DATA PROTECTION & PRIVACY POLICY
Organisational Solutions Ltd is fully committed to the Data Protection Principles established in the Data Protection Act 1988, the Data Protection (Amendment) Act 2003 and the General Data Protection Regulation (EU) 2016/679 (GDPR):
By visiting this website, you are accepting the terms of this Data Protection & Privacy Policy. Any external links to other websites are clearly identifiable and we are not responsible for the content or the privacy policies of these other websites.
Definitions:
Personal Data: any data that can directly or indirectly identify a living individual
Special Category Data: personal data consisting of information relating to: Race or ethnic origin; Political opinions; Religious beliefs or other; Trade union member status; Physical or mental health; Sexual life; The commission or alleged commission of any offence; Any proceedings for any offence committed or alleged to have been committed, the disposal of such proceedings or the sentence in court of such proceedings.
Data Subject: the individual who is the subject of the personal data collected
Candidate: the party undergoing the service by Organisational Solutions
Client: the party requesting and paying for selected service from Organisational Solutions, including recruitment agencies
“Us”, “We”, “Our”: Organisational Solutions
“You”, “Your”: the candidate
Types of Information Collected
We retain three types of information:
Non-Personal Data:
Like most websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website through Google Analytics, a highly reputable and secure software. This Non-Personal Data comprises information that cannot be used to identify or contact you, such as demographic information regarding, for example, user IP addresses where they have been clipped or anonymised, browser types and other anonymous statistical data involving the use of our website.
Personal Data:
All personal data collected from the data subject by Organisational Solutions is necessary to fulfil the service selected by the candidate or client. All data collected shall not be excessive or unnecessary to the fulfilment of the service, and will be stored for an appropriate amount of time. By necessity, we require the following data to fulfil our services: your name, address, email address, telephone number, date of birth, and IP address. Bank details will be collected for payment of service by the client. Such information is only collected if voluntarily submitted to us by the data subject.
Special Category Data:
The Special Category Data we collect includes the results of psychometric assessments, such as personality profiles, aptitude test scores, and emotional intelligence scores. The data collected from these assessments will be subject to profiling and automated decision making. Consent will be required from the candidate prior to any psychometric assessment taking place. Data collected from psychometric assessments carried out online are managed by third-party test publishers, who we have written agreements in place with to ensure all reasonable data protection measures are taken by them to secure your data. Reports sent to us from test publishers and/or stored by us in the case of onsite assessments are stored on servers in Ireland and in the Cloud where the Data Centre is based in the EEA (UK) with all reasonable security measures in place. On completion of psychometric assessments, reports are generated with the following information visible to the client:
Name of candidate (unless we are requested to keep this confidential); position applied for; written narrative of the personality profile; emotional intelligence scores and corresponding written explanation; Hogan Assessments results and explanations. Results and explanations of reasoning tests, which may include: The Watson Glaser Critical Thinking Appraisal; Raven’s Advanced Progressive Matrices; PfS or GMA Numerical Reasoning; PfS or GMA Abstract Reasoning; AH4 and AH5 Tests of Reasoning; Minnesota Clerical Checking.
During large-scale psychometric assessment exercises, Organisational Solutions may compile results into spreadsheet format for ease of reference by the client.
Should you not consent to any or all of this data being exchanged with the client on your behalf, said data shall not be sent. Your consent to exchange collected data will be determined during the “validation interview” which will take place after your onsite assessment. If a candidate withdraws consent to process data during an assessment, that assessment will be closed and no processing activities or data exchange with the client will occur. We will store test results for the duration of their validity (two years) after which all traces of test results will be destroyed. If you wish to remove these test results prior to the two-year retention period, you can do so by submitting a written request via post or email. We may require you to confirm your identity prior to deleting these files, after which, all files in question will be deleted within 48 hours. You may also request a copy of your psychometric assessment results at any time once the testing process has been completed.
Who Controls the Data?
Organisational Solutions control all raw and interpreted data collected from all online and onsite psychometric assessments. Once a report has intentionally been sent to the client from Organisational Solutions, it is owned and controlled by the client. Reports sent to the candidate are jointly controlled by the candidate and Organisational Solutions. A joint controllership is necessary in instances where reports are sent to the candidate to pass to the client, but such an exchange does not occur.
How we collect your Information
Personal Data/Special Category Data:
We collect personal information from you in a number of ways:
- If you provide it to us directly through our website
- If you provide it directly to a member of staff
- If one of our clients provides it to us in order for us to carry out a service for them, such as psychometric testing
- If a third party, such as a recruitment agency, provides it to us on behalf of a client, in order for us to carry out a service for them, such as psychometric testing
Our clients and any third parties we receive personal information from are bound by the same privacy and data protection laws as we are, under GDPR.
Non-Personal Data:
Our website uses cookies – see below.
Why we hold your Information
Personal Data/Special Category Data:
We will process any Personal Data or Special Category Data you provide to us for the following purposes only:
· To provide you with the services you have requested
· To provide our clients with services they have requested on you, for example, psychometric testing
· To contact you if required to respond to any communications you might send to us
Non-Personal Data:
We use the Non-Personal Data gathered from visitors to our website in an aggregate form to get a better understanding of where our visitors come from and to help us better design and organise our website.
Cookies
Cookies are small text files that are placed on your computer by websites that you visit.
They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
This link explains the cookies we use and why.
Retention of Data
- Reports relating to selection work, along with any electronic data, such as a personality profile and/or the results of an aptitude test will be kept for their maximum validity period of up to 2 years, in order for us to carry out the service we have been contracted to do. Any hard copy materials will be confidentially shredded as soon as the selection process is complete.
- Reports relating to development and coaching work, along with any electronic data, such as a personality profile and/or the results of an aptitude test will be kept for their maximum validity period of up to 2 years, in order for us to carry out the service we have been contracted to do. Any hard copy materials and written notes will be confidentially shredded as soon as the development/coaching assignment is completed
Your Information and Third Parties
We will not disclose your Personal Data to any third parties unless we need the third party to carry out a specific service such as the provision of online psychometric testing. Any third parties we send personal information from are bound by the same privacy and data protection laws as we are, under GDPR. We will only disclose your Personal Data if we believe in good faith that we are required to disclose it in order to comply with any applicable law, regulation or lawful request, such as a court order.
Consent
We require your consent to process your personal data and sensitive personal data. An example of where we will gather consent it to send you our newsletter or further information about our services, which may be of interest to you.
Your Personal Information Rights
In accordance with our obligations under the Data Protection Act 1988, the Data Protection (Amendment) Act 2003 and GDPR, we can assist you with the following:
- Updating and correcting your personal data
- Removing consent. You can change your mind whenever you give us consent, such as for direct marketing
- Deleting your information (your right to be forgotten). You can ask us to remove your personal data from our database
- Moving your information (your right to portability). Whenever possible, we can share a digital copy of your personal data or with another organisation
To find out what Personal Data we hold on you or to have your Personal Data updated, corrected, to remove consent, to have a copy of all your data sent to you or to be removed from our database, please email us with a request to david@organisational.solutions – we may contact you confirm your identity. This is to protect your personal data.
Sale of Business
We reserve the right to transfer information (including your Personal Data) to a third party in the event of a sale, merger, liquidation, receivership or transfer of all or substantially all of the assets of our company provided that the third party agrees to adhere to the terms of the Website Privacy Policy and provided that the third party only uses your Personal Data for the purposes that you provided it to us. You will be notified in the event of any such transfer and you will be afforded an opportunity to opt-out.
Data Security
We have always been fully committed to ensuring the security and integrity of personal data that we hold and have put in place appropriate technical and organisational measures to ensure this. In the event of a breach, we will notify any affected individuals immediately.
As with all electronic communication, when you give us personal data by that means, the data, we will take all reasonable steps (including appropriate technical and organisational measures) to protect your Personal Data. Data may be processed outside of Ireland but as Data Controllers we have ensured that any Data Processors we use are fully GDPR compliant.
Whenever and wherever we collect, process or use personal data, we take steps to ensure that it is treated securely and in accordance with this Data Protection & Privacy Policy and GDPR regulations.
Changes to the Data Protection & Privacy Policy
This Data Protection Policy was last updated in May 2018. We reserve the right to amend or update the policy from time to time. Any changes will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.