<img src="https://secure.leadforensics.com/72725.png" alt="Lead Forensics Tag" style="display:none;">

Privacy Policy

Privacy Policy – Website and Marketing

Privacy Policy – Website and Marketing

We are Adare SEC Limited (Adare SEC). Our registered company number is 02814431 and our registered office is: 133 Scudamore Road, Braunstone Frith Industrial Estate, Leicester LE3 1UQ UK.

Adare SEC respects your privacy and takes its legal obligations under data protection law very seriously. This page explains how we use personal data that we collect through our website, and how we use personal data for marketing purposes. In the event that there are links on our website to third party websites, those third party website are not covered by this privacy policy. You should review the privacy information on those third party websites to find out how they will use your personal data.

If you have any questions about this policy, or about how we use your personal data, please get in touch with us on 01484 863 411, hello@adaresec.com or Adare SEC, Park Mill, Clayton West, Huddersfield, HD8 9QQ.

1.USE OF OUR WEBSITE

INFORMATION WE COLLECT WHEN YOU USE OUR WEBSITE

We will collect and use the following personal data from you:

Information you give us. This is information about you that you give us by filling in forms on our website to: (i) make an enquiry; or (ii) otherwise contact us. This information will be your name, job title, company name, address, post code. email address, phone number and product requirements (if you are asking for a quote). There are also boxes on our forms where you can type your message to us and it may be that you provide additional information about you in those boxes.

Information we collect about you. We use Google Analytics and IP tracking software on our website. We use Google Analytics to collect the following information from users of our website: IP addresses and webpages visited. We use IP tracking software to collect the following information from users of our website: IP addresses and webpages visited.

Google Analytics is a cookie and there is further information about our use of cookies https://www.adaresec.com/cookies/

USES MADE OF THE PERSONAL DATA WE COLLECT THROUGH OUR WEBSITE

We will use the personal data we obtain through our website as follows:

  • to get in contact with you when you have asked us to do so;
  • to send you any information you have requested;
  • to send you a quote when you have asked for one;
  • to monitor the usage of our website;
  • to help us track the traffic we get through our website; and
  • to help us improve the user-experience of our website.

LEGAL BASIS ON WHICH WE USE PERSONAL DATA FROM OUR WEBSITE

We are using the personal data that you give us on the forms on our website on the basis that you have consented to us using it to get in touch with you or to send you a quote. You can withdraw your consent at any time by contacting us at hello@adaresec.com.

We are using the personal data that we get through Google Analytics and Lead Forensics on the basis that it is in our legitimate interests to monitor the traffic we get through our website, to know how people are using our website, so that we can take steps to improve the experience for people who use our website, and to take any necessary steps to fix any problems with our website.

Our legitimate interests in having a well-functioning website that is easy to use and free from errors do not outweigh your rights because we collect minimal information from you which is largely anonymised. We do not use the information we collect to make any decisions about you.

2.MARKETING THAT WE CARRY OUT

INFORMATION WE COLLECT FOR MARKETING PURPOSES

When we collect personal data from you, we will ask you for permission to send you marketing communications. The personal data that we collect from you for marketing purposes will be: your name, address, job title, email address, phone number and product/solution interests.

USES MADE OF THE PERSONAL DATA WE COLLECT FOR MARKETING PURPOSES

We will use the personal data we collect to send you marketing communications about:

  • products and services that we offer;
  • news about our company;
  • news about the industry and any updates;

LEGAL BASIS ON WHICH WE USE PERSONAL DATA FOR MARKETING

We use the personal data that you give us for marketing on the basis that you have consented to us using it to send you marketing communications. There will be unsubscribe links in all the emails we send you, if you change your mind about receiving them. But you can also withdraw your consent at any time by contacting us at hello@adaresec.com.

3.GENERAL INFORMATION

HOW LONG WE KEEP YOUR PERSONAL DATA

Where we have collected your personal data from our website, we will not keep it for longer than we need it for the purposes we have explained above. We will securely delete the personal data that you give us after 2 years. We will securely delete the personal data that we collect from users of our website after 2 years.

Where we are using your personal data for marketing purposes, we will get in touch with you every 2 years to make sure you are happy to keep hearing from us. If you wish to stop receiving marketing information from us, or we do not hear back from you, we will remove you from our marketing list.

SHARING YOUR PERSONAL DATA

We do not sell or share your personal data outside Adare SEC. We may however be required to transfer your personal data outside Adare SEC for the purposes of complying with our legal obligations or for the purposes of asserting our legal rights.

TRANSFER OF YOUR PERSONAL DATA OUTSIDE THE UK/EEA

We use HubSpot for hosting our website and for our content management system (CMS) and marketing automation services. Use of the HubSpot services means that data may be transferred to the US. As part of our contract with HubSpot, to ensure that your personal data is adequately protected, HubSpot use Standard Contractual Clauses (SCCs) approved by the European Commission to transfer personal data with the same level of protection as it would be dealt with under UK or European legislation. Apart from our relationship with HubSpot, there should be no other transferring of data outside of the UK/EEA unless we notify you otherwise. If you have any questions about our relationship with HubSpot or the SCCs then please contact us on the email address or number above.

YOUR RIGHTS OVER YOUR PERSONAL DATA

You have a number of rights over your personal data, which are:

  • the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy about the way your personal data is being used – please refer to the ICO’s website for further information about this (https://ico.org.uk/);
  • the right to ask us what personal data about you we are holding and to have access to a copy of your personal data;
  • the right to ask us to correct errors in your personal data;
  • the right, in certain circumstances such as where our use of your personal data is based on your consent and we have no other legal basis to use your personal data, to ask us to delete your personal data;
  • the right, in certain circumstances such as where we no longer need your personal data, to request that we restrict the use that we are making of your personal data;
  • the right, in certain circumstances, to ask us to review and explain our legitimate interests to you; and
  • the right, where our use of your personal data is carried out for the purposes of an agreement with us and is carried out by automated means, to ask us to provide you with a copy of your personal data in a structured, commonly-used, machine-readable format.

If you would like to exercise any of these rights please contact hello@adaresec.com.

CHANGES TO OUR PRIVACY POLICY

Any changes we make to this privacy policy will be posted on this page. Please ensure that you check back regularly to see any updates that we have made to our privacy policy.

We may contact you via the email address you have provided if we intend to make a change to this privacy policy that would fundamentally change the nature of the way we use your personal data.

18 September 2023

OTHER PRIVACY STATEMENTS

Privacy Statement for Employees

(GDPR Compliant)

Data Controller: Adare SEC, 133 Scudamore Road, Braunstone Frith Industrial Estate, Leicester LE3 1UQ UK.

Data Protection Officer: Ian Mulcahy – ian.mulcahy@adaresec.com

The Company collects and processes personal data relating to its employees to manage the employment relationship. The Company is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

What information does the Company collect?

The Company collects and processes a range of information about you. This includes the following but is not exhaustive:

  • your name, address and contact details, including email address and telephone number, date of birth and gender;
  • the terms and conditions of your employment;
  • details of your qualifications, skills, experience and employment history, including start and end dates, with previous employers and with the Company;
  • information about your remuneration, including entitlement to benefits such as pensions or insurance cover;
  • details of your bank account and national insurance number;
  • information about your marital status, next of kin, dependants and emergency contacts;
  • information about your nationality and entitlement to work in the UK;
  • information about your criminal record;
  • information about your credit record;
  • details of your schedule (days of work and working hours) and attendance at work;
  • details of periods of leave taken by you, including holiday, sickness absence and family leave, and the reasons for the leave;
  • details of any disciplinary or grievance procedures in which you have been involved, including any warnings issued to you and related correspondence;
  • assessments of your performance, including appraisals, performance reviews and ratings, training you have participated in, performance improvement plans and related correspondence;
  • information about medical or health conditions, including whether or not you have a disability for which the Company needs to make reasonable adjustments;
  • information about training undertaken;
  • details of trade union membership for payment of union fees;

The Company collects this information in a variety of ways. For example, data is collected through application forms and CVs; obtained from your passport or other identity documents such as your driving licence; from forms completed by you at the start of or during employment (such as benefit nomination forms); from correspondence with you; or through interviews, meetings or other assessments.

In some cases, the Company collects personal data about you from third parties, such as references supplied by former employers, information from employment background check providers, information from credit reference agencies and information from criminal records checks permitted by law.

Data is stored in a range of different places, including in your personnel file, in the Company’s HR management systems and in other IT systems (including the Company’s email system).

Why does the Company process personal data?

The Company needs to process data to enter into an employment contract with you and to meet its obligations under your employment contract. For example, it needs to process your data to provide you with an employment contract, to pay you in accordance with your employment contract and to administer benefit, pension and insurance entitlements.

In some cases, the Company needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check an employee’s entitlement to work in the UK, to deduct tax, to comply with health and safety laws and to enable employees to take periods of leave to which they are entitled. Due to the nature of the business, it is necessary to carry out criminal records, credit and identity checks to ensure that individuals are permitted to work within the Company.

In other cases, the Company has a legitimate interest in processing personal data before, during and after the end of the employment relationship. Processing employee data allows the Company to:

  • run recruitment and promotion processes;
  • maintain accurate and up-to-date employment records and contact details (including details of who to contact in the event of an emergency), and records of employee contractual and statutory rights;
  • operate and keep a record of disciplinary and grievance processes, to ensure acceptable conduct within the workplace;
  • operate and keep a record of employee performance and related processes, to plan for career development, and for succession planning and workforce management purposes;
  • operate and keep a record of absence and absence management procedures, to allow effective workforce management and ensure that employees are receiving the pay or other benefits to which they are entitled;
  • obtain occupational health advice, to ensure that it complies with duties in relation to individuals with disabilities, meet its obligations under health and safety law, and ensure that employees are receiving the pay or other benefits to which they are entitled;
  • operate and keep a record of other types of leave (including maternity, paternity, adoption, parental and shared parental leave), to allow effective workforce management, to ensure that the organisation complies with duties in relation to leave entitlement, and to ensure that employees are receiving the pay or other benefits to which they are entitled;
  • ensure effective general HR and business administration;
  • provide references on request for current or former employees;
  • respond to and defend against legal claims; and
  • maintain and promote equality in the workplace.

Where the Company relies on legitimate interests as a reason for processing data, it has considered whether or not those interests are overridden by the rights and freedoms of employees or workers and has concluded that they are not.

Some special categories of personal data, such as information about health or medical conditions, is processed to carry out employment law obligations (such as those in relation to employees with disabilities and for health and safety purposes). Information about trade union membership is processed to allow the Company to operate check-off for union subscriptions.

Who has access to data?

Your information will be shared internally, including with members of the HR (including payroll), your line manager, managers in the business area in which you work and IT staff if access to the data is necessary for performance of their roles.

The Company shares your data with third parties in order to obtain pre-employment references from other employers, obtain employment background checks from third-party providers and obtain necessary criminal, credit and identity records checks from the Disclosure and Barring Service. The Company may also share your data with third parties in the context of a sale of some or all of its business. In those circumstances the data will be subject to confidentiality arrangements.

The Company also shares your data with third parties that process data on its behalf, in connection with payroll, training, the provision of benefits and the provision of occupational health services.

However, there are some circumstances where we may need to pass on your personal data without consent for example, to prevent and detect crime.

How does the Company protect data?

The Company takes the security of your data seriously. The Company has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Further information can be found in the Company’s GDPR Compliance Statement.

Where the Company engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

For how long does the Company keep data?

The Company will hold your personal data for the duration of your employment, and for as long as it is deemed necessary after employment ceases.  However, it will be held for a minimum of seven years.

In the case of data relating to unsuccessful job applications, the Company will hold this for a period of six months.

Your rights

As a data subject, you have a number of rights. You can:

  • access and obtain a copy of your data on request;
  • require the Company to change incorrect or incomplete data;
  • require the Company to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
  • object to the processing of your data where the Company is relying on its legitimate interests as the legal ground for processing; and
  • ask the Company to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the Company’s legitimate grounds for processing data.

If you would like to exercise any of these rights, please contact the HR Department, at HR@adaresec.com.

You can make a subject access request by completing the appropriate Company form which is also available from the HR Department at the above email address.

If you believe that the Company has not complied with your data protection rights, you can complain to the Information Commissioner.

What if you do not provide personal data?

You have some obligations under your employment contract to provide the Company with data. In particular, you are required to report absences from work and may be required to provide information about disciplinary or other matters under the implied duty of good faith. You may also have to provide the organisation with data in order to exercise your statutory rights, such as in relation to statutory leave entitlements. Failing to provide the data may mean that you are unable to exercise your statutory rights.

Certain information, such as contact details, your right to work in the UK, vetting information and payment details, has to be provided to enable the Company to enter a contract of employment with you.

If you do not provide other information, this will hinder the Company’s ability to effectively administer the rights and obligations arising as a result of the employment relationship.

Automated decision-making

Some of the Company’s employment decisions are based solely on automated decision-making. This is sometimes used in recruitment where candidates may be rejected automatically if they do not possess essential qualifications/competencies required for the role.

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 18 September 2023.

Privacy Statement – Job Applicants

Recruitment Process

Adare SEC is the Data Controller for the information you provide during the recruitment process.

The Company collects and processes personal data relating to prospective employees as part of the recruitment process.  The Company is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

If you have any queries about how we handle your information, please contact us at hr@adaresec.com.

What will we do with the information you provide to us?

All of the information you provide during the recruitment process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for. 

What information do we ask for, and why?

We do not collect more information than we need to fulfil our stated purposes and we will not retain it for longer than is deemed necessary.

The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t. 

Application stage

We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. We might ask you to participate in assessment days; complete tests or occupational personality profile questionnaires; and/or to attend an interview – or a combination of these. Information will be generated by you and by us. For example, you might complete a written test or we might take interview notes. We use only use tests/other assessment methods that are relevant to the role and we carefully consider ethical issues when creating, administering and interpreting these tests. The information we gather is securely stored by Adare SEC, accessible by the HR team and only shared with the recruiting manager (s).

Conditional offer

If we make a conditional offer of employment, we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.

You will therefore be required to provide:

  • Proof of your identity – you will be asked to supply specific, original documents; we will take copies.
  • Proof of your qualifications – you will be asked to supply original documents; we will take copies.
  • Information to allow us to complete a vetting process which covers identity, unspent criminal convictions and credit history. This is done through a data processor.
  • Details of your referees, using the details you provide in your application to obtain references
  • Details about your health to establish your fitness to do the work you have been offered or advise us if any adjustments are needed to the work environment or systems so that you may work effectively. Some of this is done through a data processor.

If your application is successful and you accept a role within our Company, we will ask you for additional information.  The Company’s Employee Privacy Statement contains further information relating to this.

Use of data processors 

Data processors are third parties who provide elements of our recruitment service for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

How long is the information retained for?

If you are successful in your application, the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment, and for as long as it is deemed necessary after employment ceases.  However, it will be held for a minimum of seven years. This includes information confirming the successful vetting procedure.

If you are unsuccessful at any stage of the process, the information you have provided until that point, including information generated throughout the process, for example interview notes, will be retained for 6 months from the closure of the campaign.  If you do not wish for this to be held for this period, you can ask HR to destroy it.

How we make decisions about recruitment?

Automated decision-making is sometimes used in recruitment where candidates may be rejected automatically if they do not possess essential qualifications/competencies required for the role. Other recruitment decisions are made by hiring managers and members of the HR team, taking into account all information gathered during the recruitment process.

You are able to ask about decisions made about your application by speaking to your contact within the HR Team or by emailing hr@adaresec.com.

Your rights

As a data subject, you have a number of rights. You can:

  • access and obtain a copy of your data on request;
  • require the Company to change incorrect or incomplete data;
  • require the Company to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
  • object to the processing of your data where the Company is relying on its legitimate interests as the legal ground for processing; and
  • ask the Company to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the Company’s legitimate grounds for processing data.

If you would like to exercise any of these rights, please contact the HR Department, at hr@adaresec.com.

You can make a subject access request by completing the appropriate Company form which is also available from the HR Department at the above email address.

If you believe that the Company has not complied with your data protection rights, you can complain to the Information Commissioner.

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 18 September 2023