What information do we collect from you?
In most instances, we collect your full name and email address only for relevant marketing communications so that we can respond to your query.
Why do we collect this information?
We collect this information, so we can supply you with meaningful and infrequent information on our products and services.
We only collect data that has been given to us by consent – you must have opted in, we aren’t sneaky about it.
All information collected is handled with regard to your individual rights. [i]
Who might we share your information with?
Only our staff who are required to see your data have access to it. Furthermore, all our employees receive ‘data hygiene’ training during onboarding, to ensure data security best practices are followed. This significantly reduces our risks of any internal data security breaches.
We do not share your personal information with any third parties.
How long do we keep hold of your information?
Only for as long as it is needed.
We continually update and review this to make sure what we have stored is correct and up-to-date and we only store your data in the UK.
If you decide you no longer want to be contacted by us, or no longer want us to hold your data, we will delete it. We ensure there is always an opt-out option on our communications.
How can I access the information you hold about me?
Contact us. If you want to review the information we hold about you, or want to update it, contact us at [email protected] and quote your full name. We will process your request within four weeks.
Our Data Protection Officer is Alan Anderson; however, we have a company-wide culture of the importance of data protection and data privacy.
[i] Your individual rights:
- The right to be informed about what we are doing with your data through privacy notices
- The right you have to access a copy of the data we hold of you;
- The right to correct any data that we hold;
- The right to erasure, meaning the right to request deletion of certain kinds of data we hold;
- The right to restrict processing, or the right to ask us to stop using your data in certain ways;
- The right to data portability;
- The right to object to our uses of your data; and
- Rights in relation to automated decision making and profiling, including data we use for the purposes of advertising and marketing
Fair Process Notification – Cifas
Exception is a member of Cifas – the UK’s leading anti-fraud organisation. Fraud prevention databases have been established for the purpose of allowing employers to share data on their employment fraud cases. This means that as part of our offer process (for either permanent or contract roles):
- We will check your details against the Cifas databases established for the purpose of allowing organisations to record and share data on their fraud cases, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct (“Relevant Conduct”) carried out by their staff and potential staff. “Staff” means an individual engaged as an employee, director, trainee, homeworker, consultant, contractor, temporary or agency worker, or self-employed individual, whether full or part time or for a fixed-term.
- The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and other relevant conduct and to verify your identity.
- Details of the personal information that will be processed include: name, address, date of birth, any maiden or previous name, contact details, document references, National Insurance Number, and nationality. Where relevant, other data including employment details will also be processed.
- We and Cifas may also enable law enforcement agencies to access and use your personal data to detect, investigate, and prevent crime.
- We process your personal data on the basis that we have a legitimate interest in preventing fraud and other Relevant Conduct, and to verify identity, in order to protect our business and customers and to comply with laws that apply to us. This processing of your personal data is also a requirement of your engagement with us.
- Cifas will hold your personal data for up to six years if you are considered to pose a fraud or Relevant Conduct risk.
Consequences of Processing
- Should our investigations identify fraud or any other Relevant Conduct by you when applying for or during the course of your engagement with us, your new engagement may be refused or your existing engagement may be terminated or other disciplinary action taken (subject to your rights under your existing contract and under employment law generally).
- A record of any fraudulent or other Relevant Conduct by you will be retained by Cifas and may result in others refusing to employ you. If you have any questions about this, please contact us using the details provided.
- Should Cifas decide to transfer your personal data outside of the European Economic Area, they will impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
- Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data, request that your personal data is erased or corrected, and request access to your personal data.
- For more information or to exercise your data protection rights please, please contact us using the contact details provided.
- You also have a right to complain to the Information Commissioner’s Office which regulates the processing of personal data.
Please contact Michael Buchan, Fraud Manager at [email protected] if you want to receive details of the relevant fraud prevention databases through which we share information.
What Are Cookies
For more general information on cookies see the Wikipedia article on HTTP Cookies.
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies.
The Cookies We Set
Cookies may be used to remember if you have already contacted us or visited our site.
When you submit data to through a form such as those found on contact page or comment forms cookies may be set to remember your user details for future correspondence.
Third Party Cookies
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.
For more information on Google Analytics cookies, see the official Google Analytics page.
From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimisations our users appreciate the most.
Hopefully that has clarified things for you but if there is something that you aren’t sure whether you need or not it’s usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. However if you require more information then you can contact us through one of our preferred contact methods.