GDPR Compliance

Westpoint Recruitment Limited – GDPR Compliance Statement

Westpoint Recruitment Limited places a high importance on security of information and will be complying with the GDPR regulations – which place obligations on how organisations handle personal data – when they take effect from 25 May 2018.

Services

Westpoint Recruitment Limited are a recruitment agency and recruitment business as defined in the Employment Agencies and Employment Businesses Regulations 2003 (our business). We collect the personal data of the following types of people to allow us to undertake our business;

  • Prospective and placed candidates for permanent or temporary roles;
  • Prospective and live client contacts;
  • Supplier contacts to support our services;
  • Employees, consultants, temporary workers;

 

We collect information about you to carry out our core business and ancillary activities.

Secure Approach

Westpoint Recruitment Limited delivers a secure approach in all of our service delivery by:

  • Only processing client and candidate data for the purpose of performing our obligations.
  • Limiting access to systems (internal and third-party) to relevant persons to perform our obligations.
  • Subscribing to identity management software, using strong passwords (changed every 60 days) on our internal systems
  • Securing desktop infrastructure behind secure firewalls, protected by anti-virus software which is automatically updated, and encrypting hard-drives with Windows 10 professional security features
  • Controlling wireless access points with WPA2 security and strong passwords
  • Installing all Westpoint Recruitment Limited computers with remote controlled monitoring
  • Using industry leading cloud service providers accredited with industry leading certifications on availability and security to host and protect client data
  • Using other cloud service providers for internal management of information secured with enterprise grade systems, and audit logging of access, restricted user accounts and data back-up.
  • Incorporating data security and awareness training into our team onboarding
  • Keeping our team up to date with changes in security guidelines and standards
  • Incorporating strict confidentiality provisions into our employment contracts and contracts with clients and candidates.
  • Not holding client and candidate data for longer than necessary and appropriate to fulfil provision of recruitment services, with data being processed under legitimate business interest.
  • Implementing an audit process for deletion of data

We would encourage all clients and candidates to let us know of any specific security requests, so we can work with to provide the best possible service. We also rely on our clients meeting certain obligations at their end. We expect them to:

  • Remain responsible for the accuracy and content of information uploaded to the Westpoint Recruitment Limited platforms, and passed to us.
  • Ensure that their own internal security measures are appropriate and adequate to protect personal information
  • Obtain applicable consents or waivers from relevant persons necessary for Westpoint Recruitment Limited to provide agreed Services
  • Comply with applicable laws when using our Services.

ICO

Westpoint Recruitment Limited is registered with the Information Commissioner’s Office. We keep up to date with ICO best practice guidelines. More information on the role of the ICO and information security can be found on their website: www.ico.org.uk.

Westpoint Recruitment Limited has a data breach reporting process in place.

Questions?

Please always ask if you have any questions. Your Westpoint Recruitment Limited contact will be happy to assist.