We care about your privacy, so safeguarding your data is a top priority. This page contains privacy policies for both INDIVIDUAL USERS and EMPLOYERS.

DATA PRIVACY POLICY FOR INDIVIDUAL USERS

Last modified on 6 October 2021


INTRODUCTION

(a) Wandsworth Council ("your Institution") has authorised you to access certain career development resources which utilise a technology platform provided by Access UK Limited trading as Abintegro (the “Services”). Your Institution, as your data controller, has authorised Abintegro to process your personal data on its behalf for the purpose of delivering the Services to you, and has entered into an agreement with us to this effect.

(b) Your Institution and Abintegro care about your privacy, so safeguarding your data is a top priority. We want to ensure that (i) you know exactly how we use your personal information, (ii) you continue to have peace of mind about how we use your data and (iii) we act transparently, only collecting information about you that we need.

(c) This data privacy policy ("Policy") explains:

1. Who we are and our regulator

2. The nature of the personal information which we collect about you when you use the Services

3. How we collect that information

4. Purposes of the processing for which the personal data are intended as well as the legal basis for the processing;

5. Who we may share personal data with (recipients or categories of recipients of the personal data)

6. The period for which the personal data will be stored or the criteria used to determine that period

7. Rights of individual users

8. Cross border transfers of personal data

9. Security

10. How and when we may change this Policy.


1. WHO WE ARE AND OUR REGULATOR

(a) Access UK Limited trading as Abintegro is registered under the Data Protection Act 2018, Registration Number: Z5042164. Any queries regarding Data Protection should be addressed to your Institution.

(b) The office of the Information Commissioner is the office appointed by the UK Government with responsibility for data protection, and they can assist with any complaints or questions you may have. They can be contacted at www.ico.org.uk.


2. THE NATURE OF THE PERSONAL INFORMATION WHICH WE COLLECT ABOUT YOU WHEN YOU USE THE SERVICES

We process information provided by your Institution or provided by you when using the Services, including:

(i) As part of your account profile: your name, address, post code, telephone number(s), email address, password, profile photo, identification number allocated by your Institution;

(ii) Records of your education, work experience, achievements, skills and any other CV/resume-related information uploaded to or entered in our CV/resume tools (including CV/resume 360 or builder) or by your career coach / administrator, such as education history, including institutions, courses, department, year of study, achievements, work experience, skills, work place information, including job title, company and department and any other career, study or employment-related and biographical information which you submit in the process of registering for or using the Services;

(iii) If relevant to your Institution, gender, date of birth, ethnicity;

(iv) From our career assessments: personality and preference data, including personality traits, strengths, motivators, career aspirations;

(v) Social media data you choose to provide, such as links to LinkedIn or Twitter profiles;

(vi) From discussions with you career coach or administrator, career intervention notes;

(vii) From your use of our job search engine, jobs of interest, including role, company and location;

(viii) Other information relating to career development, including responses to survey information and other documents uploaded by users;

(ix) Usage and log data automatically collected when you visit our site, including IP address and associated general location, device information, browser type, operating system and manufacturer and your progression through the site, what areas you viewed and where you abandoned it.


3. HOW WE COLLECT THAT INFORMATION

We collect information about you in three main ways:

(i) from your Institution;

(ii) directly from you, such as when you first register to use the Services; and

(iii) indirectly from you, via the use of Cookies (see clause 4 below) when you browse this website or our app.


4. PURPOSES OF THE PROCESSING FOR WHICH THE PERSONAL DATA ARE INTENDED AS WELL AS THE LEGAL BASIS FOR THE PROCESSING

(a) To provide the services, communicate with you, administer user accounts and run our business - We only process your personal data on the instructions of your Institution, who has authorised Abintegro to process your personal data for the purpose of delivering the Services to you. This includes contacting you with information about the Services by email, contacting you if necessary in order to verify your identity for security and other purposes, including administrative purposes and to identify you when you contact us.

(b) To meet legal or regulatory requirements - We are required to comply with certain legal and regulatory requirements when providing the Services and we may process personal data in order to comply with those requirements. Occasionally, we may be asked to provide certain information to regulators or law enforcement agencies and we will comply with these requests where legally required or permitted. This processing is necessary for compliance with a legal obligation to which we, your Institution or the regulator/law enforcement agency are subject.

(c) To administer, maintain and improve our website and the Services - We use "cookies" to monitor site user traffic patterns and site usage. This helps us to understand how our users use our website so that we can develop and improve the design, layout and functionality of the sites and to create aggregated data for the purpose of informing your Institution and our other clients on how to improve the experience of the Services for users and the website and to give statistical information. A cookie is a piece of information that is stored on your computer’s hard drive and which records your navigation of a website so that, when you revisit that website, it can present tailored options to you based upon the stored information about your last visit. You can normally alter the settings of your browser to prevent acceptance of cookies. If you do not want us to deploy cookies in your browser, you can set your browser to reject cookies or to notify you when a web site tries to put a cookie on your computer. However, rejecting cookies may affect your ability to use some of the Services at our website. Full details are available within our Cookie Policy located at https://workmatch.careercentre.me/cookie/work-match


5. WHO WE MAY SHARE PERSONAL DATA WITH (RECIPIENTS OR CATEGORIES OF RECIPIENTS OF THE PERSONAL DATA)

(a) As part of providing the Services, we may disclose your personal data to your Institution (which may include their administrators, coaches and other authorised personnel). Their use of your personal data will be subject to your Institution’s privacy policy.

(b) We may use carefully selected third parties to carry out certain activities to help us provide the Services, such as data hosting and processing.

(c) We do not sell mailing lists to third parties for their marketing purposes. We stress that we shall not disclose your personal information to any third party, other than to those authorised by us to use it in connection with the provision of the Services you have chosen to use, and we shall never sell it, other than as part of a sale of our business.

(d) Where required or permitted by law, information may be provided to others, such as regulators and law enforcement agencies.

(e) Where you use the Services to apply to a job or submit employment-related documentation (for example a CV or Resume) to be considered, we will disclose your name, email address and documentation to your chosen recipient (eg. an employer or Your Institution).

[Note - 5(e) last updated on 30 July 2021, to clarify that your name and email address may be shared in any job application]


6. THE PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED OR THE CRITERIA USED TO DETERMINE THAT PERIOD

We store personal data in line with legal, regulatory, financial and best-practice business requirements and as instructed by your Institution.


7. RIGHTS OF INDIVIDUAL USERS

(a) Individuals have a right to:

(i) Access their personal data.

(ii) Rectify their personal data if it is inaccurate or incomplete.

(iii) Obtain erasure of their personal data where there is no compelling reason for its continued processing in certain circumstances.

(iv) Obtain restriction of processing of their personal data in certain circumstances.

(v) Object to processing of their personal data in certain circumstances.

(vi) Receive their personal data provided to us in a structured, commonly used and machine-readable format where our processing of the data is based on consent or necessity for performance of a contract to which the individual is party or to take steps at the request of the individual prior to entering into such a contract and the processing is carried out by automated means.

(vii) Lodge a complaint with a supervisory authority.

(viii) Object to and not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects him or her.

(b) To exercise the rights outlined above in respect of the personal data processed by us you may do so by submitting a request in writing to your Institution.

(c) You may withdraw your consent to our future processing of your personal data (and stop using the Services) at any time by submitting a request in writing to your Institution or your administrator


8. CROSS BORDER TRANSFERS OF PERSONAL DATA

We do not transfer personal data from the European Economic Area (EEA) or the European Union (EU) to a country outside the EEA or the EU except when you access the Services from outside the EEA or the EU.


9. SECURITY

(a) We have an ongoing programme of improvement and development in order to protect your personal data from unauthorised access, accidental loss and/or destruction. We use industry standard secure sockets layer (SSL) technology, to protect personal information, as well as the use of specific logins and secure passwords. Our web servers and database servers are held in a securely managed data centre and are further protected with a personal firewall and inherent security layers.

(b) Please be aware that communications over the internet, such as e-mails/webmails, are not secure unless they have been encrypted. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.


10. HOW AND WHEN WE MAY CHANGE THIS POLICY

We will keep this Policy under review and any changes made from time to time will be posted on this page. Please check back regularly to keep informed of updates or changes. If we make substantial changes to the content of this Policy, those changes will be announced via a notice visibly displayed on the Services and/or sent to the email address you provided at the time of your registration (or which you have since updated, if applicable). Your continued use of the Services shall constitute your acknowledgement of these changes.




DATA PRIVACY POLICY FOR EMPLOYERS

Last modified on 6 October 2021


INTRODUCTION

(a) Wandsworth Council (“your Institution”) has authorised you to access this website for the purpose of posting relevant, suitable and accurate vacancies and company profile information to this Institution’s careers platform which utilises a technology platform provided by Access UK Limited trading as Abintegro (the “Services”). Your Institution, as your data controller, has authorised Abintegro to process your personal data on its behalf for the purpose of delivering the Services to you, and has entered into an agreement with us to this effect.

(b) Your Institution and Abintegro care about your privacy, so safeguarding your data is a top priority. We want to ensure that (i) you know exactly how we use your personal information, (ii) you continue to have peace of mind about how we use your data and (iii) we act transparently, only collecting information about you that we need.

(c) This data privacy policy ("Policy") explains:

1. Who we are and our regulator

2. The nature of the personal information which we collect about you when you use the Services

3. How we collect that information

4. Purposes of the processing for which the personal data are intended as well as the legal basis for the processing;

5. Who we may share personal data with (recipients or categories of recipients of the personal data)

6. The period for which the personal data will be stored or the criteria used to determine that period

7. Rights of individual users

8. Cross border transfers of personal data

9. Security

10. How and when we may change this Policy.

1. WHO WE ARE AND OUR REGULATOR

(a) Access UK Limited trading as Abintegro is registered under the Data Protection Act 2018, Registration Number: Z5042164. Any queries regarding Data Protection should be addressed to your Institution.

(b) The office of the Information Commissioner is the office appointed by the UK Government with responsibility for data protection, and they can assist with any complaints or questions you may have. They can be contacted at www.ico.org.uk.

2. THE NATURE OF THE PERSONAL INFORMATION WHICH WE COLLECT ABOUT YOU WHEN YOU USE THE SERVICES

We process information provided by your Institution or provided by you when using the Services, including:

(i) As part of your account profile: your name, email address, password and photo;

(ii) Other information relating to the company you represent and vacancies you post, such as, your professional address, telephone number(s), email addresses and any responses to surveys you many provide from time-to-time;

(ix) Usage and log data automatically collected when you visit our site, including IP address and associated general location, device information, browser type, operating system and manufacturer and your progression through the site, what areas you viewed and where you abandoned it.

3. HOW WE COLLECT THAT INFORMATION

We collect information about you in three main ways:

(iv) from your Institution;

(v) directly from you, such as when you first register to use the Services; and

(vi) indirectly from you, via the use of Cookies (see clause 4 below) when you browse this website.

4. PURPOSES OF THE PROCESSING FOR WHICH THE PERSONAL DATA ARE INTENDED AS WELL AS THE LEGAL BASIS FOR THE PROCESSING

(a) To provide the services, communicate with you, administer user accounts and run our business - We only process your personal data on the instructions of your Institution, who has authorised Abintegro to process your personal data for the purpose of delivering the Services to you. This includes contacting you with information about the Services by email, contacting you if necessary in order to verify your identity for security and other purposes, including administrative purposes and to identify you when you contact us.

(b) To meet legal or regulatory requirements - We are required to comply with certain legal and regulatory requirements when providing the Services and we may process personal data in order to comply with those requirements. Occasionally, we may be asked to provide certain information to regulators or law enforcement agencies and we will comply with these requests where legally required or permitted. This processing is necessary for compliance with a legal obligation to which we, your Institution or the regulator/law enforcement agency are subject.

(c) To administer, maintain and improve our website and the Services - We use “cookies” to monitor site user traffic patterns and site usage. This helps us to understand how our users use our website so that we can develop and improve the design, layout and functionality of the sites and to create aggregated data for the purpose of informing your Institution and our other clients on how to improve the experience of the Services for users and the website and to give statistical information. A cookie is a piece of information that is stored on your computer’s hard drive and which records your navigation of a website so that, when you revisit that website, it can present tailored options to you based upon the stored information about your last visit. You can normally alter the settings of your browser to prevent acceptance of cookies. If you do not want us to deploy cookies in your browser, you can set your browser to reject cookies or to notify you when a web site tries to put a cookie on your computer. However, rejecting cookies may affect your ability to use some of the Services at our website. Full details are available within our Cookie Policy located at https://workmatch.careercentre.me/cookie/work-match.

5. WHO WE MAY SHARE PERSONAL DATA WITH (RECIPIENTS OR CATEGORIES OF RECIPIENTS OF THE PERSONAL DATA)

(a) As part of providing the Services, we may disclose your personal data to your Institution (which may include their administrators, coaches and other authorised personnel). Their use of your personal data will be subject to your Institution’s .

(b) We may use carefully selected third parties to carry out certain activities to help us provide the Services, such as data hosting and processing.

(c) We do not sell mailing lists to third parties for their marketing purposes. We stress that we shall not disclose your personal information to any third party, other than to those authorised by us to use it in connection with the provision of the Services you have chosen to use, and we shall never sell it, other than as part of a sale of our business.

(d) Where required or permitted by law, information may be provided to others, such as regulators and law enforcement agencies.

6. THE PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED OR THE CRITERIA USED TO DETERMINE THAT PERIOD

We store personal data in line with legal, regulatory, financial and best-practice business requirements and as instructed by your Institution.

7. RIGHTS OF INDIVIDUAL USERS

(a) Individuals have a right to:

(i) Access their personal data.

(ii) Rectify their personal data if it is inaccurate or incomplete.

(iii) Obtain erasure of their personal data where there is no compelling reason for its continued processing in certain circumstances.

(iv) Obtain restriction of processing of their personal data in certain circumstances.

(v) Object to processing of their personal data in certain circumstances.

(vi) Receive their personal data provided to us in a structured, commonly used and machine-readable format where our processing of the data is based on consent or necessity for performance of a contract to which the individual is party or to take steps at the request of the individual prior to entering into such a contract and the processing is carried out by automated means.

(vii) Lodge a complaint with a supervisory authority.

(viii) Object to and not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects him or her.

(b) To exercise the rights outlined above in respect of the personal data processed by us you may do so by submitting a request in writing to your Institution.

(c) You may withdraw your consent to our future processing of your personal data (and stop using the Services) at any time by submitting a request in writing to your Institution or your administrator

8. CROSS BORDER TRANSFERS OF PERSONAL DATA

We do not transfer personal data from the European Economic Area (EEA) or the European Union (EU) to a country outside the EEA or the EU except when you access the Services from outside the EEA or the EU.

9. SECURITY

(c) We have an ongoing programme of improvement and development in order to protect your personal data from unauthorised access, accidental loss and/or destruction. We use industry standard secure sockets layer (SSL) technology, to protect personal information, as well as the use of specific logins and secure passwords. Our web servers and database servers are held in a securely managed data centre and are further protected with a personal firewall and inherent security layers.

(d) Please be aware that communications over the internet, such as e-mails/webmails, are not secure unless they have been encrypted. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

10. HOW AND WHEN WE MAY CHANGE THIS POLICY

We will keep this Policy under review and any changes made from time to time will be posted on this page. Please check back regularly to keep informed of updates or changes. If we make substantial changes to the content of this Policy, those changes will be announced via a notice visibly displayed on the Services and/or sent to the email address you provided at the time of your registration (or which you have since updated, if applicable). Your continued use of the Services shall constitute your acknowledgement of these changes.