Privacy Policy

• Your name, address and contact details, including email address and telephone number, date of birth and gender
• Details of your qualifications, skills, experience and employment history, including start and end dates, with previous employers (including references, driving licences, etc) and any other information contained in your application form, CV or covering letter
• Information about your nationality and entitlement to work in the UK
• General communication, including but not limited to, email, postal letters and text messaging
• Any other information required for legal compliance

The Controller collects this information in a variety of ways. For example, data is collected through application forms, CVs; obtained from your passport or other identity documents such as your driving licence; from correspondence with you; or through interviews, meetings or other assessments or via our website.

Special categories of data:

Should you respond to an advertisement or apply voluntarily, you will be given the opportunity to declare whether you belong to a protected category in the data collection forms on the Site or during a telephone interview or at one of the branches. This information is likely to reveal your state of health and falls within the special categories of data referred to in Article 9(1) of the UK GDPR and will be processed in accordance with the relevant regulations in force.

The legal basis applicable to the processing of special categories of personal data concerning you is your explicit consent pursuant to Article 9(2)(a) of the UK GDPR.

Should you fail to give your consent, it will not be possible to process data concerning your membership of a protected category.

Regardless, please do not indicate any special categories of data in your curriculum vitae (personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data intended to uniquely identify a natural person, data concerning a person’s health or sex life or sexual orientation).

WHAT IS THE CONDITION THATMAKES THE PROCESSING LAWFUL?

The legal basis applicable to the processing of your personal data for the Portal Registration Purpose, takes place because the processing is necessary for the performance of a contract pursuant to Article 6(1)(b) of the UK GDPR.

a.     for placement on a temporary basis at our client user company

b.     for direct placement at our third-party customer company

c.    for the implementation of measures or in the framework of collaborations and/or partnerships with public and private market operators.

The legal basis applicable to the processing of your personal data for the Information Purposes in is the execution of pre-contractual measures taken at your request pursuant to Article 6(1)(b) of the UK GDPR.

The legal basis applicable to the processing of your personal data for the Information Purposes in is the execution of pre-contractual measures taken at your request pursuant to Article 6(1)(b) of the UK GDPR.

The legal basis applicable to the processing of your personal data for the proposal of job offers purpose is the legitimate interest of the Companies, in processing your data for the purpose of securing your employment, pursuant to Article 6(1)(f) of the UK GDPR. Should you object to such processing, your data shall be processed exclusively in the context of the specific selections for which you have applied.

a.       for analyses of aggregate data for statistical purposes, not aimed at detecting the behaviour of data subjects and without direct effects on the data subjects, and for analyses of data for the purpose of verifying and forecasting business results and for internal and external auditing purposes, which do not affect the legal sphere of the data subjects. Such analysis activities may also be carried out through the use of IT and artificial intelligence tools;

b.       in an aggregate manner for the maintenance and improvement of the systems used to perform the services, in a manner not aimed at detecting the behaviour of the persons concerned and without direct effect on them.

The legal basis applicable to the processing of your personal data for the Aggregation and Analyses purpose is the legitimate interest of the Company (maintenance and improvement of company systems) pursuant to Article 6(1)(f) of the UK GDPR.

The legal basis applicable to the processing of your personal data for the legal defense purpose is the legitimate interest of the Companies (exercise or defence of a right in court) pursuant to Article 6(1)(f) of the UK GDPR.

The legal basis applicable to the processing of personal data concerning you is your consent pursuant to Article 6(1)(a) of the UK GDPR.

The legal basis applicable to the processing of personal data concerning you is your consent pursuant to Article 6(1)(a) of the UK GDPR.

The provision of the data marked with an asterisk in the data collection form on the Site or requested from the agencies is necessary to allow the Companies to pursue the search and selection purposes; therefore, any refusal to provide the requested data shall prevent the Companies from carrying out the search and selection activity and shall not allow your application to be taken into consideration.

The provision of data for the Marketing purposes is optional. Any refusal to provide data or consent will have no consequence on your registration to myGIGroup and will not prevent the Companies from carrying out search and selection activities.

The Controller shares your data with third parties to obtain references from other employers, obtain employment background checks from third-party providers and obtain necessary criminal records checks from the Disclosure and Barring Service. The Controller may also share your data with third parties in the context of a sale of some or all its business or with the Controller’s clients in relation to providing services related to finding suitable workers. In those circumstances, the data will be subject to confidentiality arrangements.

We will only transfer data outside of the European Economic Area or EEA (i.e., the Member States of the European Union, together with Norway, Iceland, and Liechtenstein) and/or the UK where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, for example:

• by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission and/or the UK International Data Transfer Addendum approved by the UK Information Commissioner’s Office (“ICO”) for the transfer of personal data by data controllers in the EEA and/or the UK to data controllers and processors in jurisdictions which do not provide the same level of protection for personal data as the EEA and the UK; or
• pursuant to the EU-US Transatlantic Data Privacy Framework (“DPF”) and/or the UK Extension to the DPF for the transfer of personal data from entities in the EU and/or UK to entities in the United States of America that are certified under the DPF, or any equivalent agreement in respect of other jurisdictions. The DPF is an opt-in certification scheme for US companies, under which transfers to US organisations that are certified under the DPF are held to provide an adequate level of protection; or
• transferring your data to a country where there has been a finding of adequacy by the European Commission and/or the UK government in respect of that country’s levels of data protection via its legislation; or
• for certain ad hoc transfers in some circumstances, such as where it is necessary for the conclusion or performance of a contract between ourselves and a third party and the transfer is in your interests for the purposes of that contract, or where you have consented to the data sharing.

Please contact UK.Privacy@gigroup.com if you would like further information on the specific mechanisms used by us when transferring your personal data outside the UK or the EEA.

• Your right of access – You have the right to ask us for copies of your personal information.
• Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
• Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
• Your right to restriction of processing – You have the right to ask us to restrict the processing of your information in certain circumstances.
• Your right to object to processing – You have the right to object to the processing of your personal data in certain circumstances.
• Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

In the limited circumstances where you may have provided your consent to the collection, processing and/or transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You may at any time request us to stop using your personal data for direct marketing purposes, or unsubscribe from our marketing communications, if you wish to do this please click on the link “Unsubscribe” on the bottom of our e-mails or by updating your preferences on your online registration portal.

Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so.

We also inform you that, as data controller, we do not use automated decision making/profiling within our recruitment and selection process.

If you would like to exercise any of these rights, please email uk.privacy@gigroup.com

You can make a subject access request by completing our SARs form which can be accessed via this link.

If you believe that the Data Controller has not complied with your data protection rights, you have the right to lodge a complaint with the ICO.  Contact details for the ICO can be found on its website at https://ico.org.uk.