- Hart is registered in Nicosia, Cyprus and its contact details are:
P.O. Box 52399, CY 4063 Limassol, Cyprus
T: +357 25 879 682
F: +357 25 879 838
Please use the following email address for any issue concerning GDPR related issues: GDPR@chelseagroupworldwide.com
- Scope (Who?). Hart and its companies may process personal data belonging to anyone who has expressed an interest in or made contact with the Group, or one of its companies; these may include (but are not restricted to) the following interested parties (often referred to as ‘you’) – employees, contractors, consultants, directors, beneficiary owners, recruitment candidates, clients, and suppliers.
- What? The data which Hart (or its related companies) process depends upon the nature of the relationship with the interested party concerned but is likely to include (but is not restricted to) the following:
- Personal and Contact Details: Title, Name, Address, Telephone and Electronic contact details (examples are: Email address, Skype, Facebook, Whatsapp, Twitter, Linked-in)
- Date of Birth and Gender
- Passport details plus Nationality and citizenship
- Next of Kin (NOK) details
- Financial information (such as bank, tax and insurance details)
- Medical data including psychometric test results
- Criminal record checks (for example, CRB)
- CV with employment, experience, education and qualifications records – with appropriate verifications, including details of references and referees plus information provided by them.
- Marketing engagements and surveys.
- Records of communications with interested parties
- Why is this Data Processed? The overarching purpose for processing personal data is to facilitate, manage and, whenever possible, enhance the services provided by Hart to our interested parties. More specifically the reasons vary, again dependent upon the nature of your relationship with us, but include (not restricted to) the following:
- To enable us to fulfil contractual requirements
- To ensure that recruitment process is efficient and provides appropriately qualified staff in terms of aptitude and attitude
- To ensure that you are properly insured, paid correctly, and that your NOK can be informed in the event of an incident.
- To meet requirements of public interest and management standards
- Compliance with legal and regulatory obligations
- To manage marketing information effectively
- To facilitate swift responses to the above
- What is the Legal Basis for Processing Data? Under GDPR there are 6 lawful reasons for processing data:
- Legal Obligation
- To protect vital interests
- To meet public interests
- Legitimate interests
The data, which Hart and its component companies process is deemed to be the minimum necessary and is justified by one or more of the aforementioned legal criteria.
- How do we source data? There are three main ways in which Hart source personal data, all are legal, transparent and fair:
- Information You Give Us. Information which you give us when completing registration forms and the recruitment process or requested through our due diligence procedure
- Information We Collect. Hart collects information about you from our websites, email and telephone contacts plus our due diligence procedures.
- Third Parties. We may collect information from third parties – in particular, we may use third party organisations to conduct background checks and verifications. Additionally we may use the web and social media sources, all of which are publicly available and strictly open source.
- How is Data Stored? The vast majority of personal data that is processed by Hart is stored electronically, predominantly in cloud-based systems, which are protected through encryption (both when static and in transit). Access is carefully managed and restricted appropriately. Any data that is held on servers or on hard drives is subject to restricted access and most of it is encrypted. Any hard copies of processed data are held in secure cabinets with restricted access. It must be noted that information received over the internet or from personal emails may not always be secure; Hart is not liable for corrupted information received from such sources.
- How Long is Data Stored for? In short, for the minimum time necessary, which will vary but can be defined as follows:
- For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
- For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us
- Retention periods in line with legal and regulatory requirements and guidance.
- Do we share data? In certain circumstances, we shall share your personal information with:
- Other Entities with Hart. Where the Hart entity lies outside the EEA, we would only transfer data where appropriate safeguards were in place or restrict the information being given.
- Selected third parties with whom we work – for example, clients or potential clients, insurers, solicitors, travel agents and sub-contractors.
- Any Hart entity or third party that you consent to giving your information to for marketing purposes (such consent will be sought prior to our sharing this data)
- Legal Requirement. Any other third parties where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
- Cookies. A “cookie” is a bite-sized piece of data that is stored on your computer’s hard drive. They are used by nearly all websites and do not harm your system. How to reject cookies: If you do not want to receive cookies that are not strictly necessary to perform basic features of our site, you may choose to opt-out by changing your browser settings. Most web browsers will accept cookies but if you would rather we did not collect data in this way you can choose to accept all or some, or reject cookies in your browser’s privacy settings. However, rejecting all cookies means that you may not be able to take full advantage of all our website’s features. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences. For more information, generally on cookies, including how to disable them, please refer to www.aboutcookies.org .You will also find details on how to delete cookies from your computer.
- All interested parties have the following rights under GDPR and Hart fully respects them:
- To be informed about the processing of your personal information
- To have your personal information corrected if it is inaccurate and to have incomplete information completed
- To object to processing of your personal information
- To restrict processing of your personal information
- To have your personal information erased (‘right to be forgotten’)
- To request access to your personal information and to obtain information about how we process it
- The right to move, copy or transfer your personal information (‘data portability’)
- In relation to automated decision making, which has a legal effect or otherwise significantly affect you.
- To complain to our Supervising Authority, the UK’s independent authority on information rights the Information Commissioner’s Office (ICO) https://ico.org.uk/
Please note that there may be occasions where you object to, or ask us to restrict, or stop, processing of your personal information, or erase it, but we shall be unable to comply with such requests for legal reasons.