Privacy policy.

The type of personal information we collect

We collect the information necessary to identify available and relevant opportunities and any additional information needed to assess your eligibility through the different stages of the search process.

This information includes CVs, identification documents, educational records, work history, employment history and references and any other information that is provided by you throughout the course of the search.

We may also collect sensitive personal data about you, in the form of visa status, nationality, gender, and compensation details. We only collect sensitive personal data from you, and further process this data, where you have given your explicit consent.

How we get the personal information and why we have it

The following are the different sources we may collect personal data about you from:

  • Directly from you. This is information you provide while searching for a new opportunity, or throughout the executive search, consulting solutions, and talent advisory process.

  • Through publicly available sources. We use the following public sources:

    • LinkedIn

    • Bloomberg Terminal

    • Company websites

  • By Reference or word of mouth. For example, you may be recommended by a friend, a former employer, a former colleague, or even a present employer.

  • Subscribing to a newsletter, filling out a form email, or entering information on our site. 

How and why we use your information

We use your personal data to match your skills, experience and education with a potential employer. We will initially collect basic information on you such as contact details, job role and experience and then pass this on to the client in search of personnel. If you are chosen by the client and go through to the next stage of the process, we will proceed in collecting more information about you at the interview stage and moving forward in the process.

Who we share your personal data with

We communicate your personal data to clients who wish to hire for a position that may be relevant to you. We may also use that personal data to inform you about key trends in the marketplace that can increase your awareness about your industry. We provide our services to organisations around the world within the Financial Services. Personal data that is classified as non-sensitive is also available for viewing by any North & Partners employee.

We will share information only as outlined within this privacy policy and wherever appropriate, try to limit disclosure to information in aggregated form, to avoid or limit identifying you personally.

We may also conduct checks on you to verify the information you have provided. Where we do this, we share your information with only the data protection team within the operations group of North & Partners.

We may also provide information to third party service providers who process information on our behalf to help run some of our internal business operations including email distribution, IT services and customer services, as well as the internal Finance or Operations team at North & Partners. Where applicable, these 3rd parties will be based within the location relevant to their usage, except for our key 3rd party providers such as IT services and database platform, which are based in the U.K.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

For prospective candidates, referees and clients, our legitimate interest in your information is driven by the need to assess suitability for potential roles, to find potential candidates, to build insight into our relevant markets, and to contact clients and referees.

We carry out a ‘balancing test’ to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests before we go ahead with such processing. We keep a record of these balancing tests. You have a right to and can find out more about the information in these balancing tests by contacting us using the details below.

If you are shortlisted as a candidate, then this may involve the processing of more detailed personal data including sensitive data such as health information that you or others provide about you. We will always ask for your consent before recording sensitive data.

How we store your personal information 

We invest significant resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based site can be 100% secure and so we cannot be held responsible for unauthorised or unintended access that is beyond our control.

How long do we keep your personal data for? 

We only retain your information for as long as is necessary for us to fulfil those requirements outlined above, or to comply with our legal obligations. Please be advised that we may retain some of your information after you cease using our services if this is necessary to meet our legal obligations, for example retaining the information for tax and accounting purposes.

When determining the relevant retention periods, we will consider factors including:

(a) our contractual obligations and rights in relation to the information involved;

(b) legal obligation(s) under applicable law to retain data for a certain period of time;

(c) our legitimate interest where we have carried out a balancing test (see legal basis below);

(d) statute of limitations under applicable law(s);

(e) (potential) disputes;

(f) if you have made a request to have your information deleted; and

(g) guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your information once this is no longer needed.

North & Partners has set a six-year time frame for processing and holding data (beginning 1st November 2020) as per the AESC official recommendation. If there has been no communication between a data subject and North & Partners in more than said time frame, then all records associated with that data subject will be deleted from the database. North & Partners plans to review the data retention policy, as well as the six-year retention period for non-communicated data subjects on a regular and recurring basis to ensure general compliance.

If you would like more information for specifics, or on the steps we are taking to clean the data we hold, please contact the data protection office at: info@North-and-Partners.com.

Your data protection rights

Under data protection law, you have rights including:

  • Your right of access - You have the right to ask us for copies of your personal information. 

  • Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. 

  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances. There are exceptions to the right to erasure.

  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances. 

  • Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.

  • Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at info@North-and-Partners.com if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at info@North-and-Partners.com.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk