Mortimer Recruitment Ltd GPDR Candidate Agreement
Relevant Legislation
Our website, data systems and services along with our business and internal computer systems, are designed to comply with the following national and international legislation with regards to data protection and user privacy:
UK Data Protection Act 1988 (DPA)
EU Data Protection Directive 1995 (DPD)
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)
Data Controller
The data controller is: Mortimer Recruitment Ltd, a UK Private limited Company (Registered in England and Wales (Reg. No. 15247417)
Whose registered office is:
NBV Enterprise Centre, David Lane, Nottingham NG6 0JU
The Data Protection Officer
Mortimer Recruitment Ltd
Email: data@mortimerrecruit.com
Mortimer Recruitment Ltd is registered with the Information Commissioners Office (Registration No.ZB880822).
THE AGREEMENT AND CONSENT
Our GPDR candidate agreement sets out the basis on which any personal data we collect from you, or that you provide, will be processed and how we record and use your information and your rights for controlling that information.
This agreement is between Mortimer Recruitment Ltd (the Data Controller) and you (the Registrant/Candidate (known as the Data Subject)) and by accepting this GDPR agreement the Data Subject has freely given their informed consent to allow Mortimer Recruitment Ltd to collect and process personal data.
How we use your information
We use your data for the purpose of providing you with information about job and career opportunities, latest news from the company and to promote you as a candidate to potential employers.
Unless required to do so by law or statute we will not share your data with any third party without your consent.
What data do we collect?
To carry out our core recruitment activities and without limitation, the data collected and stored may consist of all or some of the following information.
- your name
- your job title and profession
- salary details (including bonuses and benefits)
- your qualifications and training information
- curriculum vitae and photograph
- company name (as applicable)
- contact information such as email addresses and telephone numbers
- demographic information such as address and post code
- date of birth
- employment details and preferences
- details of driving licence information
- evidence of the right to work in the UK (if applicable)
- financial information and compliance documentation
- references verifying your qualifications and experience
- links to your professional profiles available in the public domain e.g. LinkedIn, Twitter, Facebook for Business or corporate website
How we collect this information
The information we collect about you will be provided by you, either by filling out a form on our website [redgaterecruitment.com] or by corresponding with us by phone, e-mail or otherwise. It will also include information you provide when you register to use our website, subscribe to our services, attend our events, participate in discussion boards or other social media functions on our website, enter a competition, promotion or survey, and when you report a problem with our site.
We may also obtain information about you from other sources such as LinkedIn, corporate websites, job board websites, online CV libraries, your business card, personal recommendations, and any relevant social media sites. In this case – and within 30 days of collecting – we will inform you that we hold this personal data, the source the data originated from, whether it came from publicly accessible sources, and for what purpose we intend to retain and process your personal data.
Our legal basis for processing data
Our legal basis for the processing of personal data is.
- A legitimate business interest, or
- Consent provided by you to process your data for the purpose of providing recruitment and career services
- To comply with a legal obligation that we have
- To fulfil a contractual obligation that we have with you
How we store your personal data
Data security is of great importance to Mortimer Recruitment Ltd and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected online.
Our website is hosted by Fasthosts, managed by 1924 Media Services Ltd. Our, database and CRM services are provided by Firefish Software.
We use Microsoft 365 Exchange servers for our email services which are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
How long we keep your data for
We retain different types of data for differing periods of time. The criteria we use to determine whether we should retain your personal data and how long for includes:
- The nature of the personal data
- The perceived accuracy of your data
- Your engagement levels with our services
- Our legal obligations following an offer or when a placement has been made
- Legislative requirements
- Any other legal, financial or contractual obligation
We may archive part or all of your personal data or retain it on our financial systems but delete all or part of it from our recruitment software system. On removal, we may anonymise parts of your data – particularly following a request for suppression or deletion of your data – to ensure we do not re-enter your personal data to our database, unless you have requested us to do so.
Our current retention period for data on candidates who have not been placed or are no longer showing any signs of engagement with our website, is 2 Years.
Control of processing
Once you are registered with Mortimer Recruitment you can log in to your account at any time to update, edit or remove your information, remove or upload relevant documents and you can also update your marketing and other contact preferences via your log in.
The GDPR provides you with the following rights:
- The right to be informed about the personal data we process on you
- The right of access to the personal data we process on you
- The right to rectification of your personal data
- The right to erasure of your personal data in certain circumstances
- The right to restrict processing of your personal data
- The right to data portability in certain circumstances
- The right to object to the processing of your personal data
- The right not to be subjected to automated decision-making and profiling.
Therefore, we encourage you to log in to your profile through our website to ensure your data is accurate, complete and up to date always.
Data Breaches
We will report any unlawful data breach of this website’s database or the database of any of our third-party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Right to be forgotten
Within one month of a user’s request, we will erase all your personal data
Transfer of Information
Mortimer Recruitment Ltd will transfer your information to another organisation within one month following a request from a User
Keeping you informed
This privacy policy may change from time to time in line with legislation or industry developments. Registered Users will receive a notification via e-mail about changes to this policy. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.
Specific policy changes and updates are mentioned in the change log below.
Change Log:
March 2025 – Revision 1 developed, approved and adopted
Next review due March 2026
Getting in touch
Any queries or requests in relation to the use of your Data or this GDPR Agreement should be made by email to our Data Protection Officer via e-mail on: data@mortimerrecruit.com