Personal data is information about an 'identified' person or an 'identifiable natural personv. An 'identifiable natural person' can be identified, directly or indirectly, in particular reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
Sensitive personal data: Sometimes known as 'special categories of personal data' or 'sensitive personal data', means personal information about an individual's race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership (or non-membership), genetics information, biometric information (where used to identify an individual) and information concerning an individual's health, sex life or sexual orientation.
Data Subject means the individual to whom the personal information relates.
Processor: The UK GDPR defines a processor as a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller. Processors act on behalf of the relevant Controller and under their authority.
Controller: "Controller" means the natural or legal person, public authority, agency, or any other body which alone or jointly with others determines the purposes and means of the processing of personal data, where the purposes and means of processing are determined by the EU or UK laws, the Controller may be designated by those laws. Art.2(d) GDPR.
The ParTimer Limited is registered in England and Wales with the company number 13634967.
In this policy, "we", "us", and "ourv refer to The ParTimer Limited, "the ParTimer", or "JIFFL", which is the name that our brand will trade under.
Our registered office address is: Floor 2 Portland Street Manchester England M13BE
Please note that we are a data controller and processor.
We are required under data protection legislation to notify you of the information contained in this privacy notice.
This notice does not form part of any contract of employment, contract to provide services, or any other contract and may be updated at any time. We will inform you if this occurs.
We will comply with data protection laws. This says that the personal information we hold about you must be:
Used lawfully, fairly and in a transparent way.
Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
Relevant to the purposes we have told you about and limited only to those purposes.
Accurate and kept up to date.
Kept only as long as necessary for the purposes we have told you about.
Kept securely
Our main objective is for you to have absolute trust and confidence in us when we collect, control and process your data.
We are committed to the following:
Being completely transparent about how, when and why your data is controlled and processed by us.
Allowing you control over the personal data we collect from you and how we process that personal data.
Not using automated decision-making when processing your personal data.
It is important that you read this notice, together with any other privacy notice that is provided on specific occasions when we are collecting or processing personal information about you so that you are aware of how and why we are using such information.
As a data subject, you are entitled to formally request information we hold about you.
Please see the relevant section for information on how to make such a request.
We are committed to keeping the personal information provided to us secure, and we have implemented appropriate information security policies, rules and technical measures to protect the personal information that we have under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.
All of our employees, consultants, and workers who have access to and are associated with processing personal information receive training on confidentiality and security. They are obliged to respect the confidentiality of such personal information.
If you have any concerns or complaints relating to this policy, its subject matter, or how we collect, control and/or process your data, please do let us know by sending an email to our Data Protection Officer, Usman Aziz, at usman@thepartimer.co.uk or write to us at our registered office address (see Who We Are section above).
The ParTimer is committed to ensuring that our Privacy Notice is effective and up-to-date.
The Directors will review this document at least once a year or more frequently if needed due to changes in laws or practices.
Under the Data Protection Act 1998 ("the Act") and General Data Protection Regulation (Regulation (EU) 2016/679) ("the Regulation"), we are a data controller and data processor of personal data and sensitive personal data provided by you to us through our website.
We may collect and process personal data, sensitive personal data and other information from you when you use our website and its content.
The type of data collected and how such data is collected will vary depending on how you use our website and whether or not you have consented for us to collect certain types of data from you.
By using our website and/or our products or services in conjunction with our website, you agree that we collect and process the personal data provided as part of that process for the purposes made clear to you at that time.
HOW WE COLLECT PERSONAL DATA
At present, all data is collected actively via our Contact Us form.
WHAT KIND OF INFORMATION WE COLLECT AND PROCESS
If you are a client (an employer) or a candidate (job seeker), we may collect, store, and use any of the following categories of personal information about you where you have subscribed to updates via our Contact Us form:
Clients
Company Name
Location
Industry
Full Name
Job Title
Phone Number
Email Address
CANDIDATES
Name
City
Phone Number
Email Address
Student Status
HOW WE USE YOUR PERSONAL DATA
ACTIVITIES
We may process your data:
In order to send marketing and/or promotional material to you when you subscribe to updates via our Contact Us form.
To seek user feedback about our products (when signing up as a tester).
LAWFUL BASIS
The lawful basis for this processing is:
Consent
Legitimate Interest
CHANGES OF PURPOSE
We will only use your Personal Data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
DATA SECURITY
All personal data we collect and process is stored on our secure servers following reasonable security practices, including the adoption of encryption technology on our website.
Any Personal Data collected by us is only accessible by a limited number of employees and third-party subcontractors or affiliates who have special access rights to such systems and are bound by obligations of confidentiality.
If and when we use subcontractors to store your data, we will not relinquish control of your Personal Data or expose it to security risks that would not have arisen had the data remained in our possession.
YOUR RIGHTS AND OBLIGATIONS
UPDATES TO PRIVACY POLICY
We may update this policy from time to time by publishing a new version on our website.
You should check the following page occasionally to ensure you are happy with any changes to this policy: https://jiffl.co.uk/privacy-policy
CONSENT
We will process your data with your express consent through opt-in mechanisms.
We may also process your data if applicable Legislation permits.
Where we are processing your personal data based on your giving us your consent to do so, you have the right to withdraw that consent at any time, but this will not affect the lawfulness of the processing before the withdrawal of such consent.
You can exercise your right to withdraw consent to the processing (for example, any marketing we send you following initially giving consent to receive such information) at any time by contacting us via email at usman@thepartimer.co.uk
Please note that where you opt out of receiving our marketing messages, we will continue to retain other Personal Data provided to us as a result of interactions with us not related to your marketing preferences.
DATA RETENTION, ERASURE AND RECTIFICATION
We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it. We may retain your Personal Data for a longer period than usual in the event of a complaint or if we reasonably believe there is a prospect of litigation with respect to our relationship with you.
You have the right to erasure (the 'right to be forgotten').
This means that you have the right to request us to erase personal data we hold about you and that we should erase such data without undue delay if any of the below are applicable:
That our processing of personal data is no longer necessary in relation to the purpose for which it was collected;
That you withdraw your consent to the processing, and there is no other legal ground for us to continue to process the data;
That you object to the processing under regulation 21 of the Regulation and there are no overriding legitimate grounds for the processing;
That the personal data must be erased to comply with a national legal obligation.
You also benefit from the right to rectify inaccurate personal data we hold which relates to you (also known as the 'right to rectification').
You can exercise your rights to erasure and rectification by contacting us via usman@thepartimer.co.uk
SHARING OF PERSONAL DATA
We may disclose personal data we hold to third parties, with your consent or based on an otherwise lawful reason for doing so under the Legislation. For example:
If we require any subcontractors or affiliates to access the data we control (subject to confidentiality obligations to use it only for the purposes for which we disclose it to them and pursuant to our instructions); and
If The ParTimer Limited anticipates a change in control or the acquisition of all or part of our business or assets or with interested parties in connection with the licensing of our technology; and
If we or substantially all of our assets are acquired by a third party, in which case personal data we hold will be one of the transferred assets; and
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any contract with the data subject or other agreements, or to protect our rights, property, or safety of our employees, clients, or others.
USE OF THIRD-PARTY PLATFORMS
At present, our website gathers basic user analytics via Google Analytics, which is integrated into Firebase Hosting (our website hosting provider). For example, we may collect data on visitor numbers, times, locations, pages visited, etc. However, we do not collect personally identifiable data such as API addresses.
When capturing data via our website contact form, this data is transmitted to our email service using EmailJS. However, this data is encrypted in transit and is not stored by this third party.
TRANSFERS OUTSIDE OF THE EEA
Whilst our platform is hosted within the UK, Firebase Hosting servers are located both inside and outside Europe. Therefore, your data may reside outside of the UK.
In addition, our third-party website developers will have access to the data held on our website.
To ensure that your data is protected, we will apply appropriate safeguards, namely using standard data protection clauses adopted or approved by the European Commission.
EXTERNAL LINKS
When you click on links on our website, they may direct you away from our site, for example, by clicking on the relevant link to download our App.
We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
CHILDREN'S PRIVACY
The services provided through our website are not marketed to, and should not be used by, anybody under 18, and we do not knowingly collect personal data from children under 18.
If we discover that a child under 18 has provided us with personal data, we will delete such data from our servers.
HOW WE COLLECT DATA
We typically collect personal information directly from you during our business relationship. This includes when signing up for updates, creating an account, and thereafter.
WHAT KIND OF INFORMATION WE COLLECT AND PROCESS
If you are a client in receipt of our Services or a prospective client, we may collect, store, and use any of the following categories of personal information about you:
Company Name and Companies House Details (Company Number)
Location, Sector/Industry and Size of Company
Company Web Address
VAT Number (optional)
Full Name, Job Title, Phone Number, and Email Address of Company Contacts
Payment Information and Transactional Data
WHERE WE STORE YOUR INFORMATION
Your information will be stored securely:
Within the ParTimer platform(s) (including the ParTimer Administrator Panel).
Within payment modules, for example, Stripe.
HOW WE WILL USE YOUR INFORMATION
PERSONAL INFORMATION
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
Where you have provided your consent to the processing of your personal data
Where we need to use your personal data in relation to a contract we are about to enter, or have entered, into with you.
Where we need to use your personal data for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation, cooperate with regulators or resolve disputes and legal claims.
Purposes for which we will use your personal data
Purpose/Activity | Type of Data | Lawful Basis for Processing | Condition for Processing Special Categories of Personal Data |
---|---|---|---|
To enable you to use our Online Platform, App or Services and register you as a new user. | Identity Contact Financial | Performance of a contract with you. | N/A |
To process purchases and deliver Services, including managing payments and collection of money owed to us. | Identity Contact Financial Transaction Marketing Communications | Performance of a contract with you Necessary for our legitimate interests (to recover debts due to us). | N/A |
To manage our relationship with you, including notifying you of changes to our Online Platform, App, Services, or Websites. | Identity Contact Financial Marketing Communications | Performance of a contract with you. Necessary for our legitimate interests (to keep records updated and to analyze how customers use our Online Platform, App, Services, and Websites). Necessary to comply with legal obligations (to inform you of any changes to our Terms and Conditions). | N/A |
To deliver content and advertisements to you. To make recommendations about goods and services which may interest you. To measure and analyze the effectiveness of the advertising we serve you. To monitor trends so we can improve the Online Platform, the App, or Services. | Identity Contact Financial Marketing Communications | Your consent (for direct marketing). Necessary for our legitimate interests (to develop our Services and grow our business). | N/A |
AUTOMATED DECISION-MAKING AND PROFILING
We are committed to maintaining the trust and confidence of our users. In that spirit, we affirm that we do not engage in any form of automated decision-making or profiling using user data.
Should our policy change, we pledge to provide clear information about the processes and any significant changes and offer an easy means for our users to express their preferences or to opt-out where applicable.
CHANGES OF PURPOSE
We will only use your personal information for the purposes we collected it unless we reasonably consider that we need to use it for another reason, and that reason is compatible with the original purpose.
If we need to use your personal information for an unrelated or new purpose, we will notify you and explain the legal basis which allows us to do so.
Please note that we will, if necessary, process your personal information without your knowledge or consent in compliance with the above rules where this is required or permitted by law.
YOUR RIGHTS AND OBLIGATIONS
UPDATES TO PRIVACY POLICY
We may update this policy from time to time.
You should occasionally check to ensure you are happy with any changes to this policy.
CONSENT
We do not need your consent if we use your personal information following our written policy to carry out our legal obligations to allow us to provide our Services.
In limited circumstances, if the need arises, we will request your written consent to process particularly sensitive data. If we do so, we will provide you with full details of the information we would like and the reason we need it so that you can carefully consider whether you wish to consent.
You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.
DATA RETENTION, ERASURE AND RECTIFICATION
The personal data we collect from you will be stored and retained by us for the time necessary to fulfil our services and contractual/legal obligations.
In general, we will retain client data for 6 years following the end of Service provision.
However, we may retain your personal data for longer where such retention is necessary for compliance with a legal obligation to which we are subject or to protect your vital interests or the vital interests of another natural person.
Under certain circumstances, by law, you have the right to:
Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request the erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party), and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal information to another party.
Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure by law.
If you are entitled to any of the above and if we have shared your personal information with others (for example, our Accountants or third-party web developers), we will let them know about the request.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us in writing by emailing usman@thepartimer.co.uk or by letter to C/O Ams Accountants (Midlands), 2nd Floor, 9 Portland Street, Manchester, M1 3BE, United Kingdom.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights).
However, we are allowed under the law to charge a reasonable fee if your access request is unfounded or excessive.
Alternatively, we can refuse to comply with the request in such circumstances.
Please Note: We sometimes need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
DATA RECTIFICATION AND ERASURE VIA OUR PLATFORMS
If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, including inviting you to complete surveys or to market our products and services to you, you can withdraw that consent at any time.
To withdraw your consent, please contact our Data Protection Officer by emailing usman@thepartimer.co.uk or by letter to C/O Ams Accountants (Midlands), 2nd Floor, 9 Portland Street, Manchester, M1 3BE, United Kingdom.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to unless we have another legitimate basis for doing so in law.
SHARING OF PERSONAL DATA
We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you (where you have given consent or where the sharing is necessary for a contract we have with you), where it is in the public interest to do so or where it is necessary for the performance of our functions.
"Third parties" include third-party service providers and other entities.
Client data is only shared when required with the following individuals, organisations and entities:
Our Accountancy Service (via Xero)
Police and Government-related organisations (if required).
Please see Appendix A for the process we follow when sharing personal data.
We may also appoint sub-contractors as required to deliver Services, such as, without limitation, document processing services, IT systems or software providers, IT support service providers, and information storage providers, who will process personal information on our behalf and at our direction.
We conduct an appropriate level of due diligence and put in place contractual documentation concerning any third party to ensure that they process personal information appropriately and according to our legal and regulatory obligations.
This will only be undertaken where:
It is necessary for us to perform our obligations in accordance with any contract that we may have with you.
It is in our legitimate interest or a third party's legitimate interest to use personal information in such a way as to ensure that we provide our servicesin the best way that we can.
Please note that we will never sell your personal data.
PASSIVE DATA COLLECTION
At present, our platforms do not use cookies or any other type of analytics to collect passive data
EXTERNAL LINKS
When you click on links on our platforms, they may direct you away from our site, for example, by clicking on the relevant link to make a payment using Stripe or Apple Pay.
We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
TRANSFERS OUTSIDE OF THE EEA
Whilst our software is hosted in the UK, your data may be processed in countries outside of the UK and the EEA by third parties.
To ensure that your data is protected, we will ensure that such third parties apply appropriate safeguards, such as using standard data protection clauses adopted or approved by the European Commission.
DATA SECURITY
All information you provide to us is encrypted and stored on secure Amazon Web Services (AWS) servers.
Any payment transactions will be encrypted.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Online Platform, App and Services, you are responsible for keeping this password confidential, and we ask you not to share your password with anyone
We also use 2FA to keep your data secure.
Once we have received your information, we will use strict procedures and security features to try and prevent your personal data from being accidentally lost, used or accessed in an unauthorised way.
We will undertake regular vulnerability scans and conduct regular PEN testing to identify any vulnerabilities. Any such vulnerabilities will be remedied in a timely manner.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator when we are legally required to do so.
HOW WE COLLECT PERSONAL DATA
We typically collect personal information directly from you during our business relationship. This includes when signing up for updates, creating an account, and thereafter.
WHAT KIND OF PERSONAL DATA WE COLLECT AND PROCESS
If you are a candidate in receipt of our Services or a prospective candidate, we may collect, store, and use any of the following categories of personal information about you:
Name
Email Address
Date of Birth
Gender (optional)
Student Status (including status as an international student) and current University
Location
Work Experience (Employer Names, Job Titles, Locations, Start and End Dates)
Education History (Educator Names, Qualification Types, Fields of Study, Awards and Key Achievements, Grades, Predicted Grades, Start and End Dates, Internships
Payment Information and Transactional Data
Other information shared in your 'Bio Video' at your discretion, for example, anything that can be used to identify you.
We will also collect, store and use the following "special categories" of more sensitive personal information:
Any information shared in your 'Bio Video' at your discretion or that may be inferred from that video, for example, your racial or ethnic origin, religious beliefs, sexual orientation, political opinions, health (including any disabilities and medical conditions) and trade union membership.
Please note that as the data controller, we are obliged to ensure the security of your data. Therefore, we kindly request that candidates not provide any information related to their criminal history, ongoing allegations or pending court cases or any other sensitive data that could potentially cause them harm should it be shared with others.
WHERE WE STORE YOUR PERSONAL DATA
Your information will be stored securely:
Within the ParTimer platform(s).
Within the ParTimer Administrator Panel.
Within payment modules, for example, Stripe.
HOW WE WILL USE YOUR INFORMATION
PERSONAL INFORMATION
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
Where you have provided your consent to the processing of your personal data.
Where we need to use your personal data in relation to a contract we are about to enter, or have entered, into with you.
Where we need to use your personal data for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation, cooperate with regulators or resolve disputes and legal claims.
PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
Purpose/Activity | Type of Data | Lawful Basis for Processing | Condition for Processing Special Categories of Personal Data |
---|---|---|---|
To enable you to use our Online Platform, App or Services and register you as a new user. | Identity Contact Financial | Performance of a contract with you. | N/A |
Where you are an individual user, to enable you to upload and share your data with prospective employers. | Identity Contact Profile- Including any other data included in your video bio | Performance of a contract with you. Consent (where you give consent to share the data when applying for a job). | Your explicit consent |
To process purchases and deliver services, including managing payments and collection of money owed to us. | Identity Contact Financial Transaction Marketing Communications | Performance of a contract with you. Necessary for our legitimate interests (to recover debts due to us). | N/A |
To manage our relationship with you, including notifying you of changes to our Online Platform, App, Services or Websites. | Identity Contact Financial Transaction Marketing Communications | Performance of a contract with you. Necessary for our legitimate interests (to keep records updated and to analyse how customers use our Online Platform, App, Services and Websites). Necessary to comply with legal obligations (to inform you of any changes to our Terms and Conditions). | N/A |
To deliver content and advertisements to you. To make recommendations about goods and services which may interest you. To measure and analyze the effectiveness of the advertising we serve you. To monitor trends so we can improve the Online Platform, the App, or Services. | Identity Contact Usage Marketing Communications | Your consent (for direct marketing). Necessary for our legitimate interests (to develop our Services and grow our business). | N/A |
AUTOMATED DECISION-MAKING AND PROFILING
We are committed to maintaining the trust and confidence of our users. In that spirit, we affirm that we do not engage in any form of automated decision-making or profiling using user data.
Should our policy change, we pledge to provide clear information about the processes and any significant changes and offer an easy means for our users to express their preferences or to opt-out where applicable.
CHANGES OF PURPOSE
We will only use your personal information for the purposes we collected it unless we reasonably consider that we need to use it for another reason, and that reason is compatible with the original purpose.
If we need to use your personal information for an unrelated or new purpose, we will notify you and explain the legal basis which allows us to do so.
Please note that we will, if necessary, process your personal information without your knowledge or consent in compliance with the above rules where this is required or permitted by law.
YOUR RIGHTS AND OBLIGATIONS
UPDATES TO PRIVACY POLICY
We may update this policy from time to time.
You should occasionally check to ensure you are happy with any changes to this policy.
CONSENT
We do not need your consent if we use your personal information following our written policy to carry out our legal obligations to allow us to provide our Services.
In limited circumstances, if the need arises, we will request your written consent to process particularly sensitive data. If we do so, we will provide you with full details of the information we would like and the reason we need it so that you can carefully consider whether you wish to consent.
You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.
DATA RETENTION, ERASURE AND RECTIFICATION
The personal data we collect from you will be stored and retained by us for the time necessary to fulfil our services and contractual/legal obligations.
In general, we will retain client data for 6 years following the end of Service provision.
However, we may retain your personal data for longer where such retention is necessary for compliance with a legal obligation to which we are subject or to protect your vital interests or the vital interests of another natural person.
Under certain circumstances, by law, you have the right to:
Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party), and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal information to another party.
Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data or where data may be exempt from disclosure by law.
If you are entitled to any of the above and if we have shared your personal information with others (for example, our Accountants or third-party web developers), we will let them know about the request.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us in writing by emailing usman@thepartimer.co.uk or by letter to C/O Ams Accountants (Midlands), 2nd Floor, 9 Portland Street, Manchester, M1 3BE, United Kingdom.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights).
However, we are allowed under the law to charge a reasonable fee if your access request is unfounded or excessive.
Alternatively, we can refuse to comply with the request in such circumstances.
Please Note: We sometimes need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
DATA RECTIFICATION AND ERASURE VIA OUR PLATFORMS
You may change your personal data by directly interacting with our platform.
You may also delete your account(s) by directly interacting with our platform. However, in such instances, your data will still remain in the back end of our platform. If you wish for a total manual deletion, please email usman@thepartimer.co.uk or write to us C/O Ams Accountants (Midlands), 2nd Floor, 9 Portland Street, Manchester, M1 3BE, United Kingdom.
RIGHT TO WITHDRAW CONSENT
If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, including inviting you to complete surveys or to market our products and services to you, you can withdraw that consent at any time.
To withdraw your consent, please contact our Data Protection Officer by emailing usman@thepartimer.co.uk or write to us C/O Ams Accountants (Midlands), 2nd Floor, 9 Portland Street, Manchester, M1 3BE, United Kingdom.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to unless we have another legitimate basis for doing so in law.
SHARING OF PERSONAL DATA
We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you (where you have given consent or where the sharing is necessary for a contract we have with you), where it is in the public interest to do so or where it is necessary for the performance of our functions.
"Third parties" include third-party service providers and other entities.
Candidate data is only shared when required with the following individuals, organisations and entities:
Clients (Employers using the platform). Please note that clients can only see candidate data where the candidate has manually applied for or shown interest in a position.
Police and Government-related organisations (if required).
Please see Appendix A for the process we follow when sharing personal data.
We may also appoint sub-contractors as required to deliver Services, such as, without limitation, document processing services, IT systems or software providers, IT support service providers, and information storage providers, who will process personal information on our behalf and at our direction.
We conduct an appropriate level of due diligence and put in place contractual documentation concerning any third party to ensure that they process personal information appropriately and according to our legal and regulatory obligations.
This will only be undertaken where:
It is necessary for us to perform our obligations in accordance with any contract that we may have with you.
It is in our legitimate interest or a third party's legitimate interest to use personal information in such a way as to ensure that we provide our services in the best way that we can.
Please note that we will never sell your personal data.
PASSIVE DATA COLLECTION
At present, our platforms do not use cookies or any other type of analytics to collect passive data.
EXTERNAL LINKS
When you click on links on our platforms, they may direct you away from our site, for example, by clicking on the relevant link to make a payment using Stripe or Apple Pay or by clicking on a Client (Employer) website link.
We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
TRANSFERS OUTSIDE OF THE EEA
Whilst our software is hosted in the UK, your data may be processed in countries outside of the UK and the EEA by third parties.
To ensure that your data is protected, we will ensure that such third parties apply appropriate safeguards, such as using standard data protection clauses adopted or approved by the European Commission.
DATA SECURITY
All information you provide to us is encrypted and stored on secure Amazon Web Services (AWS) servers.
Any payment transactions will be encrypted.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Online Platform, App and Services, you are responsible for keeping this password confidential, and we ask you not to share your password with anyone.
We also use 2FA to keep your data secure.
Once we have received your information, we will use strict procedures and security features to try and prevent your personal data from being accidentally lost, used or accessed in an unauthorised way.
We will undertake regular vulnerability scans and conduct regular PEN testing to identify any vulnerabilities. Any such vulnerabilities will be remedied in a timely manner.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator when we are legally required to do so.
CHILDREN'S PRIVACY
The ParTimer only provides its services to those over the age of 18 years of age at this time.
The services provided through our online platform and App are not marketed to, and should not be used by, anybody under 18, and we do not knowingly collect personal data from children under 18.
If we discover that a child under 18 has provided us with personal data, we will delete such data from our servers and remove them as a user.
When and how to share information
When asked to share information, you should consider the following questions to help you decide if and when to share. If the decision is taken to share, you should consider how best to effectively share the information.
A flowchart follows the text.
When Is there a clear and legitimate purpose for sharing information?
Yes - see next question
No - do not share
Do you have consent to share?
Yes - you can share, but you should consider how
No - see next question
Does the information enable an individual to be identified?
Yes - see next question
No - you can share but should consider how
Have you identified a lawful reason to share information without consent?
Yes - you can share, but you should consider how
No - do not share
How
Identify how much information to share
Ensure that you are giving the right information to the right individual
Ensure, where possible, that you are sharing the information securely
Where possible, be transparent with the individual, informing them that the information has been shared, as long as doing so does not create or increase the risk of harm to the individual.
All information-sharing decisions and reasons must be recorded.
Flowchart
Note - Consent must be unambiguous, freely given and may be withdrawn at any time.