Who are we?
We are Page Alliance Health Care Ltd. Our address is 94 Armley Road, Crown House, Suite 14B, LS12 2EJ, Leeds, West Yorkshire. You can contact us by post at the above address, by email at firstname.lastname@example.org by telephone on 0113-350-1185.
We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details above.
Page Alliance Healthcare (PAH) gather and process your personal information in accordance with this privacy notice and in compliance with the relevant data protection Regulation and laws. This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data.
This policy is relevant to your use of the (“Company”) website and your relationship with the Company. This document also documents our data protection policy and the rights of individuals that the Company engages with (“Data Subjects”) in respect of personal data under the General Data Protection Regulation (“Regulation”). A ‘Data Subject’ may be an individual or an individual acting on behalf of a body corporate (i.e. a company director).
If you are seeking to instruct the Company for the provision of recruitment services, our standard terms and conditions shall apply.
General Data Protection Regulation (GDPR)
The General Data Protection Regulations defines “personal data” as any information relating to an identified or identifiable natural person (a data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
This Policy sets out the procedures that are to be followed when dealing with personal data. The procedures and principles set out herein must be followed at all times by the Company, its employees, agents, contractors, or other parties working on behalf of the Company.
PAH must process personal data (including sensitive personal data) so that it can provide these services – in doing so, PAH acts as a data controller.
You may give your personal details to PAH directly, such as on an application or registration form or via a PAH website, or we may collect them from another source such as a jobs board. PAH must have a legal basis for processing your personal data.
For PAH this purpose would for providing you with work-finding services, training and/or information relating to roles relevant to you.
We will only use your personal data in accordance with the terms of this policy.
What Information Do We Collect and How Is That Information Used?
CLIENT DATA: There are two main ways in which we collect your personal data:
1 Directly from you; and
2 From third parties (e.g. our Candidates) and other limited sources (e.g. online and offline media).
CLIENT DATA: If you are a PAH customer, we need to collect and use information about you, or individuals at your organisation, in the course of providing you services such as: (i) finding Candidates who are the right fit for you or your organisation; (ii) providing you with a Managed Service Provider ("MSP") programme (or assisting another organisation to do so); (iii) providing you with Recruitment Process Outsourcing ("RPO") services (or assisting another organisation to do so); and/or (iv) notifying you of content published by PAHs which is likely to be relevant and useful to you.
The Company may collect your personal details including, but not limited to, your name and contact details including your email address and any other relevant information with your express permission. This information is held, used and disclosed by us in the following ways until permission is withdrawn:
CLIENT DATA: The main reason for using information about Clients is to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly. This may involve: (i) identifying Candidates who we think will be the right fit for you or your organisation; (ii) providing you with an MSP programme (or assisting another organisation to do so); and/or (iii) providing you with RPO services (or assisting another organisation to do so). The more information we have, the more bespoke we can make our service.
WHAT KIND OF PERSONAL INFORMATION DO WE COLLECT?
So you're looking for a bit more insight into what data we collect about you? Here's a more detailed look at the information we may collect. The information described below is, of course, in addition to any personal data we are required by law to process in any given situation.
Depending on the relevant circumstances and applicable local laws and requirements, we may collect some or all of the information listed below to enable us to offer you employment opportunities which are tailored to your circumstances and your interests. In some jurisdictions, we are restricted from processing some of the data outlined below. In such cases, we will not process the data in those jurisdictions:
- Age/date of birth;
- Birth number;
- Marital status;
- Contact details;
- Education details;
- Employment history;
- Emergency contacts and details of any dependants;
- Referee details;
- Immigration status (whether you need a work permit);
- Nationality/citizenship/place of birth;
- A copy of your driving licence and/or passport/identity card;
- Financial information (where we need to carry out financial background checks);
- Social security number (or equivalent in your country) and any other tax-related information;
- Diversity information including racial or ethnic origin, religious or other similar beliefs, and physical or mental health, including disability-related information;
- Details of any criminal convictions if this is required for a role that you are interested in applying for;
- Details about your current remuneration, pensions and benefits arrangements;
- Information on your interests and needs regarding future employment, both collected directly and inferred, for example from jobs viewed or articles read on our website;
- Extra information that you choose to tell us;
- Extra information that your referees chooses to tell us about you;
- Extra information that our Clients may tell us about you, or that we find from other third party sources such as job sites;
- IP address;
- The dates, times and frequency with which you access our services; and
- CCTV footage if you attend our premises.
Please note that the above list of categories of personal data we may collect is not exhaustive.
To the extent that you access our website we will also collect certain data from you.
CLIENT DATA: The data we collect about Clients is actually very limited. We generally only need to have your contact details or the details of individual contacts at your organisation (such as their names, telephone numbers and email addresses) to enable us to ensure that our relationship runs smoothly. We also hold information relating to your online engagement with Candidate profiles and other material published by PAH, which we use to ensure that our marketing communications to you are relevant and timely. We may also hold extra information that someone in your organisation has chosen to tell us. In certain circumstances, such as when you engage with our Finance and Debt Recovery teams, our calls with you may be recorded, depending on the applicable local laws and requirements. If we need any additional personal data for any reason, we will let you know.
To the extent that you access our website we will also collect certain data from you.
SUPPLIER DATA: We don't collect much data about Suppliers – we simply need to make sure that our relationship runs smoothly. We'll collect the details for our contacts within your organisation, such as names, telephone numbers and email addresses. We'll also collect bank details, so that we can pay you. We may also hold extra information that someone in your organisation has chosen to tell us. In certain circumstances, such as when you engage with our Finance and Debt Recovery teams, our calls with you may be recorded, depending on the applicable local laws and requirements.
How long do we hold personal data?
We retain personal data for as long as a candidate is active and for 1 year afterwards, unless required to retain for a longer period by UK Tax Law; if this is the case we will only retain your basic personal data (name, address and contact information).
Data Processing for Specific Purposes Only
The Company collects and processes the personal data set out in this Policy. This may include personal data received directly from Data Subjects (for example, contact details used when a data subject communicates with us).
The Company only processes personal data for the specific purposes set out in this Policy (or for other purposes expressly permitted by the Regulation). The purposes for which we process personal data will be informed to Data Subjects at the time that their personal data is collected, where it is collected directly from them, or as soon as possible (not more than one calendar month) after collection where it is obtained from a third party.
The Company will only collect and process personal data for and to the extent necessary for the specific purpose(s) informed to Data Subjects.
The Company shall ensure that all personal data collected and processed is kept accurate and up-to-date, so far as reasonably practicable. Where any inaccurate or out-of-date data is found, all steps will be taken without delay to amend or erase that data, so far as reasonably practicable.
The Company shall ensure that all personal data collected and processed is kept secure and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Data Subjects may request that the Company ceases processing the personal data it holds about them. If a data subject makes such a request, the Company shall retain only the amount of personal data pertaining to that data subject that is necessary to ensure that no further processing of their personal data takes place.
Your Right to Access
The law states that you have the right at any time to ask us to share with you the information that we hold that you have supplied to us. If you make such a request we will ask you to verify your identity and possibly ask you to give us more information about such a request. We may need to charge a nominal fee for this service for administrative purposes. We will only refuse your request if we are legally permitted or required to do so. If this is the case then we will give you reasons for doing so. To make a request for information, please contact us.
Please be aware that you also have the right to ask the Company to stop using the information that you supplied us. Under the right to erasure you can also request for deletion of your file, although you should be aware that in some circumstances we may not be required or able to do so, particularly where your file also holds information about our clients or financial information that we need to keep for periods of up to six years; i.e. which relate to tax matters. If, under any circumstances, we cannot comply with your request for information we will provide a full explanation as to why this is so.
Deleting of Your Data
Data Subjects may request that the Company erases the personal data it holds about them in the following circumstances:
Unless the Company has reasonable grounds to refuse to erase personal data, all requests for erasure shall be complied with, and the data subject informed of the erasure, within one month of receipt of the data subject’s request (this can be extended by up to two months in the case of complex requests, and in such cases the data subject shall be informed of the need for the extension).
Right to Suspend or Cancel Your Registration
We may suspend or cancel your registration immediately at our reasonable discretion or if you breach any of your obligations under these Terms and Conditions.
You can cancel your registration at any time by logging onto the Company website through the "unsubscribe" link. The suspension or cancellation of your registration and your right to use the Company website shall not affect either party's statutory rights or liabilities.
Data Subjects have the right to object to the Company processing their personal data based on legitimate interests (including profiling), direct marketing (including profiling).
Where a data subject objects to the Company processing their personal data based on its legitimate interests, the Company shall cease such processing forthwith, unless it can be demonstrated that the Company’s legitimate grounds for such processing override the data subject’s interests, rights and freedoms; or the processing is necessary for the conduct of legal claims.
Where a data subject objects to the Company processing their personal data for direct marketing purposes, the Company shall cease such processing forthwith.
Where a data subject objects to the Company processing their personal data for scientific and/or historical research and statistics purposes, the data subject must, under the Regulation, ‘demonstrate grounds relating to his or her particular situation’. The Company is not required to comply if the research is necessary for the performance of a task carried out for reasons of public interest.
Notification of a Data Breach
All personal data breaches must be reported immediately to the Company’s data protection officer. For PAH this person is Innocent Kahwema who can be contact at Page Alliance Health Care Ltd, Suite 14B, Crown House, 94 Armley Road, Leeds, LS12 2EJ email email@example.com and phone 0113 350 1185.
If a personal data breach occurs and that breach is likely to result in a risk to the rights and freedoms of Data Subjects (e.g. financial loss, breach of confidentiality, discrimination, reputational damage, or other significant social or economic damage), the data protection officer must ensure that the Information Commissioner’s Office (Innocent Kahwema) is informed of the breach without delay, and in any event, within 72 hours after having become aware of it.
In the event that a personal data breach is likely to result in a high risk to the rights and freedoms of Data Subjects, the data protection officer must ensure that all affected Data Subjects are informed of the breach directly and without undue delay.
Data breach notifications shall include the following information:
Data Protection Principles
This Policy aims to ensure compliance with the Regulation. The Regulation sets out the following principles with which any party handling personal data must comply. All personal data must be:
Lawful, Fair and Transparent Data Processing
The Regulation seeks to ensure that personal data is processed lawfully, fairly, and transparently, without adversely affecting the rights of the data subject. The Regulation states that processing of personal data shall be lawful if at least one of the following applies:
The Company shall ensure that the following measures are taken with respect to the collection, holding, and processing of personal data:
If you have any enquires you can contact us at: firstname.lastname@example.org or by writing to us at :
Page Alliance Health Care Ltd
94 Armley Road