Privacy Notice

Who We Are

At Net Talent, we deliver industry leading recruitment and executive search strategies across multiple disciplines globally.

Net Talent has been delivering specialist recruitment and executive search strategies to leading businesses since 2010.  From our offices in Glasgow and Edinburgh our reputation for excellence has grown through working in partnership with clients and candidates in our specialist sectors in permanent, interim and temporary engagements in the UK and internationally.

Net Talent is a trading name of Net Talent Ltd ( A company registered in Scotland with registered number SC373258 and having its registered office address at 29 St Vincent Pl, Glasgow G1 2DT).

We are a data controller for the purposes of the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and related data protection legislation.

Our registration number at the Information Commissioner's Office is Z2185400.

How to contact us

If you have any questions about our Privacy Notice or our data protection policies generally, please contact us:

  • Initial enquiries should be directed to our Glasgow office as follows:
  • By post: 6th Floor, 101 George Street, Edinburgh EH2 3ES
  • By phone: 0131 270 6614
  • By email: info@nettalent.co.uk 
  • You can also reach us at our office in Glasgow (38 Queen Street, Glasgow G1 3DX ) or our registered office address.

Our Data Protection Officer is: Robert Little

Our Commitment

We are fully committed to handling personal information in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, both of which came into force on 25 May 2018.

This means your personal information will be:

  • Processed lawfully, fairly and in a transparent manner.
  • Collected for specified, explicit and legitimate purposes.
  • Only collected as required for our lawful purposes.
  • Reviewed regularly.
  • Retained only for as long as necessary and in accordance with our retention policy.
  • Processed securely and with integrity.

It is important that you are aware of our procedures and practices and understand your rights in relation to your personal data and this Privacy Notice is designed to be part of that information.

This Privacy Notice applies to the following categories of data subjects:

  • temporary workers or contractors who have entered into or have applied to enter into a “contract for services” with our clients (“temporary workers”);
  • job seekers or other applicants for permanent employment in the public and private sector who contact our clients or who are referred to us (“candidates”);
  • former and potential temporary workers or candidates;
  • employees or other representatives of corporate clients whose personal data we must process in order to fulfil our contractual obligations (“client contacts”);
  • individuals who are our business contacts where the individual or the individual’s organisation supplies goods or services to us, provides professional services, has expressed an interest in us or has any other business relationship with us (including where the individual’s organisation is a public authority, an industry body or regulatory authority or similar) (“business contacts”); and
  • all individuals who visit our website www.mybpos.net or our social media accounts (“website users”).

This Privacy Notice does not apply to employees and other current, former or prospective staff of Net Talent. We have separate privacy notices for such purposes.

Why Do We Need to Process Personal Data?

Temporary workers and candidates: We need to process your personal data throughout our relationship with you for recruitment purposes, payroll purposes, assignments with clients, health and safety, human resource requirements, regulatory requirements, statutory reasons such as HMRC requirements.

Client contacts: We need to process your personal data throughout our relationship with you (or your organisation) in order to manage our relationship with you as our client contact  and in order to provide our services to your organisation including: (a) providing information about our services on request; (b) carrying out our services; (c) managing payments, fees and charges; (d) collecting and recovering money owed to us; (e) dealing with any client complaints and receiving feedback; or (f) corresponding with you in connection with our services.

Business contacts: We need to process your personal data throughout our relationship with you (or your organisation) in order to manage our business relationships with suppliers and sub-contractors, professional advisors, regulatory authorities, public authorities and others, which will include: (a) seeking or maintaining business relationships with various organisations, including accreditation and regulatory authorities; (b) assessing the suitability of any existing or potential supplier or other business relationship; (c) negotiating and entering into appropriate contracts for the supply of goods or services to us, carrying out any obligations under such contracts (including obligations of payment) and if necessary enforcing any such contracts; (d) undertaking on-going monitoring and management of our relationship with suppliers and other professional and business contacts; (e) interacting with other organisations (including partners or sub-contractors) in the course of providing services to our clients; or (f) investigating any complaints or enquiries.

Website users: We need to process your personal data while you visit or use our website in order to respond to general and specific enquiries via our website; to improve the user experience; and to administer the functionality and network security of our website.

What Personal Data Do We Collect?

“Personal data” or “personal information” is any information relating to or about an individual from which that person can be directly or indirectly identified. It does not include data where the identity has been removed (anonymous data).

There are “special categories” of more sensitive personal data which require a higher level of protection. This includes health data, racial or ethnic origin, political or religious affiliations or criminal records.

Temporary workers and candidates: During the course of your engagement with us, whether as a temporary worker or a candidate (staff), we may collect the following information about you:

  • Name.
  • Contact details (including address, home and mobile telephone numbers, email) and emergency contacts (ie name, relationship and home and mobile telephone numbers).
  • National insurance (NI) number, tax code and other tax information and date of birth.
  • Professional qualifications, continuous professional development (CPD) undertaken, re-validation information to ensure you meet the requirements, medical information in relation to the requirements of working with vulnerable people.
  • Timesheets and pay details including bank details for payment purposes.
  • Information in your sickness and absence records (including sensitive personal information regarding your physical and/or mental health).
  • Copies of correspondence both electronic or physical.
  • Appraisal and other assessments such as your experience surveys, client opinion surveys and supervision and support discussions.
  • Complaints or grievances either from you or about you.
  • Application forms, references from previous employers and other information collected during the recruitment process.
  • Nationality and immigration status and right to work in the UK clearance and other immigration information where relevant.
  • Proof of identity and proof of residence information and information from related documents, such as your passport.
  • A copy of your driving licence for business insurance.

Client contacts and business contacts: In the course of our relationship with you, we may collect the following information about you:

  • Name
  • Contact details (including business address, email address and telephone numbers)
  • Employment details (including the name of your employer, your job title and role, and your credentials)
  • Information obtained by us providing services to your organisation or by you or your organisation providing products or services to us
  • Other details of our interactions including correspondence and conversations

Website users: When you visit or use or our website or our social media accounts, we may obtain certain technical data about you (including internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website) and we may obtain certain usage data about you (including information about your visit and how you use our website).

How do we collect the information

Temporary workers and candidates: We may collect this information passed directly from our clients or directly from you (e.g. enter into a contract for services with us), the Home Office, HM Revenue and Customer (HMRC), our clients where you have been placed with them either as a temporary worker or an employment candidate.

Client contacts and business contacts: We may collect this information directly from you (e.g. when you provide us with a business card) or we may be provided with this information from your organisation. We may also obtain information about you from third party sources and publicly sources such as Companies House or your organisation’s website or referrals from another contact.

Website users: As you interact with our website or one of our social media accounts, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies.

What is Our Lawful Basis for Processing Your Personal Data?

We will only use your personal data when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

  • where we need to perform a contract we have entered into with you;
  • where we need to comply with a legal obligation;
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
  • where we have obtained your prior consent.

We may also use your personal information where we need to protect your interests (or someone else’s interest) or where it is needed in the public interest.

As an agency providing business support services, we gather information and process personal data in order to pursue our legitimate interests of:

  • supporting our clients in recruitment or other sectors who recruit and supply staff to clients in the public and private sectors;
  • performing contracts with our corporate clients or other organisations;
  • managing client and third party relationships;
  • running our business efficiently and profitably;
  • enhancing, modifying or improving our services;
  • establishing, exercising or defending our legal rights;
  • maintaining network security and website relevance for visitors to our website; and
  • pursuing our commercial objectives where this does not override your rights and freedoms as a data subject.

We also process information to comply with the legal requirements associated with the employment regulations and best practice, including without limitation the requirements of HMRC, the Modern Slavery Act 2015, the Equality Act 2010 and other employment legislation. Furthermore, we process personal data in order to comply with any required legal obligations of ensuring all staff meet the requirements of the relevant sector.

If you fail to provide personal information

If you fail to provide certain information when requested, we may not be able to perform the services and fulfil our contractual obligations with our clients and find you new employment or the contract we have entered into with you (such as paying you), or we may be prevented from complying with our legal obligations (such as to ensure the health and safety of our workers).

Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

How we use particularly sensitive information

”Special categories” of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information.

We may process special categories of personal information relating to temporary workers and candidates in the following circumstances:

  • In limited circumstances, with your explicit written consent.
  • Where we need to carry out our legal obligations and in line with this Privacy Notice.
  • Where it is needed in the public interest, such as for equal opportunities monitoring, and in line with our Privacy Notice.
  • Where it is needed to assess your working capacity on health grounds, subject to appropriate confidentiality safeguards.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

We will use your particularly sensitive personal information in the following ways:

  • We will use information relating to leaves of absence, which may include sickness absence or family related leaves, to comply with employment and other laws.
  • We will use information about your physical or mental health, or disability status, to ensure your health and safety in the workplace and to assess your fitness to work, to provide appropriate workplace adjustments, to monitor and manage sickness absence and to administer benefits.

We do not collect any sensitive personal information about client contacts, business contacts or website users.

Do we need your consent?

We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us (or your other engagement with us) that you agree to any request for consent from us.

Information about criminal convictions

We may only use information relating to criminal convictions where the law allows us to do so. This will usually be where such processing is necessary to carry out our obligations and provided we do so in line with our Privacy Notice.

Less commonly, we may use information relating to criminal convictions where it is necessary in relation to legal claims, where it is necessary to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

We will collect information about criminal convictions as part of the recruitment process and throughout the duration of your engagement with us (whether as temporary worker or candidate or other staff) where you are engaged in or applying for regulated work. We will use this information about criminal convictions and offences in order to determine your suitability and continued suitability for our clients and the regulated services that they perform.

We are allowed to use your personal information in this way in order to comply with our obligations to our clients to provide suitable staff and in order to protect the interests of the end user.

We do not collect any information about criminal convictions or offences about client contacts, business contacts or website users.

Do We Share with Third-Parties?

We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.

We share personal information with:

  • Our clients in both the public and private sectors. [*]
  • Umbrella companies for payment purposes.
  • HMRC.
  • Other statutory bodies if required.
  • Third Party Software providers.
  • Our legal and other professional advisers.
  • Our parent company, Compello Group Limited, and any other group companies for the purposes of group restructuring, internal reporting, risk management and service diversification.
  • (Client contacts and business contacts only) Your business or organisation, for the purpose of providing our services to your business or organisation, or receiving products or services from your business or organisation.
  • Any relevant regulatory authority or law enforcement agency, including HM Revenue & Customs, courts or tribunals who require reporting of processing activities in certain circumstances.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.

The above is an indicative list and may change from time to time, if it does for your circumstances we will notify you.

[*] Temporary workers and candidates: We initially only share your personal data with our clients were you have consented to such sharing, e.g. where you have agreed to take on a temporary role or where you have agreed to apply for a permanent position with such client. Once you have taken on such role or position, we may need to continue sharing your personal data to perform a contract with you, to comply with our legal obligations or to protect your or someone else’s interests, as set out in this Privacy Notice.

We will take all reasonable steps to ensure all information sharing is carried out in a secure way and will ask our third-party associates to assure us they will handle your personal data securely by using contracts to make our requirements clear and within the legal requirements as set out in the GDPR.

Some third parties share with us or make the information available to your employers or potential employers. They are:

  • Previous employers as part of the regulatory reference checks.

International Transfer of Personal Data

Some of our group companies are based outside of the European Economic Area (EEA) and some of our corporate clients may be headquartered or based outside of the EEA so there may be circumstances in which we may need to transfer your personal data outside of the EEA (strictly on a confidential, business need-to-know basis). We seek to ensure that our group companies and our external third parties retain your personal data within the EEA wherever possible.

Whenever we are required to transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that appropriate safeguards are implemented, including any of the following:

Retention of Personal Data

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it (including for the purposes of satisfying any legal, accounting, or reporting requirements).

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

We generally retain personal data for a period of two years after fulfilment of the purposes (such as placement of a temporary worker or candidate) for which we collected such personal data. For further information about our data retention policy, please contact our Data Protection Officer.

Where do we store Personal Data?

Your data is stored on a secured premises in a locked cabinet and on a secure client relationship management (CRM) database enforced by password protocols.

Information about our Website

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and we are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Cookies

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.

For further information visit www.aboutcookies.org or www.allaboutcookies.org

You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.

IP Addresses

Although we do not accept applications online, we do collect statistics on visits to our website and social media sites using cookies or other similar technologies. Therefore, we may collect information about the computer or device which is used to access our website or information about your Internet Protocol (IP) address.

We use this information to collect anonymous statistics to view traffic to the site and how the site is used. This information is used for statistical purposes only and we do not use such information to personally identify any user.

Data Breaches

In the event of a “high risk” personal data breach the individual(s) will be notified immediately within 72 hours as well as the Information Commissioners Office (ICO). Our company and staff shall follow our security protocols in line with our “Data Breach” company policy as well as the ICO guidelines and take all necessary precautions in order to minimise the severity of the breach for the individual. All personal data breach shall be recorded in our data breach register.

Your Rights

Right to be informed.

You have the right to be informed about the processing of your personal data, and this Privacy Notice provides you with the information you need to reassure you that we handle your personal data securely and lawfully.

Right of access.

You have the right to request access to your personal data and to request further information relating to your personal data such as the purposes of processing, the categories of organisations with whom we share your personal data, the retention period for such personal data and the existence of any automated decision-making relating to your personal data.

Right to rectification.

You have the right to have any inaccuracies or factual errors corrected or incomplete data amended.
If this information has been disclosed to a third-party we will inform that party and request that they amend their records.

We want your information to be accurate, complete and up to date so you can ask us to make any rectifications necessary as your details or circumstances change.
Right to erasure (the right to be forgotten).

You can request to have your personal data deleted or removed if there is no compelling reason to keep it, as follows:

  • if your personal data is no longer required for the purposes for which we obtained them;
  • where the processing of your personal data is based on your consent and you withdraw such consent;
  • where the processing of your personal data is based on our legitimate interests and you successfully object to such processing;
  • where the personal data is processed unlawfully; or
  • where the personal data has to be erased for compliance with a legal obligation.

If the personal data is held for statutory or regulatory requirements it cannot be erased.

Any request made will be discussed with you, unless deletion is an obvious step.

Erasure means we could not contact you should an employment opportunity arise that you may be interested in after reviewing the job specification.

Following erasure we will not retain your information and therefore it is possible that your personal information may be re-obtained from the public domain or social media which may result in contact from our organisation.

Right to restrict processing.

This relates to personal data where the accuracy is contested or where you have objected to our processing based on our legitimate interests or where we no longer require the personal data but you request us to keep. It is a complex area and whilst a decision is being made in consultation with you, we will store the data but not process it.

Right to data portability.

You have the right to take and use your data for other services or purposes. Where the personal data provided by you is processed on the basis of your consent or a contract between us and you, we are required to make this information available to you in a readable easily transferred format.

Right to object.

Where the processing of your personal data is based on our legitimate interests, you have the right to object (based on your particular circumstances) to the way we handle, use or store your personal data. If you object to our processing of your personal data, we will restrict any further processing until we determine whether or not there are any compelling reasons why we should continue the processing.

We do not sell your personal data and we do not use it for marketing purposes.

Right not to be subject to automated decision-making including profiling.

We will communicate by telephone or by email to fulfil our contractual requirements to match candidates, their skills, competences, abilities and preferences to our clients and their needs.

We do not use automatic profiling or decision-making tools.

Exercise of your rights.

If you wish to exercise any of your rights in respect of your personal data, please contact us using the details above. Our Data Protection Officer will provide you with further information if required.

We will respond to any exercise of your rights within one month of such request, unless the request is complex in which case we will seek an extension and respond within a further two months thereafter.

We will respond to your requests to exercise your rights at no charge, although repeated or manifestly unfounded or excessive requests may be refused or may incur an administrative charge covering the time and other costs associated with this.

Consent

During the registration process we will ask how you wish to be contacted:

  • By telephone
  • By email
  • By post
  • By text/SMS

You are free to consent to all or one or more of these, however, the law requires that if you permit us to use only one method, that is the only method we can use. Given job opportunities or assignments can come up at short notice you may wish to consider more than one contact method.

Complaints

In the first instance we would request that you discuss any complaints with us.

The ICO website has a template letter to assist you but we are happy to discuss in person if you contact your personal consultant at 0141 212 6565 or telephone 0131 202 9933 should you be unable to reach them.

If you are not satisfied after we address your complaint you can complain to the:

Information Commissioners Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

https://ico.org.uk/for-the-public/raising-concerns/

The website has a live chat facility, or you can call 0303 123 1113 (local rate)

Changes to our Privacy Notice

We keep our privacy notice under review and we will place any updates on this website. This privacy notice was last updated on 1st November 2018.

If you have any questions on this privacy notice call us on 0141 270 5118.