Privacy Policy

25 May 2018

Integrity is one of the key values of Roseland Partners, and as such the privacy and integrity of your personal information is very important to us.

Roseland Partners is an employment agency registered as a data controller in the UK. We ensure that the data we process is done so fairly and lawfully, and that it is used only for the purposes set out in this policy.

When used in this document the terms “the Company”, “we”, “us”, “our” and “ours” refer to Roseland Partners Ltd. The terms “you”, “your” and “yours” refer to any user of (the “Site”), prospective employees, candidates, clients, suppliers and any other contacts of Roseland Partners.

A Cookie Statement sits alongside this Privacy Policy. This Site is also governed by the Terms of Use. We advise that you also review the Cookie Statement and the Terms of Use before proceeding further on this Site.

1. What is the purpose of this privacy policy?

In accordance with the General Data Protection Regulations (GDPR), this Privacy Policy details how your personal information may be collected, used, stored, and disclosed as a result of our communication with you and your activities on or through this Site. It explains the lawful bases for processing this information, and most importantly your rights.

2. What personal data do we collect, and where do we collect it from?

You provide us with information about yourself directly by corresponding with us by telephone, email, and other forms of communication, such as LinkedIn. If you contact Roseland Partners we may keep a record of that correspondence. You also provide us with information about yourself by posting comments on, or reporting problems with the Site. From time to time we may also collect information when people enter a competition, promotion, survey, contribute to a market or insight report, or interact with us at an event.

The information we collect could include: your name, email address, phone number, nationality / visa details (to demonstrate the right to work in the UK or another country), employment history, education history, salary details, employment preferences, and links to your professional profiles that exist in the public domain, such as LinkedIn. If you provide us with your CV, it will be uploaded to our database.

Roseland Partners run an ongoing candidate referral incentive scheme, and from time to time additional short-term incentive schemes. Should you become eligible for a prize in one such incentive scheme we may need to gather additional personal information from you, for example delivery address details, or bank details. Such information will be deleted after its necessary use.

In the unlikely event that the nature of a role or the applicable jurisdiction requires it, we may need to collect and process more sensitive personal data about you, such as information about your health (including details of sick leave taken during previous roles), details of disabilities, details of any offences you have committed or are alleged to have committed, and whether you are a member of any professional or trade associations. Please see section 5 for the legal basis for such processing.

We may be made aware of your information from a reference or word of mouth. For example, you may be recommended by a friend, a former employer, a former colleague or even a present employer.

When you visit this Site you do so without revealing personal information about yourself. Our web server collects technical information and information about your visit, including the name, address, the IP address and domain you used to access this Site, the type and version of browser and operating system you are using, and the website you came from and visit next. This information may be used by us to measure the number of visits, average time spent, page views, and other statistics about visitors to this Site in general. This information does not identify you personally.

3. How and why do we use your personal data?

We may use your personal data in a number of ways:

  • if you are a candidate, to enter your details onto our database in order to find positions that may be suitable for you, communicate with you about these positions, and to assist with the recruitment process;
  • if you are a client, to enter your details onto our database in order to find candidates suitable for the positions that you are hiring for, communicate with you about these candidates, and to assist with the recruitment process;
  • if you are a client, to make you aware of candidates who we believe would be a good fit for your organisation, outside of a live recruitment process;
  • to provide you with recruitment services – which may include career guidance and management and to supporting resourcing needs and strategies;
  • to carry out our obligations arising from any agreements or contracts we have with you;
  • to maintain our professional relationship;
  • to perform administration or operational functions;
  • where you have provided your contact information regarding the possible use of our services, to advise you of news and industry updates, events, services, promotions, competitions, reports and other information that we believe may be of interest to you because it is relevant to your career or to your organisation. Where we do this you will be able to unsubscribe from such communications using the unsubscribe link or by contacting us at;
  • to analyse visitor trends and traffic on our website – this information does not identify you; and
  • to comply with our legal obligations and rights, under contracts and at law, and to cooperate with authorities and investigations.

4. How long do we keep your personal data for?

We only retain your information for as long as is necessary for us to use your information as described above or to comply with our legal obligations. However, please be advised that we may retain some of your information after you cease to use our services, for example if it is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes.

When determining the relevant retention periods, we will take into account various factors including:

  • our contractual obligations and rights in relation to the information involved;
  • legal obligation(s) under applicable law to retain data for a certain period of time;
  • our legitimate interest where we have carried out a legitimate interests assessment and balancing test (see section 5);
  • statute of limitations under applicable law(s);
  • (potential) disputes;
  • if you have made a request to have your information deleted; and
  • guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your information once this is no longer needed.

5. What legal bases do we have for using your data?

There are six legal bases on which an organisation can use personal data. At least one of them must apply in each case of storing and using data. They are listed below.

  1. Consent – the individual has given clear consent for their personal data to be processed for a specific purpose.
  2. Contract – the processing is necessary for a contract between two parties, or because one party has been requested to take specific steps before entering into a contract.
  3. Legal obligation – the processing is necessary to comply with the law (not including contractual obligations).
  4. Vital interests – the processing is necessary to protect someone’s life.
  5. Public task – the processing is necessary to perform a task in the public interest or for official functions, and the task or function has a clear basis in law.
  6. Legitimate interests – the processing is necessary for the legitimate interests of the business, or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This does not apply to public authorities processing data to perform official tasks.)

We may use one of four of these legal bases depending on the specific circumstances, for example:


  • If we approach you about a position or to introduce ourselves, we may ask for your consent to store your data.
  • We will ask your consent to send your details to a client for a position, or to a client speculatively if we believe there could be a good fit between you and their organisation.
  • We may collect and process special category or more sensitive personal data only so far as is necessary to ensure we meet legal or contractual requirements, such as equal opportunities laws or obligations imposed upon us by our clients (to enable them to comply with their own legal requirements). We must have your explicit consent to collect and store such data. Special category data could include:
    • information about your race or ethnicity, religious beliefs, health, sexual orientation and political opinions;
    • trade union membership; and
    • information about criminal convictions and offences.
  • Wherever consent is the lawful basis for us processing your information, you have the right to withdraw your consent at any time (see section 13). If you do so, it does not mean that anything we have done with your personal data with your consent before that point is unlawful.


  • If you are a client or a supplier the legal basis of carrying out a contract will apply if we are negotiating or have entered into a contract or agreement with you or your organisation, or any other contract to provide services to you or receive services from you or your organisation.

Legal obligation

  • The basis of legal obligation will apply if we are legally required to hold information on you to fulfil our legal and regulatory obligations, such as disclosure to public authorities, regulators and investigators.

Legitimate interests

  • If you are a candidate or potential candidate, we regard communication with you to be on the basis of legitimate interests. We may be contacting you in order to assess your suitability for and interest in potential roles which seem suitable for you.
  • If you are a client or potential client, we regard communication with you to be on the basis of legitimate interests. The exchange of personal data of our candidates and our client contacts is a fundamental, essential part of the process of a recruitment agency that ultimately benefits all parties.  
  • Before we process data on this legal basis, we carry out a legitimate interests assessment. This includes a ‘balancing test’ to ensure that the processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests. We keep a record of these assessments. You can find out more about them by contacting us using the details in point 13.

6. Who do we share your personal data with?

We do not share, distribute or sell your personal information with unrelated third parties, except as otherwise provided for in this Privacy Policy and under these limited circumstances:

  • if you are a candidate, as necessary to enter a recruitment process, potential recruitment process, or other recruitment service that you have requested, with your consent. Your contact details would be omitted from such communication, and we require that clients use your CV solely for the purpose of filling a position within the client for which the information was provided and not disclosing your CV outside of their organisation;
  • suppliers, contractors and agents who may perform services for us, such as: professional advisors (for example, accountants or lawyers); IT software and service companies; research and mailing houses; venues and event organisers; analytics and search engine providers that assist us in the improvement and optimisation of our site; credit reference agencies; compliance partners and other sub-contractors for the purpose of assessing your suitability for a role (such as psychometric testing and reference/qualification checking);
  • if you have taken part in an incentive scheme we may share your details with a third party for the purpose of sending you a gift;
  • we reserve the right to transfer your information to a third party in the event of a sale, merger, liquidation, receivership or transfer of all or a substantial portion of the assets of our Company provided that the third party agrees to adhere to the terms of this Privacy Policy and provided that the third party only uses your personal data for the purposes that you provided it to us. You will be notified in the event of any such transfer and you will be afforded an opportunity to opt out if required by law; and
  • if required to do so by law, a court order or by a regulatory authority of competent jurisdiction or if we believe that such action is necessary to protect, defend or enforce the rights of Roseland Partners.

7. How do we keep your data secure?

Our web servers use a range of technologies to keep data protected, including Transport Layer Security (TLS) encryption, account isolation, firewall systems, and automatic malware defence. In the unlikely event of a breach of these servers Roseland Partners is not responsible and cannot be held liable. The transmission of data over the internet is never completely secure and as such we cannot guarantee the security of data that is transmitted to our Site nor our email addresses nor any other form of electronic communication; any such transmission is at your own risk.

Once we have received your information, we will use strict organisational procedures as well as the aforementioned security features to try to prevent any unauthorised access.

If you are a candidate, we will require that clients use your CV solely for the purpose of filling a position within the client for which the information was provided and not disclosing your CV outside of their organisation. However, although Roseland Partners deals only with reputable organisations, we cannot guarantee that all clients will adhere to the limitations we impose on them. If at any time you would like your CV removed from our database, please contact us.

8. Do we transfer your data outside of the EEA?

There may be circumstances when your personal data may be transferred internationally, for example:

  • to third parties such as advisers or other suppliers;
  • to overseas clients;
  • if you are not based in the UK, to clients within your country who may, in turn, transfer your data internationally; or
  • to a cloud-based storage provider.

We want to make sure that your personal data is stored and transferred in a way which is secure. We will therefore only transfer data outside of the EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, for example:

  • by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission for the transfer of personal data by data controllers in the EEA to data controllers and processors in jurisdictions without adequate data protection laws;
  • by signing up to the EU-U.S. Privacy Shield Framework for the transfer of personal data from entities in the EU to entities in the USA or any equivalent agreement in respect of other jurisdictions;
  • transferring your data to a country where there has been a finding of adequacy by the European Commission in respect of that country’s levels of data protection via its legislation;
  • where it is necessary for the conclusion or performance of a contract between ourselves and a third party and the transfer is in your interests for the purposes of that contract (for example, if we need to transfer data outside the EEA in order to meet our obligations under that contract if you are our client); and
  • where you have consented to the data transfer.

9. What rights do you have in relation to the data we hold on you?

  1. The right to be informed – to be provided with clear and concise information about what we do with your personal data. This is why we are providing you this information within this Privacy Policy.
  2. The right of access – the right to obtain a copy of the data we hold on you.
  3. The right to rectification – to have any inaccurate or incomplete personal information rectified.
  4. The right to erasure – also known as the ‘right to be forgotten’, this is the right to request that your details are deleted or removed. This right is not absolute and doesn’t apply in all circumstances.
  5. The right to restrict processing – to limit the way that we use your data. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ (a ‘suppression list’) to make sure the restriction is respected in future.
  6. The right to data portability – to be able to receive personal data in a structured, commonly used and machine-readable format in order that it can be transferred to a new provider;
  7. The right to object – to request that your data is not processed. The application of this right depends on the purpose and lawful basis for processing.
  8. Rights in relation to automated decision making and profiling – rights related to decision making and profiling without any human involvement. Roseland Partners does not utilise this type of technology.

For more information, see the full ICO explanation.

10. The use of cookies on our Site

As with the majority of websites, our Site uses cookies to distinguish you from other users, to help us to provide you with a good experience when you browse the Site, and to allow us to improve it. For more information, please refer to our Cookie Statement.

11. Links to other websites

Certain links on this Site may take you to other third party websites. Roseland Partners provides these links as a convenience, and while we intend to link only to sites that share our standards and respect for privacy, we are not responsible for the content of, or the privacy practices employed by these websites. We advise that you review the privacy policies and cookie statements posted on any websites you visit before using them or providing any personal information about yourself.

12. Changes to our Privacy Policy

Roseland Partners reserves the right to change the Privacy Policy at any time without prior notice. This may be necessary from time to time due to changes in the law, technology, and/ or our ways of working. The date of the most recent modification will be provided at the top of this page and we will place a notice on the site.

We do not currently operate online accounts and therefore we will not contact you via email about these changes. You are advised to check this Privacy Policy on a regular basis for updates.  

13. Contact information

If you have any questions or concerns regarding this Privacy Policy, or if you wish for your details to be amended or removed, please contact us using the details below and we will respond as soon as possible. Note that we may keep a record of your communication with us to help us resolve any issues which you raise.
T: +44 (0) 7974 579 022

We hope that we will be able to resolve any questions or concerns you have, but you do have the right to raise concerns with the Information Commissioner’s Office (ICO) if you believe that your data protection rights have not been adhered to. Their contact details are:
T: +44 (0) 303 123 1113