The purpose of this document is to set out the privacy entitlements of Data Subjects, as defined in the General Data Protection Regulation (GDPR), of living persons. Privacy can only apply to information that is not already in the public domain and GDPR only applies to such personal data.
The General Data Protection Regulation (GDPR) is an European Union Regulation that sets out the data entitlements of data subjects and the obligations of those who process the personal data of data subjects. GDPR seeks to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU.
Our company provides a number of services to our Candidates (Data Subjects) and Client Companies. These include recruitment, assessment and advisory services.
Our advisory service is a business to business service, but both the recruitment and advisory services involve the collection and processing of personal data.
Our recruitment service collects data from you and uses that data to place you in employment with third parties. This involves making telephone contact with you, emailing you with positions that may be of interest to you, emailing and telephoning potential employers to advance your career prospects with those companies and sharing your data with those potential employers. We may receive your data either directly from you in the form of a registration with our company, or through a third party jobs board through whom you have applied for a job we had advertised with them. When you register with us you are engaging in a service whereby our company is acting as an agent for you in your pursuit of an employment position with a third party Client(s), until you, either opt out (which you can do at any stage) or we cease in promoting you to potential employers for whatever reason.
Our company in their capacity as your agent operates as a Data Controller in respect of the personal data you supply to us. We share your data with third party Clients in order to advance your prospect of obtaining your desired position and while we require that our clients are GDPR compliant we can make no guarantees or warranties in that regard. We carry out this recruitment function on the basis of the legitimate interests of our company and on the basis of the performance of a contract to act as your recruitment agent.
Our assessment service collects personal data from you in the form of questionnaires completed on our secure platform. This data is shared with you, with your employer (if it is employer initiated), with your potential employer (again if it is potential employer initiated) and our Psychologist who will compile a report and provide you with feedback. This data is always your data and you are entitled to it at all times. We carry out this service in the performance of the assessment contract and rely on contract as the lawful basis for processing.
We collect personal data about you from the application forms and questionnaires you may be asked to complete; we also gather personal data from records of our correspondence, phone calls, emails and details of your visits to our website, including but not limited to personally identifying information like Internet Protocol (IP) addresses. This information can be used to identify visitors to our website and also to collect statistics about the behaviour of visitors to our website.
Our website uses cookies; a cookie is a text file that a Web browser stores on a user’s machine. Cookies are a way for Web applications to maintain application state. They are used by websites for authentication, storing website information/preferences, other browsing information and anything else that can help the Web browser while accessing Web servers. HTTP cookies are known by many different names, including browser cookies, Web cookies or HTTP cookies. Our uses cookies to help us identify and track visitors and their website access preferences. If you do not wish to have cookies placed on your computer, you should set your browser to refuse cookies before using our website.
Data Minimisation Principle: We will only collect the information we need so that we can ensure adequate information is provided to our employer/clients consistent with the requirements of the particular placement relevant to you, as the contract is being performed, it may be necessary to obtain further data from you, we will do this if and when it is necessary and only the necessary data will be obtained. This agency does not sell or broker your data.
This company has different categories of data subjects:
There are different categories of data required between the differing data subject categories and only the information necessary to conduct the contractual relationship and perform the contract unique to each data subject will be collected.
This company relies upon the following legal bases for data collection:
A necessity of our contractual engagement is that we share your personal data with our employer/clients. We have in place Data Sharing Agreements (in the form of actual agreements or merely additional clauses within the terms and conditions of engagement between the agency and its clients) or Data Processing Agreements with all such employer/clients and we have done our utmost to ensure that all such parties process your data in a manner that is consistent with this Privacy Notice and GDPR. Our employer/clients may themselves be subject to third party audits either in the form of ethical audits, governmental/statutorily required audits or legal obligations, these are deemed a necessity of the contract of engagement between you and our company and on this legal basis your personal data will be shared to comply with these requirements.
We do not broker or pass on information gained from your engagement with the agency. However, we may disclose your Personal Information to meet legal obligations, regulations or valid governmental requests. The agency may also enforce its Terms and Conditions, including investigating potential violations of its Terms and Conditions to detect, prevent or mitigate fraud or security or technical issues; or to protect against imminent harm to the rights, property or safety of our company, its clients and/or the wider community.
We will process personal data during the duration of any contract and will continue to store only the personal data needed for periods after the contract has expired to meet any legal obligations as set out in the table below. After these periods any personal data not needed will be deleted. This is a list of our retention periods, it is not an exhaustive list and the company reserves the right to exercise data retention periods outside of those specified here.
Source of Obligation | Retention Period |
Revenue Commissioners, Collector General, Companies Acts legislative provisions | 6 years rolling retention of records |
Personal Injuries related records | Records are retained for a period of 3 years past the date of the cause of action, unless it involves a minor, in which case the retention period will be up until 3 years after the minor reaches the age of 18. |
Breach of Contract related records | Records are retained 6 years from the date of the breach |
Employment Agency Candidate for Interviews/Placements Records | Candidate information is kept indefinitely following the initial contact with the agency by the candidate, unless the candidate exercises their entitlement to a termination of processing. |
Employment contract/terms of employment related information | Duration of the employment – this includes everything from the application form, interview notes, contract related, performance appraisals, references |
Organisation of Working Time – time sheets/holiday and public holiday records National Minimum Wages Protection of Employment – Temporary Agency Workers, Part Time Workers, Fixed Term Workers Protection of Young Persons | 3 years post the termination of the employment. Records kept are sufficient to show compliance with legal obligations in accordance with the statutory provisions. |
Parental Leave Related | 8 years – records kept show the dates when a qualifying employee availed of the parental leave and force majeure leave provisions |
Employment Equality | All records, including interviews and applications are kept for a period of one year. |
Health and Safety Records | All records relating to health and safety will be kept for a period of 10 years |
Data Law Compliance | Records in relation to our compliance with Data Law and GDPR will be kept for a five year period. |
Data is held in Ireland using different (multiple) servers. We do not store personal data outside the EEA.
For the entirety of the time that we are in possession of your data, you have the following rights:
These rights may on occasion need to be modified/curtailed by statutory or competing obligations, for example, you may request that we delete your data, however if we have been your employer will can only do so after the statutory period of record retention has expired. In the event that we are obliged to refuse your request in accordance with your data subject rights, or if we are obliged to place conditions on our assent to your request, we will provide you with a reason as to why, which you have the right to legally challenge.
At any time following a request from you we can confirm what information we hold about you, as well as how and why it is being processed.
We will not disclose opinions given in confidence.
We will accept the following forms of ID when information on your personal data is requested: a copy of your national ID card, driving license, passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required. If we are dissatisfied with the quality, further information may be sought before personal data can be released.
All requests should be made to rmccormick@aperturepartners.ie or writing to us at Aperture Partners, 3-4 Pembroke Street Upper, Dublin 2, Ireland.
In the event that you wish to make a compliant about how your personal data is being processed by us or by our partners, you have the right to complain to Rory McCormick.
If you do not get a response within 30 days you can complain to the OFFICE OF THE DATA COMMISSIONER, Supervising Authority of Ireland.
Data Protection Commissioner
Canal House
Station Road
Portarlington
R32 AP23 Co. Laois
Telephone +353 57 8684800
Lo Call Number 1890 252 231
E-mail info@dataprotection.ie
Mespil House, Sussex Rd, Ballsbridge, Dublin
info@aperturepartners.ie
+353 834396725
Copyright © 2023, Aperture Partners. All Right Reserved. Designed By AJCodeGenius