PRIVACY STATEMENT
Who we are and what we do
Phipps Cameron Recruitment Limited takes your privacy seriously. This Privacy Statement explains who we are, the personal data we collect, how we use it, and your rights under applicable data protection laws, including the UK GDPR, EU GDPR, the Data Protection Act 2018, the Data (Use and Access) Act 2025, and certain U.S. state privacy laws.
This Statement reflects our current obligations under UK, EU and international law. Some provisions of the Data (Use and Access) Act 2025 are not yet in force, and we will update this Privacy Statement as those provisions commence and regulatory guidance is published.
1. Who We Are and How to Contact Us
Controller: Phipps Cameron Recruitment Limited
Address: Level 2, Lucent, 1 Sherwood Street, London W1F 7BL
Telephone: +44 (0) 203 757 1100
Email: dataprotection@phippscameron.com
ICO Registration Number: ZA046987
EU Representative (for EEA data subjects):
Corinna Taylor – dataprotection@phippscameron.com
Our supervisory authority is currently the Information Commissioner’s Office (ICO), which is transitioning to the Information Commission under the Data (Use and Access) Act 2025.
2. The Data We Collect
We collect and process different categories of data depending on the relationship:
Candidates & Prospective Candidates:
- Name, contact details, employment history, education, skills, salary expectations, right-to-work details, CV/profile information.
- Health information (to support workplace adjustments), diversity data (for equal opportunity monitoring), and unspent criminal convictions (where role-relevant).
- Sources: Directly from you (CVs, emails, calls), public sources (e.g., LinkedIn), referees, former employers, education providers, background check agencies.
Clients & Prospective Clients:
- Name, job title, contact details, company information, communication history, and feedback.
- Sources: Directly from you or publicly available sources (e.g., LinkedIn).
Suppliers:
- Name, contact details, business information.
Website Users:
- Information submitted via forms (e.g., name, email, CV).
- Cookies and analytics data. See our Cookie Notice: https://careers.phippscameron.com/cookie-details
3. How We Use Your Data
We process personal data for the following purposes:
- Provide recruitment services to candidates and clients.
- Match candidates to suitable roles.
- Verify qualifications and right to work.
- Manage communications, contracts, and payroll (where applicable).
- Comply with legal and regulatory requirements (UK, EU, US).
- Contact prospective candidates and clients.
- Monitor equality and diversity.
- Conduct marketing in line with consent or legitimate interests.
- Improve our website and services.
- Research/statistical purposes (e.g., salary benchmarking, diversity reporting), usually with anonymised data.
Automated Decision-Making and Profiling:
Human involvement is always part of the decision-making process. Future updates under the Data (Use and Access) Act 2025 may expand your rights in this area, and we will update this section accordingly.
4. Legal Bases for Processing
We rely on:
- Legitimate Interests – recruitment activities, business development, relationship management.
- Performance of a Contract – providing recruitment services.
- Legal Obligation – verifying right to work, compliance with employment and privacy laws.
- Consent – for marketing communications and in certain circumstances (e.g., processing special category data).
We have conducted Legitimate Interest Assessments to ensure these interests are not overridden by your fundamental rights.
5. Who We Share Your Data With
- Clients with relevant job opportunities.
- Background screening and reference providers.
- IT, CRM, and payroll service providers.
- Legal and regulatory bodies (where required).
We do not sell your personal data.
6. International Data Transfers
We operate internationally and may transfer personal data:
- Between the UK and EEA (protected by adequacy decisions).
- To the U.S. or other countries outside the UK/EEA using Standard Contractual Clauses (SCCs) or other approved mechanisms.
Future updates under the Data (Use and Access) Act 2025 may change transfer mechanisms. We will update this section if adequacy frameworks or safeguards change.
7. Data Retention
We will keep your personal data for as long as we need to in order to fulfil the purpose we collected it for, which may be an ongoing purpose. We keep some personal data for longer than others. Where we process your personal data for direct marketing purposes, we will keep it until opt-out or consent withdrawal.
8. Your Rights
Depending on where you are located, you may have the right to:
UK/EU Data Subjects:
- Access, rectify, or erase your data.
- Restrict or object to processing.
- Withdraw consent at any time.
- Data portability.
- Lodge a complaint with the ICO (UK) or your local EU data protection authority.
Future updates under the Data (Use and Access) Act 2025 may adjust subject access request rules.We will update this section once guidance is available.
U.S. Data Subjects:
Depending on your state, you may have rights to:
- Know what personal data we collect and why.
- Access or correct your information.
- Delete your information.
- Non-discrimination for exercising privacy rights.
To exercise your rights, please contact dataprotection@phippscameron.com. We will verify your identity before fulfilling requests.
9. Complaints
If you are unhappy with how we process your data, please contact us at dataprotection@phippscameron.com
You also have the right to complain to the Information Commissioner’s Office (ICO) or, in the EEA, your local data protection authority.
10. Updates to This Privacy Statement
We regularly review this notice and will update it as needed to reflect legal or operational changes, including commencement of provisions under the Data (Use and Access) Act 2025.
