Send CV

Privacy Policy

 

SnippetGB Ltd (The Chef and People)

 

1. Introduction

SnippetGB Ltd (trading as The Chef and People) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, and store your information in compliance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.

Mention explicitly that this Privacy Policy applies to all users of your services and website visitors to avoid ambiguity.

 

2. Data Controller

SnippetGB Ltd (The Chef and People)

International House, 109-111 Fulham Palace Road,
London, W6 8JA

Email: info@thechefandpeople.co.uk

 

 

3. What Data We Collect

We may collect the following personal data:

Technical Data: IP address, browser type, and website usage data.

Identity Data: Name, date of birth, gender.

Contact Data: Email address, phone number, home address.

Employment Data: CV, work history, qualifications, skills, references.

Financial Data: Payment details if applicable.

 

 

 

4. How We Collect Your Data

We collect data through:

Automated technologies (e.g., cookies on our website).

Direct interactions (e.g., when you fill out forms or contact us).

Job applications and registrations.

Communication via email or phone.

 

 

 

5. How We Use Your Data

We use your data to:

Maintain records and for accounting purposes.

Facilitate job placements and recruitment services.

Communicate with you regarding job opportunities or services.

Comply with legal obligations.

Legal Bases for Processing:

Consent: When you provide explicit consent (e.g., marketing emails).

Performance of Contract: To provide recruitment services.

Legitimate Interests: For business operations and service improvements.

 

 

 

6. How We Share Your Data

We may share your data with:

Potential employers for job placement.

Third-party service providers (e.g., IT support, payment processors).

Legal or regulatory bodies if required by law.

 

 

7. International Transfers

If we transfer your data outside the UK or EEA, we ensure adequate safeguards are in place, such as:

Transfers to countries with data protection adequacy decisions.

Data transfer agreements with standard contractual clauses.

Highlight that if transferring data outside the EEA, you will notify users and provide them with details about safeguards.

 

 

 

8. Data Security

We implement technical and organizational measures to protect your data from unauthorized access, loss, or misuse.

 

 

 

9. Data Retention

We retain personal data only for as long as necessary:

Clients: Retained for the duration of the business relationship and any legal obligations thereafter.

Job Candidates: Typically 12 months unless you consent to longer retention.

For job candidates, consider specifying that if retention is longer than 12 months, it is done with explicit consent and detail any options for opting out.

 

 

 

10. Your Rights

Under GDPR, you have the following rights:

Withdraw Consent: At any time where consent is the legal basis.

Access: Request a copy of your data.

Rectification: Correct inaccuracies in your data.

Erasure: Request deletion of your data (“Right to be Forgotten”).

Restriction: Limit how we process your data.

Portability: Receive your data in a usable format.

Objection: Object to processing based on legitimate interests or direct marketing.

 

 

 

11. Cookies

We use cookies to enhance website functionality and analyze traffic. 

Specify that users can manage their cookie preferences through your website and mention if there are any essential cookies required for website functionality.

 

 

 

12. Complaints

If you have concerns about how we handle your data, please contact us. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Phone: 0303 123 1113

Website: www.ico.org.uk

 

 

 

13. Updates to This Policy

We may update this Privacy Policy. The latest version will always be available on our website.

Regular compliance reviews and mandatory training sessions for all staff.

The last line, “Regular compliance reviews and mandatory training sessions for all staff,” seems out of context here. Consider moving this statement to a new section about Internal Data Protection Measures or rephrasing it to fit within the section.