Ocean Red
RECRUITING IN HIGH PERFORMANCE MARKETS
Talk to us

Privacy Policy

This Privacy Policy ("Policy") explains how your information is collected, used and disclosed by Ocean Red, the trading name of Ocean Red Partners Limited ("We" or "Us" or "our"). This Policy applies where we are acting as a Data Controller, where we determine the purposes and means of the processing of that personal data — for example, with respect to the personal data of our website visitors, service users, clients and partners.

Privacy Statement Summary

Who will use my data? Ocean Red Partners Limited.

Who are we? Ocean Red is a recruitment company and a recruitment business as defined in the Employment Agencies and Employment Businesses Regulations 2003. We provide specialist recruitment services in the Trading Technology, Market Data & Infrastructure, and FinTech/RegTech sectors. We process data in order to provide our services as a recruitment agency and to meet our contractual obligations to both prospective employers and candidates for any roles. We will store and process your data to allow us to provide our services to you. We will also send any relevant details to authorities such as HMRC and any other organisation that requires them by law.

What for? As a recruitment company, we collect and process data in order to carry out our fundamental function as a recruitment agency: collecting the personal information of job applicants and connecting them with potential employers.

What will happen if I contact you? If you contact us as a candidate looking for work, we will use your information to send you the information you have requested, along with updates, job vacancies and other information we think you will be interested in. If you contact us as a client with possible vacancies to fill or other related requests, we will use your information to send any requested information, updates and other information we think you will be interested in, as well as updates relevant to the positions advertised.

What data will be stored? As an applicant, client or employee, we will store your personal details such as application forms, identity documents and bank details in order to provide our services to you. We may also collect personal data about you from third parties, such as references supplied by former employers. As a potential employer, we will store any data required to provide our services to you and meet our contractual obligations. This might include contact information, for example.

What data will be shared? We will only share data that is relevant to our process in order to provide the services we offer, and only with the third parties detailed in this Policy.

How long? Your data will be stored for up to 5 years following our last contact with you, after which it will be deleted. Certain records may be held for up to 7 years where required to meet our legal obligations. For more information, please refer to our Data Retention Policy.

Who can access my data? We will never sell, share or otherwise distribute your data to any third party other than as described here. We will share your information with any regulator or legal body that requests it, as well as any parties relevant to the application process — whether client companies with possible vacancies or applicants to any roles.

How is my data kept secure? We store your data on secure UK-based servers, processed in the UK. We use industry-standard security protocols and technology to secure your data.

About This Privacy Policy

This Policy sets out how we collect, store and process the information you provide to us, information we collect as a result of our interaction, information we collect about you from other sources, and information we generate about you by using the information we hold.

The UK General Data Protection Regulation (UK GDPR) describes how organisations must collect, handle, process and store personal information. These rules apply regardless of whether data is stored electronically, on paper or on other materials. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully. Personal data must:

  • Be processed fairly and lawfully
  • Be obtained only for specific, lawful purposes
  • Be adequate, relevant and not excessive
  • Be accurate and kept up to date
  • Not be held for any longer than is necessary
  • Be processed in accordance with the rights of data subjects
  • Be protected in appropriate ways
  • Not be transferred outside the UK unless that country or territory also ensures an adequate level of protection

We take these responsibilities seriously, and this document describes our approach to data protection. This Policy helps to protect us from data security risks, including:

  • Breaches of confidentiality — for instance, information being given out inappropriately
  • Failing to offer choice — for instance, individuals should be free to choose how the company uses data relating to them
  • Reputational damage — for instance, if a third party gained unauthorised access to sensitive data
  • Any other risks inherent in the collection, storage or processing of your data

Who We Are And How To Contact Us

Ocean Red is the trading name of Ocean Red Partners Limited, registered in the United Kingdom (company number 15175952) and registered with the Information Commissioner's Office. The person responsible for data protection at Ocean Red is Richard Twumasi. You can contact us in any of the following ways:

Name: Richard Twumasi Company name: Ocean Red Partners Limited Email: office@oceanred.io Address: Saxon House, 27 Duke Street, Chelmsford, Essex, CM1 1HT

Who This Policy Applies To

This Policy relates to data subjects of Ocean Red, including clients (potential employers), candidates, workers, employees and all other individuals. Processing of your data is required in order to offer you our recruitment and selection services. This Policy applies to individuals who have shared their data with Ocean Red, whether as a customer, candidate, employee, supplier or in any other capacity.

It applies to all data we hold relating to identifiable individuals, even where that information technically falls outside the UK GDPR. This can include:

  • Names of individuals
  • Contact details
  • Postal addresses
  • Email addresses
  • Telephone numbers
  • Other information as required

What This Policy Applies To

This section describes the lawful basis for processing your data and applies to the information about yourself that you choose to provide us with, or that you allow us to collect. This includes:

  • The information you provide when you contact us
  • Information you provide when you contact us to discuss using our services
  • Information we collect about how you use the website
  • Information relating to products and services we offer to you and other transactions, including financial and other personal information required to complete those transactions
  • Information given and stored as part of our ongoing relationship
  • Information we collect as a result of our interaction
  • Information we collect from other sources, such as the internet, social media, commercial databases, other companies and other third parties
  • Information we collect from our events and conferences
  • Information we derive from information we collect about you — for example, where we derive your email address from your name and company name combined

We do not routinely collect or process sensitive data about you. Where we do, we will take appropriate precautions to protect it.

How Your Information Will Be Used — Our Lawful Basis

We will only use your personal data for the purposes for which we collected it, where you would reasonably expect your data to be processed, and only where there is a lawful basis for that processing. For example:

Purpose / Activity Type of data Lawful basis for processing
To register you as a new client Identity; Contact Performance of a contract with you; our legitimate interests; where we have a legal obligation; or with your consent
To process and deliver the services you request, including recruitment and employment services, managing payments, fees and charges, and collecting and recovering money owed to us Identity; Contact; Financial; Transaction; Marketing and Communications Performance of a contract with you; our legitimate interests; where we have a legal obligation; or with your consent
To manage our ongoing relationship with you, including notifying you about changes to our terms, recruitment services or this Policy, and maintaining our records Identity; Contact; Profile; Marketing and Communications Performance of a contract with you; to comply with a legal obligation; our legitimate interests in keeping our records updated and studying how customers use our services; or with your consent
To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) Identity; Contact; Technical Our legitimate interests in running our business, providing administration and IT services, network security, preventing fraud, and in the context of a business reorganisation; or to comply with a legal obligation
To deliver relevant content and measure or understand the effectiveness of our communications Identity; Contact; Profile; Usage; Marketing and Communications; Technical Our legitimate interests in studying how customers use our services, developing them, growing our business and informing our strategy; or with your consent
To use data analytics to improve our website and services Technical; Usage Our legitimate interests in defining customer types, keeping our site relevant, developing our business and informing our strategy
To make suggestions and recommendations to you about services that may be of interest Identity; Contact; Technical; Usage; Profile Our legitimate interests in developing our services and growing our business; or with your consent

We may collect and process information about you including your name, date of birth, address, contact details (including email address and mobile phone number), employment details, and other data collected as part of any application for employment. We may take personal information from:

  • Information you provide when registering with our website (including your email address)
  • Information you provide when completing your application (including your name, date of birth, and any educational and employment details you provide)
  • Information you provide when signing up to any lists to receive correspondence from us
  • Information we collect from other sources such as the internet, social media, commercial databases, other companies and other third parties
  • Information we derive from information we collect about you
  • Information relating to any vacancies, jobs or employment you accept

Personal data we receive will be used for the purposes for which it was provided, including:

  • To respond to your queries regarding vacancies and employment
  • To manage and administer the relationship between you and us
  • To notify you about changes to our services and to otherwise communicate with you
  • To obtain feedback from you regarding us
  • To tell you about any changes relating to your role, such as shift patterns or new assignments

In accordance with your preferences, and where we have your consent or an appropriate lawful basis, we may use your personal information to provide you with marketing information about services, promotions and offers that may be of interest to you. This document explains how you can change whether you receive this information. Even if you choose not to receive it, we may still use your personal information to provide important service communications, including communications relating to any services we provide to you.

You will only receive marketing communications from us if you have:

  • Requested information from us
  • Provided us with your details and opted in to receive marketing communications
  • Not opted out of receiving marketing
  • Or where we have an appropriate lawful basis

How To Change Your Preferences

We operate in line with UK GDPR data protection guidelines. We respect your rights and will respond to any request to access, delete, rectify or transfer your personal information, or to stop processing it. We will also advise you on how to complain to the relevant authority, the Information Commissioner's Office. Any requests or objections should be made in writing to the Data Controller, or you can contact us by phone or email to change your preferences at any time.

Opting Out At A Later Date

Where you give consent for us to process your data — for example, when you agree to receive marketing information, or to us processing financial data — you can contact us to amend or withdraw your consent at any time. You can also object to processing and request deletion of your data. We respect all user rights as defined in UK GDPR. If you have any comments or wish to complain, please contact us.

How We Store And Process Your Data

Your data will be collected, stored and processed primarily in the UK. Where we transfer your data outside the UK, we ensure appropriate technical and organisational safeguards are in place to protect it. Your data will be stored for a period of 5 years after our last interaction, and may be held for up to 7 years to meet our legal obligations and protect our interests — this period is defined in our Data Retention Policy.

To provide our services, we may use carefully selected third parties. These third parties may operate outside the UK; where this is the case, we ensure appropriate safeguards are in place. We may also use recognised third parties to take payment, conduct credit and other checks, manage our company accounts and provide banking services. We will store transactions, payment and order data for up to 7 years, or for as long as required by UK financial and company regulations.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another compatible reason. If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis for processing.

We may be legally obliged to disclose your personal information without your knowledge to the extent required by law; in connection with ongoing or prospective legal proceedings; or to establish, exercise or defend our legal rights, including providing information to others for fraud prevention and credit risk reduction.

Our Obligations

We are a Data Controller. In relation to the information you provide to us, we are legally responsible for how that information is handled, and we will comply with UK GDPR in the way we use and share your personal data.

Under data protection law, you have rights in relation to your personal data, including the right to:

  • Request access to your personal data
  • Request correction of your personal data
  • Request erasure of your personal data
  • Object to processing of your personal data
  • Request restriction of processing of your personal data
  • Request transfer of your personal data
  • Withdraw consent

You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, we may charge a reasonable fee, or refuse to comply, if your request is clearly unfounded, repetitive or excessive. We may need to request specific information from you to confirm your identity and ensure your right to access your data. We try to respond to all legitimate requests within one month. Occasionally it may take longer if your request is particularly complex or you have made a number of requests, in which case we will notify you and keep you updated.

Third Parties

We may share your personal data within the UK and, where relevant, the EU, with the parties set out below for the purposes described in this document:

  • For candidates / workers — prospective employers and companies that may offer you work, and other relevant third parties
  • For clients — candidates, employees or workers who may be interested in any vacancies, and other relevant third parties

For all users of our site, we may share data with:

  • Companies where you have applied for a vacancy
  • Other companies we believe you would be interested in working for
  • Companies that may have vacancies matching your preferences
  • Service providers who provide IT and system administration
  • Professional advisers, including lawyers, bankers, auditors and insurers
  • Third parties who use such data for non-marketing purposes, including credit and risk assessment, identification and fraud prevention, and debt collection
  • HM Revenue & Customs, regulators and other authorities in the UK and other relevant jurisdictions
  • Social media platforms and other IT platforms and services required to provide our services and operate our company

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow them to process your personal data for specified purposes and in accordance with our instructions.

Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal data to those who have a business need to know, and they are subject to a duty of confidentiality. Where required under UK GDPR, we will report any breach or potential breach to the appropriate authorities within 72 hours and to anyone affected as soon as is feasible.

Our website may include links to third-party websites, plug-ins and applications. Clicking those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Cookies

A cookie is a small file which asks permission to be placed on your device. Once you agree, the file is added and the cookie helps analyse web traffic or lets the site recognise you when you return. Cookies allow web applications to respond to you as an individual, tailoring their operation to your preferences. We use traffic-log cookies to identify which pages are being used, which helps us analyse webpage traffic and improve our website. We only use this information for statistical analysis, after which the data is removed from the system.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline them. This may prevent you from taking full advantage of the website. When you visit our site, you are presented with the ability to accept or reject cookies.

Legitimate Interests

We have completed a Legitimate Interest Assessment to ensure that sharing and processing your information as described here is reasonable and that we have an appropriate lawful basis. For more information, please contact us at office@oceanred.io.

Contacting Us, Exercising Your Rights And Complaints

If you have any questions or comments about this Privacy Policy, wish to exercise your information rights, or wish to complain, please contact Richard Twumasi at Ocean Red on office@oceanred.io.

We aim to process data protection requests within 30 days. Subject Access Request responses are usually free, but we reserve the right to charge for excessive or unfounded requests. We fully comply with data protection legislation and will assist in any investigation or request made by the appropriate authorities.

If you remain dissatisfied, you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at:

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF — www.ico.org.uk