top of page

Privacy Policy

Introduction
 

SecurePeople.co.uk  (“SecurePeople”, “we”, “us”, or “our”) is committed to protecting and respecting your privacy and providing a safe, secure user experience. We ensure that the information you share with us—via our website, email or written correspondence, conversations or meetings with our consultants, or through any of our UK operations—is only used for the purposes set out in this Privacy Policy.
 

This Privacy Policy explains how we collect, use, and process your personal data—whether we are helping you find a role, continuing our relationship after placement, providing services to you, receiving services from you, or you are simply visiting our website.
 

Who this policy applies to

  • Candidates: Anyone applying for roles advertised or promoted by us (via our website, job boards, social media or other sources), as well as anyone who sends us a speculative CV. “Candidate” also covers individual contractors and individuals supplying services via personal service or umbrella companies.

  • Clients & business contacts: Our customers, prospective customers, and other professional contacts to whom we provide or market recruitment services.

  • Suppliers: Partnerships and companies (including sole traders), contractors and consultants who provide services to SecurePeople. Suppliers are responsible for sharing this notice with their relevant personnel.

  • Website users: Individuals who access or interact with our website.
     

This notice does not apply to SecurePeople employees, who receive separate fair-processing information.

What information we collect

Candidate data

Depending on circumstances, we may collect some or all of the following so we can offer opportunities suited to you: name, contact details, CV/resume, photograph (if provided), education and employment history, links to public professional profiles (e.g., LinkedIn, GitHub), immigration/work-status details, referee details, current remuneration and benefits, emergency contact, and (where needed) financial details for background checks or payment.

Where appropriate and lawful, we may collect special category or criminal-records data relevant to a specific role (e.g., health information or DBS/other checks). We may also invite you (voluntarily) to provide diversity data for equal-opportunities monitoring. If you visit our office, please note the building’s common areas may operate CCTV.

Client & business-contact data

We collect business contact details you share with us (by phone, email, in person) or that are available via business networking sites and typical business-development activity. We may also receive your details from Candidates (e.g., when you are named as a referee) or from public sources and professional publications.


Supplier data

We collect contact details of relevant personnel and limited financial information (e.g., bank details) to administer our relationship and make payments.

Website user data

When you visit our website, we may automatically collect your IP address, timestamps, frequency of visits, and browsing patterns. We also use cookies in line with your browser settings. For details, see our Cookies section on the site.

How we collect personal data

  • Directly from you (e.g., CV submission, form completion, phone/email/in-person conversations, event registration, surveys, subscribing to updates).

  • Via our website, job boards, social networks, and professional platforms.

  • From referees, Clients, RPOs, MSPs and other recruitment partners; public sources (e.g., Companies House, professional sites); and personal recommendations.

  • If you connect with our consultants on business networking sites, you can access this Policy and control what you share.

Note: SecurePeople does not operate “group companies,” and we therefore do not share your personal data within a corporate group for the purposes described in this notice.


How we use your personal data & legal bases

Candidates

Purposes (typical examples):

  • Maintaining and updating your profile so we can contact you about relevant roles.

  • Providing recruitment services; matching your profile to vacancies.

  • With your prior consent, presenting your details to Clients.

  • Enabling applications, job alerts, market updates and insights.

  • Contract administration; payroll/invoicing if SecurePeople pays you.

  • Verifying information (e.g., references, qualifications), and conducting lawful checks where appropriate.

  • Fulfilling legal obligations (e.g., prevention/detection of crime, tax compliance).

  • Establishing, exercising, or defending legal claims.

  • Sending relevant insights, reports, events and services in line with your marketing preferences.


Legal bases: Legitimate interests, contract, legal obligation, and consent (where required, e.g., sending your CV to a Client, certain marketing, or processing special-category data). You can withdraw consent at any time.

Clients & business contacts

  • Delivering and improving our recruitment services.

  • Storing contact history, job records, and placements.

  • Customer-satisfaction activities.

  • Legal claims and compliance.

  • Relevant marketing communications (industry reports, events, promotions) in line with your preferences.


Legal bases: Legitimate interests, contract, legal obligation.
Suppliers

  • Receiving and managing services, including payments.

  • Legal claims and compliance.

  • Relevant business communications.

Legal bases: Contract, legitimate interests, legal obligation.

Legitimate interests (what they are and why they’re necessary)

As a recruitment business, exchanging Candidate and Client personal data is essential to identify opportunities, assess suitability, and make introductions. If you’re seeking work or you’ve made your professional information publicly available (e.g., on a job board or networking site), it is reasonable to expect us to process that information to provide recruitment services—always respecting your preferences and applicable law.

Where a role requires it, Clients may also verify information (e.g., assessment results, references, qualifications, criminal-record checks) to the extent appropriate and lawful.


Consent

Where we rely on consent (for example, sending your details to a Client, processing special-category data, or certain marketing), we’ll ask for it clearly and record your response. You can withdraw consent at any time by contacting [privacy@securepeople.co.uk].


Automated decision-making

We do not use automated decision-making or profiling to make placement decisions. Our systems may search data against parameters set by humans, but people always make the decisions.

Sharing your personal data

We may share personal data with:

  • Clients (with your prior consent where required) for role consideration or onboarding.

  • Referees, background-check providers, assessment providers, payroll and accounting platforms, IT/CRM providers, professional advisers, and other processors who support our services under contract.

  • Regulators, law enforcement, or authorities where legally required.

  • Prospective or actual buyers in connection with a business transfer or reorganisation (your data will remain protected under this Policy and applicable law).

We do not have a corporate group, so there is no intra-group sharing.

Where data is transferred outside the UK, we will ensure appropriate safeguards (e.g., UK IDTA/Addendum to EU SCCs, or adequacy regulations).


Data security

While transmission over the internet can never be completely secure, we use appropriate technical and organisational measures to protect your data once received, including access controls, secure servers located in the UK (or approved locations), and confidentiality obligations for personnel and suppliers. We maintain incident-response procedures and will notify you and any relevant regulator of a personal-data breach where legally required.

How long we keep your data

We keep personal data only as long as necessary for the purposes collected and to meet legal, accounting, and reporting requirements. Retention depends on factors such as data type, sensitivity, risk, and legal obligations. We may archive or pseudonymise data (e.g., after a deletion/suppression request) to prevent re-entry unless requested by you. Details of specific retention periods are available on request at [privacy@securepeople.co.uk].


Your rights

Under UK GDPR, you have the right to:

  • Access your personal data and information about how we process it.

  • Rectify inaccurate or incomplete data.

  • Erase your data where there’s no compelling reason for continued processing.

  • Object to processing based on legitimate interests (including direct marketing).

  • Restrict processing in certain circumstances.

  • Portability: receive or request transfer of your data in a usable format where feasible.

  • Withdraw consent where we rely on consent.


To exercise your rights, contact our DPR at [privacy@securepeople.co.uk]. We may need to verify your identity. We aim to respond within one month (or notify you if more time is needed for complex requests). You will not usually pay a fee, but we may charge a reasonable fee or refuse requests that are unfounded, repetitive, or excessive.

You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk, though we’d appreciate the chance to resolve your concerns first.

Marketing preferences

You can opt out of marketing (or change your preferences) at any time by contacting [privacy@securepeople.co.uk] or using the unsubscribe options provided.


Changes to this Policy

We may update this Privacy Policy from time to time. We’ll post any changes on this page and, where appropriate, notify you by email. Please check back regularly to stay informed.

Contact

Questions, comments or requests regarding this Privacy Policy:
Email: [privacy@securepeople.co.uk]
 

bottom of page