Platform Privacy Notice

Introduction

Effective as of May 21, 2018 StaffConnect Group Ltd (“StaffConnect”, “us”, “we”, or “our”) have updated our Platform Privacy Notice to comply with the requirements of the General Data Protection Regulation and the upcoming Data Protection Bill.

We value you and your privacy, so we want to tell you what we are doing with your data, why, how, who we disclose your data with, what you can do to exercise your rights and, if you have any question, we are ready to answer.

Who does this privacy notice apply to?

StaffConnect operates several web applications and a mobile application (the “Platform”) for users with valid accounts (“Platform Users”).

We may collect and process personal information when you interact with the Platform. By using the Platform, you agree to the collection and use of information in accordance with this policy.

How do StaffConnect use your data?

We use your Personal Information only for providing our service in the capacity of a data processor. A processor under the GDPR is a person or an organisation, public authority, agency or other body which processes personal data on behalf of the controller. Our Clients are the identified controllers, and we have the required agreements with them that guarantee the protection of your personal data.

We may also use aggregated, non-personally identifying information to operate, improve, and optimise Platform.

We do not use your data for marketing purposes or sell it to third parties.

The Information We Collect

Platform Data

When you create a user account, we will ask you some basic information: a valid email account and a real name and details of your employment (your work location and department).

You also have the option to give us more personal information in your Biography if you want to. Remember that the more information you publish on your profile, the more information we will be collecting about you, and other users will see.

Cookies

A cookie is a small piece of text that our web server stores on your computer or mobile device, which your browser sends to us when you return to our site. A cookie may store a unique identifier for each logged in user. The cookies we set are essential for the operation of the Platform. By using the Platform, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept cookies, you may not be able to log in, or fully use the Platform.

We use cookies to make interactions with our service easy and meaningful. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in and to remember details needed to provide our services.

Log Data

Like many software platform providers, we collect information that your browser sends whenever you visit our website or use our Platform (“Log Data”).

This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Platform that you visit, the time and date of your visit, the time spent on those pages and other statistics.

Will StaffConnect share my personal data with anyone else?

We do not sell your personal data or provide it to anyone else for marketing purposes. We may pass your personal data on to third-party service providers contracted to StaffConnect in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely and to use them only to provide us service.

In line with our Personal Data Policy and our Information Security Policy. We strictly enforce a “need to know” principle with our third parties, so they can access only the information needed to perform their activity. When they no longer need your data to fulfil this service, they will dispose of the details in line with StaffConnect’s procedures.

We use third parties that are certified under the EU-US Privacy Shield Framework, which means that it is committed to protecting Personal Data to standards that are equivalent to EU legal principles for data protection and we shall aim to ensure that your data is treated to the same security standards you would expect in your own country.

Third party service providers we regularly utilize are detailed below.

Amazon Web Services

We use Amazon Web Services (AWS) to provide various components of our platform. These include processing videos that you upload, sending emails and delivering push notifications. Personal information may be hosted by AWS servers.

Your Personal Data is stored by AWS servers in the EU. For more information about their privacy, please see – https://aws.amazon.com/privacy/

Zendesk

We use Zendesk to provide support to our users including an online knowledgebase, web and email support tickets. The information collected in these support tickets is transmitted to Zendesk servers.

Your Personal Data may be hosted by Zendesk in the United States. Zendesk is signed up to the EU-US Privacy Shield Framework. For more information about their privacy, please see – https://www.zendesk.co.uk/company/customers-partners/privacy-policy/

Google Analytics

We use Google Analytics as a third-party tracking service, but we don’t use it to track you individually. We use Google Analytics to collect information about how the Platform performs and how users, in general, navigate through and use the Platform. This helps us evaluate the usage of the Platform; compile statistical reports on activity; and improve our content and website performance.

Google Analytics gathers information such as your IP address, browser type, internet service provider, referring and exit pages, time stamp, and similar data about your use of the Platform. We do not link this information to any of your personal information such as your user name.

We will not, nor will we allow any third party to, use the Google Analytics tool to track our users individually; collect any User Personal Information other than IP address; or correlate your IP address with your identity. Google provides further information about its own privacy practices and offers a browser add-on to opt out of Google Analytics tracking.

Why does StaffConnect need to collect and store personal data?

In order for us to provide you access and use of the Platform, we need to collect personal data to

  • Create your account and to provide access to the Platform;
  • Identify you within the Platform;
  • Create your user profile and to share your profile with other fellow users;
  • Communicate with you, only to help manage your account access;
  • Manage and secure our network and services;
  • Recruitment, onboarding and leave.

We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will seek your permission first.

Under what circumstances will StaffConnect contact me?

We may use your Personal Information to provide you with support or contact you to reset your account, in the event that you lose access to the Platform. Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions.

Can I find out the personal data that the organisation holds about me?

StaffConnect at your request, can confirm what information we hold about you and how it is processed. If StaffConnect does hold personal data about you, you can request the following information:

  • Identity and the contact details of the person or organisation that has determined how and why to process your data.
  • Contact details of our GDPR Owner.
  • The purpose of the processing as well as the legal basis for processing.
  • If the processing is based on the legitimate interests of StaffConnect or a third party, information about those interests.
  • The categories of personal data collected, stored and processed.
  • Recipient(s) or categories of recipients that the data is/will be disclosed to.
  • If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
  • How long the data will be stored.
  • Details of your rights to correct, erase, restrict or object to such processing.
  • Information about your right to withdraw consent at any time.
  • How to lodge a complaint with the supervisory authority.
  • Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
  • The source of personal data, if it wasn’t collected directly from you.

Information Security

We take all measures reasonably necessary, to protect User Personal Information from unauthorized access, alteration or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.

However, no method of transmission or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

What forms of ID will I need to provide in order to access this?

StaffConnect accepts the following forms of ID when information on your personal data is requested:

Copy of your Driving licence, Passport or Current valid National ID card (non UK Nationals), or Utility Bill from the last three months, or Current Council Tax Bill.

Contact Us

If you have any questions about this Privacy Notice or would like to make a request, please contact the GDPR Owner.

GDPR Owner contact details

Bob Woods
StaffConnect Group Ltd.,
Rourke House, The Causeway,
Staines-upon-Thames,
Surrey.
TW18 3BA

Email: privacy@staffconnectapp.com
Telephone: 020 3418 0500