This is a basic overview of how NES Global Talent process your personal data in accordance with GDPR and other data protection legislation. Our mission is to achieve compliant, simple and effective controls to satisfy GDPR, respect an individual’s right to privacy and without obstructing business as usual operations.
For full details please read our Privacy Notice below.
NES complies with Data Protection Laws globally; however the minimum standard that we apply is that found within the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). This Regulation enhances privacy rights for individuals and provides a strict framework within which commercial organisations can legally operate.
NES will only process your personal data for the purposes of providing staffing solutions, recruitment and assignment support services. Whilst NES will not be seeking explicit consent from you for processing your data, we will not process any personal or sensitive data for any other purpose than defined within our Privacy Notice and, in line with the conditions defined by the GDPR.
As part of our primary responsibilities and fundamental to best business practice, we adopt the principles of Information Security Management and cyber security protocol associated with our IT infrastructure to ensure your personal data is secure and protected.
Under GDPR and subject to certain conditions, you have rights relating to processing of personal data. Please see the entire Privacy Notice for details.
This Privacy Notice describes the way in which any personal data held by NES Global Talent (‘NES’) will be processed and sets out:
- The rights you have in relation to your information, and how you can exercise those rights;
- How we keep your personal data secure;
- The types of personal data we collect about you, and how we collect and use it;
- The legal grounds for how we use your data; and
- The criteria used to determine how long your data is kept for.
This Privacy Notice applies to NES’ global operations.
Please read this Privacy Notice carefully to understand how NES will process your data.
Data Protection Laws
NES complies with Data Protection Laws globally; however the minimum standard applied is that found within the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). The Regulation enhances privacy rights for individuals and provides a strict framework within which commercial organisations can legally operate.
Whilst the GDPR applies to processing (of personal or sensitive data) carried out by organisations operating within the EU, the regulations also apply to organisations outside the EU that offer services to individuals from the EU. For this reason, GDPR applies to all of NES’ global businesses.
NES Group Limited is the registered Data Controller for all companies in the NES group. For the purpose of data protection laws and processing activities, NES is registered with the Information Commissioners Office (ICO) in the UK.
Please see ‘Your Key Contacts” section of this Privacy Notice for full details.
For the purpose of this Privacy Notice the following definitions shall apply in respect of active, former and prospective individuals:
- Candidates refer to individuals currently on assignment with, or using the payroll services of NES, and those who have registered or engaged with us or our advertising partners with regard to potential temporary and permanent opportunities, or are prospective staff Employees of NES.
- Clients refer to individuals that represent an organisation who has, or is seeking to use the services offered by NES, and those who NES engage with for potential staffing solutions.
- Employees refer to individuals working directly for NES Group Limited or its associated companies as a ‘staff’ member of the business.
- External Providers includes suppliers and business partners who provide products or services to NES and regulatory bodies or similar, and refers to the individuals representing these organisations.
- Website Users refers to individuals accessing NES’ website.
- Other Contacts refers to individuals named as next of kin, referees and similar.
WHO WE ARE & WHAT WE DO
NES is an award winning workforce specialist supplying staffing solutions across a variety of sectors on a global basis. Our mission is to be the leading workforce partner to Candidates and Clients that value excellence in compliance, service and creativity.
As part of our global services, NES process a variety of information relating to data subjects in order to provide an effective and efficient service. As such, we are committed to maintaining the highest standard of ethics and integrity in the conduct of our business including ensuring the ethos of Respect & Control whilst processing an individual’s personal data.
NES’ processing of personal data is conducted for the purpose of promoting, providing, evaluating and reporting on the following services:
- Contract Recruitment
- Permanent Recruitment
- Managed Services
- Mobility Services
Assignment Support Services:
- Accommodation Services
- Compliance Services
- Health Matters
- Mobilisation & Repatriation
- In Country Orientation
- Payroll Services
- Safety and Security
- Travel Services
- Visa & Work Permits
INFORMATION NES COLLECTS
In order for us to undertake our business in manner that not only meets your expectations but applies controlled, satisfactory and compliant services to all interested parties, there is a need to process accurate personal data. The type of data collected and level of detail is dependent on the services and relationship you have with us.
The personal data collected by NES concerns the following categories of data subjects in relation to NES’ core services and assignment support services:
- External Providers;
- Website Users; and
- Other Contacts.
The personal data used by NES during the course of our services includes identification, nationality and eligibility to work status, date of birth, education, job role, employment history, skills and preferences, payroll information, financial data such as social security numbers, tax and benefit data, and full contact details.
Next of kin or relatives details are processed for the purpose of insurance, medical insurance cover or emergency contact reasons.
In accordance with any specialist assignments, or where defined by local laws, data of a sensitive personal nature may be processed by NES or their authorised External Providers. In such instances, and where it is legally required or where you have entered into a contract with NES, the sensitive data processed may incorporate information relating to your:
- Physical or mental health conditions, including medical reports or results of any assessments such as drug and alcohol screening;
- Racial or ethnic origin;
- Results of criminal record checks; and
- Financial background checks.
In all instances, processing of sensitive data is undertaken under strict conditions and in accordance with local laws. Notification of such processing will be made to you and, if required, your formal consent obtained.
NES use your personal data to provide our services, maintain our records, and meet our obligations as a staffing solutions partner. In addition, data from you or generated during the course of our relationship is also used for the purpose of reporting, monitoring and evaluation of services.
Whilst NES will not be seeking explicit consent from you for processing your data, we will not process any personal or sensitive data for any other purpose than defined by this Privacy Notice and, in line with the conditions defined by the GDPR, we shall ensure the conditions for processing fall into one of more of the following categories:
- Contract Performance;
- Legal Obligation;
- Vital Interest;
- Public Interest; and more specifically,
- Legitimate Interest.
For specific information relating to how NES use personal data, refer to the separate sections linked to the each data subject.
In line with our legal obligations and to ensure we meet our duty of care from a safety or security perspective, our company reporting may be linked to individuals. This type of reporting is carried out under strict conditions to prevent unauthorised access and ensure personal data is only accessed by authorised NES individuals and External Providers.
Reporting functions used by us include:
- Event Registers maintained for purposes such as incidents, near misses or hazards;
- Compliance Reporting linked to contract performance or expected business conduct; and
- Evaluation of services such as customer or employee surveys.
NES Newsletters & Bulletins
For NES customers who receive the NES Global Talent Newsletter or NES Safety & Compliance Bulletins as part of their assignment, our systems will track read rates, preferred topics and delivery receipts. This type of monitoring allows NES to offer you information that is of interest and benefit to you, provide you with safety related information relevant to your assignment and to sustain the security and quality of emails.
Outside of legal obligations, NES do not currently undertake practices that result in final decisions purely based on automated processing of data; all such decisions, finalised outcomes or performance results are subject to human interaction and conclusion.
If changes occur to any processing activities conducted by NES using your personal data, this Privacy Notice will be updated accordingly. See section for ‘Changes to NES’ Privacy Notice’.
We understand that a career move is an important considered decision for you and therefore it is essential to ensure that the right information is captured, at the right time, to offer you introductions to the right job opportunities.
The type of data and methods of collection varies for Candidates and really depends upon whether you are seeking permanent employment, contract services or if you are applying for a role working directly with NES. No matter what you are looking for, your personal data will be processed by NES in a respected and secure manner.
Information you give to us.
As a candidate of NES, you have the opportunity to provide information in various ways and in different formats to suit your needs and preferences. Typically, this would involve you submitting your CV or personal data to NES by way of:
- Registration through the NES website;
- Applying for a role through NES’ website or other site that utilises our job advertising partner;
- Contacting us through our website;
- Submitting a CV or application direct to NES or a nominated Consultant; or
- Submitting compliance criteria as part of NES’ on-boarding process.
Data collected by the above means includes your personal data and, where present on CVs or included to a Candidates online profile, may include other categories of data.
In summary, the level of detail you provide or is present on your CV when submitted by one of the above methods is classified as being given freely for the purpose of identifying suitable positions on a contract or permanent basis with NES. Data will be retained within the respective system and made available within NES for recruitment purposes.
By submitting your data to NES for this purpose, you acknowledge the methods in which NES process your data in accordance with this Privacy Notice.
Information from other sources
Along with submission of personal data directly, NES collect and use data obtained from other sources available to us in our capacity as a staffing business. These sources may include:
- Clients or Candidates as part of a referral or placement scheme;
- Employment references;
- Search of online job boards such as Linked-In or other industry job sites; and from
- External Providers undertaking screening, background checks or insurance services.
Candidate Recruitment Services
NES will use your personal data to contact you to discuss a potential role and to promote your skills and expertise in line with your requirements. We will also use it to help confirm your suitability for the role, for example by confirming your eligibility to work status, obtaining references or checking qualifications that are specific to the position you are interested in.
A record of discussions and details of your CV will be retained on NES’ global database.
Your CV details will be shared with our Clients as part of our search and selection process, or for internal positions, shared with the local Hiring Manager. CVs are formatted before submission to ensure no sensitive data is contained and that personal data is kept to a minimum so the CV is focused on your skills and expertise.
If you are unsuccessful we will keep your application on file along with some limited personal data (such as contact details, work preferences and CV details) and may contact you with regards to future vacancies.
If you are successful in securing a position with NES you will enter into the On-Boarding stages which involve processing activities relating to NES’ assignment support services.
At this point, if you have not already done so, you may be asked to formally register through our website registration portal and also submit or validate further information about yourself, your skills, and employment history. Subject to local laws and where required to fulfil your contractual obligations, you may also be asked to confirm nationality along with other personal data.
On-Boarding New Candidates
On-Boarding involves ensuring NES, the Client and you, are compliant in terms of local laws, HSSE needs or Client onsite rules and requirements. It is important that the transition to your chosen role is undertaken smoothly with all associated documentation validated in a timely and effective manner.
This means that additional information will be requested from you.
Some of this may be personal data and some may lead to the processing of sensitive data - the type and nature all depends upon the legal and Client stipulated requirements of the role you have accepted.
In summary, the personal or sensitive data that NES processes and reasons for processing when a candidate is on-boarded encompass:
- Employment or academic history including certification or results from background and reference checks for the purpose of candidate screening, CV validation and compliance to role or industry standards.
- Financial details for the purpose of processing payments for contract services.
- Health / Medical status including results from medicals, drug and alcohol testing or medical declarations for the purpose of medical and/or insurance cover, or to comply with on-site HSSE rules, relevant laws, duty of care obligations or other industry rules.
- Nationality, identification and personal preferences for the purpose of on-boarding Candidates, visa applications and/or eligibility to work status. This type of data is also processed to comply with equality and diversity laws, or where a specialist role with one of our Clients requires that such conditions are declared.
- Background screening including financial checks, criminal record checks, drug & alcohol screening or fingerprint roll, for the purpose of compliance to relevant laws, HSSE rules, Client or industry standards and NES’ duty of care obligations.
- Travel profiles for the purpose of on-boarding Candidates, rotation and/or hotel arrangements where applicable to your assignment; includes profiles linked to travel preparations / preferences.
- Dependant data for the purpose of providing accurate insurance provision to you and (where applicable) your family, and in the event of an emergency situation. This type of data may include personal data relating to your partner and/or dependents*.
- Other Personal Data for the purpose of communications, arranging assignment support services with internal or external parties and to clarify terms associated with your assignment contract or permanent placement.
* Data relating to person(s) under the age of 16 is processed under special and strictly controlled circumstances and shall only be processed by submission and declaration from you.This data relates to name, date of birth and nationality, and shall only apply for the purpose of specialist insurance, medical or relocations.
Working with a talent pool of global Candidates it is important that NES fully understand your requirements and proficiently match these with the right candidate in terms of specification and expertise. To allow this, the relationship between you, your organisation and NES needs to be strong and understanding of the overall objective clear.
This is why retaining up to date Client contact information is important for both continued business and future developments.
Information you give to us
The level of information NES holds on Client contacts is limited in terms of personal data and is usually made available through one of the following ways:
- Provided by your organisation when entering into contract with NES;
- Submitted to NES when seeking staffing solutions or at special events or campaigns; or
- Available to NES through previous placement as a Candidate.
Information from other sources
Along with submission of personal data directly, NES collect and use data obtained from other sources available to us. These sources may include:
- Clients or Candidates as part of a referral or placement scheme;
- Employment references;
- Supplied by Candidates on your projects and site locations;
- Researched from publically available newsletters, publications or similar media; and
- Obtained as a business development lead or potential Client from online job boards such as Linked-In or other industry job sites.
The personal data held about you, as a Client contact of NES would typically cover your contact details (business location and email details, name, and position) and communications made with us during the course of our relationship.
All other information does not amount to personal or sensitive data; NES nevertheless processes such information in line with our core values and always in a confidential manner.
Client Staffing Solutions
We will use your data to contact you to discuss potential business, your organisations staffing needs and to establish the type of Candidates suitable for you to fulfil your requirements.
If you are designated as the Account Manager in relation to services provided by NES, your contact details will be used for the purpose of:
- Entering into and agreeing contractual terms;
- Arranging Assignment Support Services for Candidates placed with your organisation;
- Invoicing for the contractually agreed services; and
- Performing our contractual obligations.
More specifically, your contact data processed by NES during the course of the Client / NES relationship is used for the purpose of Communications, including but not limited to:
- Financial transactions; used for processing invoices and associated orders.
- Provision of services as set out in the contract between us, marketing emails outlining available NES services and evaluating these services from your perspective.
- Commercial and Legal reasons associated with the business relationship such as contractual requirements, legal aspects arising from the services provided to you, and as confirmation of assignment start and end periods.
- System notes containing a record of discussions and/or agreements between you and NES will be retained centrally on NES’ database. .
Where NES have obtained your data from other sources, such as a recruitment job site or Linked-In, your contact details will be retained for the purpose of providing staffing solutions as a potential lead or Client. Processing is undertaken by the means and purposes defined above.
As a direct staff Employee of NES, you’ll be a part of global company that, despite spanning several continents, is close-knit and supportive. The start of your career with NES involves us getting to know you and you getting to know the business, this involves sharing information to allow us to operate our business effectively and ensure that our relationship gets off to a good start.
A majority of the personal data NES need from you will be present on your CV; however as a business we would want to expand on this to ensure we meet our statutory obligations and offer you the opportunity to validate this data through our internal systems.
Further information collected from you will include:
- Contact information for communication purposes, legal, employment and business reference. Next of kin contact information for the purpose of emergency.
- Nationality, identification and personal preferences for the purpose of engagement, confirming eligibility status and where applicable for the purpose of managing travel and/or hotel arrangements, visa applications and any relocations. In some instances your data will be processed to comply with local laws relating to equality and diversity requirements in a specific jurisdiction.
- Employment or Academic history including certification or results from background and reference checks for the purpose of CV or competency validation, compliance to a specific role or industry standards.
- Financial details for the purpose of processing payments, expenses, benefits and/or pension arrangements and to meet our legal obligations in relation to the employment contract.
- Health / Medical status including results from medicals and health declarations in line with your position, your working location within NES and our duty of care obligations.
- Dependant data for the purpose of providing accurate insurance provision to you and where applicable your family), to process any applicable or chosen benefits and to comply with legal requirements. This type of data may include personal data relating to your partner and/or dependents *.
* Data relating to person(s) under the age of 16 is processed under special and strictly controlled circumstances and only by submission and declaration from you.This data relates to name, date of birth and nationality for the purpose of specialist insurance, medical or relocations.
Should you not provide the required data, we may be unable in some circumstances to comply with our legal or employer obligations and we will tell you about the implications of that decision.
Other Processing Activities
During the course of your employment with NES your personal data and data generated about your time with us may be used for commercial, legal or performance reasons.
Amongst the reasons identified above this may include:
- Attendance tracking involving holiday leave, sickness absence or other out of office absences such as home working and external office visits. Data generated in this manner is used for legal purposes associated with your absences or may be used towards an evaluation on your overall performance.
- Training & Competency records are maintained about you to maintain Skills & Competency levels associated with your role, and where pertinent to record activity relating to legal compliance associated with business conduct.
- Health status & incidents are recorded centrally in line with local laws and NES’ commitment to your safety and wellbeing during employment. Reporting is undertaken against this data for the same purpose and records may extend to include systems notes and doctors records. In event of incidents your personal data (name and address) may be shared to comply with local HSE laws.
- Performance appraisals will be carried out with you as an employee of NES with records maintained on performance, success areas and future development.
- Transactional data relating to financial activities such as payments, deductions or benefits, and reporting linked to payments to ensure financial legal obligations are achieved.
- Photographs of a physical or digital format as submitted by you or taken during a social or business environment.
- Travel arrangements and profiles linked to your business travel preferences.
Special Categories of Data
Where there is a need to process any sensitive data about you, we shall ensure this is undertaken under strict conditions and in accordance with local laws; further, notification of processing will be made to you and if required, your formal consent obtained.
Performance Criteria & Monitoring
Internal systems are used across the business to allow monitoring and measurement associated with Key Performance Indicators or performance values for management reporting. These are linked to your role and responsibilities or agreed within your annual appraisal. This type of monitoring may be used to evaluate:
- Pay rises or promotions;
- Business Conduct;
- Training & Development needs;
- NES business performance;
- Disciplinary, dismissals or complaints; or
- Legal obligations such as tax or benefit returns.
Where system calculations are used for monitoring and performance purposes, no final decision is taken that may result in a detrimental decision based on the system results; rather the relevant Manager (or their nominee) reviews details, as applicable for discussion.
NES Systems & Devices
As an employee of NES you will be equipped with a suitable level of process equipment for business purposes, including email, network drives and in some instances a mobile device. Monitoring usage is undertaken in line with business policy and laws relating to security of information, cybersecurity and expected conduct behaviours.
Stockholder (Beneficial Ownership)
This group of individuals relate to anyone who has debt and/or equity instruments pertaining to NES and would arise from current or former Employees of the business.
If you are a stockholder, we will not collect any additional data from you other than details relating to the debt and/or equity involved which are linked to your personal data and next of kin details where appropriate.
In terms of stockholder data, details shall only be processed as part of any required transactional activity and if required to allow us to contact you to establish any entitlements.
NES aim to establish mutually beneficial relationships with our External Providers and would therefore expect them and their representatives to be committed to the highest level of ethical standards and conduct throughout their organisation, and to process any personal data in line with legal and contractual requirements.
The personal data collected and used by NES relating to External Providers is generally associated with the background screening and the requirements of our contractual relationship.
Information Collected About You
The level of information NES holds on you as an external provider representative is limited and can be made available to us through one of the following ways:
- Submitted from you personally during the course of your business marketing strategy for services and/or products;
- Provided by you or your organisation when entering into a contract for services;
- Submitted to NES in our search for a preferred supplier or business partner;
- Referred to NES by a third party as part of a referral or assignment;
- Obtained from a public source during our search for an external provider including credit or financial checks; or
- Through our business and ethic due-diligence conducted to ensure compliance to legal or commercial obligations, and ethical standards.
The personal data involved is typically your contact name associated with your corporate details. Such data is used to enable an effective business relationship between all parties and would therefore cover the data types and processing activities linked to:
- Communications - encompassing your name along with corporate details of contact number and email address, and your professional position within the organisation.
- Financial transactions used for processing invoices and associated orders and ensuring payment for services and/or products is made in a timely manner.
- Commercial and Legal information for reasons associated with our business relationship such as contractual requirements, legal aspects arising from the services and/or products provided by your organisation, and as confirmation of the services entered into or products required.
- Declarations of compliance retained as part of our supplier due-diligence process and expected business conduct standards.
Your name may also be linked to evaluations, HSE or data impact assessments and other performance criteria used in performance of services for NES’ External Providers of services and/or products. This type of evaluation may define your name as the business representative for your organisation.
In summary these are:
- Performance cookies: Used to collect information about how the website is used. These Cookies do not collect data on the individual visitor.
- Functionality cookies: Used to customise your visit and provide you with access to the services you select. These Cookies do not track your browsing activity on other websites.
- Advertising & Remarketing cookies: Used to collect anonymous data about interests and demographics of users to the website and improve experiences overall. These Cookies do not identify you or give NES access to your computer or mobile device.
You can update your preferences direct on our website.
To find out more about cookies and how to manage and delete them, visit www.allaboutcookies.org.
NES is a global organisation with a network of offices in numerous locations all over the world; this global presence provides you with a multitude of benefits, from ensuring we can meet your expectations in terms of offering global talent to meet your project needs, to having a global awareness of mobilisation and visa management services for our Candidates.
This global presence lets us to service you more efficiently and effectively no matter what your needs.
As you can imagine, a global business providing global opportunities to our Candidates and Clients, means we have a central database with each NES office around the world having access to the information. Any personal data provided to us will be stored within our global database systems and used for the purpose of providing our core services and/or assignment support services.
Only authorised NES employees have access to the personal data within our global database systems.
To find out more about NES’ global presence click here
Sharing Your Data
As part of our service provision, information is shared with External Providers for the purpose of performing our contractual commitments to you, including but not limited to payments, insurances, emergencies, travel arrangements or for other commercial or legal obligations relating to the contract performance.
If you have requested us to help you find a position with one of our Clients we may pass your Personal Data to our Client(s) in order to provide you with that service. We will attempt to contact you first to get your permission to pass your information on, but if we have been unable to reach you we may, where we consider it to be the type of role you have advised us that you are seeking and is in your best interests, still pass on your information.
If you do not want us to send your information to any of our Clients without your prior specific permission (even when we are unable to contact you and we believe that it serves your best interests) you should contact NES’ Data Protection Advisory Team.
In the event you enter into a contract with NES or one of our Clients, NES may pass your personal data to our Client or External Providers so they can provide services relating to your contract, or for NES staff Employees, in relation to our obligations as an employer.
The circumstances in which NES would share you data are in relation the services provided by:
- Insurance brokers;
- Emergency service providers;
- Audit, Legal & Financial partners;
- Approved travel partners; and
- Payroll providers.
NES only use External Providers that meet our high expectations in terms of service and ethical standards including confidentiality and information security, and for the purposes of processing personal data, retain control as the appointed Data Controller.
It will be evident from the information provided as part of your contract with NES what services from External Providers we may utilise.
Transfer of Personal Data
GDPR restricts transfer of personal data to countries that are outside the EEA and/or are not a member state of the EU unless specific conditions are met, including security of such data. As a global business, NES has locations across the world and relationships with global Client groups including those in countries outside of the European Economic Area (“EEA”). Countries outside of the EEA may not have data protection laws which are as stringent as those in the EU and in other countries which are part of the EEA, however NES has controls in place to ensure your personal data and privacy are protected when information is transferred to other countries by means of access and/or use for provision of services.
These controls include:
- Ensuring that data processing agreements are in place;
- Stipulating security of data and transfer practices as part of the services;
- Implementation of relevant data protection laws and obligations;
- Data protection agreements in line with EU Model Clauses;
- Central management of IT infrastructure and user application; and
- Audit and review protocol linked to business processes.
Should you have any specific queries about these controls and the protection of your personal data, please contact the Data Protection Advisory Team.
Third Party Transfers
NES does not sell personal data.
We will only give your personal data to third parties where there is a legitimate or legal ground to do so associated with our services, or associated with the relationship you have with us as previously defined in this Privacy Notice.
Disclosing Data for Other Reasons
In certain circumstances personal data may be disclosed to assist in the prevention and detection of crime and for law enforcement purposes without the consent of the individual concerned. Under these circumstances NES will use reasonable endeavours to check the request is legitimate before disclosing requested data and in all cases shall first seek authorisation through NES’ Data Protection Advisory Team and/or relevant Directors of the business.
If NES is involved in any transactional process regarding its ownership your personal data may be disclosed subject to strict confidentiality obligations and anonymisation where possible.
Where you have previously engaged with NES, such as providing your details for the purpose of our services, or have entered into a contract with us, NES will contact you. This will be to make you aware of other opportunities available to you across our global business or our global talent pool. These instances are referred to as a ‘soft opt-in’ option where we adopt the understanding that you are happy to receive contact from us unless or until you specifically state otherwise.
NES may use your personal data to contact you via post, phone and/or email. There are various reasons why we may contact you in relation to your relationship with us and the services you have shown interest in.
Our marketing contact shall only be undertaken for legitimate reasons relating, but not limited to:
- The services we provide;
- In relation to your employment or contract offer with NES;
- Communication of newsletters, industry news or safety bulletins on local environmental issues;
- In relation to local events, holidays or festivals; and
- To understand your perceptions of our services from a business or legal aspect.
Of course, you are in control.
If you visit or register through our website, you will be asked to confirm your preferences relating to job alerts, Cookies and to gain information about our services. Likewise, if you have not previously engaged with NES about our services, it is important that you review what choices you have and if, and how you want to be contacted by us.
If you don’t want to receive marketing contact from NES you can let us know at any time. Please see the ‘Your Rights & Choices’ section for options, or use the unsubscribe options available to you.
Your personal data is important to you and important to NES; in fact it is vital to the success of our business relationship. We shall therefore ensure that when processing information on your behalf your personal data is treated with respect and that every effort is made to ensure that the confidentiality, integrity and availability of data held on our systems, within data centres and as part of our service provision to you, is fully protected.
As part of our primary responsibilities and fundamental to best business practice, we adopt the principles of Information Security Management to comply with all applicable laws, regulations and contractual obligations across our business, and cyber security protocol associated with our IT infrastructure.
In brief the measures taken by NES to ensure your personal data is secure and protected encompass:
- Physical Security and Compliance;
- Network Security;
- Access & Restriction Controls;
- Security Policies & Employee Awareness;
- Vulnerability Management and Testing;
- Improvement & Development;
- Logging and Auditing;
- Removable Media & Disposal;
- Asset Management;
- Incident Management; and
- Business Continuity Management.
You can access NES’ Security Statement here.
RETENTION OF DATA
We will only retain your personal data for as long as we need to in line with our legitimate interests, and will make every effort to keep this data up to date and accurate. Accordingly, our data management practices encompass retention of personal data, storage requirements and accuracy.
Keeping Your Data Accurate
NES will keep in touch with your regularly and check that the personal data we have about you is correct. Additionally, we have the following facilities available to you so you can manage your data:
- Our website has the facility for you to manage your data by creating your own profile and providing up to date information;
- Our consultancy teams will keep in touch with you so you can let us know of changes;
- We will provide contact points to allow you to let us know of changes to your personal data; and
- As part of our on-boarding processes, we will check your details are correct.
How long we keep your information
Personal data will only be kept for as long as NES has a genuine business need for it or are required to keep it by law, whichever is longer.
Any documents we hold which contain personal data about you are retained in line with our document management practices.
We segregate data depending upon the purpose of processing and the type of data processed, as this will determine the retention periods. The criteria we use to determine the retention period includes:
- The nature of the personal data;
- Our legal obligations;
- Purpose of your engagement with NES;
- Whether a contract has been performed and/or cannot be performed anymore;
- Whether you have exercised your right to erasure;
- Whether your data is no longer considered to be up to date; and
- In line with our staffing expertise and knowledge of the industry by country, sector and job role.
Personal data we no longer need to keep is archived, destroyed or deleted securely.
Transactional data relating to our services and contractual obligations will be retained for an extended period in line with legal or business requirements.
YOUR RIGHTS & CHOICES
NES respect the information that you share with us and understand it is your right to know how this data is processed and exercise your right to ask us to stop processing it.
You can exercise your right to accept or prevent processing for marketing purposes by unsubscribing to any materials received. You can also exercise your rights associated with data processing at any time by contacting NES’ Data Protection Advisory team.
If we intend to use or share your data for any other purpose than what is defined under this Privacy Notice we will let you know, and where necessary, we will obtain your consent.
Under GDPR and subject to certain conditions, you have the following rights relating to personal data:
- The Right to Rectification;
- The Right to Access;
- The Right to Erasure;
- The Right to Restrict Processing;
- The Right to Object; and
- The Right to Data Portability.
Accessing Your Data
You can access details of the personal data processed by NES by submitting a ‘Subject Access Request’ by contacting NES’ Data Protection Advisory Team directly, who will then make provisions for you to complete the necessary application.
Once the application is received and acknowledged, NES will work to provide you access to your personal data within the defined timescales.
If you want to understand more about your Rights under GDPR, visit the ICO website.
YOUR KEY CONTACTS
NES have a dedicated team in place to answer any queries you may have relating to how we use your personal data. This Data Protection Advisory Team will oversee compliance and governance of our data protection obligations.
If you do require any additional information, have any queries relating to this Privacy Notice or wish to make a complaint please contact NES’ Data Protection Advisory Team:
- By email: firstname.lastname@example.org (email@example.com)
- By phone: 0161 942 4000; or
- By post: NES Global Talent, Station House, Stamford New Road, Altrincham, WA14 1EP United Kingdom
NES are registered as a Data Controller with the Information Commissioners Office; with Station House, UK being the primary location for any data processing activities, cross-border processing controls and for central registration as the Data Controller for NES Group Limited.
For this purpose, the Information Commissioners Office (ICO) is appointed as the Lead Supervisory Authority for NES, across all businesses and subsidiaries.
NES’ registration details are available for public view on the ICO’s website.
If you wish to make a complaint you can do this through direct channels by contacting the Data Protection Advisory Team. If not resolved to your satisfaction, you can directly contact at any time the Information Commissions Officer (ICO) as the Lead Supervisory Authority for NES.
ICO Helpline on: 0303 123 1113 (UK) or +44 1625 545 700.
CHANGES TO THIS PRIVACY NOTICE
Any changes we make to our Privacy Notice or the defined processing activities will be posted to our website.
You are encouraged to visit our website frequently to see any updates or changes.
This Privacy Notice was last updated in May 2018.