INFOROM’S COMMITMENT TO PRIVACY AND SECURITY (GDPR)
By engaging with Inforom, you trust us with your personal information collected throughout the application process. We are committed to make sure any personal data you give us is safe and secure. We communicate data privacy and security guidelines to our employees and enforce privacy guidelines within our company. Trust is the cornerstone of our relationships with clients, individuals, and the public. We have always been committed to the security and protection of personal data and we constantly strive to provide a compliant and consistent approach to data protection. Our Data Retention Policy reflects the GDPR ‘data minimization’ and ‘storage limitation’ principles, which govern how personal data is stored, archived, and destroyed.
This Policy describes how Inforom Consultancy Services and its affiliates and subsidiaries (collectively “Inforom Consultancy Services”, “Inforom”. “we” or “us”) collect, use, transfer, and disclose your information. It also tells you how you can check and update any of your personal information.
Data protection principles
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We will comply with data protection law, which means that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
This Policy also covers information collected through:
- web sites we operate from which you are accessing this Policy (the “Site”),
- the software applications we make available for use on or through computers or mobile devices (the “Apps”),
- our social media pages and apps to which the Site links (collectively, our “Social Media Pages”), and
- HTML-formatted email messages we send to you that link to this Policy (collectively, including the Site, Apps, and our Social Media Pages, the “Online Systems”).
This Policy also covers other means by which we collect information. For example, it also covers how we collect information from in person discussions, telephone conversations, and through non-electronic communications (i.e., collection through other means than our Online Systems). Personal data may be transferred during phone calls or electronic conferencing. Inforom utilizes EE Limited to provide both landline and cellular service. Additionally, Inforom uses electronic conferencing platforms such as Zoom, Skype, and WebEx.
WHO WE ARE
Inforom Consultancy Services is a global executive search and consulting firm. We help companies design their organization – the structure, the roles and responsibilities, as well as how they compensate, develop and motivate their employees. We also help organizations select and hire the talent they need to execute their strategy.
Inforom offers services to help companies recruit new personnel and attract talent (“Recruitment Services”). We provide Recruitment Services to clients searching for talent at the board-level, chief executive, and other senior executive positions. We also help clients find talent for middle to upper level management. Our teams also provide recruitment process outsourcing or project recruitment services to help clients attract top people.
We are also a global management consulting firm that provides talent management and consulting services (“Consulting Services”). We help our clients implement their business strategy by consulting with them on strategy execution and organization design, talent strategy and work design, rewards and benefits, assessment and succession, leadership development, and other talent needs.
Inforom Consultancy Services also has products that may be used by you or our clients to conduct assessments, participate in surveys and career coaching, conduct compensation and benefits analysis (where permitted by law), and facilitate the recruitment process (“Products”).
Often, our client may be your employer or an organization with which you are seeking employment.
PERSONAL INFORMATION WE COLLECT
Inforom Consultancy Services collects information that identifies you as an individual or relates to an identifiable individual (“Personal Information”) to provide Services to you, our clients and to operate our business. The type of Personal Information we collect about you depends on the situation at hand.
- We may collect your name, contact details and your preferred means of communication. We may also collect your responses to survey and assessment questions.
- In the course of our Recruitment Services, we may collect the following types of information about you as a potential candidate: name, address, telephone number, e-mail address, resume information (employment history, education, professional credentials, memberships in professional organizations, skills, etc.), citizenship, information from former employers and other references, and additional information to the extent we have acquired or you have provided us with such information. We also use photos of you that you provide to us or that you make publicly available on the Internet (e.g., LinkedIn). As permitted by applicable laws, we obtain background verification information.
- When you are utilizing our Online Systems, we may collect login user credentials like user names, passwords, and password hints.
- Where permitted by law, we may collect compensation and benefits information about you to consult with you or our clients on rewards and benefits.
- In certain cases, we request sensitive Personal Information about you. We may use this information to ensure that our Services conform with legal requirements, including equal opportunity laws. Our assessments and surveys may include demographic survey questions like questions about gender, race, age, or country of origin. Except in these limited cases, we encourage you not to provide any other sensitive Personal Information to us, such as government identification numbers, payment card numbers, information related to racial or ethnic origin, political opinions, religious or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership.
Please do not provide us with any Personal Information if you do not agree with this Policy.
HOW WE COLLECT PERSONAL INFORMATION
As you interact with Inforom Consultancy Services, you provide some Personal Information directly.
- We may collect Personal Information when you register to use our Online Systems, submit or build a resume, respond to employment opportunities, complete online assessments or surveys, participate in online courseware, provide Personal Information about yourself to our coaches or contact us via e-mail, electronic forms, telephone or postal mail.
- If you submit any Personal Information about other people to us or to our service providers, you represent that you have the authority to do so and to permit us to use the information in accordance with this Policy.
Personal Information about you may also come from our clients to whom we provide Services.
We may also obtain Personal Information about you from third parties.
- When someone participates in an assessment or coaching experience, they may share Personal Information about you.
- When providing our Recruitment Services we may also obtain Personal Information about you from referrals, networking activities, public databases, joint marketing partners, licensed databases, and social media platforms. The information we collect from these third parties includes information about the identity of potential candidates (e.g., an individual’s name, address, telephone number, e-mail address), information about their background and qualifications (employment history, education, professional credentials, memberships in professional organizations, skills, etc.), citizenship, information from former employers and other references. We also use photos of you that you provide to us or that you make publicly available on the Internet (e.g., LinkedIn). As permitted by applicable laws, we obtain background verification information.
HOW WE USE THE PERSONAL INFORMATION WE COLLECT
Inforom Consultancy Services uses the Personal Information it collects in several ways and we will only use your personal information when the law allows us to. The summary below provides additional details about the ways we use the Personal Information we collect.
We use your Personal Information to provide our Services. We use Personal Information to render Services to you and our clients. We do this to fulfill our contractual relationships with you and our clients and where we have a legitimate, beneficial interest in using Personal Information to conduct our business. In the course of our Recruitment Services, we may use Personal Information that we have collected to create a profile about you. This profile may be used to identify professional opportunities that we think may be of interest to you.
- We may contact you from time to time regarding those opportunities. We may also contact individuals from time to time for referrals. We may solicit names of, or additional Personal Information regarding, potential candidates in connection with our Recruitment Services to understand the market and provide other advisory services to our clients.
You can always object to our creating a profile about you, see the ‘Choices and Access’ section below on how you can object.
- If you object, we will remove your profile from our database, but this will also mean that you will not be considered for opportunities in the future.
In the course of our Recruitment Services, we also use your Personal Information to confirm references and conduct education and background checks as appropriate.
- We further use your Personal Information that we collect to aggregate and disclose diversity and other statistical information regarding our candidates and placement activities. We do so to manage our contractual relationship with you, with your consent, or because we have a legitimate business interest.
We use your Personal Information to respond to your inquiries, to verify your information, or to share information with you.
- We use your Personal Information to respond to your inquiries and fulfill your requests. If you contact us, we keep a record of your contact information and correspondence, and we use information you provide in your message to respond to your inquiry. We do so to manage our contractual relationship with you.
From time to time we use your Personal Information to send you important information regarding the Online Systems, changes to our terms, conditions, policies, and other administrative information.
- We may also contact you to verify that the Personal Information we collected about you is accurate and current. We use the Personal Information to manage our contractual relationship with you or to comply with a legal obligation.
We use your Personal Information to operate our business. We use your Personal Information for our business purposes, such as audits, internal communication regarding candidates and clients, determining the effectiveness of our promotional activities, administering our Services, maintaining and securing our infrastructure, and for procurement and financial transactions.
- We use this Personal Information to manage our contractual relationship with you and our clients, to comply with a legal obligation, and because we have a legitimate beneficial business interest.
We may use Personal Information to conduct analytics and thought leadership materials. Any published product will refer only to larger aggregations of individuals and will not identify you personally or include any results attributable to you. We perform analytics because we have a legitimate beneficial business interest in doing so.
We may retain and use Personal Information about you for research, publication, development, benchmarking and norms, validation, longitudinal studies, trend analysis, to improve and enhance our Services or to develop and market new Services. We may use Personal Information about you to ensure that our Services conform with legal requirements like equal opportunity laws. We also use your name and other personal identifiers to associate and combine information about you that is collected from one Service with information about you collected through other Services.
- We often pseudonymize or key-code your Personal Information, meaning that the personal is stripped of all information that may directly identify you and is replaced with a code to minimize unwanted or unintended identification. Such key-coded information can be de-coded by using the key so that it identifies you again.
- We may also anonymize, aggregate or de-identify Personal Information so the end-product does not identify you or any other individual. For example, we may use this information to generate norms by industry, geography, level, etc., enable us to understand where our Services are being utilized, conduct ongoing validation studies, compile reports, and publish journal articles to further the knowledge base of organizational and leadership science. Such aggregated, anonymized or de-identified information is not considered Personal Information for purposes of this Policy and we may use it for any purpose.
Inforom Consultancy Services sends informational e-mails, articles, white papers, proposals, engagement letters, and information regarding our Services. We also use your Personal Information to conduct surveys.
- We do so either with your consent or because we have a legitimate beneficial business interest.
- Occasionally, we may desire to use your Personal Information in press releases and direct marketing materials. Before we use your Personal Information in that way, we will obtain consent from you.
WHO HAS ACCESS TO YOUR PERSONAL INFORMATION
How your Personal Information is disclosed will depend upon the situation. We use your Personal Information to provide our Services. While providing our Services, we may disclose your Personal Information to clients who have engaged our services.
- In the course of our Recruitment Services, we disclose Personal Information regarding candidates, including the results of assessments and related data, to prospective employers that have engaged Inforom Consultancy Services to fulfill recruitment requests, or to reference sources.
- In the course of our Consulting Services and in providing our Products, we disclose Personal Information to our client. Our client can be your employer or an organization with whom you are seeking employment.
- If you have completed an assessment or survey at our client’s request as part of our Consulting Services or related to a Product, we will not share your assessment results with other clients without obtaining the appropriate consent.
- Inforom Consultancy Services works with third parties who provide services that may include, but are not limited to, assessment services, including assessment validation services, website hosting and IT consulting services, data analysis, resume verification, background checking, payroll services, public relations services, marketing services, attorneys, accountants, and other administrative and back-up and security services.
- As part of providing services, these third parties will be provided with access to Personal Information. In addition, our software development partners may use Personal Information to modify, improve, refine, and validate their technology, research and development.
- Inforom Consultancy Services may also use or disclose Personal Information (to comply with a legal obligation or because we have legitimate interest to do so) in order to: (i) comply with applicable laws, (ii) respond to inquiries, requests or orders from public or government authorities, including those outside of your country of residence, or (iii) protect the rights, privacy, safety or property, of Inforom Consultancy Services and our affiliates, you or others.
- We cannot and do not assume any responsibility for the actions or omissions of third parties, such as clients, including the way they use Personal Information received either from Inforom Consultancy Services or from other independent sources.
OTHER INFORMATION WE COLLECT
Inforom Consultancy Services collects other information that does not reveal your specific identity (“Other Information”), such as:
- Information collected through cookies, pixel tags, and other technologies,
- App usage data,
- Demographic information and other information provided by you, and
- Aggregated information.
Because Other Information does not reveal your specific identity, we may use it for any purpose. If we combine Other Information with Personal Information that identifies you directly (like combining your name with your location), we will treat the combined information as Personal Information for as long as it is combined.
If we are required to treat Other Information as Personal Information under applicable law, we may use and disclose it for the purposes for which we use and disclose your Personal Information as detailed in this Policy.
You can configure your browser settings to automatically decline cookies or be given the choice of declining or accepting the transfer to your computer of a particular cookie(s) from a particular site. Please refer to http://www.allaboutcookies.org/manage-cookies for information on how to manage cookies stored on your computer. If you disable cookies and similar technologies, your experience on the Site may be diminished and some features may not work as intended.
Inforom Consultancy Services may from time to time sponsor special features or promotions on the Online Systems and additional privacy information may be posted. Depending on the nature of the Service being utilized, your location, or our contract with our client that may have asked you to participate in a Service, you may be asked to consent to the collection, use, transfer, and disclosure of your Personal Information. You may also be shown a privacy notice before participating in a Service. That privacy notice, to the extent it conflicts with this Policy, will govern that particular Service, feature or promotion.
CHOICE AND ACCESS
Your provision of Personal Information to us is voluntary, although if you do not provide certain Personal Information you may not be able to participate in our Services.
Contact us if you would like to:
- ask questions about how we handle your Personal Information,
- withdraw your consent to our use of your Personal Information,
- object to our use of your Personal Information for our legitimate business interests, or
- request an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law),
- request to review, correct, update, suppress or restrict the use of your Personal Information,
- To review, correct, update, suppress or restrict the use of your Personal Information, please include all relevant User IDs and e-mail addresses as well as the names of any Inforom Consultancy Services or Inforom Consultancy Services -related sites, products, or services you may have accessed in your communication to email@example.com.
- Although we strive to maintain accurate Personal Information, if it is determined the Personal Information is not accurate, we will work quickly to correct it.
- Request that your Personal Information be removed from Inforom Consultancy Services’ databases,
- To remove your Personal Information from Inforom Consultancy Services’ databases, please include all relevant User IDs and e-mail addresses as well as the names of any Inforom Consultancy Services or Inforom Consultancy Services-related sites, products, or services you may have accessed in your communication to firstname.lastname@example.org
- Inforom Consultancy Services will delete Personal Information upon your request.
- Please note that to maintain consistency in our Services and operations, we retain backup systems. When you ask that your information be removed from Inforom Consultancy Services’ databases, we may not be able to delete residual copies from our systems or from our backup systems, but they will continue to be protected as required under this Policy.
If you would like to opt-out of receiving marketing communications from us, please contact us at email@example.com to have your contact information removed from our marketing databases.
- If you request to have your information removed from our marketing databases through an email request, please include “Remove User” in the subject line of the e-mail, and include your full name, User ID, and telephone number in the body of the e-mail message.
- You can also forward a copy of the e-mail or marketing communications from which you want to opt-out.
- We will respond to your request consistent with applicable law. We may decline to process requests that in our reasonable opinion may jeopardize the privacy of others or put our intellectual property at risk.
- Please note that when we perform Services at the specific request of our client, your request may need to be directed to that client. We may only be able to provide you with a non-confidential summary of our final assessment report because these reports contain confidential client personal information that we are not allowed to disclose.
- For your protection, we may only implement requests with respect to the Personal Information associated with the email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will comply with your request as soon as reasonably practical and may need to contact you to be sure that we understand your request.
- We also may need to retain certain Personal Information about you such as your e-mail address to honor opt-out or similar requests. Please keep in mind that this residual Personal Information will remain within Inforom Consultancy Services’ databases, access logs, and other records, which may or may not contain identifiable Personal Information about you. The residual Personal Information will not be used for commercial purposes. However, Inforom Consultancy Services reserves the right, from time to time, to recontact former users of its Services as appropriate.
LOCATION OF PERSONAL INFORMATION COLLECTED AND MAINTAINED
Depending on the Product or Service we are providing to you, your Personal Information may be collected, used, processed, disclosed, and transferred to and within the United States and other countries where we have facilities or in which we engage service providers. By using our Online Systems, Services, you understand that your Personal Information may be transferred to countries outside of your country of residence, which may have different data protection rules than your country.
- Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en).
- For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission, to protect your Personal Information. You may obtain a copy of these measures by contacting the Privacy Office at firstname.lastname@example.org.
Inforom Consultancy Services has reasonable organizational, technical, and administrative measures in place to protect against the loss, misuse, and alteration of Personal Information about users of the Online Systems which is under our control. Unfortunately, however, no security system, or system of transmitting information over the Internet can be guaranteed to be 100% secure.
- If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised or your user credentials are no longer secure), please immediately notify us of the problem by contacting us as described in the “Questions” section below.
We retain your Personal Information for as long as needed or permitted considering the purpose(s) for which it was obtained. We keep the personal information that we obtain about you during the recruitment process for no longer than is necessary for the purposes for which it is processed. How long we keep personal information will depend on whether we are successful in placing you with a client and the nature of the information concerned.
Different laws require us to keep different data for different periods of time. The Conduct of Employment Agencies and Employment Businesses Regulations 2003, require us to keep work-seeker records for at least one year from (a) the date of their creation or (b) after the date on which we last provide you with work-finding services.
We must also keep payroll records, holiday pay, sick pay and pensions auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security and tax legislation. We have built our retention policy around these regulations and with our customers in mind.
The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you or our client (e.g., for as long as you have an account with us or keep using the Services),
- A period beyond the time of the ongoing relationship if we have a legitimate internal operations need, such as a need to retain such information for analysis, record-keeping and compliance with data retention schedules,
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period before we can delete them), or
- Whether retention is advisable considering our legal position (such as regarding applicable statutes of limitations, litigation or regulatory investigations).
If there is a clear business reason for keeping recruitment records for a significant period of time, we will do so but will first consider whether the records can be pseudonymised, and the longer period for which they will be kept.
Your have the right to correct and access your information and to ask for it to be erased. Please contact Inforom at email@example.com if you would like to correct or request access to information that we hold relating to you or if you have questions about this notice. You also have the right to ask for information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
LINKS TO OTHER WEBSITES
This Policy does not address, and we are not responsible for, the privacy, information, or other practices of any other third parties.
- On the Online Systems, you may have the opportunity to follow a link from or to other websites maintained by Inforom Consultancy Services affiliates, or other third parties. The inclusion of a link on our Online Systems does not imply our endorsement of the linked site. Because these other websites may not be hosted or controlled by Inforom Consultancy Services, this Policy does not address the privacy practices of those websites. We encourage you to review the privacy policies of each of those websites.
- Please note that we are not responsible for the collection, usage, and disclosure policies and practices (including the data security practices) of other organizations, such as LinkedIn, Facebook, Apple, Google, Microsoft or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personal Information you disclose to other organizations through or in connection with the Apps or our Social Media Pages.
UPDATES TO THIS POLICY
Inforom Consultancy Services reviews its privacy practices regularly, and those practices are subject to change. You can determine when this Policy was last revised by checking the “Revised Date” legend at the bottom of the Policy. Any changes to the Policy will become effective upon posting of the revised Policy on the Internet, accessible through the Site.
USE OF ONLINE SYSTEMS BY CHILDREN
The Online Systems are not directed to individuals under the age of sixteen (16), and we request that these individuals do not provide their personal information through the Online Systems.
SUMMARIES OF POLICY
This Policy is the sole authorized statement of Inforom Consultancy Services ’s practices with respect to the online collection of Personal Information through the Online Systems and the usage of Personal Information. Any summaries of this Policy generated by third party software or otherwise (for example, in connection with the “Platform for Privacy Preferences” or “P3P”) have no legal effect, are in no way binding upon Inforom Consultancy Services, cannot be relied upon in substitute for this Policy, and neither supersede nor modify this Policy.
Inforom Consultancy Service is responsible for collection, use, and disclosure of your Personal Information under this Policy.
Questions regarding this Policy should be directed to Inforom Consultancy Services at firstname.lastname@example.org. We hope that we can resolve any query or concern you raise about our use of your information, please contact us at email@example.com . If we are unable to resolve your concerns, please contact the Information Commissioner at https://ico.org.uk/concerns/ for further information about your rights and how to make a formal complaint.
ADDITIONAL INFORMATION REGARDING THE EEA
You may contact us at firstname.lastname@example.org with any questions about this Policy.
This document is valid as of 10/06/2019
The owner of this document is the Privacy Officer, who checks and, if necessary, update the document at least once a year.
Compliance and Privacy Officer