PRIVACY POLICY
With a reputation for excellence in recruitment solutions and a proven passion for innovation and thought leadership, Osborne is an award winning, leading recruitment consultancy driven together by a culture of high quality, high performance and high commitment where trust, honesty, collaboration, professionalism, accountability, curiosity and care is at the very heart of all we do. At Osborne, we pride ourselves in building lasting relationships and our vast network of skilled candidates is the cornerstone of our business.
At Osborne, we comply fully with applicable data protection legislation to keep your data safe and secure. Our goal as always is to increase the standards of the recruitment industry. Thus the care and diligence we apply to our internal recruitment process to ensure the right candidates are placed in the right roles in the right organisations, is also applied to our Data Protection and GDPR policies.
The purpose of this document is to set out the privacy entitlements of data subjects, which are defined in the General Data Protection Regulation (GDPR) as living persons. Privacy can only apply to information that is not already in the public domain and GDPR only applies to such personal data.
The General Data Protection Regulation (GDPR) is a European Union Regulation that sets out the data entitlements of data subjects and the obligations of those who process the personal data of data subjects. GDPR seeks to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU.
We have identified our data subjects as being:
There are different categories of data required between the differing data subject categories and only the information necessary to conduct the contractual relationship and perform the contract unique to each data subject will be collected.
Legal basis for processing any personal data
We rely upon the following legal bases for data collection:
Candidates: Information is required in order to perform the contract of “Employment agent” on behalf of our candidates with potential employers. The basis of data gathering in that instance is contractual requirement. This will include identification information such as but not limited to name, address, date of birth, information regarding education/qualifications and reference checks (reference checks are not the personal data of the candidate, as this is the opinion of another person regarding the candidate and therefore belongs to the holder of the opinion).
Clients/Suppliers: We will process data pursuant to business to business transactions, but where so required, we will rely on the lawful basis of necessity for the performance of the contract for the processing of personal data within this relationship.
Clients: We will utilise personal data in the form of email addresses and contact telephone numbers in order to keep our clients and potential clients informed in relation to the careers and market related information. We consider that this is in the legitimate interest of our business to maintain our market presence.
Candidates: Information is processed in the legitimate interests of the business of the employment agency, and where so processed it will be in accordance with and subject to your data subject rights and entitlements. We process your data when it is in the legitimate interests of our company to do so and we do this balancing your data protection rights. We consider that our legitimate interest is that you have registered with us because you are interested in gaining access to the information we provide in relation to salary surveys, marketplace analysis, regulatory changes etc., and/or information in relation to the career opportunities with our clients and prospective clients.
In balancing your data protection rights against this legitimate interest of our company, we have considered:
Personal Data
This Privacy Statement sets out how Osborne uses and processes any information that you give to us. We respect your privacy and are committed to protecting your personal information. This Privacy Statement explains how we collect, transfer, process, use and disclose your data and sets out our security practices.
COLLECTION OF PERSONAL DATA
Candidates:
We collect personally identifiable information (PII) that you provide to us, which is information that identifies you as an individual. This PII may include your:
We collect data from you and process it in the provision of our services as a recruitment company. This involves receiving your data, highlighting your skills and competencies, making telephone contact with you, emailing you with positions that may be of interest to you, emailing you about market trends, surveys, local information, etc., emailing and telephoning potential employers to advance your career prospects with those companies and sharing your data with those potential employers. When you register with us, you are agreeing to us acting as an agent for you in your pursuit of an employment position with a third party until you request that your details are removed or that you require us to cease processing your data.(which you can do at any stage in line with legislation). Our company in its capacity as your agent operates as a Data Controller in respect of the personal data you supply to us. We share your data with third party Clients in order to advance your prospect of obtaining your desired position and while we require that our clients are GDPR compliant, we can make no guarantees or warranties in that regard.
For some positions, we are obliged to collect data that could be considered to be special categories of data (as defined in the GDPR) that is required for legal compliance purposes such as for security or HIQA audit purposes and we will inform you fully if and when this circumstance arises. We will only process special categories of data with your specific and explicit consent or where one of the following conditions apply;
We collect personal data about you from the application forms and questionnaires you may be asked to complete; we also gather personal data from records of our correspondence, phone calls, emails and details of your visits to our website including but not limited to personally identifying information like Internet Protocol (IP) addresses. This information can be used to identify visitors to our website and also to collect statistics about the behaviour of visitors to our website.
If your personal data changes, please make Osborne aware so that we can ensure your personal data is kept up to date and accurate.
Clients/Suppliers:
We collect personally identifiable information (PII) that you provide to us, which is information that identifies you as an individual. We collect PII about Client and Supplier contacts from a number of sources, as follows:
USE OF YOUR PERSONAL INFORMATION
Candidates:
Osborne collects and uses all PII that you provide to deliver the job-seeking or related services you have requested. Your information will only be used for matching your skills with potential job opportunities and will be only disclosed to prospective employers. We may use the information:
Clients/Suppliers:
Osborne collects and uses all PII in accordance with the provisions of this policy and furtherance of our recruitment business. Your information will only be used to contact you in the following circumstances:
We use Client and Supplier personal data for the purposes of making and receiving payments in the ordinary course of business.
Any contact information that you provide through our system will not be sold, leased and/or distributed to any third party for the purpose whatsoever. We do not broker data.
SECURITY OF YOUR PERSONAL INFORMATION
Osborne will do its utmost to protect user privacy through the appropriate use of security technology. We ensure that we have appropriate physical and technological security measures to protect your information.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
LINKS TO OTHER WEBSITES
On occasion, Osborne may include links to third parties on this website. Where we provide a link, it does not mean that we endorse or approve that site’s policy towards visitor privacy or that we accept any liability with regard to their use of data. You should review their privacy policy before sending them any personal data.
HOW WE USE COOKIES
Our website uses cookies to distinguish you from other users of our website. Cookies provide information regarding the computer used by a visitor. We may use cookies where appropriate to gather information about your computer in order to assist us in improving our website.
We may gather information about your general internet use by using the cookie. Where used, these cookies are downloaded to your computer and stored on the computer’s hard drive. Such information will not identify you personally. It is statistical data. This statistical data does not identify any personal details whatsoever. You can adjust the settings on your computer to decline any cookies if you wish. This can easily be done by activating the reject cookies setting on your computer.
DISCLOSURE
A necessity of our contractual engagement is that we share your personal data with our employer/clients. We have in place Data Sharing Agreements (in the form of actual agreements or merely additional clauses within the terms and conditions of engagement between the agency and its clients) or Data Processing Agreements with all such employer/clients and we have done our utmost to ensure that all such parties process your data in a manner that is consistent with this Privacy Notice and GDPR. Our employer/clients may themselves be subject to third party audits either in the form of statutory and/or ethical audits, governmental/statutorily required audits or legal obligations, these are deemed a necessity of the contract of engagement between you and our company and on this legal basis your personal data will be shared to comply with these requirements.
We do not broker or pass on information gained from your engagement with the agency. However, we may disclose your Personal Information to meet legal obligations, regulations or valid governmental requests. The agency may also enforce its Terms and Conditions, including investigating potential violations of its Terms and Conditions to detect, prevent or mitigate fraud or security or technical issues; or to protect against imminent harm to the rights, property or safety of our company, its clients and/or the wider community.
DATA RETENTION
We will process personal data for the duration of any contract and will continue to store personal data in accordance with our data retention table at all times subject to the rights of data subjects prescribed by the GDPR.
Source of Obligation/Data Type | Retention Period |
Candidate CV documents (including contact information) and all personal data | As a general rule, Osborne will retain all data securely until such time as a data subject requires the erasure of their data.
Osborne will contact you on an annual basis seeking your updated CV and giving you the opportunity for erasure. You can seek erasure of your CV at any stage. We will immediately delete your CV upon request from you, unless we are required to obtain same under our statutory or contractual obligations set out below.
In the event that any claim is made by the data subject, then Osborne may retain the data for as long as may be necessary until the claim has been concluded.
|
Revenue Commissioners, Collector General, Companies Acts legislative provisions | 6 years rolling retention of records to enable compliance with legislative provisions.
|
Personal Injuries related records | Records are retained for a period of 3 years past the date of the cause of action, unless it involves a minor, in which case the retention period will be up until 3 years after the minor reaches the age of 18.
In the event that any claim is made by the data subject, then Osborne may retain the data for as long as may be necessary until the claim has been concluded.
|
Breach of Contract related records | Records are retained 6 years from the date of the breach. In the event that proceedings are issued, then Osborne may retain the data for as long as may be necessary until the proceedings have been concluded.
In the event that any claim is made by the data subject, then Osborne may retain the data for as long as may be necessary until the claim has been concluded.
|
Employment contract/terms of employment related information | Data retained indefinitely or until such time as the data subject requests deletion unless retention is required to fulfil a statutory or claim purpose.
|
Organisation of Working Time – time sheets/holiday and public holiday records
National Minimum Wages Protection of Employment – Temporary Agency Workers, Part Time Workers, Fixed Term Workers Protection of Young Persons |
Data retained for three years post the termination of the employment to enable Osborne to show compliance with legal obligations in accordance with the statutory provisions.
In the event that any claim is made by the data subject, then Osborne may retain the data for as long as may be necessary until the claim has been concluded.
|
Parental Leave Related | Data retained for 8 years from the date of the cessation of parental leave. This retention is required to enable Osborne to comply with their contractual and statutory obligations. In the event that any claim is made by the data subject, then Osborne may retain the data for as long as may be necessary until the claim has been concluded.
|
Employment Equality | Interview Data will be retained for;
(a) a period of one year from the date of engagement of Osborne as agent or; (b) for a period of one year from the date of termination of their relationship with Osborne or; (c) the expiry of any statutory retention periods which may apply
whichever is the longer. This retention is required to enable Osborne to comply with their contractual and statutory obligations.
In the event that any claim is made by the data subject, then Osborne may retain the data for as long as may be necessary until the claim has been concluded.
|
Health and Safety Records | All records relating to health and safety will be kept for a period of ten years
In the event that any claim is made by the data subject in respect of health and safety, then Osborne may retain the data for as long as may be necessary until the claim has been concluded.
|
Data Law Compliance | Records in relation to our compliance with Data Law and GDPR will be kept for a five year period. |
Work Permits & Visas | All records will be retained for a period of five years from the date on which the Visa is produced or for the duration of the employment, whichever is the longer to enable Osborne to comply with its statutory obligations. |
REFERENCES & EMERGENCY CONTACTS
As part of our detailed recruitment process ‘The Osborne Way’, Osborne will contact referees using the contact information provided by the candidate to obtain references.
These references may then be shared with Osborne clients who the candidate is in the recruitment process with.
References will not be shared with candidates, this is outlined in our Reference Policy.
For temps working with Osborne, we will contact emergency contacts using the contact details provided by the temp in the event of an emergency.
CANDIDATE CV’s
Osborne will retain your CV on file to keep you updated with regard to relevant job opportunities, market information, trend analysis, salary information and market updates. It is important to us that the data which we hold is accurate and up to date and accordingly, we will contact you on an annual basis seeking your updated information. We will give you an opportunity to seek erasure of your data at that stage, and if you require your data to be erased, we will immediately do so (subject to our statutory and contractual obligations).
DATA STORAGE
Data is held in the United Kingdom on our Bull Horn data records management for recruitment and all other data is held in Ireland using different (multiple) servers. We do not store personal data outside the EEA.
Osborne is a business customer of Adobe solutions – this may result in the transfer of your personal information to non-EEA countries. Adobe relies on the following legal mechanisms: the EU-U.S. Privacy Shield, the Swiss-U.S. Privacy Shield, and Standard Contractual Clauses. We will offer you an alternative means of signing if you object.
DATA SUBJECT RIGHTS UNDER GDPR
ACCESS TO INFORMATION AND UPDATING, VERIFYING, DELETING AND RETENTION OF PERSONAL DATA
Subject to other applicable legal requirements, we will hold your personal data in accordance with the retention schedule set out above. Each individual has the right to withdraw their consent and have their personal information erased at any time (subject to our statutory and legal obligations as set out).
For the entirety of the time that we are in possession of your data, you have the following rights:
These rights may on occasion need to be modified/curtailed by statutory or competing obligations, for example, you may request that we delete your data, however if we have been your employer will can only do so after the statutory period of record retention has expired. In the event that we are obliged to refuse your request in accordance with your data subject rights, or if we are obliged to place conditions on our assent to your request, we will provide you with a reason as to why, which you have the right to legally challenge.
When your data has been erased from our system, your name and email address are recorded in a separate document by our DPO and saved securely within Osborne. It is necessary to record these details for candidates or client contacts who have been removed from our database due to the fact that some candidates / client contacts may on occasion have different email addresses which can lead to multiple entries on our database
At any time following a request from you we can confirm what information we hold about you, as well as how and why it is being processed.
YOU CAN REQUEST THE FOLLOWING INFORMATION:
TO ACCESS WHAT PERSONAL DATA IS HELD, IDENTIFICATION WILL BE REQUIRED
We will accept the following forms of ID when information on your personal data is requested: a copy of your national ID card, driving license, passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required. If we are dissatisfied with the quality, further information may be sought before personal data can be released.
All of the above requests can be directed, in writing, to the Data Protection Officer, Osborne, 1st Floor, Brehon House, Main Street, Blanchardstown, Dublin 15. They will be forwarded on should there be a third party involved in the processing of your personal data.
Complaints
In the event that you wish to make a compliant about how your personal data is being processed by us or by our partners, you have the right to complain to dpo@osborne.ie
If you do not get a response within 30 days you can complain to the OFFICE OF THE DATA COMMISSIONER, Supervising Authority of Ireland.
Data Protection Commissioner
Canal House
Station Road
Portarlington
R32 AP23 Co. Laois
Telephone +353 57 8684800
Lo Call Number 1890 252 231
E-mail info@dataprotection.ie
CHANGES TO THIS PRIVACY STATEMENT
Our Privacy Statement may change from time to time and changes to the statement will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy. If you do not agree to these changes, please do not continue to use this Website to submit personal information. This Privacy Statement is updated as of the 13th of August 2024.