ComputerWorld Personnel Limited
Our Approach to GDPR – A straight-forward guide for Clients, Candidates and Contractors.
What is GDPR?
The General Data Protection Regulation (GDPR) is a set of principles which places greater emphasis on accountability, transparency and consent on organisations that collect or process data. It builds on the Data Protection Act (DPA) (1998) and comes into force on 25 May 2018.
How does it impact Computerworld Personnel Limited?
GDPR applies to how Computerworld Personnel gathers, stores and uses data. Computerworld Personnel is defined as a Data Processor and has specific obligations. Medium to large organisations (with over 250 employees) are required to have a dedicated employee responsible for ensuring compliance with GDPR. We are a smaller organisation with under 10 employees involved in the day to day operations. Only those who need the information within the organisation have access to our data. Due to the size of our operations, the responsibility of Data Protection Officer will be assigned to our Regional Directors – and issues escalated to the Managing Director. rob.baxter@
What is our basis for gathering data?
All new Candidates and Contractors will be told of our data responsibilities and given access to all of the relevant information including how to access, edit and delete their data.
How do we gather data?
In the past we have gathered data through telephone conversations, face to face meetings, public data sources including but not limited to recruitment websites, industry bodies, trade associations exchanging business cards emails and word of mouth.
What information do we retain?
This information is limited to the information required to professionally perform our role in the recruitment process when willingly shared with us or gathered from public sources.
For clients this would typically be:
Company information to include plans and goals for the business. Contact details to include work email and telephone numbers. Skills and experiences requirements and preferences for the role. Remuneration and Benefits. Information about the recruitment process. Interview feedback and Commercial terms. Bank information will only be required upon successful placement.
For candidate this would typically be:
Contact information to include home postcode, telephone number and email. Work history. Future career goals, key skills, capabilities and experience. Interview feedback. An original CV as submitted and an anonymised CV to share.
For Contractors this would be typically be:
The same information as for Candidates plus essential bank information for payment.
We have no need to ask for or store sensitive data.
Where do we store data?
We store data on our Customer Relationship Management system (CRM) https://www.colleaguesoftware.com/
Our CRM is a database for updating information and managing relationships. We have been using our CRM since 2012, and it has over 50,000 records. These include communication histories, details of recruitment requirements and details of numerous contacts and CV records captured since it’s inception.
This database is an online facility and subject the highest levels of security and back-up. Rigorous protocols for checking the safety of this date are in place.
We will on occasion require paper copies of the data. This will always be limited to those involved in a recruitment assignment, will not leave the secure office, will be stored in a locked environment out of office hours and subject to a scheduled, secure documented destruction service for each office.
How do we use data?
- We use data for the following purposes:
- To communicate with prospective employers and suitable candidates
- To fulfil recruitment assignments (Permanent and Contract)
- To share CV’s and relevant employment information with prospective employers
- To obtain references
- Inform interim payroll parties (Contractors)
- Review and analyse business performance
How do we NOT use data?
- We will never share your information with third parties not directly connected to your recruitment process.
- We will never sell your data (unless as part of the transfer of the whole business)
- We will never use your data for the purpose of automated/mass mail marketing.
Where can I find more information?