Introduction
At The HR Breakdown (“THB”, “we”, “us”, or “our”), we take your privacy very seriously and are committed to protecting personal data. This privacy policy contains important information on who we are and how and why we collect, store, use, and share your personal data. It applies to personal data provided to us by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.
Personal data is any information relating to an identified or identifiable individual. Our use of your personal data is subject to your instructions, the EU General Data Protection Regulation (GDPR), other relevant UK and EU legislation, and our professional duty of confidentiality.
When collecting and using personal data, our policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, please go to the relevant sections of this statement.
Personal Data We Collect About You
The personal data we collect is limited to your name, email address, job role, organization, and country of residence. This personal data is required in order to enable us to provide our services to you. If you do not provide the data we require, it may delay or prevent us from providing services to you.
Additional details including address and telephone number may be required in relation to the requested services.
We do not store any special category personal data including, but not limited to, ethnicity, political opinions, religious beliefs, or data related to health or sexual orientation.
How Your Personal Data Is Collected
We collect most of this information from you when you subscribe to our newsletter(s). However, we may also collect information from:
- Publicly accessible sources, e.g., Companies House; your company’s website and via research online for companies that our newsletters may be relevant to.
- Third parties, e.g.:
- Organizations with a legitimate interest in marketing to you;
- Consultants and other professionals we may engage in relation to your services;
- Trade associations that you are a member of;
- Where we are contracted by clients to produce a newsletter and distribute this to individuals’ email addresses as instructed by the client.
How and Why We Use Your Personal Data
Under data protection law, we can only use your personal data if we have a legitimate reason for doing so, e.g.:
- For our legitimate interests or those of a third party; or
- To comply with our legal and regulatory obligations;
- For the performance of our contract with you or to take steps at your request before entering into a contract.
A legitimate interest is when we have a business or commercial purpose to use your information, so long as this is not overridden by your own rights and interests. Please see the table below for an explanation of how we use your personal data.
What we use your personal data for | Our reasons |
---|---|
To contact your business address to provide a free newsletter service to your business for a trial period. | For our legitimate interest in promoting our newsletter services to relevant businesses |
To provide our newsletter services to you as an HR-related organization that has subscribed to receive the service. | For the performance of our contract with you or to take steps at your request before entering into a contract |
Gathering and providing information required by or relating to audits, inquiries, or investigations by regulatory bodies. | To comply with our legal and regulatory obligations |
Ensuring business policies are adhered to, e.g., policies covering security and internet use | For our legitimate interests in the proper administration of our website and business |
Operational reasons, such as improving efficiency, training, and quality control | For our legitimate interests in the proper administration of our website and business |
Statistical analysis to help us manage our practice, e.g., in relation to our financial performance, client base, work type, or other efficiency measures | For our legitimate interests in the proper administration of our website and business |
Preventing unauthorized access and modifications to systems | For our legitimate interests or those of a third party; to comply with our legal and regulatory obligations |
Updating and enhancing client records | For the performance of our contract with you or to take steps at your request before entering into a contract; to comply with our legal and regulatory obligations; for our legitimate interests in the proper administration of our website and business |
Ensuring safe working practices, staff administration, and assessments | To comply with our legal and regulatory obligations; for our legitimate interests or those of a third party |
External audits and quality checks, or Investors in People accreditation and the audit of our accounts | For our legitimate interests in the proper administration of our website and business; to comply with our legal and regulatory obligations |
To send you marketing emails about other newsletters that your organization may find relevant. | For our legitimate interests in keeping our customers updated on new content and promoting our newsletter content. |
Where we are engaged by a client to produce relevant content and email this to a list of contacts that they have provided. | For our legitimate interests in performing the services as agreed with our clients. |
Promotional Communications
We may use your personal data to send you updates by email about relevant developments that might be of interest to you and/or information about our services, including exclusive offers, promotions, or new services or products.
We will only process your personal data for promotional purposes if we believe there is a significant legitimate interest in the services to benefit you (see above ‘How and why we use your personal data’). This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal data with the utmost respect and never sell or share it with other organizations outside The HR Breakdown for marketing purposes.
You have the right to opt out of receiving promotional communications at any time by:
- Contacting us at privacy@thehrbreakdown.com
- Using the ‘unsubscribe’ link at the footer of email newsletters;
- Updating your marketing preferences on our website.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
Who We Share Your Personal Data With
We will only share personal data with others when we are either legally permitted or contractually obliged to do so.
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a restructure. Usually, information will be anonymized but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
Personal data held by us may be routinely transferred to:
- Law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations
- Auditors and other professional advisers
Where Your Personal Data Is Held
Information may be held at our offices or on our systems and others as described above (see ‘Who we share your personal data with’).
How Long Your Personal Data Will Be Kept
We will keep your personal data after we have finished providing our services to you. We will do so for one of these reasons:
- To respond to any questions, complaints, or claims made by you or on your behalf;
- To show that we treated you fairly;
- To keep records required by law.
We will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data. When it is no longer necessary to retain your personal data, we will delete or anonymize it.
Transferring Your Personal Data Out of the EEA
To deliver services to you, it is sometimes necessary for us to share your personal data outside the European Economic Area (EEA), e.g.:
- With your and our service providers located outside the EEA;
- If you are based outside the EEA;
- Where there is an international dimension to the matter in which we are advising you.
These transfers are subject to special rules under European and UK data protection law. If you would like further information, please contact privacy@thehrbreakdown.com (see ‘How to contact us’ below).
Your Rights and How to Exercise Them
Individuals have certain rights over their personal data, and as a data controller, we are responsible for fulfilling these rights. We are a data controller and include further information about your rights and how to exercise them below.
Access to Personal Data
You have a right of access to personal data held by us as a data controller. This right may be exercised by emailing us at privacy@thehrbreakdown.com. We will aim to respond to any requests for information promptly, and in any event within the legally required time limits (currently 30 days).
Amendment of Personal Data
To update personal data submitted to us, you may email us at privacy@thehrbreakdown.com or, where appropriate, contact us via the relevant website registration page or by amending the personal details held on relevant applications with which you registered. Once we are informed that any personal data processed by us is no longer accurate, we will make corrections (where appropriate) based on your updated information.
Withdrawal of Consent
Where we process personal data based on consent, individuals have a right to withdraw consent at any time. We do not generally process personal data based on consent as we can usually rely on another legal basis including legitimate interest.
To withdraw consent to our processing of your personal data, please email us at privacy@thehrbreakdown.com or, to stop receiving an email from a THB newsletter distribution list, please click on the unsubscribe link in the relevant email received from us.
Other Data Subject Rights
This privacy statement is intended to provide information about what personal data we collect about you and how it is used. As well as rights of access and amendment referred to above, individuals may have other rights in relation to the personal data we hold, such as a right to deletion, to restrict or object to our processing of personal data, and the right to data portability.
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you wish to exercise any of these rights, please send an email to privacy@thehrbreakdown.com.
Keeping Your Personal Data Secure
We take the security of all the data we hold very seriously. We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to Complain
We hope that we can resolve any query or concern you may raise about our use of your information. If you wish to complain about our use of personal data, please send an email with the details of your complaint to privacy@thehrbreakdown.com. We will look into the matter and respond to any complaints we receive.
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner’s Office (“ICO”). For further information on your rights and the complaints process, please refer to the ICO website.
Changes to This Privacy Policy
We will keep this policy statement under review and from time to time may make changes to ensure transparency. We will inform you via email if we change this privacy policy.