Enterprise Digital Resources Ltd (EDR) is a limited company registered in England & Wales. EDR is registered under the Data Protection Act 1998.
Keeping your personal data secure is a priority for EDR and we are committed to preserving your privacy rights.
We will process your data fairly and legally at all times and will be transparent about what data we hold and how we use it.
We will fulfil our legal duties to our clients, suppliers, shareholders and other stakeholders
For the purposes of data protection legislation in force from time to time the data controller is Enterprise Digital Resources Ltd of 29 Ringshall, Berkhamsted, Hertfordshire HP4 1ND
Our nominated Data Protection representative is David Fitzgerald who can be contacted at email@example.com
Your rights under GDPR
- You can ask us to correct any incomplete or inaccurate information we hold.
- You can ask us to delete your personal information if there is no good reason for us to continue to process it.
- You can object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your current situation which makes you want to object to processing on these grounds. You also have the right to object where we are processing your personal information for direct marketing purposes.
- You can ask us to suspend processing of your personal information.
- You can ask us to transfer your personal information to another party in certain formats, if practicable.
- You can contact the supervisory body which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted:
Information you give us, or we collect from you
Our legal basis for the processing of personal data is legitimate business interests, although we may also rely on contract, legal obligation and consent for specific uses of data.
We will rely on contract if we are negotiating or have entered into a placement agreement with you or your organisation or any other contract to provide services to you or receive services from you or your organisation.
Our Legitimate Business Interests
Our legitimate interests in collecting and retaining your personal data is described below:
As a recruitment business we introduce candidates to clients for permanent employment, or independent professional contracts. The exchange of personal data of our candidates and our client contacts is a fundamental, essential part of this process.
To maintain, expand and develop our business we need to record the personal data of prospective candidates and client contacts.
In order to support the requirements of our candidates and clients, we maintain a database of candidate and client personal data containing historical information as well as current resourcing requirements.
How we use your information:
All data will be stored, processed, used and disclosed by us in pursuance of legitimate business interests which include but are not necessarily limited to:
- Your CV
- to facilitate the recruitment process whether contract or permanent
- to determine relevant roles suitable for your skill set
- to provide your information to clients in order for them to be able to assess your suitability for prospective roles
- Company and personal information
- will be used to form the basis of the contract for services
- to enable us to interact with you on any queries you may have
- to confirm compliance to contractual obligations
- to third parties where we have been requested by you or our client to provide information relating to references, qualifications and DBS checks (previously CRB)
- to complete any obligations which may arise from any contracts entered into between us
Under all other circumstances we will not disclose the information you provide to us without consent except:
- To fully co-operate with law enforcement officials/bodies in pursuance of their legitimate activities. EDR will have no legal liability for such disclosures
- Where we are sold to, merged with or enter into a joint business venture, in which case your information may be disclosed to the new business owners or partners
Where we hold your information:
The personal information that you provide to us is held in the EEA (European Economic Area) and should this be transferred to third parties, we will make reasonable endeavours to ensure that your privacy rights continue to be protected
What we do to keep your data secure:
- encryption of data;
- regular cyber security assessments of all service providers who may handle your personal data;
- regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;
- regular penetration testing of systems;
- security controls which protect the entire IT infrastructure from external attack and unauthorised access; and
- internal policies setting out our data security approach and training for employees
How you can see what information we hold:
- You may ask us to confirm the information we hold about you at any time and may ask us to modify, update or delete such information. We may ask you to verify your identity and for more information about your request. At our discretion we may charge an administration fee for the supply of requested information. Where we are legally permitted to do so, we may refuse your request and will explain our reasons for doing so. We will seek to act on your request in the timescale required by applicable data protection laws.
- You may request to unsubscribe from job alerts and marketing material at any time.
- If you wish to contact us with respect to the above matters, please email us at firstname.lastname@example.org
How long we hold your data for:
We are required by law to hold your information for as long as is necessary to comply with our statutory and contractual obligations and in accordance with our legitimate interests as a data controller.
We will use all reasonable endeavours to ensure that your Personal Data is maintained and up to date and will run data routines to remove data that we no longer have a legitimate business interest in maintaining. You are under a duty to inform us of any and all changes to your Personal Data to ensure that it is up to date and we will update or delete your Personal Data accordingly.
We may keep the following for up to 7 years because it appears on our financial records:
- Full name
- Company Name and Address
- Transaction and payment history
We may archive your personal data or retain it on our financial systems only, deleting all or part of it from our main database system. We may apply an anonymous code to parts of your data, particularly following a request for suppression or deletion of your data, to ensure that we do not re-enter your personal data on to our database, unless asked to do so
How we collect and use information about visitors to our website
When someone visits our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to various parts of the site. This information may only be processed in a way which does not identify an individual to allow us to make sure our website is serving our customers’ needs. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
We will not collect personal data unless you upload your CV or complete a ‘contact us’ form.
Links to other websites