Privacy Notices

Privacy Notice 1 applies to you if;

  • We have collected information directly from yourself (as a candidate / job seeker)
  • or, You have applied for a job vacancy we have advertised (either on our website or via a job site)
  • or, You have made contact with us by email, telephone, SMS
  • or, You have made contact with us on an online website or platform (e.g. social media and professional networking sites, such as LinkedIn)
  • or, You have filled in a contact form on our website, or have provided data through our online chatbot
  • or, we have collected your data using any other direct method where you have actively provided your data to us

Privacy Notice 2 applies to you if;

  • Deerfoot IT approached you initially with a job vacancy opportunity AND;
  • You have created an account and/or uploaded your CV to an online job board or CV database provider that we subscribe to
  • or, You have an account on a professional networking site (such as LinkedIn) that we subscribe to
  • or, Your details have been provided to Deerfoot via a referral or recommendation from an individual or organisation known to you (e.g. a friend, colleague or ex-employer)
  • or, we have collected your data through any other indirect method of obtaining your data not listed above

In some circumstances, both Privacy Notices may apply. If you are unsure which Privacy Notice is applicable, you can contact our Data Protection Officer (dpo@deerfoot.co.uk) or the Deerfoot Consultant who you are in contact with for further clarification. 

Both Privacy Notices are shown below, beginning with Privacy Notice 1, and finishing with Privacy Notice 2.

Privacy Notice 1

The following applies to information collected directly from a candidate, this will include all methods whereby a candidate approaches Deerfoot IT initially, including applying to a job advertisement (both directly to Deerfoot IT through our website and / or third-party job boards), emailing, calling, messaging Deerfoot IT, completing an online contact form or engaging with the chat function on our website, or contacting us via a social media network.

Company Name: Deerfoot I.T. Resources Ltd (‘the Company’) 
Company Contact details: 
Registered Address: 38 Rumbridge Street, Totton, Southampton, SO40 9DS
Data Protection Officer’s Email: dpo@deerfoot.co.uk
Switchboard Telephone: 02380813001
Topic: Privacy Notice – For information collected directly from the candidate 
Date: 2nd February 2024 
Version: 4.0

The Company is a recruitment business which provides work-finding services to its clients and work-seekers. The Company must process personal data (including sensitive personal data) so that it can provide these services – in doing so, the Company acts as a data controller. 

You may give your personal details to the Company directly, such as on an application or registration form or via our website, or we may collect them from another source such as a job board or social media website. The Company must have a legal basis for processing your personal data. For the purposes of providing you with work-finding services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement. 

1.  Collection and use of personal data 

a. Purpose of processing and legal basis 

The Company will collect your personal data (which may include sensitive personal data) and will process your personal data for the purposes of providing you with work-finding services. This includes, for example, contacting you about job opportunities, assessing your suitability for those opportunities, updating our databases, putting you forward for job opportunities, arranging payments to you and developing and managing our services and relationship with you and our clients.

In some cases, we may be required to use your data for the purpose of investigating, reporting and detecting crime and also to comply with laws that apply to us. We may also use your information during the course of internal audits to demonstrate our compliance with certain industry standards.

The legal bases we rely upon to offer these services to you are:

  • Your consent
  • Where we have a legitimate interest
  • To comply with a legal obligation that we have
  • To fulfil a contractual obligation we have with you

 b. Legitimate interest 

This is where the Company has a legitimate reason to process your data provided it is reasonable and does not go against what you would reasonably expect from us. Where the Company has relied on a legitimate interest to process your personal data our legitimate interests is/are as follows:

 To match and inform you as a job seeker with suitable job opportunities

  • To provide you as a job seeker with our work finding recruitment services
  • To manage our talent database and keep your candidate records up to date
  • To contact you and seek your consent where it is needed

c.  Recipient/s of data 

The Company will process your personal data and/or sensitive personal data with the following recipients, after gaining consent from you: 

  • Clients (whom we may introduce or supply you to) 
  • Former employers whom we may seek references from
  • Umbrella companies or payroll service providers who manage payroll on our behalf of us or our clients, or other payment intermediaries whom we may introduce to you
  • Where used by our clients as part of the recruitment process, other recruitment service providers (e.g. master/neutral vendors such as RPOs)
  • Any public information sources and third party organisations that we may use to carry out suitability checks on work-seekers (e.g. Companies House, the Disclosure and Barring Service (DBS), credit reference agencies etc.)
  • Any other organisations you ask us to share your data with

d. Statutory/contractual requirement 

Your personal data is required by law and/or a contractual requirement (e.g., our client may require this personal data), and/or it is a requirement necessary to enter into a contract. You are obliged to provide the personal data and if you do not the consequences of failure to provide the data are: 

              •  The Company will not able to continue to provide work-finding services to you  

2. Overseas Transfers   

The Company may transfer only the information you provide to us to countries outside the UK for the purposes of providing you with finding services (for example, should you apply for a job opportunity outside the UK). We will take steps to ensure adequate protections are in place to ensure the security of your information.

3. Data retention 

The Company will retain your personal data only for as long as is necessary for the purpose we collect it. Different laws may also require us to keep different data for different periods of time. 

The Conduct of Employment Agencies and Employment Businesses Regulations 2003, require us to keep work-seeker records for at least one year from (a) the date of their creation or (b) after the date on which we last provide you with work-finding services.

We must also keep your payroll records, holiday pay, sick pay and pensions auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security and tax legislation.

Where the Company has obtained your consent to process your personal and special categories of personal data, we will do so in line with our retention policy. Upon expiry of that period the Company will seek further consent from you. Where consent is not granted the Company will cease to process your personal and sensitive personal data.

4. Your rights 

Please be aware that you have the following data protection rights: 

  • The right to be informed about the personal data the Company processes on you; 
  • The right of access to the personal data the Company processes on you; 
  • The right to rectification of your personal data; 
  • The right to erasure of your personal data in certain circumstances; 
  • The right to restrict processing of your personal data; 
  • The right to data portability in certain circumstances; 
  • The right to object to the processing of your personal data that was based on a public or legitimate interest; 
  • The right not to be subjected to automated decision making and profiling; and 
  • The right to withdraw consent at any time. 

Where you have consented to The Company processing your personal data and/or sensitive personal data you have the right to withdraw that consent at any time by contacting our Data Protection Officer (DPO) by sending your request to dpo@deerfoot.co.uk or by speaking to a member of the team by calling 02380813001.

5. Complaints or queries  

If you wish to complain about this privacy notice or any of the procedures set out in it please contact the Company’s Data Protection Officer (DPO) by sending an email to dpo@deerfoot.co.uk or by phoning 0280813001.

You also have the right to raise concerns with the Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/make-a-complaint/, or any other relevant authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.

6. What information will we collect? 

We may collect the following information about you, which includes both personal data and sensitive personal data:

  • Full Name, Title and Preferred Name(s)
  • Contact Details (Email Addresses, Phone Numbers, Addresses)
  • Date of Birth
  • Nationality / Citizenship
  • Preferences for Work (E.g. Hybrid Working Preferences, Desired Salary / Day Rate)
  • Your availability including Notice Periods and/or dates available
  • Work Permits or Visa Information (Visa Types, Expiry Dates, etc.)
  • Passport, Driving License, or other forms of ID
  • CV (Curriculum Vitae), Resume or Portfolio
  • Employment History including Job Industries
  • Current (or recent) Salary / Day Rate / Package Information
  • Educational Background
  • Certifications and Qualifications
  • Skills, Competencies, Functional Expertise
  • Professional Memberships
  • National Insurance Number
  • Professional References
  • Interview Feedback
  • Assessment Results
  • Notes from conversations / interactions
  • Telephone Conversations
  • Authorisation and information for background and credit checks
  • Links to social media profiles (e.g. LinkedIn)
  • Gender
  • Ethnicity
  • Disability Status
  • Communication and correspondence records
  • Data relating to your consent for us to keep and process your data
  • Data relating to our right to represent you to our clients
  • Email Permissions and Preferences
  • Job Application Covering Sheets
  • Proof of Security Clearance, CRB and DBS checks
  • Contracts of Employment
  • Bank Account Details (for contractor payments)
  • Client Feedback

For the information listed above that is not collected via your CV, it will only be collected by gaining consent directly from yourself. Not all data listed above will be required as some information will only be necessary should we successfully secure a position for you and depending on the nature of the employment and end client requirements, may not be needed. The consultant you engage with will be able to inform you what information will be required for a job application and / or securing employment. 

Privacy Notice 2

The following applies to information collected indirectly (all sources that are not considered direct from the candidate). This may include; one of the third-party job boards we subscribe to, our internal database, social media websites, professional networking sites, referrals or recommendations.

Company Name: Deerfoot I.T. Resources Ltd (‘the Company’) 
Company Contact details: 
Registered Address: 38 Rumbridge Street, Totton, Southampton, SO40 9DS
Data Protection Officer’s Email: dpo@deerfoot.co.uk
Switchboard Telephone: 02380813001
Topic: Privacy Notice (when personal data is obtained from a third party)
Date: 2nd February 2024 
Version: 4.0

The Company is a recruitment business which provides work-finding services to its clients and work-seekers. The Company must process personal data (including sensitive personal data) so that it can provide these services – in doing so, the Company acts as a data controller. 

You may give your personal details to the Company directly, such as on an application or registration form or via our website, or we may collect them from another source such as a jobs board. The Company must have a legal basis for processing your personal data. For the purposes of providing you with work-finding services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement.

1.  Collection and use of personal data 

a. Purpose of processing and legal basis 

The Company has collected your personal data (which may include special categories of personal data) and will process your personal data for the purposes of providing you with work-finding services. This includes for example, contacting you about job opportunities, assessing your suitability for those opportunities, updating our databases, putting you forward for job opportunities, arranging payments to you and developing and managing our services and relationship with you and our clients. 

In some cases we may be required to use your data for the purpose of investigating, reporting and detecting crime and also to comply with laws that apply to us. We may also use your information during the course of internal audits to demonstrate our compliance with certain industry standards.

The legal bases we rely upon to offer these services to you are:

  • Your consent
  • Where we have a legitimate interest
  • To comply with a legal obligation that we have
  • To fulfil a contractual obligation we have with you

b. Categories of Data 

The Company has collected the following personal data on you:

Personal Data:

  • Your Name and Contact Details
  • Any and all data available on your CV and/or Resume, Portfolio, Social Media or Professional Networking Website
  • Any and all data made available on any job boards / CV databases you have an active account with

Sensitive Personal Data:

  • Any and all data available on your CV and/or Resume, Portfolio, Social Media or Professional Networking Website
  • Any and all data made available on any job boards / CV databases you have an active account with

We may collect additional information on you as highlighted in Section 7 below should you wish to engage with us further.

c. Legitimate Interest 

This is where the Company has a legitimate reason to process your data provided it is reasonable and does not go against what you would reasonably expect from us. Where the Company has relied on a legitimate interest to process your personal data our legitimate interests is/are as follows:

  • To match and inform you as a job seeker with suitable job opportunities
  • To provide you as a job seeker with our work finding recruitment services
  • To manage our talent database and keep your candidate records up to date
  • To contact you and seek your consent where it is needed

d.  Recipient/s of data 

The Company will process your personal data and/or sensitive personal data with the following recipients, after gaining consent from you: 

  • Clients (whom we may introduce or supply you to) 
  • Former employers whom we may seek references from
  • Umbrella companies or payroll service providers who manage payroll on our behalf of us or our clients, or other payment intermediaries whom we may introduce to you
  • Where used by our clients as part of the recruitment process, other recruitment service providers (e.g. master/neutral vendors such as RPOs)
  • Any public information sources and third party organisations that we may use to carry out suitability checks on work-seekers (e.g. Companies House, the Disclosure and Barring Service (DBS), credit reference agencies etc.)
  • Any other organisations you ask us to share your data with

2. Overseas Transfers   

The Company may transfer only the information you provide to us to countries outside the UK for the purposes of providing you with finding services (for example, should you wish to engage further with us regarding a job opportunity outside the UK). We will take steps to ensure adequate protections are in place to ensure the security of your information.

3. Data retention 

The Company will retain your personal data only for as long as is necessary for the purpose we collect it. Different laws may also require us to keep different data for different periods of time. 

The Conduct of Employment Agencies and Employment Businesses Regulations 2003, require us to keep work-seeker records for at least one year from (a) the date of their creation or (b) after the date on which we last provide you with work-finding services.

We must also keep your payroll records, holiday pay, sick pay and pensions auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security and tax legislation.

Where the Company has obtained your consent to process your personal and special categories of personal data, we will do so in line with our retention policy. Upon expiry of that period the Company will seek further consent from you. Where consent is not granted the Company will cease to process your personal and sensitive personal data.

4. Your rights 

Please be aware that you have the following data protection rights: 

  • The right to be informed about the personal data the Company processes on you; 
  • The right of access to the personal data the Company processes on you; 
  • The right to rectification of your personal data; 
  • The right to erasure of your personal data in certain circumstances; 
  • The right to restrict processing of your personal data; 
  • The right to data portability in certain circumstances; 
  • The right to object to the processing of your personal data that was based on a public or legitimate interest; 
  • The right not to be subjected to automated decision making and profiling; and 
  • The right to withdraw consent at any time. 

Where you have consented to The Company processing your personal data and/or sensitive personal data you have the right to withdraw that consent at any time by contacting our Data Protection Officer (DPO) by sending your request to dpo@deerfoot.co.uk or by speaking to a member of the team by calling 02380813001. Please note that if you withdraw your consent to further processing that does not affect any processing done prior to the withdrawal of that consent, or which is done according to another legal basis. 

There may be circumstances where the Company will still need to process your data for legal or official reasons. We will inform you if this is the case. Where this is the case, we will restrict the data to only what is necessary for the purpose of meeting those specific reasons. 

If you believe that any of your data that the Company processes is incorrect or incomplete, please contact us using the details above and we will take reasonable steps to check its accuracy and correct it where necessary. 

You can also contact us using the above details if you want us to restrict the type or amount of data we process for you, access your personal data or exercise any of the other rights listed above.

5. Source of the personal data  

The company sourced your personal data/sensitive personal data by the following means;

Non-Publicly Accessible Sources

  • Paid Subscriptions to CV Databases, including but not limited to; CV Library, Jobsite, Reed, JobServe, Monster, CWJobs, Indeed, Bayt, Totaljobs, Jora and Glassdoor.
  • Paid Subscriptions to Advanced Functionality on Professional Networking Sites (e.g. Licences for LinkedIn Recruiter / LinkedIn Sales Navigator)
  • The Company’s internal database / talent pool
  • Referral or Recommendation from an individual or organisation known to you (including but not limited to a friend, colleague or ex-employer)

Publicly Accessible Sources

  • Professional Networking Sites (e.g. LinkedIn)
  • Social Media Profiles (e.g. Facebook and X)

 6. Complaints or queries  

If you wish to complain about this privacy notice or any of the procedures set out in it please contact the Company’s Data Protection Officer (DPO) by sending an email to dpo@deerfoot.co.uk or by phoning 0280813001.

You also have the right to raise concerns with the Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/make-a-complaint/, or any other relevant authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.

7. What information will we collect? 

We may collect the following information about you, which includes both personal data and sensitive personal data:

  • Full Name, Title and Preferred Name(s)
  • Contact Details (Email Addresses, Phone Numbers, Addresses)
  • Date of Birth
  • Nationality / Citizenship
  • Preferences for Work (E.g. Hybrid Working Preferences, Desired Salary / Day Rate)
  • Your availability including Notice Periods and/or dates available
  • Work Permits or Visa Information (Visa Types, Expiry Dates, etc.)
  • Passport, Driving License, or other forms of ID
  • CV (Curriculum Vitae), Resume or Portfolio
  • Employment History including Job Industries
  • Current (or recent) Salary / Day Rate / Package Information
  • Educational Background
  • Certifications and Qualifications
  • Skills, Competencies, Functional Expertise
  • Professional Memberships
  • National Insurance Number
  • Professional References
  • Interview Feedback
  • Assessment Results
  • Notes from conversations / interactions
  • Telephone Conversations
  • Authorisation and information for background and credit checks
  • Links to social media profiles (e.g. LinkedIn)
  • Gender
  • Ethnicity
  • Disability Status
  • Communication and correspondence records
  • Data relating to your consent for us to keep and process your data
  • Data relating to our right to represent you to our clients
  • Email Permissions and Preferences
  • Job Application Covering Sheets
  • Proof of Security Clearance, CRB and DBS checks
  • Contracts of Employment
  • Bank Account Details (for contractor payments)
  • Client Feedback

For the information listed above that is not collected via your CV, it will only be collected by gaining consent directly from yourself. Not all data listed above will be required as some information will only be necessary should we successfully secure a position for you and depending on the nature of the employment and end client requirements, may not be needed. The consultant you engage with will be able to inform you what information will be required for a job application and / or securing employment.