Privacy Policy

The following policy outlines how Scarlet Fraser collects, protects and acts as a responsible data controller and processor of data owned by its data subjects. When we talk about Scarlet Fraser within this policy, we are referring to Scarlet Fraser Associates Limited and Scarlet Fraser Consulting Limited.

Your Data & Scarlet Fraser

Why we collect and keep your data

Scarlet Fraser and the services it renders acts as an Employment Agency, Employment Business and Consulting business to support you and its other customers for recruitment and selection, personnel management and for employment purposes in respect of opportunities that support both your career options and the growth of personnel within your business throughout the entirety of your career within the sectors that Scarlet Fraser operates.

The sectors we currently operate in are Technology, Business and Technical Transformation (Change) and Business Intelligence. We collect and process your personal information for certain legitimate business purposes which include some or all of the following;

  • To enable us to enhance, modify, personalise or otherwise improve our services to provide you with the best experience and most relevant staffing and consulting services as you continue and progress in the entirety of your career.
  • To identify and prevent fraud by false representation which protects both you as an individual and our business customers.
  • To determine your interest and suitability for direct marketing of Scarlet Fraser and its services along with that of third parties it represents.

We understand that your career and interest in the industries we operate in can span many years and your needs change over time. The length of time between your career changes, the types of opportunities that are relevant to you or the staffing and consulting needs within your business capacity can evolve in both short and long term, therefore keeping accurate up to date information as well as historical transaction interactions with our business are essential in providing our services to you and improving these over time to be most suitable to these changes.

For these reasons we maintain basic information and records of your data for the maximum amount of time that our services may be of benefit to you at any point in your current or future career.

However, as a responsible data controller we look to ensure we keep the most relevant and up to date details about you. Therefore, if we do not have any reasonable and responsive contact with you for a period of seven years then we shall delete your details from our organisation.

What data do we keep?

When it comes to your Personal Identifiable Information, the data we keep can involve some or all of the following;

  • First and last names
  • Contact details
  • Email address – personal and work
  • Telephone numbers – personal and work
  • Home and work addresses
  • Social media accounts

We also store data that attains to your opportunity preferences and personal situation and although these are not considered PII are used to process your data to provide you with the best service possible. These can include some or all of the following;

  • Day rate/Salary and benefits information
  • Work preferences
  • Your job titles
  • Your current and previous employers
  • Professional references
  • Previous interactions and transactions with our business.

If you enter or have previously entered into an employment contract or a contract for Supply of Services with ourselves or one of our customers then the data we hold on you may be different to that above and we will inform you upon successful placement how this may change.

If you would like to know more then please refer to our rights procedure at the end of this document.

How we use your data

We use your data through both manual and automated processes to perform actions such as some or all of the following;

  • Direct marketing for Scarlet Fraser services
  • Identification against possible interest of career opportunities
  • Identification and verification or your skills and employment history
  • Customised marketing of Scarlet Fraser third-party network services

How do we collect your data?

Scarlet Fraser collect data from various direct and indirect sources. We may have collected your data from some or all of the following sources:

  • A direct business interaction via phone, email, in person or web between you and Scarlet Fraser
  • A direct application via email, phone, website or third-party service by you to a Scarlet Fraser opportunity
  • A third-party service you and Scarlet Fraser have subscribed to, such as a job board
  • Referrals and references from previous managers, peers and/or employers
  • Public sources where you have made your information public such as personal websites, public directories and social media
  • Events and promotions from Scarlet Fraser and/or the third parties within the Scarlet Fraser network
  • Community and interest groups and sites shared by you and Scarlet Fraser

In all instances that Scarlet Fraser collect your data from third parties, social media, events and communities we do so in accordance with the policies and procedures of the data source. We also advise you to revise the data privacy policies and agreements of such providers.

If you want to know more about how we collected your data, then please refer to your rights section at the end of this document.

How do we protect your data?

At Scarlet Fraser we use the latest and most secure technologies to protect your data and the information we hold. All Scarlet Fraser systems are provided by reputable, trusted providers such as Microsoft using cloud technologies providing tested secure environments with multi-layer security and authentication. Even our internal document storage is cloud based to protect and prevent against any data breaches.

Our web systems and networks are certified and secured with the latest trusted technologies including SSL and TLS and hosted on dedicated servers and networks to protect your data and reduce risks of data breaches and cyber-attacks.

Our consultants are trained on GDPR practices, our policies and procedures that promote being responsible and vigilant in protecting our customers data. These policies include hardware protection and best practices to restrict and prevent access to personal data particularly in high risk areas, anonymisation where applicable and response to data threats and breaches.

Who do we share your data with?

As a staffing and consulting business, to provide you with the best and most appropriate career opportunities we may be required to share some or all of the details we hold on you with interested parties such as;

  • Potential employers and clients
  • Those acting on behalf of a potential employer or client
  • Third parties within the Scarlet Fraser network that may be able to deliver a beneficial service to you
  • Third parties working with or on behalf of Scarlet Fraser to improve or deliver our service to you such as PR businesses, event companies and/or other providers
  • SaaS and web services used by Scarlet Fraser
  • HMRC or any other body we are legally obligated to provide information to

Where possible and applicable we anonymise, tokenise and encrypt your data. In addition, when sharing with third parties, we share as little information as is needed for them to provide the relevant service to meet your needs and that benefit you based on the information you have provided and shared with us. These are also subject to contractual agreements that protect your data.

You & Scarlet Fraser

As a data controller, the data Scarlet Fraser hold is the owned by you, the data subject. Therefore, you have a number of rights and obligations beyond this statement of what data we hold your access, consent and obligations around it, we have outlined these below. If you have any questions on how we use your data or would like to take action under your rights below, including Subject Access Requests, please refer to our SAR process at the bottom or this document.

Your data consent to Scarlet Fraser

There are a number of ways in which you consent to Scarlet Fraser to collect, process and keep your data under the practices shared above. Scarlet Fraser always prefer to gain direct written and opt-in consent from you. Though we collect and process your data for the legitimate purposes outlined at the start of this document please also find below the ways in which you provide your consent to Scarlet Fraser processing and using your data;

  • Clicking application buttons either directly or through third-party providers of specific or open opportunity advertisements.
  • Verbal and/or written representation of you as an individual for the services Scarlet Fraser provides whether that be for a single opportunity or multiple opportunities from our services.
  • Selecting to opting-in via marketing, whitepaper and or event registrations. Where consent was provided under the terms of a third-party provider.
  • Signing any of our terms of business.

Your declaration to Scarlet Fraser

For Scarlet Fraser to provide an efficient and effective service that benefits you in the best way possible we need to ensure the data we control is relevant and as up to date as reasonably possible. Therefore, when applying or interacting with Scarlet Fraser you are making a declaration that the information you provide for the uses and processes listed within this document are to the best of your knowledge correct, accurate and true. In doing so you also acknowledge that deliberately giving false or misleading information you are liable not only to be withdrawn or dismissed by Scarlet Fraser or our customers but also may be liable to legal proceedings against damages caused to Scarlet Fraser business.

Your right to Access and to be informed

As a responsible data controller, Scarlet Fraser provide you with the right to be informed of whether we hold or process your data, that we do so in a fair and transparent way and to have access to the data we hold on you as an individual.

If you would like to raise a Subject Access Request (SAR) please see our procedure at the bottom of this document.

Your right to rectification, erasure, portability or object

As the data subject and owner, you also have rights to port the personal information we hold on you, to object to Scarlet Fraser holding your data or processing it and to rectify inaccurate and incorrect data we control. You also hold the right to request for the data we hold to be erased however, this does not provide an absolute ‘right to be forgotten’, as there may be some instances where we are required to maintain basic details and data on you as a subject that will enable us to protect both you and our customers and provide an efficient service. Examples of such legitimate interest can include some or all the following;

  • The need to maintain data records to comply with your marketing preferences to prevent spam and contact by our business to you as an individual.
  • Information to provide necessary reference details in the prevention of fraud both within our customers and legal bodies.
  • To continue to provide services to our customers under contractual and legal obligations
  • To provide information to HMRC or any other body we are legally obligated to

Scarlet Fraser will provide erasure when it meets some or all the following criteria;

  • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
  • When the individual withdraws consent.
  • When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
  • The personal data was unlawfully processed
  • The personal data must be erased to comply with a legal obligation.

If you wish to make a request under any of these rights, please see the Subject Access Request procedure provided at the end of this document.

Your right to restrict processing and in automated decision making and profiling

The nature of our business means that Scarlet Fraser maintains human intervention throughout all decision-making processes. Automated processing only occurs when we perform text and keyword searching of your profile in relation to identifying you with a potential career opportunity. However, our consultants are trained in recruitment best practices that reduces risk and bias of automated processing. Any processing is also a logical and mathematical approach that analyses your potential suitability to a career opportunity based upon the text within your profile and the preferences you have provided us.

If you would like to understand more about our automated processing procedures and the methods we use to reduce and eliminate risk of legal or similar effect decisions we take on you as an individual please raise a request via the Subject Access Request procedure provided at the end of this document.

Scarlet Fraser Subject Access Request Procedure

As a responsible data controller Scarlet Fraser provide you with the rights to request information on the data we hold and how we use it in accordance with the rights and purposes outlined in this document. In addition, Scarlet Fraser take protecting your data that we hold as a priority and to protect you against fraudulent access to your data we have created and outlined our Subject Access Request procedure here within to handle all request procedures you may have regarding your data.

Although Scarlet Fraser will still respond to requests made outside this procedure, such as those made on social media, verbally or via other methods, in most cases those responses will refer you to this procedure below.

All Subject Access Requests and requests to the data we hold on you as an individual under any of the rights outlined in this document must be sent to one of the following;

By email: info@scarletfraser.com In writing: Scarlet Fraser Associates Limited, 207 Regent Street, 3rd Floor, London W1B 3HH or Scarlet Fraser Consulting Limited, Shalford Dairy, Wasing Estate, Aldermaston, Reading, Berkshire RG7 4NB

The request must reference SAR as well as your full name and a clear outline of your request, under which rights you wish to make the request and under what grounds you believe the request should be granted.

In order to protect your data, Scarlet Fraser will only grant requests made with the full name of the data owner we have on record and where verification of your identity in the form of a valid photographic ID has been provided before we grant requests. This allows us to verify that the request is a legitimate request made by the data owner.

  • Accepted proof of identity are;
  • A valid photographic passport
  • A valid photographic driving license
  • A valid government issued photographic identity card

We recommend in order to protect your identity data that you send the identity document via a secured mailing service and/or within an encrypted and secure zip folder.

If you require support on how to create a secure zip folder, please follow the link below:

www.pcworld.com/article/2954590/storage/how-to-encrypt-and-password-protect-zip-files-the-right-way.html

All Subject Access Requests will receive a response from Scarlet Fraser within 72 hours acknowledging the request and the necessary actions Scarlet Fraser will take to grant or respond to the request. All requests will be responded and resolved within 30 days from the date upon which we receive acceptable and valid proof of identity from the data owner.

As a UK registered business, Scarlet Fraser nominated Lead Supervisor Authority (LSA) is the Information Commission’s Office (ICO). If you wish further information on your rights, the guidelines provided by the ICO then please refer to: Website: www.ico.org.uk Postal Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

If you have any further questions around our privacy statement, please contact Scarlet Fraser.