Included.AI Limited (“Included.AI”, “we”, “us” or “our”) is committed to protecting your personal data.
We aim to satisfy the obligation of transparency under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
1. Personal data we collect
Candidates When you register with us as a candidate for recruitment services, we process your personal data including but not limited to:
With your consent, we may also process certain sensitive personal data (known as special category data in GDPR) where you include it in information you give to us such as:
We have processes in place to limit our use and disclosure of such sensitive data other than where permitted or required by law. We will ensure it is handled with the utmost discretion and will limit access to the information to the individuals who require it for the purposes of which it is being requested or processed.
Where we need to process other special categories of data, such as information about ethnic origin, sexual orientation, or disability, this is for equal opportunities monitoring purposes as permitted by the Data Protection Act 2018 and for use in reports commissioned by clients or for marketing. This information will be collected and held on an anonymised basis.
If you use our website, correspond with us in writing or by email, have conversations or meetings with us, click on links in emails we send to you, open, reply or forward them, or sign up to receive job alerts or other content from us, we also collect personal data from those interactions.
We also obtain personal data about you from third parties, including:
We will likely obtain further personal information about you during the course of our relationship with you. This information may be obtained from you directly or from third parties, such as our clients to whom we have provided your data and who have engaged with you as part of the recruitment process.
Prospective Candidates We collect personal data about you, including your name and contact details and professional biographical details obtained from publicly available sources such as LinkedIn and social media sites, so that we can contact you if we think you may be interested in our recruitment services at a future date. We may also obtain your personal data through another candidate or an employer who recommends you as a contact or candidate.
Clients We collect personal data such as your name, job title and contact details. We also process personal data about what communications we have had with you, including whether you have opened or forwarded any emails, newsletters or other content we have sent to you. We also process feedback that you provide about our candidates.
If you provide information to us about a candidate (for example, if you confirm a candidate has worked with you or if you provide a reference), then we will obtain your details from the candidate and we will keep a record of the personal data that you provide to us about that candidate.
We process personal data about you from public domain sources such as LinkedIn and social networking sites.
Suppliers We typically collect your name and contact details as a business contact for your organisation.
2. How we use your personal data
Candidates We use your personal data to:
Prospective Candidates We use your personal data to:
Users of our website or apps We may use your personal data to:
Clients, We may use your personal data:
Suppliers We use your personal data:
You can unsubscribe from receiving marketing communications from us, using the unsubscribe methods contained in communications we send to you or by contacting us.
3. Legal grounds for processing your personal data
Under the GDPR, we rely on the following legal grounds to process your personal data:
4. Who we share your personal data with
We train our staff on the importance of privacy and make them aware of the correct processes to follow in relation to privacy and the handling of personal data.
In certain circumstances, we will share your personal data with third parties.
If you are a candidate, we share your personal data and, where necessary, special category data, with clients as part of the recruitment process.
We also share your personal data and, where necessary, special category data with third-party service providers who perform services and functions on our behalf, such as:
Where we employ a third-party service provider to help us, we ensure that no personally identifiable attributes are recorded in our databases and, other than our chosen service provider, we do not share this information with any other business or affiliate.
We take the security of your data very seriously. We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties.
We contractually require minimum standards of confidentiality and data protection from our clients and third-party service providers. The UK recognises that after Brexit, countries in the EEA provide adequate protection for personal data. If we need to send personal data outside the EEA, we will ensure that adequate safeguards are in place. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
5. Automated processing
We do not make any recruitment decisions based solely on automated decision-making. In the event that we do ever use automated decision-making that could have a significant impact on you, we will let you know in advance and give you an opportunity to object.
6. How long we hold your personal data for
We will keep your personal data for as long as we need to in order to fulfil the purpose we collected it for, which may be an on-going purpose. For example, if you’re a candidate, we will retain your personal data for the duration of our business relationship with you and beyond, as we often support candidates with job placements over many years and potentially throughout their careers.
We keep some personal data for longer than others. To determine the appropriate retention period for personal data, we consider factors such as the purposes for which we process your personal data, including any legal, regulatory, accounting and reporting obligations, the nature and amount of personal data that we hold about you, and the potential risk of harm to you from unauthorised use or disclosure of your personal data.
Where we process your personal data for direct marketing purposes, we will do so until you ask us to stop, and for a short period after this (to allow us to implement your request). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request.
7. Your rights in relation to personal data we hold about you
You have several rights under UK and EU data protection laws. These rights include the right to ask us for a copy of your personal data, to correct, delete or restrict processing of your personal data; to obtain the personal data you provide to us for a contract or with your consent in a structured, machine-readable format, and to ask us to share (port) this data to another controller.
In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process your personal data to meet a contractual or other legal requirements, or where we are using the data for direct marketing).
These rights may be limited, for example, if complying with your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests for keeping. We will inform you of any relevant exemptions we are relying on when we respond to your request.
8. How to contact us
If you have unresolved concerns, and you live or work in the UK or believe that a personal data breach happened in the UK, you have the right to complain to the UK Information Commissioner’s Office who can be contacted at:
Telephone: 0303 123 11113, Website: https://ico.org.uk/concerns/
By post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Ready to access the talent your competitors don't even know exist?