Who are we?
Issoria Limited, with offices registered at 1 Waterside Gardens, Station Road, Harpenden, Hertfordshire, AL5 4US, UK and trading offices located at 33 Cannon Street, London, EC4M, 5SB, UK. We provide management consultancy and staff augmentation services to clients looking to deliver organisational change and technology enabled transformation for their businesses.
What does this Policy cover?
We at Issoria Limited take your personal data seriously. This policy:
· sets out the types of personal data that we collect about you
· explains how and why we collect and use your personal data
· explains how long we keep your personal data for
· explains when, why and with who we will share your personal data;
· sets out the legal basis we have for using your personal data;
· explains the effect of refusing to provide the personal data requested;
· explains the different rights and choices you have when it comes to your personal data; and
· explains how we may contact you and how you can contact us.
What personal data do we collect about you?
We collect the information necessary to be able to find independent management consultants consulting opportunities and further information needed to assess their eligibility through the different stages of our consultant selection process. This information includes CV’s, identification documents, educational records, work history, and references.
If you contract with Issoria, we will also be required to collect high risk data about you, in the form of passport copies, bank details and national insurance or tax registration details. We only collect this personal data from you, and further process this data, where you have given your explicit consent.
We may also collect sensitive personal data about you, in the form of criminal background checks. We only collect sensitive personal data from you, and further process this data, where you have given your explicit consent.
Where do we collect personal data about you from?
The following are the different sources we may collect personal data about you from:
- Directly from you. This is information you provide while searching for a new consulting opportunity and/or during the different on-boarding stages.
- From an agent/third party acting on your behalf. e.g. Contractor’s / Consultant’s Limited Company.
- Through publicly available sources. We use the following public sources:
- By Reference or word of mouth. For example, you may be recommended by a friend, a former employer, a former colleague or even a present employer.
Where we collect your information through publicly available sources as set out above, we may do this with the aid of software programs such as Salesforce.com or Microsoft Dynamics CRM. These programs are given parameters on the requirements of a consulting engagement / contract and search through publicly available sources to find such Consultants. These programs are designed to only output information on Consultants that meet the search criteria. The parameters of this program are restricted to only searching for Name, Job role and Location information from public sites where there is a reasonable expectation that such information may be collected and further processed for the purpose of sourcing Consultants for different consulting engagement / contract requirements.
How do we use your personal data?
We use your personal data to match your skills and experience with our Clients’ consulting engagements. We will initially collect basic information on you such as CV / Profile and contact details and then pass this on to clients with your consent.
How long do we keep your personal data for?
We only retain your information for as long as is necessary for us to use your information as described above or to comply with our legal obligations. However, please be advised that we may retain some of your information after you cease to use our services, for instance if this is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes.
When determining the relevant retention periods, we will take into account factors including:
(a) our contractual obligations and rights in relation to the information involved;
(b) legal obligation(s) under applicable law to retain data for a certain period of time;
(c) statute of limitations under applicable law(s);
(d) (potential) disputes;
(e) if you have made a request to have your information deleted; and
(f) guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information once this is no longer needed.
Who do we share your personal data with?
We share your personal data with the client who has a consultancy engagement, in order to determine with the client whether you are a good fit for their requirements.
What legal basis do we have for using your information?
For prospective consultants, contractors, referees and clients, our processing is necessary for our legitimate interests in that we need the information in order to be able to assess suitability for potential consulting engagements and contracts, to find potential consultants / contractors and to contact clients and referees.
If you are on-boarded as a consultant / contractor to Issoria, this may then involve the processing of more detailed personal data including high risk data such as bank details and copies of photo ID that you provide. In that case we always ask for your consent before undertaking such processing.
For clients, we may also rely on our processing being necessary to perform a contract for you, for example in contacting you.
What happens if you do not provide us with the information we request or ask that we stop processing your information?
If you do not provide the personal data necessary, or withdraw your consent for the processing of your personal data, we may not be able to match you with available consulting / contract opportunities.
Do we make automated decisions concerning you?
No, we do not carry out automated profiling.
Do we transfer your data outside the EEA?
To better match your profile with current opportunities we may transfer your personal data to clients and partners in countries outside the EEA. These countries privacy laws may be different from those in your home country. Where we transfer data to a country which has not been deemed to provide adequate data protection standards we always have security measures and approved model clauses in place to protect your personal data. To find out more about how we safeguard your information as related to transfers contact us on firstname.lastname@example.org
What rights do you have in relation to the data we hold on you?
By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country.
What does this mean?
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.
2. The right of access
This is so you’re aware and can check that we’re using your information in accordance with data protection law.
3. The right to rectification
You are entitled to have your information corrected if it’s inaccurate or incomplete.
4. The right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
5. The right to restrict processing
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability
You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
7. The right to object to processing
You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
8. The right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
9. The right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
· baseless or excessive/repeated requests,
· or further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
How will we contact you?
We may contact you by phone, email or social media. If you prefer a particular contact means over another please just let us know.
How can you contact us?
If you are unhappy with how we’ve handled your information or have further questions on the processing of your personal data, contact us here: Issoria, 1 Waterside, Station Road, Harpenden, Hertfordshire, AL5 4US or email@example.com
What Cookie types do we use?
Our Cookies are either first party or third party. Whether a Cookie is ‘first’ or ‘third’ party refers to the website or domain placing the Cookie. First Party Cookies are placed directly by us, while other parties we may do business with set Third Party Cookies. These third parties collect data directly from your web browser and the processing of this data is subject to their own privacy policies.
Cookies are either:
Session Cookies – which allow websites to link your actions during a browser session. We may use these for a variety of purposes such as remembering what you clicked on, on the previous page visited. These session Cookies expire after a browser session so would not be stored longer term; or
Persistent Cookies – which are stored on your device in between browser sessions and allow your preferences or actions across a site (or in some cases across different websites) to be remembered. These Cookies do not expire once the browsing session closes and remain on your device until an expiration date set by the source of the Cookie.
What are the categories of the Cookies we use?
Essential Cookies: These Cookies are essential to make our website work correctly, they enable you to move around our website and use our features. These Cookies are necessary for the provision of our services and if you do not want us to collect such information, you must cease using our website immediately.
Performance Cookies: These Cookies help us understand how you interact with our website, by providing information about the areas visited, the time spent on the website, and any issues encountered, such as error messages. This helps us improve the performance of our website.
Functionality Cookies: These Cookies allow our website to remember if you have previously visited our site or the choices you make (such as your user name, language, region or preferences) to provide a more personalised online experience.
Targeting/Advertising Cookies: These Cookies are used to deliver content that is more relevant to you and your interests. They may be used to deliver targeted advertising or to limit the number of times you see an advertisement.
How do you manage Cookies?
Most internet browsers are initially set up to automatically accept Cookies. You can change the settings to manage Cookies being sent to your device.
Disable Cookies in Internet Explorer >> Click here
Disable Cookies in Chrome >> Click here
Disable Cookies in Safari >> Click here
Disable Cookies in FireFox >> Click here
Disable Cookies in Safari IOS >> Click here
Disable Cookies in Google Android >> Click here