GRADSMART LTD– Privacy and Cookie Policy

Last updated October 2020

Introduction

Your privacy is important to GradSmart Ltd. This policy sets out information on the personal data we collect about you, and your rights in respect of this data. This policy applies whether you use or interact with our website (gradsmart.co.uk), and our related or associated web pages, social media platforms, landing pages or other online platforms (the “Websites” ).

Our Websites may contain links to third party websites that are not covered by policy. We therefore ask you to review the privacy statements of other websites and applications to understand their information practices.

This policy contains the following information:

Who We Are

Our company name is GRADSMART LTD (12329845). Our registered address is 28 Leopold Street, Loughborough, England, LE11 5DL. We are the data controller and responsible for your personal data. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using the contact details set out below.

Contact details
Our full details are:
Full name of legal entity: GRADSMART LTD
Contact: Jack Lam
Postal address: 28 Leopold Street, Loughborough, England, LE11 5DL
Email address: [email protected]

We respect your right to privacy and will only process personal information about you in accordance with applicable data protection laws. We comply with General Data Protection Regulation (2016/679) and the UK Data Protection Act 2018. If any of these laws are replaced or superseded, we will also comply with that.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to the privacy policy and your duty to inform us of changes

We keep this privacy notice under regular review and, if we make any changes to this notice, we will place an updated version on our website and, where appropriate, notify you by e-mail. Regularly reviewing this page ensures you are always aware of what personal information we collect, how we use it and under what circumstances, if any, we will share it with other parties.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

What we may collect

Personal data, or personal information, is any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you when you use our Websites. Whenever we collect personal data about you, we must have a legal ground to do so. We will ensure that your personal data is processed lawfully, fairly, and transparently without adversely affecting your rights. The type of data we collect is as follows:

Table 1

Type of data Purpose/Activity Lawful Basis
Identity Data includes first name, last name, username, job title, social media account, or similar identifier. When you email, phone, live chat or otherwise, we may collect information such as your first name, last name, email address and phone number. includes, job specific details including preferred location, industry and company size. includes, details regarding employment and education, such as degrees, employment history. We will use this information to carry out the contract with you and manage our relationship with you. This information is necessary for us to perform our contract with you, i.e. to give you access to the service our Website provides. This information is also necessary to comply with our legal obligation to inform you if we change this policy or our terms and conditions. We also have a legitimate interest to keep our records updated to ensure we are providing you with the best possible service.
Contact Data includes email address and telephone numbers. This information is necessary for us to perform our contract with you, i.e. to give you access to the service our Website provides. We also need this data to allow third parties (i.e. employers) to present relevant content, products and services to you.
Personality Data includes information about yourself that you input into our personality test. This information is necessary for us to perform our contract with, i.e. to give you the outcome of your personality test, which can then be used for the rest of your experience using the Website.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites. This information is necessary for us to perform our contract with you, i.e. to give you access to the service our Website provides.
Interaction Data includes any information that you might provide to any discussion forums on our websites. This information is necessary for us to perform our contract with you, i.e. to give you access to the service our Website provides. We also need this information to study how you use our Website, in order to improve and develop the services we provide, and better inform our marketing strategies.
Cookies Data to enhance your experience and gather information about visitors and visits to our websites. Please refer to the "Do we use 'cookies'?" section below for information about cookies and how we use them and what kind. This information is necessary for us to perform our contract with you, i.e. to give you access to the service our Website provides. We also need this information to study how you use our Website, in order to improve and develop the services we provide, and better inform our marketing strategies.
Third Parties and Information we receive from other sources. We may receive information about you if you use any of the other websites we operate. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on our websites or through our services. We are also working closely with third parties (including, for example, business partners, suppliers, sub-contractors, advertising networks, analytics providers, and search information providers) and may receive information about you from them. This information is necessary in order to perform a contract that you have entered into, or to take steps at your request before entering into a contract.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences. This information is necessary for our legitimate interest to present relevant content, products and services to you (only where you have provided your consent that we do so).
Analytics includes third-party analytics services (such as Google Analytics) to evaluate your use of the website, compile reports on activity, collect demographic data, analyse performance metrics, and collect and evaluate other information relating to the website and internet usage. These third parties use cookies and other technologies to help analyse and provide us the data. By accessing and using the website, you consent to the processing of data about you by these analytics providers in the manner and for the purposes set out in this Privacy Policy This information is necessary for our legitimate interest to present relevant content, products and services to you.

We may process your data for compliance with a regulatory requirement or legal obligation to which we are subject too. Your data will only be processed if processing the data to comply with such an obligation is a reasonable and appropriate way of achieving compliance.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.

Where we may collect Special Categories of Personal Data about you when we conduct our SmartGrad personality test (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data, including but not limited to your illness history) and it is necessary to do so for the services, we will obtain your specific consent, unless we have another lawful basis to do so.

Third Parties

We work with third-party partners who help us provide and improve our products and services. We, acting under a lawful basis, (as set out in section 3) may have to share your personal data (as set out in Table 1) with the following third parties (but not limited to):

In addition, we will share the results of your personality tests with graduate employers only where you have consented to us doing so. Where we do this, this personal data will then be held by these companies in accordance with their own privacy policies.

Information on cookies

We use cookies in accordance with the Privacy and Electronic Communications Regulations (implementing the EU Directive 2002/58/EC).

Cookies are small text files placed on your device when you visit our site and are used to make the user's experience more efficient. We are able to store cookies on your computer where they are necessary for the operation of the site however, for non-essential cookies we need your permission.

We use cookies to distinguish users and to improve our Website. We analyse how you use our website, and we look at aggregate statistics about your usage, and how others use our Website. We collect certain information from these cookies, and this includes information about your IP address, your location when you access the Website, the date and time you access the Website, the language you use and the type of browser you use.

We do not track individual users or use cookies to identify individuals. We use cookies to recognise you and your preferences, improve our site's performance and collect analytical information for ourselves and our business partners. Without the knowledge gained we would not be able to provide the service we do.

These are the types of cookies we use.

Session and persistent cookies can be either first or third party cookies. A first-party cookie is set by the Website being visited; a third-party cookie is set by a different website. Both types of cookie may be used by us or our business partners.

The third party cookies we use are:

All our cookies are categorised by the role they fulfil on our Website:

  1. Strictly Necessary: these are essential to enable you to move around our Website and use features such as secure services. Without these cookies such services could not be provided;
  2. Functionality: allow the website to remember your choices and to personal certain features. These cookies may beanonymised and cannot track your browsing activity on other websites; and
  3. Performance: collect information as to how users use the Website. These cookies don't collect information that identifies a visitor. The information collected is aggregated and used to improve our Website.
  4. None of the cookies employed are classified asBehavioural Targeting.

We will always ask for your consent to use non-essential cookies. You are free to withhold consent to this, but it means that we might not be able to provide the full Website experience to you.

If at any time you wish to disable our cookies, you may do so through the settings on your browser, or whenever the pop-up appears on our Website (each time you access the Website).

How we store your personal data

We store all your personal data on our servers within the United Kingdom.

If we ever need to transfer your data outside the EEA, we will ensure that we have standard contractual clauses in place with these contractors before transferring data outside the EEA, and we will conduct regular due diligence on those contractors to ensure that they comply with the General Data Protection Regulation (2016/679). 

Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Website. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We will still be responsible for protection of your personal data, even where we have transferred it outside the EEA.

We regularly review our data retention obligations to ensure we are not retaining data for longer to fulfil the purposes we collected it for, includingfor the purposes of satisfying any legal accounting, or reporting requirements.

How we disclose your information

We may disclose your information in the following cases:

We may contract with third parties to supply services to you on our behalf. These include cloud services used to send emails and technology providers that assist in providing the communication to you.

Your Legal rights

When you provide us with personal data, you have certain legal rights, and these include:

If you wish to access, rectify, erase or transfer your personal data, please contact us at [email protected]

What happens when we link to other websites

This privacy policy only relates to our Websites. We might have links on our Website to other websites, and these websites will have their own terms and conditions and privacy policies. You should check those privacy policies before providing your personal data to those websites.

Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our Website. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

The changes we may make to this policy

We can update this policy from time to time as laws change or as Websites change. If we make material changes to the policy, and we need your consent to those changes, we will contact you by email to do so.