Hewitt Britton (“We”) are committed to protecting and respecting your privacy.
Our registered company number is 09669864 and our registered company address is Suite B First Floor Hollythorns House, The Hollythorns, New Road, Swanmore, Hampshire, SO32 2NW
Questions, comments and requests regarding this Privacy Notice are welcomed and should be addressed to Amanda Ankers at email@example.com. If you wish to contact us by phone, the general number is 0044 (0)1489 897362
For the purpose of Data Protection legislation, the Data Controller is Hewitt Britton Limited. The contact details of our Representative for data protection is Amanda Ankers, firstname.lastname@example.org.
Purpose of this Privacy Notice
This notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We keep certain basic information when you visit our website and recognise the importance of keeping that information secure and letting you know what we will do with it.
This policy only applies to our site. Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Information we may collect from you
In the context of GDPR, Personal Data means, ‘Any information relating to an identified or identifiable natural person, including by means of an identification number or one or more factors specific to an individual’s physical, physiological, mental, economic, cultural or social identity (including IP addresses and cookie strings).’
Sensitive Personal Data means data relating to more specific, personal data that will be treated with extra protection and care. This includes information such as: –
- genetic data
- biometric data
- data relating to racial or ethnic origins
- data relating to political opinions, religious or philosophical beliefs trade-union membership data
- data concerning health
- data concerning a person’s sex life, sexual orientation
- criminal offence data
However, if we seek to collect sensitive personal data from you, we will seek your explicit consent first or in the course of collecting that data.
Sources of Personal Data
We may collect and process the following personal data about you: –
- Information that you provide by filling in forms on hewittbritton.com. This includes information provided at the time of registering to use our site, subscribing to our service or requesting further services. We may also ask you for additional information during anytime you contact Hewitt Britton.
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
IP Addresses and Cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual and we will not collect personal information in this way. However, where an IP address or cookies means that a user is identifiable, we will treat this as a personal data and will secure it in the appropriate way.
We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage pattern
- To store information about your preferences, and so allow us to customise our site according to your individual interests
- To speed up your searches
- To recognise you when you return to our site
Website address uses the following cookies: –
- PHPSESSID – PHP general purpose identifier used to maintain user session variables
Purposes of Processing
Our legitimate interest for collecting and processing your information is in order to provide, understand, and improve our Services.
Our lawful basis for processing the data is that the processing is necessary for our legitimate business interests or the legitimate interests of a third party.
We use data held about you in the following ways: –
- For purpose of increasing the prospects of offering recruitment opportunities, now or in the future
- To ensure that content from our site is presented in the most effective manner for you and for your computer
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes
- To carry out our obligations arising from any contracts entered into between you and us
- To allow you to participate in interactive features of our service, when you choose to do so
- To notify you about changes to our service
Storage and Transfer of Personal Data
We understand our obligation to ensure that appropriate technical and organisations measures are taken to prevent unauthorised or unlawful processing, loss, damage or destruction of personal data. Therefore, we will ensure that relevant personal data is in a secure location, only accessed by authorised individuals, only processed by authorised individuals and cannot be lost, damaged or destroyed.
We confirm that: –
- All information you provide to us is stored on our secure servers for no greater than 5 years
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, in line with GDPR, as set out above.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”).
We engage service providers to perform functions and provide services to us such as Google Analytics. We may share your private personal information with such service providers subject to obligations consistent with this privacy notice and any other appropriate confidentiality and security measures, and on the condition that the third parties use your private personal data only on our behalf and in line with our instructions.
By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice, as outlined above. We understand that under the General Data Protection Regulation (GDPR) which applies from 25th May 2018, any organisations who process data for EU (“European Union”) data subjects have to act in accordance with the GDPR even if they are located outside of the EU. This means they have to secure, hold, process etc. data properly in line with the legislation.
Disclosure of your information
We may disclose your personal information to third parties: –
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction
- If you have been referred to us through one of our partnerships, we may provide our partners with statistical data about your usage
Retention Periods for Personal Data
We understand our obligation not to keep data for any longer than is necessary for the purpose it was obtained. We will keep the data referred to in this Privacy Notice for 5 years. After this we will securely destroy it.
Objections to Processing
You have the right to ask us not to process your personal data for recruitment purposes. We will inform you (before collecting your data) if we intend to disclose your information to any third party for such purposes. You can exercise the right at any time by contacting us at email@example.com
Access to information, Withdrawal of Consent, Rectification of Data & Right of Erasure
You also have the right to:
- Access information held about you. Your right of access can be exercised by raising a ‘Subject Access Request’
- At any time, withdraw your consent to us holding data about you or to having information sent to you
- Request for your data to be rectified. Where you identify that your personal data is incorrect, or incomplete, you can request correction, deletion, or modification of your personal data
- Request that your data is erased in certain circumstances
If you wish to exercise any of the above rights, please send an email to Group Operations Director at firstname.lastname@example.org requesting this, and we will advise you accordingly. We will follow a reasonable process set out under GDPR including advising you of our decision, and any recourse you may have to complain.
If you have shared any information through our services, you may wish to allow your data to be transferred to another Organisation either by you receiving the data and transferring it, or by the data being transferred directly.
This right to data portability only applies to data that you have provided to us, where the data processing is based either on your consent or on the basis of ours, or others, legitimate business interests and where the processing is carried out by automated means, and it will only be transferred where it is technically feasible to do so. If you wish to do this, please send an email to email@example.com requesting this, and we will advise you accordingly.
Following a discovery of any data breach (when personal data allowing an individual to be identified is processed without authorisation, and which may result in its security being compromised), consideration will be made regarding whether the matter needs to be reported to the Information Commissioner’s Office (ICO) and whether individuals who are potentially affected need to be informed.
Right to Complain to Supervisory Authority
If you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority. The Information Commissioner’s Officer (ICO) is the UK’s independent body set up to uphold information rights and you can find out further information about them by going to https://ico.org.uk/
Changes to our Privacy Notice
Any changes we may make to this document in the future will be posted on this page and, where appropriate, notified to you by e-mail. However, we advise that you check this page regularly to keep up to date with any necessary changes.
This notice was last updated on 2nd January 2019.