Data Protection Policy

Purpose of this Policy

Computer Resources Group needs to collect, hold, process and disclose certain types of Personal Data in the conduct of its business. This document sets out the Data Protection Policy which Computer Resources Group, its employees, related companies and agents apply to any Clients, prospective Clients, Candidates or prospective Candidates personal data. Our Data Privacy Policy is in accordance with the Data Protection Act 1998. Details of the purposes for which we handle Personal Data, and a general description of the categories of people and organisations to whom we may disclose it, are formally documented in the Data Protection Register.

By choosing to seek employment through or do business with Computer Resources Group, you are agreeing to our handling your personal data in accordance with this policy.

Relevant Data Categories

This policy applies to all Personal Data regardless of the media it is held on (e.g. computer, paper, audio/video tape, etc). The Personal Data we may collect includes such things as contact details, employment status, current earnings and other personal data contained on a typical CV. The nature of our business also requires us to collect Sensitive Data from our prospective Candidates. Sensitive Data is a specially protected category of Personal Data, and is subject to additional procedures, described in the next section. Sensitive Data is data about an individual's racial or ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, sex life, details of the commission or alleged commission of any offence and details of any court proceedings relating to the commission of an offence.

Our Undertakings With Regard to Handling Personal Data

Computer Resources Group undertakes that any Personal Data which it handles will be handled in accordance with the following eight principles of Data Protection as set out in the Data Protection Act 1998.

1. ensure any Personal Data is fairly and lawfully gathered and processed
   
2. gather and process Personal Data only for those purposes necessary for the company to conduct its business, or execute its legal obligations, and not in any other way which would be incompatible with those purposes
   
3. gather and process only enough Personal Data to be adequate and relevant for the purpose and not excessive in frequency or volume
   
4. ensure that any Personal Data that needs to be retained and processed over time is accurate and kept suitably up to date
   
5. ensure that any Personal Data is not kept for longer than is allowed or required by law
   
6. process Personal Data in line with the rights of the individual whose personal data it is ("data subject'") - for example, in respect of privacy, discrimination, security, etc
   
7. keep all Personal Data securely and ensure copies of media containing any Personal Data are disposed of in a secure manner
   
8. ensure that any Personal Data processed by the company is not transferred to another country without there being protection in place equivalent to the currently in force provisions of the UK Data Protection Act, or otherwise ensure that permission of the relevant "data subject" to transfer their data abroad has been obtained
   

When we collect Sensitive Data, we will secure the prospective Candidate's explicit prior consent to hold, process and, where appropriate (and legally permissible), disclose such information to prospective employers or other third parties in the conduct of our business.

Computer Resources Group will ensure that any authorised agents or related companies assisting Computer Resources Group in the conduct of our business will adhere to this policy or will have in place their own equivalent Data Privacy Policy providing at least the same level of protection.

In accordance with the UK Data Protection Act, Computer Resources Group may transfer or disclose personal data for the purposes set out above to any country within the European Economic Area. Countries outside the European Economic Area may not have equivalent regulations regarding the processing of personal data. When we transfer data outside the European Economic Area we will seek to contractually obligate the receiving party to adhere to UK data protection standards. Where we have not achieved that contractual obligation, we will always seek your explicit prior authorisation for transferring your personal data to such countries, and will take reasonable steps to ensure that your personal data privacy is adequately protected.

Our Purpose for Handling Personal Data

Computer Resources Group handles client and associate personal data, for the purpose of carrying out our business of supplying associates to clients for contract, temporary and permanent positions and as required by law. This includes the following activities:

• Collecting, holding and processing Candidate and prospective Candidate personal data for the purpose of building and maintaining a database for conduct of our business .
  
• Collecting, holding and processing Candidate and prospective Candidate personal data for the purpose of keeping these individuals informed of employment vacancies that may be of interest; these communications will only come from us and not if you have written to us that you object to this.
  
• Disclosing or transferring Candidate or prospective Candidate personal data to prospective employers and other persons as may be reasonably necessary for the conduct of our business
  
• Collecting, holding and processing personal data related to clients or prospective clients for the purpose of marketing and selling our products and services
  
• Disclosing or transferring client or prospective client personal data to our related companies or other agents in order for them to assist us with our marketing and sales objectives
  If we handle personal data for any other reasons except those set out above, we shall inform the relevant parties of our additional purposes.
  

Right of Access

Under the Data Protection Act, any individual may write to the Computer Resources Group Data Protection Officer at our registered address and request a copy of the information which we hold about him or her. We reserve the right to charge up to the maximum fee payable in terms of the Data Protection Act for providing this information. If for any reason the data held is found to be inaccurate an individual can ask us to amend it and we will comply with any such requests as a matter of urgency.

Policy Administration

If you have a complaint, question, or a wish to change the way we handle your personal data, you may notify your usual Computer Resources Group contact or write directly to:

Data Protection Officer

Computer Resources Group

11 Bryant Avenue

Harold Wood

Romford

RM3 0AP

Computer Resources Group | Disclaimer | Privacy Policy | Site Map | Web Design Essex By Eadetech Ltd