GDPR Policy


GDPR Policy

Artifeks Ltd

Arena Business Centre, Abbey House, 282 Farnborough Road, Farnborough, Hampshire, United Kingdom, GU14 7NA

  • Introduction

This GDPR Policy (hereinafter referred to as the "Policy") outlines the data protection practices and procedures implemented by Artifeks Ltd (hereinafter referred to as "we," "us," or "our") as a recruitment company. We are committed to protecting the privacy and personal data of individuals (hereinafter referred to as "you" or "your") in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

  • Data Controller and Contact Information

Artifeks Ltd  acts as the data controller for the personal data we collect and process. If you have any questions, concerns, or requests regarding the processing of your personal data or this Policy, please contact us using the following details:

Artifeks Ltd

Arena Business Centre, Abbey House, 282 Farnborough Road, Farnborough, Hampshire, United Kingdom, GU14 7NA

  • Principles of Data Protection

We are committed to upholding the following data protection principles in accordance with the GDPR:

3.1. Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and transparently. We provide individuals with clear and concise information about the processing of their personal data.

3.2. Purpose Limitation: We collect and process personal data for specified, explicit, and legitimate purposes. We do not process personal data in a manner incompatible with these purposes.

3.3. Data Minimisation: We only collect and process personal data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

3.4. Accuracy: We take reasonable steps to ensure that personal data is accurate, complete, and up to date. We also provide individuals with the opportunity to rectify inaccurate or incomplete personal data.

3.5. Storage Limitation: We retain personal data for no longer than is necessary for the purposes for which it was collected, taking into account legal obligations and legitimate business interests.

3.6. Integrity and Confidentiality: We implement appropriate technical and organisational measures to ensure the security, integrity, and confidentiality of personal data.

3.7. Accountability: We demonstrate compliance with data protection laws and regulations, including the GDPR. We maintain records of our data processing activities and conduct data protection impact assessments when required.

  • Personal Data Collection and Processing

4.1. Categories of Personal Data: We may collect and process the following categories of personal data for recruitment purposes:

  • Contact details (such as name, address, email address, and phone number)

  • Resume/CV and employment history

  • Educational background and qualifications

  • Skills, experience, and professional interests

  • Any other information you voluntarily provide during the recruitment process

4.2. Lawful Basis for Processing: We rely on the following lawful bases for processing personal data:

  • Contractual necessity: Processing is necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract.

  • Legitimate interests: Processing is necessary for our legitimate interests as a recruitment company, provided that such interests are not overridden by the rights and freedoms of the data subject.

  • Consent: We may seek your explicit consent for specific processing activities. You have the right to withdraw your consent at any time.

  • Data Sharing and Disclosure

5.1. Recruitment Partners: We may share your personal data with recruitment partners, such as employers and organisations offering job opportunities, for the purpose of assessing your eligibility for job opportunities.

5.2. Service Providers: We may engage third-party service providers to perform certain functions on our behalf, such as website hosting, data analysis, background checks, and IT support. These service providers are contractually bound to handle personal data in accordance with applicable data protection laws.

5.3. Legal Obligations: We may disclose personal data if required by law, regulation, legal process, or enforceable governmental request.

5.4. International Data Transfers: If we transfer personal data outside the European Economic Area (EEA), we will ensure appropriate safeguards are in place, such as using standard contractual clauses or relying on the Privacy Shield framework for transfers to the United States.

  • Data Subject Rights

6.1. Access and Rectification: You have the right to request access to and rectification of your personal data held by us. We will provide you with a copy of the personal data undergoing processing and make necessary corrections if the data is inaccurate or incomplete.

6.2. Erasure and Restriction: You have the right to request the erasure of your personal data or the restriction of its processing under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent.

6.3. Objection and Automated Decisions: You have the right to object to the processing of your personal data based on our legitimate interests. You also have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or significantly affects you.

6.4. Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another data controller where technically feasible.

  • Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, alteration, or disclosure. We regularly review and update our security measures to ensure the ongoing confidentiality, integrity, and availability of personal data.

  • Changes to this Policy

We may update this Policy from time to time to reflect changes in our data protection practices or legal requirements. The revised Policy will be effective as of the date of publication on our Website.

  • Complaints and Contact Information

If you have any concerns or complaints regarding the processing of your personal data or this Policy, please contact us using the contact information provided in section 2. We will promptly investigate and address your concerns.