top of page

GDPR Policy

Run Resourcing Ltd

General Data Protection Regulation (GDPR) Policy

Effective Date: 01.08.2023

 

1. Introduction

 

Run Resourcing Ltd (hereinafter referred to as "the Agency") is committed to protecting the privacy and personal data of all individuals it interacts with, including job applicants, candidates, clients, and employees. This GDPR Policy outlines how the Agency collects, processes, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and other relevant data protection laws in the United Kingdom.

 

2. Data Controller and Data Protection Officer

 

The Agency is the data controller responsible for the processing of personal data. If you have any questions or concerns about this policy or how we handle personal data, you can contact our Data Protection Officer (DPO) at (sam.draycott@runresourcing.co.uk).

 

3. Lawful Basis for Processing Personal Data

 

The Agency will ensure that all personal data is processed lawfully, fairly, and transparently. We will only process personal data when we have a valid lawful basis to do so, which may include:

 

- The data subject has given explicit consent for the processing of their data.

- Processing is necessary for the performance of a contract with the data subject or to take pre-contractual steps at the data subject's request.

- Processing is necessary for compliance with a legal obligation to which the Agency is subject.

- Processing is necessary to protect the vital interests of the data subject or another individual.

- Processing is necessary for the legitimate interests pursued by the Agency, except where such interests are overridden by the data subject's rights and freedoms.

​

4. Data Collection and Processing

 

The Agency will collect and process personal data for specified and legitimate purposes, including but not limited to recruitment and placement services, as well as maintaining a professional relationship with our clients and candidates. We may collect personal data from various sources, including job boards, where individuals have publicly shared their data for recruitment purposes.

 

Personal data collected may include, but is not limited to:

 

- Name, address, and contact details (e.g., email address, phone number).

- Employment history and qualifications.

- Information provided in CVs, cover letters, and applications.

- References and feedback from previous employers or referees.

- Results of any assessments or tests conducted during the recruitment process.

- Any additional information necessary for the recruitment and placement process.

 

5. Data Retention

 

The Agency will retain personal data for as long as necessary to fulfil the purposes for which it was collected or as required by applicable laws. We will regularly review the data we hold and securely dispose of data that is no longer necessary or relevant.

 

6. Data Security

 

The Agency will implement appropriate technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, or destruction. This includes secure storage, restricted access, encryption where applicable, and regular data backups.

 

7. Data Sharing and Third Parties

 

The Agency may share personal data with third parties involved in the recruitment and placement process, including employers, references, and screening providers. We will only disclose the minimum necessary data and ensure that third parties are GDPR-compliant and adhere to strict confidentiality obligations.

 

8. Data Subject Rights

 

The Agency recognises and respects the data subject rights as outlined in the GDPR. Individuals have the right to:

​

- Access their personal data.

- Rectify inaccurate or incomplete data.

- Erase personal data in certain circumstances.

- Restrict processing under specific conditions.

- Object to processing based on legitimate interests.

- Withdraw consent at any time if processing is based on consent.

 

To exercise any of these rights, data subjects can contact the Data Protection Officer at (sam.draycott@runresourcing.co.uk). The Agency will respond to such requests in a timely manner and within the requirements of applicable data protection laws.

 

9. Data Breach Notification

 

In the event of a data breach that poses a risk to the rights and freedoms of individuals, the Agency will promptly notify the relevant supervisory authority and affected data subjects as required by the GDPR.

 

10. Policy Review and Updates

 

This GDPR Policy will be reviewed regularly to ensure compliance with evolving data protection laws and best practices. Updates will be communicated to all relevant stakeholders.

 

By using our recruitment services or engaging with the Agency, you acknowledge that you have read, understood, and agree to the terms of this GDPR Policy.

 

Run Resourcing Ltd

01.08.2023

Sam Draycott – Director

bottom of page