top of page

PRIVACY NOTICE (RECRUITMENT) & GDPR

Privacy Notice Information


1 BACKGROUND
Last updated: 15 April 2025.


1.1 This policy tells you how we look after your personal data when you register as a candidate with us in relation to our recruitment services. It sets out what information we collect about you, what we use it for and who we share it with. It also explains your rights and what to do if you have any concerns.


1.2 We may sometimes need to update this notice, to reflect any changes to the way we manage our day-to-day activities or to comply with new legal requirements. Please check back on this notice before you apply for a new role with us.

2 WHO WE ARE AND OTHER IMPORTANT INFORMATION
2.1 We are Clear Wave Search Ltd, with our business address being: 14 Guest Avenue, Poole, BH12 1JB.


2.2 We are the controller for your information (which means we decide what information we collect and how it is used).

3 CONTACT DETAILS
3.1 If you have any questions about this privacy notice or the way that we use information, please get in touch using the following details: lukemankee@clearwavesearch.com

4 THE INFORMATION WE COLLECT ABOUT YOU
4.1 Personal data means any information which does (or could be used to) identify a living person. We have grouped together the types of personal data that we collect and where we receive it from below:

5 HOW WE USE YOUR INFORMATION
5.1 We are required to identify a legal justification (also known as a lawful basis) for collecting and using your personal data. There are six legal justifications which organisations can rely on. The most relevant of these to us are where we use your personal data to:


5.2 Below is set out the lawful basis we rely on when we use your personal data. If we intend to use your personal data for a new reason that is not listed below, we will update our privacy notice and notify you.

6 WHO WE SHARE YOUR INFORMATION WITH
6.1 We share (or may share) your personal data with: Page 2 (3)

7 WHERE YOUR INFORMATION IS LOCATED OR TRANSFERRED TO
7.1 We store your personal data on our servers in the UK.


7.2 We will only transfer information outside of the UK or EEA where we have a valid legal mechanism in place (to make sure that your personal data is guaranteed a level of protection, regardless of where in the world it is located, e.g. by using contracts approved by the ICO).


7.3 If you access our systems whilst abroad then your personal data may be stored on services located in that country.

8 HOW WE KEEP YOUR INFORMATION SAFE
8.1 We have implemented security measures to prevent your personal data from being accidentally or illegally lost, used or accessed by those who do not have permission. These measures include:


8.2 If there is an incident which has affected your personal data and we are the controller, we will notify the regulator and keep you informed (where required under data protection law).

9 HOW LONG WE KEEP YOUR INFORMATION
9.1 Where we are responsible for making decisions about how to collect and use your personal data, we will only keep your personal data for as long as necessary to fulfil the purposes we collected it for or as long as required to fulfil our legal obligations.


9.2 When we consider how long to keep your personal data, we will consider whether it is still necessary to keep it for the purpose which we collected it or whether the same purpose could be achieved by holding less personal data. We will also consider the volume, nature, and sensitivity of the personal data and the potential harm to you if there was an incident affecting your personal data.

10 YOUR LEGAL RIGHTS
10.1 You have specific legal rights in relation to your personal data. These are as follows:

 

- Access: You must be told if your personal data is being used and you can ask for a copy of your personal data as well as information about how we are using it to make sure we are abiding by the law.


- Correction: You can ask us to correct your personal data if it is inaccurate or incomplete. We might need to verify the new information before we make any changes.


- Deletion: You can ask us to delete or remove your personal data if there is no good reason for us to continue holding it or if you have asked us to stop using it (see below). If we think there is a good reason to keep the information you have asked us to delete (e.g. to comply with regulatory requirements), we will let you know and explain our decision.


- Restriction: You can ask us to restrict how we use your personal data and temporarily limit the way we use it (e.g. whilst we check that the personal data we hold for you is correct).


- Objection: You can object to us using your personal data if you want us to stop using it. We always comply with your request if you ask us to stop sending you marketing communications. In other cases, if we think there is a good reason for us to keep using the information, we will let you know and explain our decision.

Page 3 (3)

- Portability: You can ask us to send you or another organisation an electronic copy of your personal data.


- Complaints: If you are unhappy with the way we collect and use your personal data, you can complain to the ICO or another relevant supervisory body, but we hope that we can respond to your concerns before it reaches that stage.


10.2 If you would like to exercise any of your legal rights, please contact us at
lukemankee@clearwavesearch.com

GDPR Data Protection Policy


1. Introduction
This policy outlines how Clear Wave Search Ltd complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are committed to protecting the privacy and security of personal data collected from candidates, clients, and employees.


2. Scope
This policy applies to all personal data processed by Clear Wave Search Ltd in relation to recruitment activities including candidate applications, client interactions, and internal employee records.


3. Lawful Basis for Processing
We process personal data under the following lawful bases:

  • Consent – Candidates provide explicit consent for us to store and process their data.

  •  Contractual necessity – Processing is required to fulfil recruitment services.

  • Legitimate interests – We process data to match candidates with suitable roles while ensuring privacy safeguards.

4. Data Collection & Use
We collect and process personal data, including names, contact details, CVs, employment history, and references. This data is used solely for recruitment purposes, including:

  • Matching candidates with job opportunities.

  • Communicating with clients and candidates.

  • Conducting pre-employment checks.

5. Data Storage & Security
We implement strict security measures to protect personal data, including:

  • Encrypted databases and secure cloud storage.

  • Access controls to limit data access to authorised personnel.

  • Regular audits to ensure compliance with GDPR standards.

6. Data Retention
Personal data is retained only for as long as necessary:

  • Candidate data is stored for up to 2 years unless consent is withdrawn.

  • Client data is retained for business continuity and legal compliance.

  • Employee records are maintained in accordance with employment laws.

7. Candidate Rights
Candidates have the right to:

  • Access their personal data.

  • Request corrections to inaccurate information.

  • Withdraw consent and request deletion of their data.

  • Object to processing under certain circumstances.

8. Third-Party Data Sharing
We do not sell or share personal data with third parties unless required for recruitment purposes or legal
obligations. Any third-party data processors we engage must comply with GDPR standards.

9. Data Breach Response
In the event of a data breach, we will:

  • Investigate and contain the breach immediately.

  • Notify affected individuals if required.

  • Report the breach to the Information Commissioner’s Office (ICO) if necessary.

10. Compliance & Updates
This policy is reviewed regularly to ensure ongoing compliance

bottom of page