Privacy Notice Client Data
Definition
Clients – this category covers our customers, clients, and others to whom RSS provides services in the course of its business or whom RSS reasonably considers would be interested in our services.
In certain circumstances, RSS provides services to individual employees who work for Client organisations, such as training courses to teaching staff who work for Clients in the education sector. Please note that in this context, RSS requires Clients to communicate the relevant parts of this Privacy Policy (namely the sections directed at Clients) to their employees.
What kind of personal data do we collect?
The data we collect about Clients is actually very limited. We generally only need to have your contact details or the details of individual contacts at your organisation (such as their names, telephone numbers and email addresses) to enable us to ensure that we can reach out to you about our services, ensure our relationship runs smoothly and in certain circumstances, provide services to your employees.
We also hold information relating to your online engagement with Candidate profiles and other material published by RSS, which we use to ensure that our marketing communications to you are relevant and timely. We may also hold extra information that someone in your organisation has chosen to tell us. If we need any additional personal data for any reason, we will let you know.
How do we collect your personal data?
We collect Client personal data in the following ways:
– Personal data that we receive from you;
– Personal data that we collect or receive from other sources; and
– Personal data that we collect automatically.
- Personal data that we receive directly from you
We both share the same goal – to make sure that you have the best staff for and at your organisation. We will receive data directly from you in two ways:
– Where you contact us proactively, usually by phone or email; and/or
– Where we contact you, either by phone or email, or through our consultants’ business development activities more generally.
- Personal data we receive from other sources
Where appropriate and in accordance with our legal obligations and regulatory requirements, we will seek more information about you or your colleagues from other sources generally by way of due diligence or other market intelligence:
– From third party market research and by analysing online and offline media (which we will do ourselves or employ other organisations to do for us);
– From delegate lists at relevant events; and
– From other limited sources and third parties (for example from our Candidates to the extent that they provide us with your details to act as a referee for them or where they give feedback on a particular assignment).
- Personal data we collect via our website or through links in emails
To the extent that you access our website or read or click on an email from us, where appropriate and in accordance with our legal obligations and regulatory requirements, we will also collect your data automatically or through you providing it to us.
How do we use your personal data?
We use Client information for:
– Recruitment Activities;
– Marketing Activities; and
– To help us to establish, exercise or defend legal claims.
Here are some more details about each:
Recruitment Activities
Our main area of work is recruitment, through: (i) providing you with Candidates; (ii) RPO services; and (iii) Managed Service Provider (MSP) programmes. We’ve listed below the various ways in which we use your data in order to facilitate this.
– Storing your details (and updating them when necessary) on our database, so that we can contact you in relation to recruitment activities;
– Keeping records of our conversations and meetings, so that we can provide targeted services to you;
– Undertaking customer satisfaction surveys; and
– Processing your data for the purpose of targeting appropriate marketing campaigns for our services.
– We also provide services to your employees such as training courses to teaching staff who work for our Clients in the education sector, which will require us to use their personal data in order to grant them access to these services.
– We will use your personal data for these purposes if we deem this to be necessary for our legitimate interests.
Marketing Activities
Subject to any applicable legal obligations, we will not, as a matter of course, seek your consent when sending marketing materials to a corporate postal or email address. If you are not happy about this, you have the right to opt out of receiving marketing materials from us by contacting gdpr@RSS.com
To help us to establish, exercise or defend legal claims
In more unusual circumstances, we will use your personal data to help us to establish, exercise or defend legal claims.
Who do we share your personal data with?
Where appropriate and in accordance with our legal obligations and regulatory requirements, we will share your personal data, in various ways and for various reasons, with the following categories of people:
– Any of our group companies;
– Appropriate colleagues within RSS (this may include colleagues in overseas offices);
– Tax, audit, or other authorities, when we believe in good faith that the law or other regulation requires us to share this data (for example, because of a request by a tax authority or in connection with any anticipated litigation);
– Third party service providers who perform functions on our behalf (external suppliers and consultants, business associates and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems);
– Third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place;
– Marketing technology platforms and suppliers;
What legal bases do we rely on to process Client data?
Legitimate Interest:
To ensure that we provide you with the best service possible, we store your personal data and/or the personal data of individual contacts at your organisation as well as keeping records of our conversations, meetings, registered jobs and placements.
From time to time, we will also ask you to undertake a customer satisfaction survey. We think this is reasonable – we deem these uses of your data to be necessary for our legitimate interests as an organisation providing various recruitment services to you.
How long do we keep your personal data for?
We will retain your personal data in accordance with our retention periods at Annex 2 in order to provide you with services or to receive services from you, or to provide you with information about our services that we believe you may be interested in.
If you have expressly indicated that you’re not interested in our services, then we will delete your personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it (for example, because of our obligations to tax authorities or in connection with any anticipated litigation).
When we refer to “meaningful contact”, we mean, for example, communication between us (either verbal or written), or where you are actively engaging with our online services.
In determining the appropriate retention period for different types of personal data, we always consider the amount, nature, and sensitivity of the personal data in question, the potential risk of harm from unauthorised use or disclosure of that personal data, the purposes for which we need to process it and whether we can achieve those purposes by other means (in addition of course to ensuring that we comply with our legal, regulatory and risk-management obligations, as described above).