Who are we?
We are Cypher Search (a Cypher Group Limited company.) We provide executive search services to clients looking to recruit personnel for their businesses.
At Cypher Search, our focus is to provide executive search and leadership advisory solutions. We engage world-class executives to drive business transformation strategies and outcomes across our client's organizations.
Cypher Search has demonstrable expertise and knowledge to provide clients with shortlisted candidates that have the relevant skills, competencies, knowledge and diversity to succeed in their organizations.
What does this Policy cover?
This Privacy Policy explains our use of personal data processed through the website, if you choose to contact us and our use of business contact details. It also explains how we use candidate personal data and the personal data of our clients.
What personal data do we collect and why do we use it?
The information below explains who we collect personal data about, what that personal data is and the purpose we process it for.
The Lawful Basis for Processing sets out the ‘lawful basis’ we rely on for processing that personal data which is a requirement of data protection rules. Essentially, companies may only process personal data if they can identify a lawful basis from a list set out in the legislation.
Candidates:
CVs, identification documents, educational records, work history, employment record and references, correspondence and other personal data provided by you as part of the recruitment or engagement process.
We rarely process special category information such as racial, disability, trade union or health information where you have made this available to us.
We mainly collect this information directly from you during the recruitment, engagement and on-boarding stages.
Sometimes we collect information from third parties such as an agent acting on your behalf such as an interim manager or from a third-party recommendation or a person giving a reference.
We do use some publicly available sources to find information about potential candidates, specifically LinkedIn and company websites.
The processing is necessary for our legitimate interests of assessing suitability for potential roles, to find potential candidates.
If you choose to give us special category data, we obtain your express consent to process that.
References/Referees:
Contact details and correspondence.
Reference contact details may be given to us by candidates as part of a recruitment process.
Other personal data about referees is given to us by you directly.
Our legitimate interests as a business in obtaining references on candidates.
Individuals who contact us with general queries:
Contact details provided and correspondence.
This information is given to us by you.
It is used to respond to the query and keep a record of it.
Our legitimate interests as a business in responding to and keeping a record off correspondence.
Clients and potential clients:
Contact details provided and correspondence. Contracts.
This information is given to us by you or from publicly available information (for example on your website).
It is used for us to fulfil contracts and engage in business discussions.
Our legitimate interests as a business in responding to and keeping a record off correspondence. Some information is also necessary for us to perform our contract – for example certain contact details.
Suppliers and contractors:
Contact details and provided correspondence.
This information is given to us by you or from publicly available information (for example on your website).
It is used for us to fulfil contracts and engage in business discussions.
Our legitimate interests as a business in responding to and keeping a record off correspondence. Some information is also necessary for us to perform our contract – for example certain contact details.
Website visitors:
Information from cookies. For more details see our Cookie Notice below.
This information is collected via the cookies when you use our website.
We use it for the purpose of analysing how visitors use our website.
We only install non-essential cookies with your consent. For more details see our Cookie Notice below.
Where we have indicated above that we rely on legitimate interests for processing of personal data, we carry out a ‘balancing’ test to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing.
How long do we keep your personal data for?
We keep your information only for as long as is necessary for the relevant purpose. For example, if we have a contract with you, this will be for 6.5 years after expiry in order to assist us with any contractual claims. We use a number of criteria for determining the retention period including obligations under law, our need to defend or bring contractual claims within the statutory limitation period and consideration of the original purpose we collected it for.
Who do we share your personal data with?
Data may be shared in the following circumstances:
· Where you are a candidate:
. We share your personal data with the client, e.g global multinational organisations who has a position to fill in order to determine with the client whether you are a good fit for an available position;
· With professional advisors;
· In the event of a sale of the company or its assets;
· With suppliers but only subject to robust contractual protections;
· Other companies in our group;
What happens if you do not provide us with the information we request or ask that we stop processing your information?
If you do not provide the personal data necessary, we may not be able to respond to your query or consider your application or request or to provide the relevant services to you.
Do we make automated decisions concerning you?
Automated decisions are those made without human intervention that have a legal effect on you or other similarly significant effect (for example determining whether you are eligible for a job). We do not carry out this type of processing activity.
Do we transfer your data outside the UK and Europe?
We may sometimes transfer your personal data to countries outside the UK and European Economic Area, for example if we are either using a supplier or working with a client based elsewhere. You can find the list of European member states by clicking on the following link: https://europa.eu/european-union/about-eu/countries/member-countries_en. The privacy laws in countries outside the European Economic Area and UK may be different from those in your home country.
At present we transfer personal data to the following countries outside of the European Economic Area: North America (United States & Canada), Middle East (Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, United Arab Emirates, Asia (China, Hong Kong, India, Indonesia, Japan, Malaysia, Singapore, Thailand, Vietnam) and Oceania (Australia & New Zealand).
Where we transfer data to a country that has not been deemed to provide adequate data protection standards, we always have security measures and approved European model clauses or other adequate safeguards in place to protect your personal data. Please contact us if you would like more details about our safeguards for data transfers.
What rights do you have in relation to the data we hold on you?
By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country. In the UK this is the Information Commissioner.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
· baseless or excessive/repeated requests, or
· further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request in some circumstances.
Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
Rights
What does this mean?
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Policy. If you have any additional questions, for example regarding transfers and locations of data or our legitimate interest basis, do please get in touch.
2. The right of access
You have the right to obtain access to your information (if we are processing it), and certain other information (similar to that provided in this Privacy Policy).
This is so you’re aware and can check that we’re using your information in accordance with data protection law.
3. The right to rectification
You are entitled to have your information corrected if its inaccurate or incomplete.
4. The right to erasure
This is also known as the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right, there are exceptions.
5. The right to restrict processing
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability
You have rights to obtain and reuse your personal data for your own purposes across different services. This is not a normal scenario for companies of our nature but if you have any questions you can contact us.
7. The right to object to processing
You have the right to object to certain types of processing, including processing for direct marketing or where we are relying on our legitimate interests for processing.
8. The right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
9. The right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.
Cookie Notice:
What do we use Cookies for?
‘Cookies’ and similar technologies such as web beacons and pixels are small files that are stored by your browser (for example, Internet Explorer or Safari) on your computer or mobile phone. We use the generic term Cookies in this policy to cover all such technologies. Cookies help our website recognise your device and remember information about your visit like your preferences, settings and how you use our website. Some are essential to our website and others are helpful to us but non-essential as explained in more detail below.
What Cookie types do we use?
Our Cookies are either first party or third party. Whether a Cookie is ‘first’ or ‘third’ party refers to the website or domain placing the Cookie. First Party Cookies are placed directly by us, while other parties we may do business with set Third Party Cookies. These third parties collect data directly from your web browser and the processing of this data is subject to their own privacy policies.
Cookies are either:
Session Cookies – which allow websites to link your actions during a browser session. We may use these for a variety of purposes such as remembering what you clicked on, on the previous page visited. These session Cookies expire after a browser session so would not be stored longer term; or
Persistent Cookies – which are stored on your device in between browser sessions and allow your preferences or actions across a site (or in some cases across different websites) to be remembered. These Cookies do not expire once the browsing session closes and remain on your device until an expiration date set by the source of the Cookie.
What are the categories of the Cookies we use?
Essential Cookies: These Cookies are essential to make our website work correctly, they enable you to move around our website and use our features. These Cookies are necessary for the provision of our services and if you do not want us to collect such information, you must cease using our website immediately.
Performance Cookies: These Cookies help us understand how you interact with our website, by providing information about the areas visited, the time spent on the website, and any issues encountered, such as error messages. This helps us improve the performance of our website.
Functionality Cookies: These Cookies allow our website to remember if you have previously visited our site or the choices you make (such as your user name, language, region or preferences) to provide a more personalised online experience.
Targeting/Advertising Cookies: These Cookies are used to deliver content that is more relevant to you and your interests. They may be used to deliver targeted advertising or to limit the number of times you see an advertisement.
A full list of the cookies we use and their duration is set out below.
Cookie Name Dps_site_id
Type Performance
Duration Session
Cookie Name _tccl_visitor
Type Performance
Duration 1 Year
Cookie Name _tccl_visit
Type Performance
Duration 30 Mins
How do you manage Cookies?
We always ask for your consent before installing any non-essential cookies on your device.
Most internet browsers are initially set up to automatically accept Cookies. You can change the settings to manage Cookies being sent to your device.
Disable Cookies in Internet Explorer >> Click here
Disable Cookies in Chrome >> Click here
Disable Cookies in Safari >> Click here
Disable Cookies in FireFox >> Click here
Disable Cookies in Safari IOS >> Click here
Disable Cookies in Google Android >> Click here
Click here for more information on Cookies and how to manage them.
Contact us:
If you are unhappy with how we’ve handled your information or have further questions on the processing of your personal data, contact Laura Newell at laura@cyphersearch.com, or write to Cypher Group Limited, 124 Cleveland Street, London, W1T 6PH.