OUR PRIVACY POLICY

nFunction Consulting is committed to protecting your personal data. This Data Privacy Policy explains how we collect, use, and share your information in compliance with UK data protection laws.

This Privacy Policy explains how we use any information we collect about you, how you can tell us if you prefer to limit the use of that information and procedures that we have in place to safeguard your privacy.

For the purpose of data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”), this Privacy Policy refers to the company responsible for your personal data (“nFunction Consulting” or “we” or “us”).

It describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. We are committed to protecting and safeguarding your data privacy rights.

This Privacy Policy applies to the personal data of our Clients, Candidates, Suppliers, Website Users and other people whom we may contact in order to find out more about our Candidates or whom they indicate is an emergency contact. It also applies to the emergency contacts of our Staff.

It is important to point out that we may amend this Privacy Policy from time to time.

The information we collect:

Client data: If you are a Client of ours, we need to collect and use information about you, or individuals at your organisation, in the course of providing you services such as finding relevant Candidates who are the right fit for you or your organisation;

Candidate data: In order to provide the best possible employment opportunities that are tailored to you, we need to process certain information about you. We only ask for details that will genuinely help us to help you, such as your name, contact details, employment history, emergency contacts, visa status. We may also be asked to do a criminal records check or financial background check.

Supplier data: We need contact details of relevant individuals at your organisation so that we can communicate with you. We also need other information such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us).

Referees and emergency contacts: In order to provide Candidates with suitable employment opportunities safely and securely and to provide for every eventuality for them and our Staff, we need some basic background information. We only ask for very basic contact details, so that we can get in touch with you either for a reference or because you’ve been listed as an emergency contact for one of our Candidates or Staff members.

A number of elements of the personal data we collect from you are required to enable us to fulfil our contractual or legal duties to you or to others. For example, to comply with HMRC Intermediaries reporting legislation we are required to hold Candidates’ National Insurance number, Date of birth and current address details, as well as certain other information. Other items may simply be needed to ensure that our relationship can run smoothly.

Depending on the type of personal data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfil our contractual requirements or, in extreme cases, may not be able to continue with our relationship.

How we collect your information:

Client data: There are two main ways in which we collect your personal data: directly from you and other limited sources (e.g. online and offline media).

Candidate data: There are two main ways in which we collect your personal data: directly from you and from third parties (job boards, LinkedIn, referrals, etc).

Supplier data: We collect your personal data during the course of our work with you.

Referees and emergency contacts: We collect your contact details only where a Candidate or a member of our Staff puts you down as their emergency contact or where a Candidate gives them to us in order for you to serve as a referee.

How we use your information:

Client data: The main reason for using information about Clients is to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly. This will usually involve identifying and assessing candidates who we think will be the right fit for you. The more information we have, the more bespoke we can make our service.

Candidate data: The main reason for using your personal details is to help you find employment or other work roles that might be suitable for you. The more information we have about you and your skillset, the more bespoke we can make our service.

Supplier data: The main reasons for using your personal data are to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly, and to comply with legal requirements.

Referees and emergency contacts: We use referees’ personal data to help verify Candidates’ employment dates. We use the personal details of a Candidates or Staff member’s emergency contacts in the case of an accident or emergency affecting that Candidate or member of Staff.

Data Sharing:

Client data: We will share your data to ensure that we provide you with a suitable pool of Candidates.
Candidate data: Primarily we will share your information with prospective employers to increase your chances of securing the job you want.

Supplier data: Unless you specify otherwise, we may share your information with associated third parties such as our service providers and organisations to whom we provide services.

We care about protecting your information. That’s why we put in place appropriate measures that are designed to prevent unauthorised access to, and misuse of, your personal data.

Data Retention:

We will only keep the information we collect about you for as long as required for the purposes outlined above. Or for a longer period if we believe in good faith that the law or other regulation requires us to preserve it (for example, because of our obligations to tax authorities or in connection with any anticipated litigation).

Your rights:

Even if we already hold your personal data, you still have various rights in relation to it. To get in touch about these, please contact us. We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of any applicable laws.

  • Right to Access: You have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or delete such information. At this point we may comply with your request or where we are legally permitted to do so we may decline your request, but we will explain why if we do so.
  • Right to Rectification: You have a right to request correction of inaccurate data.
  • Right to Erasure: You have the right to request us to erase your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data.
  • Right to Restrict Processing: If you wish, you may request limitation on how we use your data.
  • Right to Data Portability: If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.

2. Information We Collect

We may collect and process the following types of personal data:

  • Identity Data: Name, username, title, date of birth, and gender.
  • Contact Data: Address, email address, and phone number.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Use Your Information

We may use your personal data for the following purposes:

  • Performance of a Contract: To provide you with products and services.
  • Legal Obligations: To comply with legal and regulatory requirements.
  • Legitimate Interests: To improve our services, conduct research, and enhance customer experience.
  • Consent: To send you marketing communications if you have opted in.

4. Legal Basis for Processing

We will only process your personal data when we have a legal basis to do so. This may include:

  • Your consent.
  • Performance of a contract with you.
  • Compliance with a legal obligation.
  • Our legitimate interests, provided your rights do not override those interests.

5. Data Sharing

We may share your personal data with:

  • Service Providers: Third parties who provide services on our behalf (e.g., payment processors, IT support).
  • Compliance Authorities: To comply with legal obligations or respond to lawful requests from public authorities.
  • Business Transfers: In connection with any merger, sale of assets, or acquisition.

6. International Transfers

If we transfer your personal data outside the UK, we will ensure it is protected by appropriate safeguards, such as Standard Contractual Clauses.

7. Changes to This Policy

We may update this Data Privacy Policy from time to time. We will notify you of any significant changes and encourage you to review it periodically.