Back to home

Privacy Policy

For Ineo Consulting Ltd

Introduction

Here at Ineo, we understand that it's important to deliver your message in a clear and concise way. That's why our Privacy Policy is written in a language that makes it easy to understand, with a layout that makes it clear about what affects you. We will only use legalese where it is absolutely necessary - although our Policy is in line with the law.

We are committed to protecting and respecting your privacy. That is why we only keep the data we need to, for as long as we need to.

Ineo Consulting Ltd is registered in the United Kingdom at Office 2 The Reach, 687-693 London Road, Westcliff-On-Sea, Essex, England, SS0 9PD. Our business registration number is 08924179. We therefore fall within the General Data Protection Regulation (GDPR), which intends to harmonise data protection legislation across the EU. Our Data Protection Officer is Sasha Egan, and any queries can be directed to sasha@ineoconsulting.com.

Who We Are and What We Do

We are a consultancy business, working predominantly within the recruitment sector. We:

  • advise businesses (our clients) on how to work more efficiently and save time and money
  • tender for new Customer Relationship Manager (CRM) systems
  • handle system migrations, set ups and configuration
  • carry out Business Process Reengineering (BPR)
  • carry out data cleansing and advise on data handling
  • provide training
  • provide ongoing system support
  • develop and manage bespoke software

As you can see, our work is diverse and it all involves handling and advising on handling of personal data. This makes us a Data Processor. We also hold data on individuals - our employees and our clients, prospective clients and subscribers. This makes us a Data Controller.

Our Clients

To our wonderful clients reading this, hello, and please let us take this opportunity to say thank you for working with us. We know how important it is to you that we keep your data safe - the data about you and your organisation, and the data you share with us about your clients. So we hope that you find this section useful and that it enables you to understand how we manage the data handling process.

During the course of our relationship, we need to know a few things about you - we need a contact name and email address, correspondence address and phone number for who will be managing the contract on your end. We will likely also have a number of individuals we work with from your business, whose names and contact details will also be shared with us.

The message we want to get across about any data we hold about you is that we will:

  • never sell your data
  • share your data with a third party, except where that is to a third party who are carrying out work on our behalf, for example subcontractors, or where we are required to by law
  • retain your data for only as long as is necessary
  • store your data securely
  • dispose of your data in a secure manner, for example shredding paper copies and fully deleting your data
  • only use your data for its intended purpose
  • only hold data that is relevant for us to conduct our business

Prospective Clients

Thank you for taking the time to read how we will manage the data you provide to us as a prospective client. We hope you'll jump aboard and become one of our clients, but before you do, and if you sadly don't, this is how we will handle the data you provide to us.

To understand your needs, we need to know a little about your business, and we need to have the contact details of your business representative. This information is then stored securely by us, to enable us to follow up any conversations we may have already had from you, or to market to you any material which you may find useful.

In a nutshell, this is what we will do with any data you provide to us, or that is provided to us by a third party about you:

  • We will store it securely
  • We will not sell it to any third parties
  • We may share it with relevant third parties - but these will only be where we are legally obliged to so do and with sub-contractors
  • We will store your data in-line with our Data Retention Guidelines
  • We will dispose of your data securely, within our Data Retention Guidelines or if you ask for us to do so
  • We will only use your data for its intended purpose
  • We will only store data that is relevant for us to conduct our business

Our Employees

As one of our incredible employees, you already know how seriously we take data security. This isn't just restricted to our clients and third parties - this also includes data we hold about you.

When you joined us, you will have been asked to provide us with a lot of personal data about you, and about others - such as your next of kin or emergency contact details. We will have asked you to let us know your bank details so we can pay you. We will have also asked you to complete a questionnaire on equalities and diversity. This information is sensitive personal data, and the security of such data is paramount.

This is how your data is handled:

  • Personal data, such as your name, contact details, tax and financial information, is stored in a secure cloud drive, such as Google Drive and is only accessible to Sasha Egan, Finance and Operations Manager and John Egan, Managing Director. Access is password controlled.
  • Copies may be stored on Local drives, but these are kept secure: drives are password protected, and the drive itself is not removed from our locked Office when not in use.
  • Personal data is only shared with our Accountant, in order to set you up on the Payroll and Pension system (if applicable) and where we are Legally Obliged to do so.
  • Any paper copies are stored in a combination locked safe.
  • Sensitive personal data, such as our Equalities Monitoring Form, are stored in a secure cloud drive and is only accessible by Sasha Egan, Finance and Operations Manager.
  • We will store your data during your employment with us, and for a period after you leave us.
  • We will not sell your data. Ever. We promise.
  • We will only hold data about you that we need to hold.
  • We will only use your data for its intended purpose.

Our Subscribers

Hello to our subscribers! Can we just say, it's great to have you on board? We love the fact you want to be kept up to date on what we have going on, and all of the exciting industry news we have the privilege to share with you.

In order to have that privilege, you shared some information about yourself with us. This section within our Privacy Policy is to let you know how we intend to manage that information.

Rarely, we may use a third party or third party software in order to contact you, like if we are planning a big mail out. We will only use a third party supplier that is registered within the UK (and therefore covered by GDPR), and use a Non-Disclosure Agreement if required in order to keep your data safe.

Your data will always be stored securely, and we will always give you the right to unsubscribe at any time. We will always limit the data we hold on you to what we need to know - like your name, organisation and email address, and only use it for its intended purpose.

We won't sell it, share it with anyone (unless stipulated in this section or if we're legally obliged), or store it for longer than is necessary.

Individual Data Subjects

It can be scary, can't it, sharing your data? You sign up to a recruitment specialist, giving over all of this information about you, and then you find out they've shared it with us. If you've read the section on Who We Are and What We Do, hopefully you'll know why your data has been shared.

The Agency will most likely have given us access to their systems to carry out a specific task. This could be something like a data cleanse - basically reviewing all of the data stored on their system, clearing out the old stuff they don't need any more and tidying up what's left.

Before starting this process, we will download all of the data on that system and store it as a back-up, in case something goes wrong. This copy may be stored on Local drives whilst we're carrying out our work, or stored on a cloud-based system, like Google Drive. Everything we do is password protected, to increase the security of your data.

We would like to confirm to you that, as a third party, we do not/will not:

  • personally hold your data for processing by us
  • share your data with anyone, unless it's a sub-contractor carrying out portions of the work
  • sell your data to anybody
  • store any data on you outside of the system backs ups or within the systems we use to undertake our work
  • store your data individually - the work we undertake is generally processed en-masse
  • keep your data for longer than necessary

How We Store, Manage and Dispose of Data

Unless we tell you otherwise, we store all of our data via cloud managed storage, using a combination of Google Drive and Onedrive. We like this because it enables us to very clearly restrict the data stored with only relevant people - either by restricting the entire drive, the folder something is stored within, or the document itself. We don't share passwords - every member of staff or subcontractor has their only login and password.

Paper-based documents that we must keep the originals of are stored in a combination lock safe. However wherever possible, we will scan paper copies and shred them; storing the documents instead on the aforementioned cloud.

Sometimes we will store something locally for a short period, but once it has served its purpose, it is deleted securely from the drive (including emptying the recycle bin). Our office is only accessible to employees and kept locked when not in use.

We run data cleansing routines to ensure any outdated data is deleted regularly.

If we are supplied with your information by a third party, for example because you have consented to them passing on your information to us in order that we can market to you, we will contact you within 30 days to let you know, and to give you the opportunity for us to delete you from our records.

Who We Share Data With and Why

We may share data with third parties, such as sub-contractors who we have engaged to complete a piece of work on our behalf. Part of this work may involve having access to certain data. Where appropriate, we will confirm our sub-contractor's Privacy Policy is fit for purpose and use Non-Disclosure Agreements where necessary before engaging and sharing any data.

We also share data with our Accountant and relevant supervisory bodies (such as HMRC) where necessary, in order to undertake our financial obligations.

In the event that we sell or Ineo Consulting Ltd is substantially transferred to a third party; personal data will be one of the transferred assets. Don't worry - we have no plans to do so!

Legal Obligations

There may be an occasion where we are legally obliged to share or process your data in a different way to what it was intended for. It's impossible to list every scenario here, but it's important that you're aware of the circumstances. For example, we may have a duty to submit a Suspicious Activity Report to the National Crime Agency if we suspect money laundering, or we may receive a court order requesting that we share information on a specific individual. Legal obligations also cover where we need to share data with agencies such as HMRC, like where we need to disclose employee salary information.

Your Rights Under GDPR

You are in control of what we hold about you, and we request that you keep your data accurate and up to date, and that you let us know your preferences whenever you like. The GDPR provides you with the following Rights:

  • To request correction of your personal information - This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • To request erasure of your personal information - This enables you to ask us to delete or remove personal information that we hold about you.
  • To object to processing of your personal information - This enables you to request that we no longer market to you as a potential client, or share industry news, products and services that we feel may be of benefit to you.
  • To request the restriction of processing of your personal information - This enables you to ask us to suspend the processing of personal information about you for a period.

If you wish to exercise any of these rights, please contact Sasha Egan, our Data Protection Officer, at sasha@ineoconsulting.com.

For more information about our data retention guidelines, document retention policies, or any other privacy-related questions, please contact our Data Protection Officer, Sasha Egan, at sasha@ineoconsulting.com.