To ensure that Mackenzie England complies with its obligations under the Data Protection Act 1998 (the DPA) and the General Data Protection Regulation (the GDPR) from May 2018 we adhere to the following data protection principles.
For the purposes of the DPA and the GDPR, the data controller is Mackenzie England and we are also processors, alongside approved external parties – clients that we have existing relationships with, database providers and IT/technical support (detailed in Technical measures).
Contents of this policy:
- Our principles
- Website Traffic Data
- Information we hold about you and how we’ll use it
- How we may use this information
- Security and safe storage of your personal information
- Access to information
- Information Correction & Deletion
- Changes to this Policy
- Contacting us
- We’ll only collect and use your information where we have lawful grounds and legitimate business reasons to do so.
- We’ll be transparent in our dealings with you and tell you how we’ll collect and use your information.
- We will only collect your information for a particular purpose, unless you’ve been otherwise informed and given your permission where relevant.
- We won’t ask for more information than we need for the purposes for which we’re collecting it.
- We’ll update our records when you tell us that your details have changed.
- We’ll periodically review your personal information to ensure we don’t keep it for longer than is necessary.
- We’ll ensure that your information is securely disposed of at the end of the appropriate retention period.
- We’ll observe your rights under applicable privacy and data protection laws and will ensure that queries relating to privacy issues are dealt with promptly and transparently.
- We’ll train our staff on their privacy obligations.
- We’ll ensure we have appropriate physical and technological security measures to protect your information regardless of where it’s held.
You do not give out personal information by visiting our website (www.mackenzieengland.com). We only keep track of anonymous traffic data.
You can visit our website without giving away your personal information. Mackenzie England uses WordPress Analytics to analyse how the website is used. Aside from the approximate location (IP address), the information collected includes browser information, device information and language.
The collected information is used to provide an overview of how people are accessing and using the Mackenzie England website. It is not used for any additional purpose, such as to profile those who access our website.
3.1 Information you give us
You may give us, or have provided us with information about yourself by the following means:
- When you contact us or respond to us, via direct contact (phone, text or in person), email or post in relation to our products or services.
The information you give or gave us may include:
- Email address – work and/or private
- Direct number/mobile
- Current situation, feedback or reasons/opinions for either engaging in our products and services, or not.
- Marital Status
- Address and travel preferences
- Information that may impact employability
- Compensation/salary and benefits package
- Notice Period
- Reasons for leaving/moving employers
- Details on business structure, team and projects
- Business set up, turnover, capabilities
- Unique Selling Point
- Conflicts of interest
- Confidential recommendations or information
3.2 Information we receive from other sources
- We may ask for opinions from colleagues, sources or employers when required or requested to do so, as part of our product or service provision.
- We may also use publically available information from social media and online, such as LinkedIn and google searches.
- We may use this information on its own or combined with any of the information we receive or collect from you for any of the below purposes.
- All of the data collected, regardless of source, will all be treated the same.
4.1 Under the legal basis of legitimate interest to:
- To provide you with relevant information, advice and marketing material, as well as considering you for future opportunities, products and services
- To provide you with information on individuals (only identified by sector and job title) seeking a career change in the form of a ‘Talent List’.
All data acquired, will be processed and securely stored for up to 10 years so that it is possible for us to contact and respond to your request, and/or allow you access to our current or future services.
If you have engaged with our products or services we will inform you that we hold your data and why, this will either be done verbally or via email within one month after our initial contact.
Email exchanges or other forms of exchange will be held in our secure database against your file for 5 years.
4.2 Only with your explicit agreement and consent to share with approved external parties:
- To conduct a retained executive search, as a client or any other product or service involving the exchange of information / candidate or business data
- To be included in the longlist stage of an executive search, as a candidate
- To represent you on an exclusive basis, as a client
- To use the confidential information you have provided, but not reveal the source of this information
- To obtain references
- To enable us to compile an accurate and detailed informative report, along with our opinions and recommendations to our clients or for our candidates – this includes a strengths, weaknesses, opportunities and threats analysis of you or the opportunity, an assessment of your personality, appearance, motivation and articulation, and comments based on our face to face meeting to explain your suitability or fit for the role
We will only process and pass on this data to our clients/candidates for the duration of an assignment. After which time, we will store this data for up to 10 years to enable us to contact you and provide specific and relevant information, advice, services and products as per 4.1. All stored confidential information will be protected.
Email exchanges or other forms of exchange will be held in the secure database or device against your file for 5 years.
When we pass your information onto any approved external party we’ll also require them to comply with our privacy principles as part of our agreement terms and conditions with them, to ensure that they will be manage, store, delete and process data securely and appropriately.
We will never sell your data to any ‘3rd parties’.
Mackenzie England seeks to ensure the security of personal data. When Mackenzie England collects information about you, we also make sure that your information is protected from unauthorized access, loss, manipulation, falsification, destruction or unauthorized disclosure. This is achieved by complying with the installation and continual update of appropriate Technical Measures, summarised as follows:
Data is stored on 2 secure databases – Microsoft outlook 365 and Invenias, software licenses are held to solely use these systems on devices used only for business purposes. Our systems have up to date software, anti-viral protection and regular updates are undertaken to ensure system efficiency and performance. Our databases and devices are password protected with high security passwords. Mackenzie England employees enable archive mailboxes to retain emails for 5 years.
You have the right to request access to the information we have on you. You can do this by contacting us at firstname.lastname@example.org
We will make sure to provide you with a copy of the data we process about you. In order to comply with your request, we may ask you to verify your identity.
We will fulfil your request by sending your copy electronically, unless the request expressly specifies a different method. For any subsequent access request, we may charge you with an administrative fee.
If you believe that the information we have about you is incorrect, you are welcome to contact us so we can update it and keep your data accurate. Any data that is no longer needed for the purposes specified in ‘3. Information we hold about you and how we’ll use it ‘will be deleted.
If at any point you wish for Mackenzie England to delete information about you, you can simply contact us.
We will retain indefinitely an individual skeleton record after ten years. These applications will still be available within the secure system; they will simply be stripped down to a skeleton record with a lot of the personal/sensitive data removed as that data is no longer necessary to keep. The skeleton record will contain the following information: Name, Company, Role and Contact Information.
The purposes for which we hold and process data include:
- Board Search
- Executive Search
- CEO Succession/Succession Planning
- Industry Mapping
- Interim Appointments
- Relevant and current industry information
- Talent sourcing advice
- Speculative Introductions
- Independent Advice and Guidance
- Relevant and current industry information
- Educational and informative events
In accordance with applicable law, we collect appropriate and relevant information about you that is necessary to provide our service. We operate lawfully on the basis of legitimate interest and consent – whereby consent applies to any approved external parties data sharing.
We do not use electronic data profiling, we will not sell data to third parties. We only share data to approved external parties (clients we have established relationships with) for the purposes that we specify and only when we have obtained explicit consent to do so.
We also make sure that your data is stored securely. We delete all information deemed no longer necessary.
- Phone 07789 173396
- Email email@example.com
- In writing Mackenzie England, Springfield House, Balquidder, Stirlingshire FK19 8NZ
You may contact Mackenzie England by any of the methods above to:
- Request access to information that Mackenzie England has about you.
- Correct any information that Mackenzie England has about you.
- Delete information that Mackenzie England has about you.