Privacy Policy

Privacy Policy

Privacy Policy

Last Updated: [Date] 08th June 2023

This Privacy Policy outlines how MPLOYEDIN UK LTD (referred to as "we," "us," or "our") collects, uses, discloses, and protects personal data when you use our website at mployedin.com (referred to as the "Website"). We are committed to protecting your privacy and ensuring that your personal data is handled in accordance with applicable data protection laws and regulations in the United Kingdom, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Please read this Privacy Policy carefully to understand our practices regarding your personal data and how we will treat it. By using our website, you acknowledge and agree to the practices described in this Privacy Policy.

  1. Information We Collect

1.1 Personal Data:

We collect and process the following types of personal data when you use our website:

  • Contact Information: Name, email address, phone number, and postal address.
  • Professional Information: Job title, employment history, education, and skills.
  • User Account Information: Username, password, and profile information.
  • CVs/Resumes and Cover Letters: Information contained in the documents you upload or submit to our Website.
  • Communication Data: Information you provide when contacting us, such as inquiries or feedback.

1.2 Automatically Collected Information:

When you access or use our website, we automatically collect certain information about your device, browsing actions, and usage patterns. This information may include your IP address, browser type, operating system, referring URLs, pages visited, and the duration and timestamp of your visits.

  1. Use of Personal Data

We use the personal data we collect for the following purposes:

  • Facilitating Job Searches: Matching job seekers with relevant job listings based on their qualifications, skills, and preferences.
  • Recruitment Services: Assisting employers in finding suitable candidates for their job openings.
  • Communication: Responding to inquiries, providing support, and sending important notices related to our services.
  • Improving and Personalizing User Experience: Analyzing usage patterns, conducting research, and enhancing our services, content, and features.
  • Legal Compliance: Complying with legal obligations and enforcing our terms and conditions.

  1. Legal Basis for Processing

We rely on the following legal bases for processing personal data:

  • Performance of a Contract: Processing personal data to fulfill our contractual obligations, such as providing job search and recruitment services.
  • Legitimate Interests: Processing personal data based on our legitimate interests, such as improving our services, preventing fraud, and ensuring the security of our Website.
  • Consent: Obtaining your consent before processing personal data for specific purposes, such as sending promotional communications or sharing data with third parties.

  1. Sharing of Personal Data

We may share personal data with the following parties:

  • Employers and Job Seekers: Sharing personal data between employers and job seekers as part of the recruitment process.
  • Service Providers: Engaging third-party service providers who assist us in operating our Website and providing our services, subject to appropriate data protection agreements.
  • Legal Requirements: Disclosing personal data if required by law or in response to valid requests from public authorities.
  • Business Transfers: Sharing personal data in connection with a merger, acquisition, or sale of all or a portion of our business assets.

  1. International Data Transfers

We may transfer personal data to countries outside the United Kingdom or the European Economic Area (EEA). In such cases, we will ensure appropriate safeguards are in place to protect your personal data, such as using standard contractual clauses approved by the European Commission.

  1. Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. The retention period may vary depending on the type of data


Consent Forms

Last Updated: [Date] 07th June 2023

This Consent Forms document outlines the consent requirements and procedures implemented by MPLOYEDIN UK LTD (referred to as "we," "us," or "our") in accordance with applicable laws and regulations in the United Kingdom, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.


Consent for Data Processing

1.1 Purpose of Consent

We may collect and process personal data for various purposes, such as providing our job portal services, improving the user experience, and complying with legal obligations. We obtain consent from individuals before processing their personal data, except where another legal basis for processing applies.


1.2 Voluntary Nature of Consent

Consent is voluntary, and individuals have the right to refuse or withdraw consent at any time without any negative consequences. However, please note that withdrawing consent may affect our ability to provide certain services.


1.3 Informed Consent

We ensure that individuals provide informed consent by providing clear and concise information about the purposes and methods of data processing, the categories of personal data collected, and any third parties with whom the data may be shared.


1.4 Obtaining Consent

We obtain consent through explicit actions, such as ticking a box or clicking a button, that clearly indicate the individual's agreement to the processing of their personal data. We do not use pre-ticked boxes or assume consent from silence or inactivity.


1.5 Revoking Consent

Individuals have the right to revoke their consent at any time by contacting us using the information provided below. We will promptly act upon any revocation request and cease the processing of personal data, except where another legal basis for processing applies.



Consent for Direct Marketing

2.1 Direct Marketing Communications

We may send direct marketing communications, such as newsletters or promotional offers, to individuals who have provided their consent. Direct marketing communications will be tailored to the individual's preferences, and individuals can choose the types of communications they wish to receive.


2.2 Opt-out Mechanism

We provide an easy and accessible opt-out mechanism in every direct marketing communication. Individuals can unsubscribe from receiving further marketing communications by following the instructions provided or by contacting us using the information below.


Contact Information

If you have any questions, concerns, or wish to exercise your rights regarding consent, please contact us at:


MPLOYEDIN UK LTD

[Address]
MPLOYEDIN UK LTD X2
GREENLEAF WALK SOUTHALL,
UB1 1FR

[Email]

support@mployedin.com


We are committed to respecting your rights and ensuring compliance with applicable data protection laws and regulations.


Updates to the Consent Forms

We may update these Consent Forms from time to time to reflect changes in our data processing practices or in applicable laws and regulations. Any updates will be posted on our website, and the "Last Updated" date will be revised accordingly. We encourage you to review these Consent Forms periodically for any changes.


By providing your consent or using our services, you acknowledge and agree to the terms of these Consent Forms.


Data Breach Response Plan

Last Updated: [Date] 09th June 2023


This Data Breach Response Plan outlines the procedures to be followed by MPLOYEDIN UK LTD (referred to as "we," "us," or "our") in the event of a data breach. This plan is designed to comply with applicable laws and regulations in the United Kingdom, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.


Data Breach Identification and Reporting

1.1 Detection and Initial Assessment

Any employee who suspects or becomes aware of a potential data breach must immediately report it to the designated Data Protection Officer (DPO) or the relevant department responsible for data protection.


1.2 Investigation and Assessment

Upon receiving a report of a potential data breach, the DPO or the designated team will promptly investigate the incident to assess the nature, scope, and severity of the breach. This may involve gathering information, conducting technical analysis, and collaborating with relevant stakeholders.


1.3 Notification Obligations

If the data breach is likely to result in a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority, the Information Commissioner's Office (ICO), without undue delay and, where feasible, within 72 hours of becoming aware of the breach. The notification will include details of the breach, the affected individuals, and any mitigating actions taken.


1.4 Communication with Affected Individuals

In cases where the data breach is likely to result in a high risk to the rights and freedoms of individuals, we will also communicate directly with the affected individuals, providing clear and timely information about the breach, the potential risks, and any recommended actions they should take to protect themselves.


Mitigation and Response

2.1 Containment and Recovery

Upon confirming a data breach, we will take immediate steps to contain and minimize the impact of the breach. This may include isolating affected systems, disabling compromised accounts, or implementing additional security measures to prevent further unauthorized access.


2.2 Documentation and Evidence Preservation

We will maintain accurate records of the data breach, including the date and time of the breach, the nature of the incident, the affected data subjects, and the actions taken to address the breach. These records will serve as evidence of compliance and may be required for reporting purposes.


2.3 Remediation and Preventive Measures

After addressing the immediate impact of the data breach, we will conduct a thorough review of our security measures and implement any necessary remedial actions to prevent similar incidents in the future. This may involve revising security protocols, providing additional training to employees, or updating systems and safeguards.


Communication and Notification

3.1 Internal Communication

We will ensure timely and appropriate communication within our organization, informing relevant stakeholders, such as senior management, legal advisors, and IT teams, about the data breach and the actions being taken to respond to it.


3.2 External Communication

We will coordinate external communication efforts in compliance with legal requirements. This includes notifying the ICO, affected individuals, and any other relevant parties, such as law enforcement agencies or third-party service providers, as necessary.


Documentation and Review

We will maintain comprehensive documentation of all data breaches, response actions, and notifications. This documentation will be regularly reviewed and updated to reflect changes in our data breach response procedures, regulatory requirements, and best practices.


Training and Awareness

We will provide regular training and awareness programs to employees to ensure they understand their roles and responsibilities in detecting, reporting, and responding to data breaches. This training will encompass information on the importance of data protection, security protocols, and incident response procedures.


Contact Information

In the event of a data breach or if you have any questions or concerns regarding this Data Breach Response Plan, please contact:


Data Subject Rights Policy

Last Updated: [Date] 09th June 2023


This Data Subject Rights Policy outlines how MPLOYEDIN UK LTD (referred to as "we," "us," or "our") handles data subject rights in accordance with applicable data protection laws and regulations in the United Kingdom, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. This policy applies to individuals who are data subjects whose personal data is processed by us through our website at mployedin.com (referred to as the "Website").


Data Subject Rights

As a data subject, you have certain rights regarding your personal data. These rights include:


1.1 Right to Access:

You have the right to request access to the personal data we hold about you. Upon receiving a valid request, we will provide you with a copy of your personal data in a commonly used electronic format, unless otherwise requested.


1.2 Right to Rectification:

If you believe that the personal data we hold about you is inaccurate or incomplete, you have the right to request the correction or updating of your personal data.


1.3 Right to Erasure:

Under certain circumstances, you have the right to request the erasure of your personal data. This right applies when your personal data is no longer necessary for the purposes for which it was collected or when you withdraw your consent (where applicable) and there is no other legal ground for processing.


1.4 Right to Restriction of Processing:

You have the right to request the restriction of the processing of your personal data in certain situations. This means we will store your personal data but not process it further, except in limited circumstances.


1.5 Right to Data Portability:

You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to request that we transmit this data to another data controller, where technically feasible.


1.6 Right to Object:

You have the right to object to the processing of your personal data in certain circumstances, such as for direct marketing purposes or when processing is based on legitimate interests.



1.7 Right to Withdraw Consent:

If we rely on your consent as the legal basis for processing your personal data, you have the right to withdraw your consent at any time. Please note that withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.


Exercising Your Data Subject Rights

To exercise your data subject rights, please submit a written request to us using the contact details provided below. We will respond to your request without undue delay and within one month, unless an extension is permitted under applicable law.


To verify your identity and ensure the security of your personal data, we may request additional information from you. In certain cases, we may not be able to fulfill your request if it infringes on the rights of others or if there are legal obligations or legitimate interests that override your request.


Contact Us

If you have any questions or would like to exercise your data subject rights, please contact us at:


MPLOYEDIN UK LTD

[Address]
MPLOYEDIN UK LTD X2
GREENLEAF WALK SOUTHALL,
UB1 1FR

[Email]

support@mployedin.com


We are committed to addressing your inquiries and requests regarding your personal data in a timely and transparent manner.


Updates to this Data Subject Rights Policy

We may update this Data Subject Rights Policy from time to time to reflect changes in our data processing practices or in applicable laws and regulations. Any updates will be posted on this page, and the "Last Updated" date will be revised accordingly. We encourage you to review this policy periodically for any changes.


By using our website, you acknowledge and agree to the terms of this Data Subject Rights Policy.