Privacy Policy

Introduction

FE Associates is committed to data security and the fair and transparent processing of personal data. This privacy policy (Policy) sets out how we will treat the personal data which you provide to us in compliance with applicable data protection law, in particular the General Data Protection Regulation (EU) 2016/679 (GDPR).

Please read this Policy carefully as it contains important information on who we are and what we do, how and why we collect, store, use and share personal data, your rights in relation to your personal data, how to contact us and supervisory authorities in the event that you would like to report a concern about the way in which we process your data.

If you have any queries about this Policy, the way in which FE Associates processes personal data, or about exercising any of your rights, please send an email to enquiries@fea.co.uk or write to Director of Operations, FE Associates, 9 Apex Court, Woodlands, Bradley Stoke, BS32 4JT.

Who we are and what we do

In this Privacy Policy, references to ‘we’ ‘us’ or ‘our’ means FE Associates which is a company with registered number 08747426 (England and Wales) and whose registered address is 9 Apex Court, Woodlands, Bradley Stoke, BS32 4JT.

For the purposes of the GDPR, FE Associates is the ‘controller’ of the personal data you provide to us.

Our core business is the placement of interim managers, recruitment services and consultancy support to our clients who may include:

general further education and sixth form colleges
local authorities, charities, private training providers
other relevant prospective employers in the FE sector.

(the ‘Core Business’)

In support of our Core Businesses we may also provide the following services behaviour profiling/psychometric testing, payroll services, online DBS processing (via Disclosures), outsourcing, training and assessment services (the ‘Ancillary Services’).

We collect information about you to carry out our Core Business and Ancillary Services.

FE Associates owns and operates www.fea.co.uk (Website). This policy sets out the basis on which FE Associates processes personal data.

What is covered in this document?

This document explains how we collect and use personal information about you. For the purposes of this document ‘you’ refers to:

Individual work seekers who are seeking or who have been found work by us on either a temporary, interim or permanent basis (referred to in this document as ‘candidates’)
Visitors to our website or recruitment microsites
Private individuals who are or were formerly working for our current or former clients, as further explained below under ‘Who we are and what we do’
Private individuals who work for or have worked for suppliers or prospective suppliers of services to us

What personal data do we collect?

We may collect and process the following personal data:

Information you provide to us

If you:

complete a form on our website
send your CV to us via our website, upload form or email
connect with us on LinkedIn or participate in other social media functions
apply for a job via our website or recruitment microsite
complete a survey
correspond with us by phone, e-mail, or in writing
report a problem
sign up to receive our newsletter/communications
enter into a contract with us to receive products and/or services
attend our events.

Depending on the nature of our relationship with you, the information you give us or we collect about you may include your name; address; private and corporate e-mail address; phone number(s); financial information such as bank account details, PAYE code and records of payments owed/paid to you; compliance documentation (including health and criminal convictions checks); age/date of birth; gender/gender identity; emergency contact details (next of kin); references verifying your qualifications and experience; documents verifying your legal right to work in the United Kingdom; curriculum vitae; photograph(s); records of current and completed work assignments contracted with us or with clients; data on workplace observations/performance feedback; CPD/training records; links to your professional profiles available in the public domain e.g. LinkedIn, Twitter, business Facebook or corporate website and general correspondence.

Information we collect about you

If you visit our Website, we may automatically collect the following information:

technical information, including the internet protocol (IP) address used to connect your computer to the Internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
information about your visit to our website such as the products and/or services you searched for and view, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page
enquiry/candidate contact details, and uploaded CV file.

How data is processed within the website

Form submissions sent to website administrator(s) via email
Newsletter signup form passes data directly to 3rd party data sub-processor, MailChimp.

Information we receive from other sources

We may also receive information about you if you use any of the other websites/microsites we operate or the other services we provide.

Information about other people

If you provide information to us about any person other than yourself, such as your relatives, next of kin, your referees, advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

Sensitive personal data

In certain limited cases, we may collect certain sensitive personal data from you (that is, information about your racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offences, or genetic or biometric data). However, we will only do so on the basis of your explicit consent.

How do we use your personal data?

When we ask you to supply us with personal data we will make it clear whether the personal data we are asking for must be supplied so that we can provide the products and services to you, or whether the supply of any personal data we ask for is optional.

Contract performance: we may use your personal data to fulfil a contract, or take steps linked to a contract:

to provide the products and/or services to you
to communicate with you in relation to the provision of the contracted products and services
to provide you with administrative support such as account creation, security, and responding to issues
to provide you with industry information, surveys, information about our events, offers and promotions, related to the products and/or services.

Legitimate interests: where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests are:

providing you with newsletters, surveys, information about our events, offers, and promotions, related to products and services offered by FE Associates
communicating with you in relation to any issues, complaints, or disputes
improving the quality of experience when you interact with our products and/or services, including testing the performance and customer experience of our Website
performing analytics on sales/marketing data
determining the effectiveness of promotional campaigns.

NOTE: you have the right to object to the processing of your personal data on the basis of legitimate interests as set out below, under the heading Your rights.

Consent: where you have given your express consent to receive marketing communications, we may use your personal data to:

send you newsletters, surveys, information about our events, offers, and promotions, related to products and services offered by FE Associates which may be of interest to you
develop, improve, and deliver marketing and advertising for products and services offered by FE Associates.

Where required by law: we may also process your personal data if required by law, including responding to requests by government or law enforcement authorities, or for the prevention of crime or fraud.

Vital interests

This is information collected to protect your vital interests. The only data that we collect that falls in this category is next of kin/emergency contact details for candidates. You do not have to provide us with this information if you do not want to.

Who do we share your personal data with?

We take all reasonable steps to ensure that our staff protect your personal data and are aware of their information security obligations. We limit access to your personal data to those who have a genuine business need to know it.

We may share your personal data with trusted third parties including:

clients for the purpose of introducing interim managers and candidates to them
legal and other professional advisers, consultants, and professional experts
service providers contracted to us in connection with provision of the products and services such as providers of IT services, payroll and customer relationship management services
analytics and search engine providers that assist us in the improvement and optimisation of our Website.

We will ensure there is a contract in place with the categories of recipients listed above which include obligations in relation to the confidentiality, security, and lawful processing of any personal data shared with them.

Where a third party recipient is located outside the European Economic Area, we will ensure that the transfer of personal data will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission where the data protection authority does not believe that the third country has adequate data protection laws.

We will share personal data with law enforcement or other authorities if required by applicable law.

How long will you keep your personal data?

We understand our legal duty to retain accurate data and only to retain personal data for as long as we need it to fulfil the purposes we collected it for. Accordingly, we have a data retention policy and run data routines to remove data in line with the policy. To determine the appropriate retention period for personal data we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, as well as the applicable legal requirements.

We do the following to try to ensure our data is accurate:

Prior to making an introduction we check that we have accurate information about you.
We keep in touch with you so you can let us know of changes to your personal data.

We may archive part or all of your personal data or retain it on our financial systems only, deleting all or part of it from our main Customer Relationship Manager (CRM) system.

Our current retention policy is available upon request.

Where do we store your personal data and how is it protected?

We take reasonable steps to protect your personal data from loss or destruction. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so. Where you have a username or password (or other identification information) which enables you to access certain services or parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.

Automated decision making

We do not undertake automated decision making or profiling. We do use our computer systems to search and identify personal data in accordance with parameters set by a person and / or a client. A person will always be involved in the decision making process.

Your rights

Under the GDPR, you have various rights with respect to our use of your personal data:

Right to access. You have the right to request a copy of the personal data that we hold about you by contacting us at the email or postal address given below. Please include with your request information that will enable us to verify your identity. We will respond with 30 days of request. Please note that there are exceptions to this right. We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if we are legally prevented from disclosing such information or if your request is manifestly unfounded or excessive.
Right to rectification. You have the right to request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Right to erasure. You have the right to request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Right to object. You have the right to object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object or withdraw your consent where we are processing your personal information for direct marketing purposes.
Right to restrict processing. You have the right to request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Right to data portability. You have the right to request the transfer of your personal information to another party in certain formats, if practicable.

Please note that the GDPR sets out exceptions to these rights. If we are unable to comply with your request due to an exception we will explain this to you in our response.

Contact

Complaints

If you believe that your data protection rights may have been breached, and we have been unable to resolve your concern, you may lodge a complaint with the applicable supervisory authority or to seek a remedy through the courts. Please visit https://ico.org.uk/concerns/ for more information on how to report a concern to the UK Information Commissioner’s Office.

Changes to our Policy

Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Policy.

FEA Privacy policy Version 4, 26th April 2023