Login Register
X

    GDPR Candidate Agreement

    GDPR Candidate Agreement

    Last Updated: March 31, 2025

    This notice explains how Pivt Group Ltd collects, processes, and manages your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, which adapt the EU General Data Protection Regulation (Regulation (EU) 2016/679) to UK law. The UK GDPR enhances privacy rights for individuals and sets a strict framework for organisations like ours to operate legally.

    Your rights under the UK GDPR are detailed in this notice, which was last updated on March 31, 2025.

    The Information We Collect

    To conduct our core recruitment activities, we may collect the following personal data about you:

    • Name, address, and postcode;
    • Private and corporate email addresses and phone numbers;
    • Financial information (e.g., bank details for payment) and compliance documentation (e.g., right-to-work evidence);
    • References verifying your qualifications, experience, and eligibility to work in the UK;
    • Curriculum vitae (CV), photograph, and employment details/preferences;
    • Links to your professional profiles in the public domain (e.g., LinkedIn, Twitter, business websites).

    How We Collect This Information

    We collect your personal data in the following ways:

    • Directly from you via forms on our website (www.pivtgroup.com), or through correspondence by phone, email, or other means;
    • When you register on our website, subscribe to our services, attend our events, engage with discussion boards or social media functions on our site, enter competitions or surveys, or report issues with our website;
    • From third-party sources such as LinkedIn, corporate websites, job boards, online CV libraries, business cards, personal recommendations, or relevant social media platforms. If collected this way, within 30 days, we will notify you that we hold your data, its source (including if publicly accessible), and our purpose for processing it.

    Our Legal Basis for Processing Data

    Our legal basis for processing your personal data includes:

    • Legitimate Interests: To operate our recruitment business, source candidates, and match them with job opportunities, provided this does not unduly impact your rights (e.g., contacting you about relevant roles based on your CV or profile).
    • Consent: Where you explicitly agree to us processing your data (e.g., submitting your CV via our website or opting into marketing communications).
    • Contract: To fulfill obligations when we place you in a role or prepare to enter a contract with you (e.g., sharing details with employers post-offer).
    • Legal Obligation: To comply with UK laws, such as verifying your right to work or retaining placement records for tax purposes.

    For detailed scenarios, see our full Privacy Policy or visit the ICO guidance at ico.org.uk/for-organisations/guide-to-data-protection.

    Where We Store Your Personal Data

    All personal data is stored securely on our recruitment software, hosted within the Microsoft Azure Infrastructure. Our primary data centre is in Microsoft’s Western Europe region (Netherlands), with a backup in another European location. These facilities employ robust security measures, including biometric access, alarm systems, and 24/7 security staff. Learn more about Microsoft’s security at azure.microsoft.com/en-gb/explore/security.

    How Long We Keep Your Data For

    We retain your personal data based on:

    • Nature of the Data: Sensitive data (e.g., financial details) may have shorter retention than basic contact info.
    • Accuracy: Outdated or inaccurate data may be deleted sooner.
    • Engagement: Active engagement (e.g., applying for roles) extends retention; inactivity triggers review.
    • Legal Obligations: Placement data is kept for 7 years post-placement to meet HMRC requirements.

    Our current retention period for candidates who have not been placed or show no engagement with our services is 3 years from the last interaction, after which data is anonymised or deleted unless you request otherwise. We may archive data or retain it on financial systems for legal compliance, removing it from active recruitment databases when no longer needed.

    Your Rights

    Under the UK GDPR, you have the following rights:

    1. To be Informed: About how we process your data (as outlined here).
    2. Access: Request a copy of your personal data (Subject Access Request).
    3. Rectification: Correct inaccurate or incomplete data.
    4. Erasure: Request deletion in certain cases (e.g., if no longer needed or consent is withdrawn).
    5. Restrict Processing: Limit how we use your data in specific circumstances.
    6. Data Portability: Obtain your data in a machine-readable format where applicable.
    7. Object: Oppose processing based on legitimate interests or for direct marketing.
    8. Automated Decisions: Not to be subject to solely automated decisions with significant effects (we do not use such profiling).

    To exercise these rights, log into your profile on www.pivtgroup.com to update your data, or email us at data@pivtgroup.com.

    Changes to Our Privacy Notice

    We may update this notice, posting changes here and notifying you by email where appropriate. Check back regularly for updates. For further information, contact data@pivtgroup.com.

    Contact Us

    4th Floor, 2 City Approach, Eccles, Greater Manchester, M30 0BL United Kingdom

    info@pivtgroup.com

    GDPR Candidate Agreement | Terms of Use
    Pivt | Copyright © 2025
    REG 14377777 | VAT 478484631
    Cookies on this website
    We need to ensure that we give you the best experience on our website. If you wish you can restrict or block cookies by changing your browser setting. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on this website.
    Accept Essential OnlyAccept All