Privacy Policy

Privacy Policy:

This Privacy Policy explains how Gordon & Eden collects, stores and processes your personal data.

Who are we and what do we do?

Gordon & Eden is a leadership advisory and executive search firm that collects, uses and stores a variety of personal data necessary to provide such services.

As such the company gathers personal data to carry out these services to its clients. Personal information is stored, processed and transferred at various stages of these services both during and sometimes after client engagements are completed.

We are committed to engendering a culture of accountability, integrity and confidentiality in all aspects of the organisation in regard to personal data and security.

Purpose of this policy:

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be process by us.  For the purpose of the Data Protection Act 1998 and any successor statute and the General Data Protection Regulation 2016/679, the data controller is Gordon & Eden.

The data we collect about you:

We use your personal data to match your skills, experience and education with a potential employer. Initially we would collect basic information in relation to your name, contact details and job role in order to share with a potential employer. Once we have your permission we may gather and share more personal information from you in the form of a CV, compensation details and references, in assessing your suitability.

We may also need to collect sensitive personal information about you that may include your nationality, visa status and other information relating to any background screening we are required to provide future employers through our contractual obligations. We would only collect this information if you provide us with your consent to do so.

Where do we collect your personal data from?

We may collect personal data about you from the following sources:

o   From you directly

o   Publicly available sources

o   LinkedIn or other social networking sites

o   Corporate websites

o   References – by word of mouth

If we collect any sensitive personal data (as outlined above), for such data, we require your explicit consent.

Why do we collect your personal data?

We collect personal data to enable us to match you to career opportunities that we have been engaged to work on by our clients. This may be for a permanent employment opportunity, temporary opportunity or a consulting engagement. Collecting and exchanging personal data is an essential process in order to assess suitability for potential roles, to build market insight and our client obligations.

This is the legitimate interest as to why we collect and use your personal data.

How long do we keep your data for?

We will only keep your personal data for as long as we need to fulfil our client obligations or our legal requirements.

Legal basis for holding your data:

The basis for holding your personal data is determined on one or more of the following reasons:

o   Legitimate interest (outlined above) and where we will ensure the data is accurate and we have been transparent with you

o   Gordon & Eden’s contractual obligations

o   Legal obligations under applicable law to retain records for a certain period

o   Your consent

o   Potential disputes

o   If you withdraw consent and request to be removed

o   Change in guidelines relating to data protection

Who do we share your personal data with?

We will only share your personal data with clients who have a contractual agreement with Gordon & Eden Search to hire a position that may be relevant to you.

With your permission, we may be required to transfer your personal data outside the EEA for a suitable role opportunity with one of our clients. Privacy laws in these countries may be different to your home country. Where we do transfer your data to a country which has not been deemed to provide adequate data protection standards, we always have security measures in place to protect your data.

What are your rights?

We will process all personal data in line with your rights under the GDPR, in particular your right to:

1.     Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold and to check that we are lawfully processing it.

2.     Request correction of your personal data that we hold. This enables you to have any incomplete or inaccurate information we hold corrected.

3.     Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove personal data where you have exercised your right to object to processing

4.     Object to processing of personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes them want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.

5.     Request the restriction of processing of personal data. This enables you to ask us to suspend the processing of personal data, for example if you want us to establish its accuracy or the reason for processing it.

6.     Request the transfer of personal data to another party.

We will only transfer your data outside the EEA if one of the following conditions applies:

7.     The European Commission has issued a decision confirming that the country to which we transfer the data ensures an adequate level of protection for your rights and freedoms;

8.     Appropriate safeguards are in place such as binding corporate rules, standard contractual clauses approved by the European Commission, an approved code of conduct or a certification mechanism;

9.     You have provided explicit consent to the proposed transfer after being informed of any potential risks; or

10. The transfer is necessary for one of the other reasons set out in the GDPR including the performance of a contract between us, reasons of public interest, to establish, exercise or defend legal claims or to protect your vital interests where you are physically or legally incapable of giving consent and, in some limited cases, for our legitimate interest.

You can also exercise your rights over Personal Data held by us at any time by contacting us at contact@gordoneden.co.uk

Updates to this Policy:

We will keep this policy updated in response to changes in data privacy law and any changes to our business. Please review this policy for updates.

How do you contact us?

Questions, comments and requests regarding this privacy policy should be addressed to: contact@gordoneden.co.uk