Privacy

GDPR Privacy Notice for Web Site Enquiries

ECS (“we”, “us” and/or “our”) is committed to protecting the privacy and security of your personal data.  We are the data controller in respect of the personal data we process about you in relation to this website.  ECS comprises ECS Europe Limited, ECS Global Limited, ECS Consultancy Limited, ECS Digital Limited and ECS Infosolutions PVT Limited, each having signed an Intercompany Services Agreement dated 27 January 2017.

This Privacy Notice describes how we collect and process your personal data when using this website.  This version was last updated on 11 September 2019 and historic versions can be obtained by contacting us.  We may update this notice at any time.

It is important that you read and retain this notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you. This will ensure you are aware of how and why we are using such information and what your rights are under GDPR.

Our Registered Office is:

Parkview House
6 Woodside Place
Glasgow
G3 7QF

Chief Data Protection Officer for the ECS Group is:
Andrew Barclay
Head of Service Delivery
+44 (0)141 572 3040
enquiries@ecs.co.uk

This Privacy Notice will explain:

  • What is personal data?
  • What categories of personal data may we hold about you?
  • How is your personal data collected?
  • How will we use your personal data?
  • What is the legal basis for our processing of your personal data?
  • With whom will we share your personal data?
  • Where will we store your personal data?
  • How long will we retain your personal data?
  • What have we put in place to keep your personal data secure?
  • What are your rights?
  • Your duty to inform us.

What is personal data?

Personal Data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Practical examples are your name, address and email address.

Special Category of Data: means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Practical examples most likely relevant to your application will be information about your health.

What categories of personal data may we hold about you?

Depending on your enquiry, we may collect:

Type of Interaction
Data Collected
Recruitment Enquiry
Name
Address
Date of Birth
Email Address
Tel number
Skype Address
Social Media Personas
Cv/resume
Career History
Career Interests
References
Notes on your suitability during interview
Psychometric and technical test results
Current Role
Current Salary
Right to work in UK
Visa Details
Any disabilities you have (to facilitate interview)
Any other information you provide as part of your application or interview process
General Enquiry
Name
Email Address
Company/Organisation
Any other personal data you include in your message to us
Sales Enquiry
Name
Address
Email Address
Tel number
Company/Organisation
Role
Skype Address
Social Media Personas
Content Download
Name
Address
Email Address
Tel number
Company/Organisation
Role
Skype Address
Social Media Personas
Marketing
Name
Address
Email Address
Tel number
Company/Organisation
Role
Skype Address
Social Media Personas

How is your Personal Data collected?

We collect personal data when you contact us via our website by contacting us, submitting an application for a role, enquiring about a product or service, or downloading, subscribing to, or sharing content (such as a white paper, post or blog). We may also collect personal data directly from you (for example at events or meetings), from third party marketing agencies and from publicly available sources such as LinkedIn and company websites.

How will we use your personal data?

We will use your personal data to direct based on the type of enquiry. Specifically:

Type of Interaction
Use
Recruitment Enquiry
Confirm suitability for the role for which you applied
Communicate with you
Confirm suitability for other, current roles
Consider your suitability for future roles
Keep records relating to our hiring process
General Enquiry
To direct your query to the relevant ECS department
Sales Enquiry
Market ECS products and services
Identify sales opportunities
Keep you informed of new ECS products and services
Identify opportunities for B2B collaboration
Content Download
Market ECS products and services
Identify sales opportunities
Keep you informed of new ECS products and services
Identify opportunities for B2B collaboration
Marketing
Market ECS products and services
Identify sales opportunities
Keep you informed of new ECS products and services
Identify opportunities for B2B collaboration

What is the legal basis for our processing of your personal data?

Lawful Basis for Processing
Description
Recruitment Enquiry
Consent
By indicating your consent to us processing the personal data you provide to us or which we otherwise collect as set out above.
General Enquiry
Consent
By indicating your consent to us processing the personal data you provide to us or which we otherwise collect as set out above.
Content Download
Legitimate Interest
Processing is necessary for the purposes of the legitimate interests pursued by ECS, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
Sales Enquiry
Legitimate Interest
Processing is necessary for the purposes of the legitimate interests pursued by ECS, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
Marketing
Legitimate Interest
Processing is necessary for the purposes of the legitimate interests pursued by ECS, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. You can ask us to stop sending you marketing messages at any time by opting out here.

With whom will we share your personal data?

ECS Group will share your data with the relevant ECS department for the purposes set out above. These may include:

  • ECS Recruitment Team
  • ECS Sales and Marketing Teams
  • ECS Senior Managers
  • ECS Data Protection Officer
  • ECS Legal Team

To support us answering your query ECS Group may also share your data with the following third party:

  • Thorntons Law LLP, our retained company solicitors

Otherwise, we shall only disclose your personal data to third parties where we are required to do so by law or regulatory obligation to which any member of the ECS Group is subject.

Where will we store your personal data?

We store all personal data within the European Economic Area (EEA) under the adoption of strict organisational and technical measures designed to keep your personal data secure. However, we operate globally and it is possible that processing of data as set out above will be required to be transferred or accessible outside the EEA.

How long will we retain your personal data?

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it. Specifically:

Type of Enquiry
Retention
Recruitment Enquiry
Three years form our last contact with you
General Enquiry
One year form our last contact with you
Sales Enquiry
Three years form our last contact with you
Content Download
Three years form our last contact with you
Marketing
Three years form our last contact with you

What have we done to keep your personal data secure?

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Procedures are in place to deal with any suspected data security breach and we will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

What are your rights?

You have the right to:

  • Request a copy of your personal data that the ECS Group holds about you.
  • Request that the ECS Group correct any personal data if it is found to be inaccurate or out of date.
  • In certain circumstances you have the right to ask us to erase the personal data we or the ECS Group hold about you. Such circumstances include (a) where we no longer need your personal data for the purposes set out above; (b) if you withdraw your consent to our processing; (c) if you object to our processing based on our legitimate interest and we have no overriding legitimate grounds to continue processing your personal data; (d) if we process the data unlawfully; or (e) where the personal data has to be erased to comply with legal obligation to which we are subject. We will consider any such request in line with GDPR. Please note this is not an absolute right and there may be circumstances where we choose not to delete all of the personal data we hold about you. More information about your right of erasure can be found at https://ico.org.uk
  • Object to the processing of personal data for direct marketing purposes or where we are relying on a legitimate interest (or those of a third party) and there is something about the particular situation, which you object to.
  • Request that ECS provide you with your personal data and where possible, to transmit that data directly to another data controller.
  • Request a restriction on further processing of your personal data where there is a dispute in relation to the accuracy or processing of your personal data.
  • Withdraw your consent at any time by contacting the ECS Data Protection Officer in the first instance. Please note that any withdrawal does not affect the legality of the processing up to that point.
  • Lodge a complaint with the Information Commissioners Office should you be unhappy with how the ECS Group is handling your data or managing your rights. The Information Commissioner can be contacted at:

Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire,
SK9 5AF
https://ico.org.uk/concerns/

To exercise any of these rights, you should in the first instance, contact the ECS Data Protection Officer who will raise the issue as a formal request to the relevant Data Protection Officer.

Your Duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.