<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=723012&amp;fmt=gif">
http://cdn2.hubspot.net/hubfs/441864/heros/Solutions_Layered.jpg

EU PRIVACY POLICY

WILSONCTS – EMEA PRIVACY POLICY

 

1 ABOUT THIS PRIVACY POLICY-

(A) Why we have a privacy policy Your individual privacy is important to us and this Privacy Policy is an overview to explain how we process (collect, use and hold) personal data (any information that identifies, or could reasonably be used to identify you). Please read through the policy carefully and if you have any queries please email privacy@wilsoncts.com or look at the contact us information below.

We also use cookies on our website - see our separate Cookie Policy.

(B) Who this privacy policy applies to This Privacy Policy applies to “you” our clients, business partners, candidates, anyone using our website (“users”), suppliers and any other third parties with whom we may work or to whom we supply our services, including recruitment. We have a separate Privacy Policy for our employees, which is provided to the employee and accessible to them on our intranet.

It applies to any EU citizen’s personal data

● when we are collecting, using, holding, and processing personal data of individuals who are in the European Union regardless of location

(C) Important information about our global websites We are a global organisation and not all of our websites have the same privacy policy so please read the privacy policy on each of our websites that you visit.

We are a global organisation with different websites for the different countries that we operate in. Since we aim to comply with the legal requirements of each individual country it means that there may be differences in the Privacy Policies on each website. We’ll try and make this clear by including the country name in the policy title (for example EEA Privacy Policy for the policy that covers data processing in the EEA or when we process EEA residents' personal data) but it is important for you to read the privacy policy of each website you visit and not assume that we have one privacy policy which applies to all our websites.

(D) Changes to this Privacy Policy – latest version We regularly review our Privacy Policy and data protection information. This Privacy Policy was last updated on 18th of December 2018.

2 WHO ARE WE?

“We” are Wilson Contingent Talent Solutions, Inc. d/b/a WilsonCTS, and its subsidiaries (herein after referred to as “WilsonCTS” or “us”). We provide contingent staffing, permanent placement, temp-to-perm and blended talent solutions..

Our company and our subsidiaries are:

United States

  • Wilson Human Capital Group, Inc.

  • Wilson Worldwide, LLC dba WilsonCTS

Canada

  • Wilson Contingent Talent Solutions, Inc.

  • WilsonHCG Canada Inc.

EMEA

  • WilsonHCG-EMEA Limited

  • WilsonHCG Poland Sp.zo.o

  • WilsonHCG Ireland Limited

  • WilsonHCG Hong Kong Limited

3 CONTACT US ABOUT PERSONAL DATA AND DATA PROTECTION DATA CONTROLLER

Your information is ultimately controlled by Wilson Contingent Talent Solutions, Inc., a company registered in Delaware, USA with registered number 5370276 whose registered office is at: 2711 Centerville Road, Suite 400, Wilmington, Delaware 19808. Our corporate office is located at: 400 North Ashley Dr., Suite 3000, Tampa, Florida 33602.

The person responsible for our data protection is Mr Gary Cook. By Mail: Attn: Mr Gary Cook Wilson Contingent Talent Solutions, Inc. 400 N. Ashley Drive Suite 3000 Tampa, Florida 33602

By Email: privacy@wilsoncts.com

We value your opinions and feedback so if you have any questions, comments or concerns regarding our Privacy Policy or data protection, please contact us at the address above.

4 OUR WEBSITE AND SERVICES ARE NOT INTENDED FOR ANYONE WHO IS UNDER 13 YEARS OLD

Our services and websites are not for children (anyone under 13 years old) and so we won’t deliberately collect, use and hold (process) any child’s personal information. If you are under 13 years old, please do not send us your personal information (anything which could tell us who you are, such as your name, address or email address). If you would like to use the website or ask us a question, please ask your parent or legal guardian to do this for you.

5 HOW WE COLLECT PERSONAL DATA

(A) What personal data do we collect and use (process)? Personal data is any information that identifies, or could reasonably be used to identify you and some of that personal data may be special category data (more sensitive data). We collect your personal data both directly and indirectly. To find out more about the types of personal data we collect and use and how we collect it see below.

We collect personal data both

● Directly – when you contact us, choose to provide information to us (for example you complete and submit a website form), use our services or provide products and services to us, engage with us on social media or, as a candidate, submit your CV/resume, attend an industry event, interview or take part in any psychological or medical assessment

● Indirectly – we may collect information from publicly available information relating to your job title, education and employment such as registration with professional bodies, qualifications and commercially available sources, for example from social media sites such as LinkedIn, public job boards, trade organizations, trade events, advertisements, B2B contact database, or other public sources

Consent or other legal basis will always be obtained in order to process the information from any of these sources.

The personal data we collect and use includes:

● Contact details (particularly name, company/employer name, address, telephone number and email address)

● Demographic data

● Occupational data

● Candidate recruitment data for job opportunities including role, skill set, education, experience, work history and any other data required in the recruitment process

● Identification information (including job title, place of employment, experience and or skill set)

● Personal information obtained through submission of a job application on our site, CV, resume or transcripts, and any supporting documentation attached to your resume such as copies of certificates and diplomas

● Information obtained while conducting a phone interview, video interview, in-person interview, or interview through one of our third party interview and recruitment service providers

● Reference check information, such as a verification of your educational and professional background, and other relevant information subject to WilsonCTS policies and applicable laws

● Billing information for payment for suppliers (particularly bank account numbers and information and tax information for payments, deposits or other pre-approved financial transactions)

Where appropriate and lawful, some of the personal data requested may be special category data, for example, which is personal data about an individual’s race; ethnic origin; politics; religion; trade union membership; health; sex life; sexual orientation; genetics and biometrics (where it is used for ID purposes). Should special category data be requested, expressed written consent shall be required and obtained prior to processing.

(B) What happens if you don’t want to give us your personal data? If you do not supply us with personal data, then in some circumstances we may be unable to offer our complete services to you. For example, if you are a candidate and do not want to give us any of your contact details then we will be unable to contact you to discuss your requirements.

6 HOW WE USE PERSONAL DATA

We collect and use personal information in a variety of ways. To find out more see below.

Our use of personal data may include

● Share within our internal teams and with our clients for recruitment purposes

● Communicate with you, including to let you know about important changes and or notifying you of content published by WilsonCTS which is likely to be relevant and useful to you

● Assess your ability and suitability for the employment position/s you are interested in if you are a candidate

● Provide our services to you as and when you ask us and to fulfil our contractual obligations to you (for example, supplying candidate data to prospective employers)

● Fulfil our contractual obligations to suppliers ● Ask third parties to provide services to us including professional advisors, IT (including cloud providers), marketing, recruiting and interviewing software or services, and outsourced services to help run our business properly and efficiently

● Market to you on industry specific content, provided that you consent to this

● Comply with regulations and legislation

● Resolve complaints and issues and establish and defend our legal rights or manage insurance claims in which you are involved

● Manage our business properly and efficiently

7 THE LEGAL BASIS OF PROCESSING YOUR PERSONAL DATA

We will only process (collect, use or store) your personal data when we have a lawful basis for doing so and there are several lawful basis which we rely on. To find out more see below.

Consent - Most data is provided with your express consent which you give us when you provide the data to us. You can withdraw your consent at any time by emailing privacy@wilsoncts.com. If consent is the only basis for lawfully processing your data then once you have withdrawn your consent, we will no longer process it.

Contractual obligations - Some processing is necessary to fulfil a contract that we have with you. For example when we provide our recruitment services to candidates we agree to send a CV/resume to prospective employers.

Legitimate Interest - Sometimes we will process your data when

● It is in our legitimate interests to do this

● These interests are not overridden by your data protection rights

Our legitimate interests include:

● Supplying services to our clients and candidates

● Making sure that are services are secure and operate effectively

● Fulfilling our obligations, including to employees, clients, candidates and shareholders

● Protecting our employees, clients and candidates

● Protecting and promoting our business

● Improving our services and our business

Legal obligation - Sometimes we will process your data when we must comply with our legal and regulatory responsibilities such as preventing, investigating and detecting crime, including helping law enforcement agencies.

8 DATA RETENTION

HOW LONG DO WE KEEP PERSONAL DATA FOR? Unless you specifically ask us not to, we will only keep your personal data for as long as it is

● Necessary for the purposes for which the personal data are processed

● To enable us to comply with our legal obligations, for example for tax purposes


Please refer to our data retention policy and timelines, which are dependent on the nature of our relationship with you. you can request the policy for your region at privacy@wilsoncts.com.


Data Subject How long personal information/data is kept

Potential Clients We will retain personal information for the length of time you have consented to, i.e. 2 years from the date of the last time contact with us. Clients We will retain personal information for 7 years from the date that you ceased to be a client or based upon the legal requirements of your region as specified in the retention policy, whichever is longer. Potential Candidates who are not placed in employment using our services

We will retain personal information for 2 years from the date of the last consent or based upon consented duration if otherwise.

Candidates placed in employment using our services

We will retain personal information for 7 years from the date that you ceased to be an employee or the legal requirements of your region as specified in the retention policy, whichever is longer.

Potential Suppliers We will retain personal information for 6 months from the date of the

last contact or as provided in the consent form if otherwise. Suppliers We will retain personal information for 7 years from the date that you ceased to be a supplier or based upon the legal requirements of your region as specified in the retention policy, whichever is longer.


9 YOUR PERSONAL DATA RIGHTS

In addition to the right to receive information contained in this Privacy Policy, the law gives you certain rights in relation to your personal data and you can exercise these rights by emailing us at privacy@wilsoncts.com. Alternatively, you can write to us by mail see Contact Us About Personal Data and Data Protection.

You have the following rights:

● Access to your personal data

● Rectify your personal data

● Erasure of your personal data

● Restriction of processing of your personal data

● Data Portability

● Object to processing your personal data


To find out more about any particular right, please click on that that right in the list above.

We will deal with your request as soon as we are able and usually within one month of receiving it. If there is going to be a delay (which could be up to 3 months) in dealing with your request or there is a reason why we can’t comply with your request we will let you know and explain why within one month of receiving your request.

You also have the right to lodge any data protection complaints with the Information Commissioner's Office (ICO) who is the UK’s supervisory authority – see the Complaints and Dispute Resolution section below.

(A) Your Right to Access Your Personal Data You have the right to see the personal information we hold about you – this is sometimes referred to as a Data Subject Access Request.

You can request a copy of any other personal information that we hold by emailing us at privacy@wilsoncts.com. In some circumstances, we will try to help you with this over the telephone but we will need to confirm your identity.

If you ask to see your personal data we will:

● Confirm whether we hold your personal data and how long the data will be kept for (or how we will decide how long to keep it)

● If you did not give us your personal data, we will tell you where we got it from (the source)

● Describe the information we hold and tell you why we are holding it

● Tell you who it could be shared with

● Provide you with a copy of that information

Unless the request is considered to be excessive because you have made repetitive requests, there is no charge for this information. If we intend to charge we will let you know what the cost will be before we comply with your request.

(B) Your Right to Rectification If we do hold personal information about you, you can ask us to correct or amend any inaccurate or incomplete information by emailing us at privacy@wilsoncts.com. Alternatively, you can write to us by mail see Contact Us About Personal Data and Data Protection.

Once you have told us about the changes then within one month of you asking us to do so we will either make the changes or explain why we are unable to. If there is going to be a delay we will let you know and explain why.

Where your personal data has been disclosed to any third parties, we will tell

● You who those third parties are, where appropriate

● The third parties about the rectification, where possible

(C) Your Right To Erasure – to be Forgotten In certain circumstances, you have a right to erasure (to remove your personal data from our database and the database of third parties) by emailing us at privacy@wilsoncts.com. Alternatively, you can write to us by mail see Contact Us About Personal Data and Data Protection. Find out more about the process below.

Notwithstanding any overriding exceptions, the right to erasure applies where:

● Your personal data is no longer necessary for the purposes it was originally collected or processed

● The lawful basis of processing your data is consent and you withdraw your consent

● You object to the processing and there are no reasons (overriding legitimate grounds) for continuing processing

● Your personal data has been unlawfully processed

● Your personal data has to be erased to comply with a legal obligation

Where your personal data has been disclosed to any third parties, we will tell

● You who those third parties are, where appropriate and

● The third parties about the exercise of your right, where possible

(D) Your Right to Restrict Processing In certain circumstances, you can ask us to restrict (suppress) or “block” processing of your personal data by emailing us at privacy@wilsoncts.com. Alternatively, you can write to us by mail see Contact Us About Personal Data and Data Protection. Find out more about the process below.

You can ask us to restrict processing in the following circumstances:

● Where you do not think that your personal data is accurate and you want processing restricted whilst we check its accuracy

● You believe that processing is unlawful but you do not want to exercise your right to erasure and want us to restrict processing instead

● We no longer need to process your personal data but you need it in connection with a legal claim

● We are processing personal data on the basis of a legitimate interest and you want processing restricted whilst we check that we can do so (i.e. whether our legitimate grounds override yours)


It means that we can:

● Still store the data and retain sufficient (just enough) information about you as an individual to ensure that the restriction is respected in future

● Not further process it.

If we decide to lift a restriction on processing, then we will let you know.

Where your personal data has been disclosed to any third parties, we will tell

● The third parties about the restriction, unless it involves disproportionate effort or is impossible and

● You who those third parties are, if you ask us to

(E) Your Right to Data Portability In certain circumstances, if we process your personal data by automated means you can ask us for that data, so that you can reuse your personal data for your own purposes across different services, by emailing us at privacy@wilsoncts.com. Alternatively, you can write to us by mail see Contact Us About Personal Data and Data Protection. Find out more about the process below.

This right is so you can obtain and move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, but the right only applies:

● To personal data which you provided to us

● Where the processing is based on your consent or for the performance of a contract

● When processing is carried out by automated means

If this right applies to you we will provide your personal data

● Free of charge

● In a structured, commonly used and machine-readable form

● By transmitting data directly to another organisation, if this is technically feasible and if you ask us to

Once you have contacted us about this right then within one month of you asking us to do so we will either provide you with the data or explain why we can’t. If there is going to be a delay we will let you know and explain why and let you know who you can complain to, should you wish to.

(F) Your Right to Object to us Processing Your Personal Data You have a right to object to certain types of processing of your personal data where it is:

● Based on legitimate interests

● For direct marketing

● For scientific/historical research and statistics.

You can object by emailing us at privacy@wilsoncts.com. Alternatively, you can write to us by mail see Contact Us About Personal Data and Data Protection.

Unless certain exemptions apply (such as there are compelling legitimate grounds or the processing relates to a legal claim and we tell you about this) we will stop processing your personal data.

10 WHO DO WE SHARE YOUR DATA WITH?

When you provide personal data to an individual at WilsonCTS (for example a recruiter) you are providing that information to our whole organisation. In addition, we share your personal data with various third parties depending upon your relationship to our company.

Where necessary, your personal data may be shared with various third parties including:

● Our third-party agents who provide services to us i.e. independent contractors – you can obtain any third party agents we shared your personal data with by request a copy of any agents we share your data with at privacy@wilsoncts.com

● Service providers who perform functions on our behalf i.e. payroll, benefits, insurance, and other administrative services - you can obtain the suppliers we share your data with by request at privacy@wilsoncts.com

● Vendors, consultants, and other third party service providers to assist us in providing services on our behalf, including to support us in areas such as recruiting and reviewing responses to job advertisements, managing résumé/C.V. data, interviewing, IT platform management or support services, infrastructure and application services, marketing, data analytics, skills and assessments training - you can obtain the vendors we share your data with by request at privacy@wilsoncts.com

● Third-party data storage providers who process data on our behalf i.e. email and storage provider, applicant tracking system - you can obtain the third party data storage providers we share your data with by request at privacy@wilsoncts.com

● Potential and active clients we provide recruitment services for, and to match the professional profile we have stored of our candidates in our database to any positions we have been asked to fulfill by any of our clients, and including any related administrative use such as invoicing - you can obtain the clients we share your data with by request at privacy@wilsoncts.com

● Public authorities who make a lawful request, including to meet national security or law enforcement requirements

If you wish to obtain further information please contact Mr Gary Cook.

By Mail: Attn: Mr Gary Cook, Wilson Contingent Talent Solutions, Inc. 400 N. Ashley Drive Suite 3000 Tampa, Florida 33602

By Email: privacy@wilsoncts.com

We have written agreements with those third parties to ensure that they

● provide the same level of protection that the law requires, including where applicable as the Privacy Shield requires - see our Security section and

● transfer the minimum data necessary and anonymise data wherever reasonably possible

● limit their use of the data to the specified services they provide on our behalf

● process data on our behalf in accordance with our joint legal obligations

11 TRANSFERRING PERSONAL DATA OUTSIDE THE EU

We do transfer some data outside the EU since your information is ultimately controlled by Wilson Contingent Talent Solutions, Inc., a company registered and based in the USA, but we have procedural and technical safeguards to protect the privacy of your data and to comply with the law. For more information, see below.

WilsonCTS complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. WilsonCTS has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. The Federal Trade Commission has jurisdiction over WilsonCTS’ compliance with the Privacy Shield.

12 SECURITY OF YOUR PERSONAL INFORMATION

We have implemented technology, security policies and measures to protect the personal information that we have under our control from unauthorised access, improper use, alteration, unlawful or accidental destruction and accidental loss. To find out more, see below.

This includes

● Storing personal data in our internal systems (such as client relationship management (CRM) and talent acquisition software (TAS) applications) on secure servers that are not accessible by third parties

● Adhering to the Privacy Shield Principles where personal data is transferred from the European Union to the United States – see our Transferring Personal Data Outside the EU section

● Providing internal policies, procedures and training about data protection to our employees

● Restricting access and requiring that all our employees and others who have access to or are associated with processing of your personal information to sign company confidentiality agreements. Failure to meet these obligations is dealt with under our disciplinary procedure and may result in termination of employment

● Encrypting many of our services using Secure Sockets Layer (SSL)

● Regular reviews of the way we process data in line with our data protection policies

13 EXTERNAL WEBSITE LINKS AND SOCIAL MEDIA

Our websites may contain links to and from websites or platforms which are operated by others (third parties). We are not responsible for those websites and do not recommend or endorse them. You should read the privacy policy and terms and conditions of any of those websites which you visit and raise any queries directly with the website owner/operator.

14 NON-PERSONAL INFORMATION

We also collect information which does not identify you (non-personal information). This includes the type of internet browser you use or the website from which you linked to our website.

We may also aggregate information which you have submitted to us (for example, your age and the town where you live) which is anonymous - you cannot be identified from this information. We share this aggregate information with third parties (for example to provide salary averages) to help us provide an effective service on our website.

15 THIS WEBSITE USES GOOGLE ADWORDS

Our website uses the Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. Find more information below.

Using Google AdWords means that we can advertise to previous visitors who have begun but not completed an action on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party sellers, including Google, use cookies to serve ads based on someone’s past visits to our website. Of course, any data collected will be used in accordance with our own privacy policy and Google’s privacy policies (you can find Google’s Privacy policy here www.google.co.uk/intl/en/policies/privacy/).

16 COMPLAINTS AND DISPUTE RESOLUTION

In compliance with the Privacy Shield Principles, WilsonCTS commits to resolve complaints about our collection or use of your personal information. European Union individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at:

If you have a complaint please contact Mr Gary Cook:

By Mail: Mr Gary Cook, Wilson Contingent Talent Solutions, Inc. 400 N. Ashley Drive Suite 3000 Tampa, Florida 33602

By Email: privacy@wilsoncts.com

WilsonCTS has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit JAMS for more information or to file a complaint at:

By visiting the website: https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim

By Mail: JAMS 620 Eighth Ave. 34th Floor New York, NY 10018

The services of JAMS are provided at no cost to you.

An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Contacting the Information Commissioner's Office You also have the right to lodge any data protection complaints with the Information Commissioner's Office (ICO) who is the UK’s supervisory authority. Visit www.ico.org.uk for more information including how to access their helpline. If you are a resident in another EEA country, you can contact the supervisory body appointed in that country. A list of the relevant supervisory bodies, can be found here:  

National Data Protection Authorities (as at the 7 March 2018)

Austria

Österreichische Datenschutzbehörde

Website: http://www.dsb.gv.at/

Belgium

Commission de la protection de la vie privée Commissie voor de bescherming van de persoonlijke levenssfeer

Website: http://www.privacycommission.be/

Bulgaria

Commission for Personal Data Protection

Website: http://www.cpdp.bg/

Croatia

Croatian Personal Data Protection Agency

Website: http://www.azop.hr/

Cyprus

Commissioner for Personal Data Protection

Website: http://www.dataprotection.gov.cy/

Czech Republic

The Office for Personal Data Protection

Website: http://www.uoou.cz/

Denmark

Website: http://www.datatilsynet.dk/

Estonia

Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)

Website: http://www.aki.ee/en

Finland

Office of the Data Protection Ombudsman

Website: http://www.tietosuoja.fi/en/

France

Commission Nationale de l'Informatique et des Libertés - CNIL

Website: http://www.cnil.fr/

Germany

Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit

Website: http://www.bfdi.bund.de/

For complaints authorities see also

https://www.bfdi.bund.de/bfdi_wiki/index.php/Aufsichtsbeh%C3%B6rden_und_Landesdatenschutz   

Greece

Hellenic Data Protection Authority

Website: http://www.dpa.gr/

Hungary

National Authority for Data Protection and Freedom of Information

Website: http://www.naih.hu/

Ireland

Data Protection Commissioner

Website: http://www.dataprotection.ie/

Italy

Garante per la protezione dei dati personali

Website: http://www.garanteprivacy.it/

Latvia

Data State Inspectorate

Website: http://www.dvi.gov.lv/

Lithuania

State Data Protection

Website: http://www.ada.lt/

Luxembourg

Commission Nationale pour la Protection des Données

Website: http://www.cnpd.lu/

Malta

Office of the Data Protection Commissioner

Website: http://www.dataprotection.gov.mt/

Netherlands

Autoriteit Persoonsgegevens

Website: https://autoriteitpersoonsgegevens.nl/nl

Poland

The Bureau of the Inspector General for the Protection of Personal Data

Website: http://www.giodo.gov.pl/

Portugal

Comissão Nacional de Protecção de Dados - CNPD

Website: http://www.cnpd.pt/

Romana

The National Supervisory Authority for Personal Data Processing

Website: http://www.dataprotection.ro/

Slovakia

Office for Personal Data Protection of the Slovak Republic

Website: http://www.dataprotection.gov.sk/

Slovenia

Information Commissioner

Website: https://www.ip-rs.si/

Spain Agencia de Protección de Datos Website: https://www.agpd.es/

Sweden Datainspektionen Website: http://www.datainspektionen.se/

United Kingdom The Information Commissioner’s Office Website: https://ico.org.uk

EUROPEAN FREE TRADE AREA (EFTA)

Iceland

Icelandic Data Protection Agency

Website: https://www.personuvernd.is/

Liechtenstein

Data Protection Office

Website: https://www.llv.li/#/1758/datenschutzstelle

Norway

Datatilsynet

Website: https://www.datatilsynet.no/

Switzerland

Data Protection and Information Commissioner of Switzerland

Website: https://www.edoeb.admin.ch/edoeb/de/home.html