1. Introduction

JohnstonGreer operates as an employment agency in providing permanent job seeking services and we are committed to ensuring the safe and secure management of personal data held in relation to our staff, clients, candidates and other individuals. This privacy policy outlines how Johnston Greer Ltd (the “Company”) uses and safeguards any information that you give to the Company when using our website.

In the event that we do ask you to provide information which can identify you (the “Data Subject”) as an individual then we will do so in accordance with this privacy policy and the General Data Protection Regulation (EU) 2016/679 (the “GDPR”). These rules apply regardless of whether the data is collected and stored electronically, on paper or via any other means.


2. What Data We Collect

The Company may collect a variety of personal data which can be used to identify an individual. This data includes, but is not limited to:

• Company name
• CV
• Your name and contact information; including email address & company address
• Demographic information such as postcode, preferences and interests
• Other information relevant to the recruitment process


3. How We Use Your Data

In accordance with the GDPR, all data which we collect on behalf of a Data Subject must have a valid purpose for being collected and stored. In the event that it is requested, we may use your data for one of the following reasons:

• To assist you with your job search
• To assist you with your candidate search
• Internal record keeping
• To improve our service
• Promotional/Marketing purposes
• To contact you when necessary


4. Security

We are committed to ensuring the secure retention of your personal data at all times. In the interest of safeguarding personal data we have a variety of suitable measures to prevent unauthorised access or disclosure of information both in physical and electronic formats. This includes, but is not limited to, password protection for all devices with access to Data Subjects’ data and lockable storage for physical copies of personal data.

We use a cPanel hosting platform running on a Linux operating system which utilises industry standard software such as Apache, MySQL, PHP, Dovecot, and Exim. Hosted in a UK datacentre, the providing server for our hosting platform runs on the latest supported operating systems and software and these systems are regularly inspected and patched against known vulnerabilities.


5. Cookies

Cookies are small files saved to a user’s computer hard drive which track, save and store information about the user’s interaction and usage of the website. This allows the Company to provide users with a more personal, tailored experience while browsing our website.
Where applicable, the Company website uses a cookie control system which allows users to give explicit permission or to deny the use of /saving of cookies on their computer. In the event that this option is not available users are advised to access their web browser’s security settings to block all cookies from this website.


6. File Sharing & External Links

From time to time we may publish files and external links on the Company’s website. Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available, users are advised to verify their authenticity using third party anti-virus software or similar applications.

We accept no responsibility for third party downloads and downloads provided by external third party websites.


7. Email Marketing

We operate an email marketing service (EMS) through our recruitment platform Vacancy Lab which is used to inform subscribers about any news regarding the Company, including updates to our services and job opportunities. Data Subjects must provide consent in either written format or by going through an online automated process to continue receipt of emails through our EMS.

Subscribers can unsubscribe at any time through an automated online service, through the “unsubscribe” option at the footer of the email or by contacting the Company directly to request they are opted-out of any further marketing campaigns.

Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.


8. Social Media Usage

We strive to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms, users are advised to verify authenticity of such profiles before engaging with them and more importantly, before sharing personal data. We will never ask for user passwords or personal details on social media platforms.

There may be instances where our website features social sharing buttons which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page.


9. Data Subject Rights

Data Subjects have certain right provided to them under the GDPR, including the entitlement to request information on what personal data the Company holds about them in paper or electronic format (a subject access request).

Data subjects have a right to request a restriction on the processing of their personal data and where applicable, a right to be forgotten. Requests can be made by email to us at info@johnstongreer.co.uk where we aim to respond to your request within one week.

In the event that any direct marketing is undertaken by us you have an absolute right to request that you are removed from any further marketing campaigns. In which case, please send a written request to info@johnstongreer.co.uk and we will aim to remove you from our mailing list within one week of your request.