Employee privacy policy

Data protection privacy notice

We are committed to protecting your personal information and ensuring we respect your privacy. This Privacy Notice explains how we will look after and use any personal information that we collect about you.

What is personal information?

Personal information means any information about you from which you can be identified. Examples of personal information include your name, home address, national insurance number, date of birth, telephone number and e-mail address but it also includes other pieces of information which can be used to identify you, either directly or indirectly, such as a cookie.

Who we are

Ingenious Media Limited is the Controller of the personal information you provide to us. If you have any questions about this Privacy Notice or the information we hold about you please contact our Data Protection Officer using the details set out below:

Full name of legal entity: Ingenious Capital Management Services Limited

Name of DPO: Dane Persson

Email address: compliance@theingeniousgroup.co.uk

Postal address: Parcels Building, 14 Bird St, London, W1U 1BU

Contact telephone numbers: 02073194000

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would however appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

What types of information do we use?

We collect information at the recruitment stage and when you are employed with us. At the recruitment stage we will ask for basic personal information only. If we employ you, further personal information will be requested/used. The type of personal information used in the course of employment includes:

Name
Address details
Gender
Date of Birth
Contact information (Including personal/work)
Employment Details (Including position, compensation, performance & absence records)
Bank Account Details
Educational history
Employment history (Including CV)
Instructions or requests (for example if you ask for documents, references or annual leave)
Financial information (financial position and history);
Documentary data (things can include passport or drivers licence or other forms of identification)
Family information required for benefits
Emergency contact details
Historical information i.e. previous names and addresses

We may collect the following information from you which is referred to as a special category of personal data because it is sensitive information about you and will require special protections. The information that we may collect is in relation to your:

Medical History.

We are able to process this information in order to comply with our rights and obligations in relation to employment law, social protection law and social security law.

We collect information about criminal convictions or offences because as part of our staff vetting procedures, and to comply with our obligations under the Financial Services and Markets Act 2000 to ensure that certain staff are fit and proper to carry out regulated activities.

Consequences of not providing some types of information

Where we need to collect your personal information by law, or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to commence or continue your employment.

How do we collect information about you?

Typically we will collect information from you at the start of the recruitment stage, when we decide to hire and during the course of your employment. We collect information from and about you in the following ways:

Through direct interactions when you give us your personal information by filling in forms or during correspondence with us.
Through third parties such as Recruiters or the Disclosure and Barring Service.

How we will use your personal information

We only obtain, use and keep personal information where we need it for a specific purpose. We set out in the table below the ways in which we plan to use your personal information. We are only able to use your personal information if we have a proper legal reason or basis for doing so. Most commonly we will use your information in the following ways:

We have a contract of employment with you.

We have a legal obligation. We need to use your personal information to comply with employment law.

We, or a third party, have a legitimate interest in processing the information and your interests and fundamental rights do not override those interests. For example, processing your information to prevent fraud or to provide you with certain employment benefits.

We set out in the table below all the ways we plan to use your personal information and the legal basis we rely on to do so. We also explain what our legitimate interests are where appropriate:

Purpose	Lawful basis for processing including our legitimate interests
To on-board you as a new employee and fulfil our obligations as an employer	To fulfil our contract with you
To provide references or contact you after you leave our employment	Necessary for the legitimate interests of you and Ingenious
After you have left our employment in the event that we need to contact you or provide references	Necessary for the legitimate interests of you and Ingenious

We will only use your personal information for the reason for which we collected it. We will only use it for another reason if we believe that new reason is compatible with the original purpose. If we do need to use your personal information for a non-related purpose, we will tell you about it and explain the legal basis which allows us to do so.

We may need to provide information to third parties for a variety of reasons, for example, in order to provide you with certain employee benefits. The categories third parties we share your information with (if applicable) are as follows:

Insurance providers
Payroll services providers
Childcare vouchers providers
Health Screening service providers
Regulatory authorities
Pension services providers
Employee benefits administration suppliers

Sending your information outside of the EEA

The regulations which have been put in place to protect your privacy apply throughout the EEA. The EEA is the European Economic Area which includes all the countries in the European Union plus Iceland, Liechtenstein and Norway. This means that any country within the EEA must meet the same privacy standards as the United Kingdom. All the personal information that we hold about you will be processed in the EEA.

Storing your information

We will need to keep your personal information (updated to ensure accuracy) to fulfil our contract of employment. We also need to comply with EU and UK law, which often requires us to keep certain records – which will include certain personal information – for several years.

Our policy is to keep records for up to as long as is reasonably required after you are no longer an employee. We will ensure all records are safely destroyed if we no longer need to retain them. We review our retention periods for personal information on a regular basis. We will tell you if we change the retention period.

Your rights

You are provided with a number of different rights under the data protection laws in relation to your personal information. These allow you:

To access your information;
To request we correct your information;
To request that we erase your information;
To object to the processing of your information;
To request a restriction in the processing of your information;
To request a transfer of your information; and
To withdraw your consent.

If you wish to exercise any of these rights, please email compliance@theingeniousgroup.co.uk. Please note that you will not have to pay a fee to access your personal information or to exercise any of the other rights. We may, however, charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or we may refuse to deal with your request. We may also need to seek further information from you to confirm your identity before we release any personal information. This does not affect your right to make a complaint.

Security

We have put in place appropriate security measures to protect your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We have a procedure to deal with any suspected personal data breach and will notify you, and other regulators, where we are legally required to do so

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_dc_gtm_UA-66407291-1	1 minute	This cookie is installed by Google Tag Manager.
_ga		This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_1PT8CHXJK2		This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
ln_or	1 day	Linkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.
PFCE	1 month	Profound email marketing sets this cookie to detect a click through from a marketing email.
PFCT	1 month	Profound email marketing sets this cookie to detect a click through from a marketing email.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.

Cookie	Duration	Description
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.