Privacy Policy – GDPR
Introduction
Hightekers Services Ltd (referred to as “Hightekers”, “We, “Our” or “Us”), is committed to protecting the privacy and security of your personal information. We take care to protect the privacy of our consultants, employees, clients and users of our services that communicate (online or offline) with us, at events, over the phone, through our mobile applications, websites and social media platforms.
We have therefore developed this privacy policy to inform you of the data we collect, what we do with your information, what we do to keep it secure as well as the rights and choices you have over your personal information.
Throughout this document we refer to Data Protection Legislation means the Data Protection Act 2018 (DPA2018), United Kingdom General Data Protection Regulation (UK GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. Where data is processed by a controller or processor established in the European Union or relates to the data of people in the European Union, it also includes the EU General Data Protection Regulation (EU GDPR). This includes any replacement legislation coming into effect from time to time.
Hightekers Services Ltd is the controller for the personal information we process, unless otherwise stated.
We are registered with the Information Commissioner’s Office (the ICO) with registration number ZB051324
You can contact us either by phone, email or post.
Our main trading/postal address: Gable House 239 Regents Park Road, London N3 3LF, United Kingdom
Phone: +44 20 3936 06 80
Email: dpo@hightekers.com
Our Data Protection Officer is:
Dr Louis Sanchez de Lozada
The information we collect and when
We only collect personal information that we know we will genuinely use and in accordance with the Data Protection Legislation. The type of personal information that we will collect on you, from sources including:
third party websites; this website; enquiry/contact forms; events/exhibitions; other contact methods; may include all or some of the following:
Users of our website
- Your name
- Address
- Telephone number(s)
- Email address
- Survey or webform responses
- Data about your engagement with our website including pages you visit
- Cookies; and/or
- IP address and other data about your device
Consultants and Prospective Employees
- Your name
- Address
- Date of birth
- Telephone number(s)
- Email address
- Survey or webform responses
- Data about your engagement with our website including pages you visit
- Cookies; and/or
- IP address and other data about your device
- Professional biographical information obtained from publicly available sources, such as LinkedIn, CV posting websites and social media sites
- Personal data about you provided by another consultant or an employer or other professional who recommends you as a contact
- Feedback about you collected from our clients
- Gender
- National Insurance number
- Bank account details, payroll records and tax status information
- Salary, annual leave, pension and benefits information
- Location of employment or workplace
- Copy of driving licence or passport
- Nationality
- Copy of visa (if applicable), immigration information, European Settlement Status or Pre-Settlement Status
- Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter as part of the application process
- Employment records (including job titles, work history, working hours, working pattern, training records and professional memberships)
- Compensation history
- Performance information
- Time and attendance records
- Disciplinary and grievance information
- Information about your use of our information and communication systems
We may also collect and process the following special categories of personal data:
- Information about your health
Clients or Employees of Client Organizations
- Contact details
- Data related to your function or position
- Personal data relating to the communications we have had with you, in particular if you have opened or forwarded emails, newsletters or other content that we have sent to you.
- Personal data you may include in any feedback or references you provide about our consultants and / or employees (e.g. confirmation that a consultant has worked with you)
- We process personal data about you from publicly available sources such as LinkedIn and other social networking sites
- We process personal data when you have been delegated to one of our events or to an event for which the event organizer is authorized to provide us with the contact details of the delegates
- We may, in further dealings with you, extend this personal information to include your address, services used, and subscriptions, records of conversations and agreements and payment transactions
How we use your information
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for the collection and processing this personal data are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting dpo@hightekers.com
- Where the processing is necessary for the performance of a contract we have entered into with you
- Where the processing is necessary to comply with a legal obligation
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
Consultants
- To contact and communicate with you, following your enquiry, reply to any questions, suggestions, issues or complaints you have contacted us about
- Make available our services to you including net salary calculations
- Send you prospecting messages to inform you of our services, industry reports and information, events, promotions and contests, and other content, in accordance with your marketing choices
- For statistical analysis and to get feedback from you about our products, websites, mobile apps, and other services and activities
- To power our security measures and services so you can safely access our website and mobile apps
- To help us understand more about you as a consultant / employee / client, and the services you consume, so we can serve you better
- To provide you with online advertising and promotions
- To send you information about relevant offers, benefits and rewards and information about other services available from Group companies
- Help answer your questions and solve any issues you have
- To contact you if we think you might be interested in our services at a later date
- To verify your identity
- To check you are legally entitled to work in the UK
- To pay you, to deduct tax and National Insurance contributions
- To provide pension and other benefits to you
- To carry out business management activities such as accounting and auditing
- To make decisions about your continued employment or make arrangements for the termination of our contract
- To ascertain your fitness to work and manage sickness absence
- To monitor and ensure compliance with employment and equal opportunities legislation
Clients and potential clients
- In order to establish commercial relations with you and / or your company
- For the purposes of payment and refund processing where appropriate
Who we might share your information with
We may share your personal data with other organisations in the following circumstances:
- If the law or a public authority says we must share the personal data
- If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk); or
- From time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. However, all the information we share will be collected and anonymised, so neither you nor any of your devices can be identified from it.
- We use data processors who are third parties who provide elements of services for us. We have Data Processing Agreements in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processor Agreement. They will hold your personal data securely and retain it for the period we instruct.
How we keep you updated on our services
We will send you relevant offers and news about our products and services in a number of ways including by email, but only if you have previously consented to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices online, by email or in writing at any time.
If you wish to amend your marketing preferences, you can do so by emailing dpo@hightekers.com
Your rights over your information
6.1.1 The right to be informed about our collection and use of personal data
You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through our external website policy. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.
6.1.2 Right to Access Your Personal Information
You have the right to access the personal information that we hold about you in many circumstances, by making a request. This is sometimes termed ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within 1 month from when your identity has been confirmed.
We would ask for proof of identity and sufficient information about your interactions with us so that we can locate your personal information.
If you would like to exercise this right, please contact us as set out below.
6.1.3 Right to Correction Your Personal Information
If any of the personal information we hold about you is inaccurate, incomplete, or out of date, you may ask us to correct it.
If you would like to exercise this right, please contact us as set out below.
6.1.4 Right to restrict processing
You have the right to ask us to restrict the processing of your personal data. For example, this may be because you have issues with the accuracy of the data we hold or the way we have processed your data. The right is not absolute and only applies in certain circumstances.
If you would like to exercise this right, please contact us as set out below.
1.1.1 Right to Erasure
You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.
If you would like to exercise this right, please contact us as set out below.
1.1.2 Right to Portability
The right to portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used, and machine-readable format. It also gives them you the right to request that a controller transmits this data directly to another controller.
If you would like to exercise this right, please contact us as set out below.
1.1.3 Right to object
You have the right to object to our processing of some or all of the personal data that we hold about you. This is an absolute right when we use your data for direct marketing but may not apply in other circumstances where we have a compelling reason to do so, e.g., a legal obligation.
6.1.5 For more information about your privacy rights
The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as ourselves are available publicly. You can access them here https://ico.org.uk/for-the-public
You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.
How long we keep your information for
We retain a record of your personal information in order to provide you with a high quality and consistent service. We will always retain your personal information in accordance with the Data Protection Legislation and never retain your information for longer than is necessary for the purpose for which it was collected. Unless otherwise required by law, your data will be stored for a period of 10 years after our last contact with you, at which point it will be deleted.
Giving your reviews and sharing your thoughts
When using our websites, please remember it is your responsibility to set appropriate privacy settings on your social network accounts, so you are comfortable with how your information is used and shared on them.
Security
Data security is of great importance to Hightekers Services Ltd and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your collected data.
We take security measures to protect your information including:
- Limiting access to our buildings to those that we have determined are entitled to be there (by use of passes, key card access and other related technologies);
- Implementing access controls to our information technology
- We use appropriate procedures and technical security measures (including strict encryption, anonymisation and archiving techniques) to safeguard your information across all our computer systems, networks, websites, mobile apps, offices and stores.
- Never asking you for your passwords;
- Advising you never to enter your account number or password into an email or after following a link from an email.
What happens if our business changes hands?
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the purposes for which it was originally collected by us.
Changes to Our Privacy Policy
We may change this Privacy Policy from time to time (for example, if the law changes). We recommend that you check this policy regularly to keep up-to-date.
How to contact us
If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:
By email: dpo@hightekers.com
By post: Hightekers Services Ltd, Gable House, 239 Regents Park Road, London N3 3LF
Phone: +44 20 3936 06 80
Thank you for taking the time to read our Privacy Policy.
This Policy was last updated on 19/04/2023