raise your concerns with the Information Commissioners Office (ICO) https://ico.org.uk/global/contact-us/

 

  1. Consent

As a business, and to comply with Article 6 of GDPR, we have agreed that the legal basis for processing your data will be (depending on your relationship with us) either “Legitimate Interest” or “Contract”. As well as complying with the GDPR in relation to direct marketing we have to comply to The Privacy and Electronic Communications Regulations (PECR).

 

In certain circumstances we are required to have your consent to perform certain activities. This consent can be given in the form of an opt-in or soft opt-in option.

We have to ensure your consent is freely given, you understand what you are consenting to, and are able to opt-out and back in at any time.

 

We are permitted to market information to you in relation to the recruitment services we offer until you advise us otherwise by way of opting out.

 

You can opt in or out verbally during our initial registration call/meeting, using the tick box on our Registration Form of in writing to 7central Argan HR at the address below.

 

  1. Contact Details

If you need to contact us for any reason our details are:

Email Address: ric@7central.co.uk

Contact Number: 07983 809622

 

12. The cookies we use on our website

 

Consent to the use of cookies.

For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.

When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.

CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR).

Data processing agreement

We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

  • Your consent status or the withdrawal of consent
  • Your anonymised IP address
  • Information about your Browser
  • Information about your Device
  • The date and time you have visited our website
  • The webpage url where you saved or updated your consent preferences
  • The approximate location of the user that saved their consent preference
  • A universally unique identifier (UUID) of the website visitor that clicked the cookie banner
This cookie policy has been created and updated by Consent Management Platform – CookieFirst.
This cookie table has been created and updated by the Cookie Policy – CookieFirst.