Privacy Notice

  1. Introduction

Welcome to Huntsworth’s privacy policy.

The Huntsworth Group respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you. This policy describes the following:

  • Important information and who we are
  • The data we collect about you
  • How your data is collected
  • How we use your data
  • Who we share your data with
  • International transfers of data
  • Data security
  • Your legal rights regarding our use of your data
  • How long we keep your data for
  • How to contact us.
  1. Important information and who we are

Purpose of this privacy policy

This privacy policy aims to give you information on how the Huntsworth Group collects and processes your personal data, including any data you may provide through our websites, when you engage with us, use our services, take part in a competition or for any other reason.

This website is not intended for children and we do not knowingly collect data relating to children.

Controller

Huntsworth is made up of two divisions, Huntsworth Health and Huntsworth Communications, which operate separate agency brands via a number of affiliated legal entities (including but not limited to MEDiSTRAVA, Nucleus Global, Evoke, The Creative Engagement Group, Grayling, Citigate Dewe Rogerson, Red Consultancy and Quiller), details of which can be found here: https://www.huntsworth.com/divisions/. This privacy policy is issued on behalf of the Huntsworth Group so when we mention “Huntsworth”, “we”, “us” or “our” in this privacy policy, we are referring to the relevant company in the Huntsworth Group responsible for processing your data.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details set out in section 10 of this policy.

Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

  1. What data do we collect about you?

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you as follows:

  • Identity data that may include first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender and/or occupation.
  • Contact data that may include billing address, delivery address, email address and/or telephone numbers
  • Financial data that may include bank account details
  • Technical data that may include internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website
  • Profile data which may include your interests, preferences, feedback and survey responses
  • Usage data that may include information about how you use our website (e.g. pages visited, products and services, purchases and search history), regardless of device used
  • Marketing and Communications data including your preferences in receiving marketing from us and our third parties and your communication preferences.

We may also collect, use and share aggregated data such as statistical or demographic data for any purpose including sharing with third parties. These data are anonymised and you cannot be identified from them. If we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We may collect, use and/or share Special Categories of Personal Data (or Sensitive Personal Data) about you (which may include information about your health, genetic and biometric data, details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions and/or trade union memberships). Your explicit consent will be obtained by us where any Special Categories of Personal Data is collected, used or shared.

  1. How is your data collected?

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your identity, contact, financial, profile and or marketing and communications data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • engage with us, make an enquiry with us and or use our products or services
  • subscribe to our client communications or contacts database
  • complete e-learning courses
  • request marketing to be sent to you
  • enter a competition, promotion or survey
  • provide feedback, contact us and or participate in research studies
  • respond to, register with us, or make an enquiry about, career opportunities with us.

Automated technologies or interactions. As you interact with our website (the Interaction), we may collect technical and or usage data about your equipment, browsing actions and patterns via ‘cookies’. In order to manage the different cookies that will apply to such Interaction, you can select “Cookies Settings” when you enter our website(s) which will provide you with a number of options.

Third party sources.

We may receive personal data about you from various third parties. For example we may receive technical data when we use a third-party service such as Google Analytics to collect information about how visitors to our website use the site, including collecting information about the country from which you logged in from, which pages you visited and how long you were on our site.

  1. How do we use your data?

We use your information to do the following:

  • Process your request for news items about our company or the Group and, if you agree, to email you about other services we think may be of interest to you
  • If you make an employment enquiry we will pass your details to other relevant companies within the Huntsworth Group
  • If you make an enquiry about our services, we will pass your details to the relevant company within the Huntsworth Group to ensure that your enquiry is adequately dealt with
  • Process your personal data for research purposes as outlined in the consent process through which you supplied this to us
  • Enable certificates to be issued and analyses of e-learning performed
  • Email you about similar goods and services to those you’ve purchased from us which you may be interested in
  • Enter and perform a contract with you or to perform any steps you require from us before entering into the contract. If you do not provide information required by us to enter into a contract with you, we will not be able to enter into that agreement with you or provide you with the services you require.

We will rely on one of the following legal grounds (as appropriate) to process your personal data:

  • To enter and perform a contract with you or to perform any steps you require from us before entering into a contract
  • To pursue our legitimate business interests in providing and marketing our products and services
  • Your specific consent to us using your information, which you can withdraw at any time
  • To comply with our legal obligations and establish, exercise or defend our legal rights
  • Those other purposes that you have agreed with us
  1. Who do we share your data with?

We share information with the following third parties:

  • Data processors (i.e. our suppliers) who provide us with services
  • Our processing partners in relation to payroll, healthcare and the payment of invoices. The use of this personal data is restricted to the extent necessary for the performance of the contract between us
  • Other Huntsworth Group companies (for more information about our group companies please refer to the agencies mentioned on our website at https://www.huntsworth.com/divisions/)
  • Persons connected with any sale, merger, acquisition, disposal, reorganisation or similar change of our business (or of the business of any company in the Huntsworth Group, including any potential or actual purchaser of that business and that purchaser’s advisors)
  • Local and foreign regulators, governments, law enforcement authorities, advisors, courts, tribunals and arbitrators
  • Other third parties, with your consent.

Some of these third parties are based outside the European Economic Area (EEA) in, amongst others, the following countries: United States of America, China, Hong Kong, Singapore and Russia.

If we do transfer your information from the EEA to a jurisdiction outside the EEA, we will take appropriate steps to protect that information, which includes the following: (i) Entering into an agreement with the third party which includes clauses that the EU Commission has determined offer adequate protection for your information, a template copy of which is available at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en; or (ii) Otherwise ensuring that information would only be transferred to third parties in jurisdictions that the EU Commission has determined offers adequate protection for your personal information.

  1. What are your legal rights in relation to our use of your data?

You have legal rights under data protection law in relation to our use of your personal data, which include the following:

  • Request access to your information by submitting a request to compliance@huntsworth.com
  • Update or amend your information if it is inaccurate or incomplete
  • Object to certain uses of your personal data, including direct marketing and processing based on legitimate interests and processing for purposes of scientific or historical research and statistics on grounds relating to your particular situation
  • Request the deletion of your information, or restrict its use, in certain circumstances (for example, subject to lawful exceptions applying, you can request that we erase your information where the information is no longer necessary for the purpose for which it was collected)
  • To withdraw any consents you have provided in respect of our use of your information
  • To request a copy of the information you have provided to us, to use for your own purposes (often called your right to data portability)
  • To lodge a complaint with the relevant data protection supervisory authority in your jurisdiction.

If you have subscribed to us or agreed to be on a contact list to receive information from us, you can ask to be removed at any time by using the unsubscribe link included in any e-communications, or by emailing compliance@huntsworth.com.

If you have any questions about these rights, or you would like to exercise any of them, please contact us by submitting a request to compliance@huntsworth.com – additional details of how to get in touch are set out in section 10 below.

  1. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

As part of the security measures, you should not share your username and password with other people. If a username/password is forgotten, you will receive guidance on how to reset your username and/or password to a validated email address.

  1. How long do we keep your data for?

We retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

Our policy is to destroy employment applications one year after their submission if they have not led to an offer of employment, unless during the submission process you agreed to a longer retention period on the basis of being considered for future work opportunities we may have. If you are engaged with us ‘to perform a contract,’ then local market data retention legislation may apply to elements of the information you supply to us.

Any other information obtained as set out in section 2 above will be kept for no longer than is necessary and will be determined with reference to applicable statutory limitation periods in your jurisdiction, or otherwise as agreed between us.

We will keep our data retention policy under review to ensure that your data is not stored for longer than is strictly necessary.

  1. How to contact us?

If you have any questions about this privacy notice or the information we hold about you, or if you would like to contact the DPO, you can contact us in the following ways:

  • By email: compliance@huntsworth.com
  • By post: Company Secretary, Huntsworth Limited, 8th floor Holborn Gate, 26 Southampton Buildings, London, WC2A 1AN

Enquiries from outside the European Union can still be made via the above email or postal route.

You have the right to make a complaint to a data protection authority such as the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

  1. Changes to this Privacy Notice and your duty to inform us of changes

We keep this Privacy Notice under regular review and we will place any updates on this webpage.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

This Privacy Notice was last updated on 3 June 2021 .