As the operators of the GrowRecruit Website and Services, Hyett Industries Limited registered in England and Wales with the Company No. 11158569 and having its registered office address at 34 Montrose Avenue, Chatham, Kent, ME5 7HX (“We”, “Us”, “GrowRecruit”) is committed to protecting your personal and business information as well as your privacy. This policy sets out how we treat your personal and business information.
For the purposes of the General Data Protection Regulation (“GDPR”), which comes into effect on the 25th May 2018:
- In respect of the personal data of users of our Website and Services and prospective customers of GrowRecruit, Hyett Industries Limited is the Data Controller.
1. Information we collect
We collect and process some or all of the following types of information:
- Information about your computer and your visits to the website and services such as your IP Address, geographical location, browser type, traffic data, referring site and the resources you access on the site.
- The information you provide to us by filling out forms on the website for the purpose of registering with us. These include full name, email address, phone number, company name, company address and billing details.
- Information relating to any transactions carried out between you and us on or in relation to this website and services, including any information relating to purchases you make of our services or software.
- If you contact us we may keep a record of the correspondence.
We will inform you at the point of collecting the information whether the information is required by Us.
GrowRecruit is able to integrate with a user’s Gmail account to let them send and receive email via the Gmail API. This service is optional and can be connected or disconnected at any time. GrowRecruit scans through the “To” and “From” headers of your emails so that they can be matched up with the candidate email addresses in your database. We store the Message-Id, To and From addresses of your emails so that they can be matched up with your candidates. No other information is stored unless a match is found, any unmatched details are automatically deleted after 60 days.
If the To or From headers match a candidate email address in your database then the email will be downloaded (HTML/Plain Body, Subject, and Attachments) so that they can be viewed by your team members. The email and associated data can be deleted by you at any time. No information from your emails will be used for any other purpose other than for displaying them to you and your team members. Your emails will not be shared with any third party and will only be visible to you and your team members in the system.
2. Information we collect from other sources
We may need to some personal data from other sources as follows:
- Full names and email addresses of any Customer personnel who are granted access to our Customer’s account by our Customer or it’s existing account members.
- Names and contact details of prospective customers obtained from Third Parties such as Social Media.
3. Why we collect your information
Personal information submitted to or collected by us is used solely for the purpose of providing our Services to you. We rely on legitimate interests in performing our contract with our Customer as the legal basis on which we collect and use your personal data.
We may use your information to:
- Ensure the content on the Website is presented in the most effective manner for you and your computer.
- Improve your browsing experience by personalising the website or services.
- Provide you with information, products or services that you requested from Us or that We think may be of interest to you.
- Notify you of changes to our Services, Terms or Policies and provide you with information that may interest you.
- Send you statements and invoices related to your service with us.
- Send you email notifications which you have requested.
- Send to you our newsletter or other marketing material (you can inform us if you no longer want to receive these communications at any time)
We will never without your express consent pass your personal details on to third parties for the purpose of direct marketing.
4. How we store your personal information
Here at GrowRecruit we take the security of your information very seriously. We limit access to your information to those that have a genuine business need to know it. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected security breach where We are legally required to do so.
All data transferred to us is done so via an SSL encrypted connection. Unfortunately, the transmission of data via the internet is never completely secure. As such, we cannot guarantee the security of your data while in transit to us and therefore any transmission remains at your own risk. Once the information is received we will use strict security procedures and security features in order to prevent unauthorised access.
Any tokens relating to third-party services such as Gmail API are stored with additional encryption and removed as soon as the service is removed from your account.
All Customer and Candidate data received from you is stored in our encrypted database which is hosted inside the European Economic Area (“EEA”). Data is stored using Amazon Web Services managed databases in the Ireland region so that it remains inside the EEA. Even though all data is stored inside the EEA it can be accessed by the Customer outside the EEA using a valid username or password.
Customer billing and contact information may be stored out of the European Economic Area for facilitating payment processing.
How long we keep your data
We will hold your data for as long as we have an obligation to provide a Services to the Customer, and thereafter until such a time we delete the Customer’s account in accordance with our Terms and Conditions.
Your personal details will be deleted on one of the following occurrences:
- Receipt of a written request by you to us.
- Deletion of personal information by you while using the System.
5. Your rights
Under the General Data Protection Regulation (“GDPR”) you have a number of important rights free of charge.
These rights include:
- access to the personal data we hold about you In a machine-readable format and have the right to transmit that information to a third party.
- require Us to correct any information held about you
- require the deletion of any personal data concerning you in certain situations.
- object to Us processing your personal information in connection with direct marketing.
- object to decisions being taken by automated means which may significantly affect you.
- otherwise, restrict our processing of your personal data in certain situations.
For further information about your rights please see the Guidance from the UK Commissioner’s Office (ICO) https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
If you would like to exercise any of these rights you can do so by contacting us using the contact information below. We will only be able to process your request if you provide enough information for us to be able to identify you and process your request.
6. Third Parties
The website may from time to time contain links to other third-party websites and services. We are not responsible for the privacy policies or practices of third party websites. It is your responsibility to check these privacy policies before using these third-party services.
We use a number of different cookies on our website. If you do not know what cookies are, or how to control or delete them, then we recommend you visit http://www.aboutcookies.org for detailed guidance. The cookies we use are required for the necessary running of the website. We do not use any cookies which hold any personal information.
The cookies we use have the following uses:
- to know when you are logged in and store your authentication token to authenticate you to use our services. This is so that the user does not need to provide a username and password on every page they visit.
- To identify your computer so that we can provide statistical information about the visitors to our website. This helps us improve the way our Website and services work.
8. Updating your Information
If your personal details change you can update them from the settings page in the Website or by contacting us using the contact details below.
In the case that you contact us with personal detail changes, we will endeavour to update your personal information within thirty (30) days of any new or updated personal data being provided to us.
9. How to complain
The General Data Protection Regulation also gives you the right to complain to a supervisory authority, in particular in the European Economic Area where you work, live or where the alleged infringement of data protection laws occurred. The supervisory authority in the UK is the information commissioner who can be contacted via their website at https://ico.org.uk/concerns or by phone on 0303 123 1113.