FinTrU respects your privacy and is committed to protecting your Personal Data.
Protecting the personal rights and privacy of each individual is at the core of the foundation of trust in our business relationships and of FinTrU’s reputation as an attractive and responsible employer. We recognise the need for appropriate safeguards and management practices in relation to the collection and use of your Personal Data.
This website is not intended for children and we do not knowingly collect data relating to children.
Who we are
FinTrU is a multi-award winning financial services company providing its clients with high quality, cost-effective, near-shore sourcing solutions. FinTrU operates in the UK as FinTrU Limited and has its registered office at Warnford Court, 29 Throgmorton Street, London EC2N 2AT.
Information Security Management Team
Our full details are:
Full name of legal entity: FinTrU Limited
1 Cromac Avenue,
Contact Name: Daniel O’Connor
Email Address: firstname.lastname@example.org
Telephone Number: +44 (0)28 9521 2538
What Personal Data we collect and how we collect it
Personal data means any information relating to a living individual who can be identified (directly or indirectly) in particular by reference to an identifier (e.g. name, NI number, employee number, email address, physical features). It can be factual (e.g. contact details or date of birth), an opinion about an individual’s actions or behaviour, or information that may otherwise impact that individual in a personal or business capacity.
When you are using our website, which may include when you download content or contact us via our website.
You may provide Personal Data by completing online registration forms, by applying for roles via our website, or when you create or update any of your marketing preferences. In addition, we may collect your data automatically via cookies, in line with cookie consent, server logs and other similar technologies preferences and settings in your browser.
We collect the information you provide which may include your name and contact details, email address and telephone number, the resume/CV you submitted it to us online. In addition, we collect a limited amount of data which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes information on how you use our website and the location you view our website from (IP address).
You may be a past candidate or a candidate in process or you may have participated in our recruitment or other similar events.
You may provide Personal Data to us by email, post, telephone, face to face during meetings or at our events or through our website. In addition, we may collect your data indirectly or from third parties: through recruitment agencies, social media searches (such as LinkedIn), research companies, client or supplier conversations, or referrals from other third parties.
The Personal Data we collect about candidates includes: first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender, right to work, social security/national insurance number, nationality, employment and education history, skills proficiency, references, or qualifications information contained in your resume/CV, or written records of our conversations or meetings.
We do not mandate the collection of any Special Categories of Personal Data about you through this website (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
When you are enquiring about or using our services we collect and use information to understand your requirements, agree role specifications, propose candidates, discuss our contract, provide training or consultancy services or to share FinTrU content which is likely to be relevant and useful to you.
You may provide Personal Data to us by email, post, telephone, face to face during meetings or through our website. In addition, we may collect it from your colleagues, social media, our network of contacts, others who may know you, event delegate lists or third-party market research.
Data we collect includes the Personal Data of individual contacts who we deal with at your organisation such as: name, job title, management level, business relationships, memberships, work history, work address, telephone numbers, and email address or written records of our conversations or meetings.
When supplying services to us or contracting with us we need certain information so that we can receive and pay for the services you provide.
You may provide Personal Data to us by email, post, telephone, face to face or to our website. In addition, we may collect it from candidates, social media, from our network contacts / others who may know you, event delegate lists or third-party market research.
This includes the Personal Data of individual contacts we engage with at your organisation such as: name, job title, work address, telephone numbers, email address or written records of our conversations or meetings.
What is the legal basis for processing data
We rely on the following main grounds to process Personal Data of candidates, clients, suppliers, web users or other third parties:
Necessary for entering into, or performing, a contract– to perform obligations that we undertake in providing a service to you, or to take steps at your request to enter into a contract with us;
Necessary for compliance with a legal obligation– we are subject to certain legal requirements which may require us to process your Personal Data. We may also be obliged by law to disclose your Personal Data to a regulatory body or law enforcement agency;
Necessary for the purposes of Legitimate Interests– we, or a third party, will process your Personal Data for the purposes of our (or a third party's) Legitimate Interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your Personal Data protected. Our Legitimate Interests include responding to requests and enquiries from you or a third party, optimizing our website and customer experience, informing you about our products and services and ensuring that our operations are conducted in an appropriate and efficient manner;
Consent– in some circumstances, we may ask for your consent to process your Personal Data;
Necessary to protect the vital interests of the data subject or of another natural person.
Change of Purpose
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at email@example.com.
If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so or seek your consent, providing you with a clear, conspicuous and readily available mechanism for you to exercise choice.
Please note that we may process your Personal Data without your knowledge or consent where this is required or permitted by law.
How we share your Personal Data
We will only share your personal data with third parties where we have an appropriate legal ground under data protection law which permits us to do so.
We may disclose your personal information to the following categories of recipients:
Service providers acting as processors who provide IT and system administration services, including Onecom, CJS Payroll and People HR;
Professional advisers acting as processors or joint controllers;
Regulators and other authorities acting as processors or joint controllers based who require reporting of processing activities in certain circumstances. Clients who have roles in which you are interested;
Trusted third parties who provide employment related services for us, including reference, qualification, and criminal record checking (where required), evaluation or skills tests. In such circumstances we may disclose Special Category data; or
International transfers of Data
An overseas transfer of personal data takes place when the data is transmitted or sent to, viewed, accessed or otherwise used in, a different country. Data protection law restricts transfers of personal data to countries outside of the European Economic Area (EEA) because the law in those countries might not provide the same level of protection to personal data as the law in the EEA. To ensure that the level of protection afforded to personal data is not compromised, therefore, we are only able to transfer your personal data outside the EEA if certain conditions are met, as explained below.
We have put in place the following appropriate measure to ensure that any personal data transferred to the listed countries above, is treated in a way that is consistent with and which respects the EEA and UK laws on data protection and receives an adequate level of protection:
A copy of our Data Protection Policy will be issued to the client to ensure they are aware of the requirements of GDPR. In the absence of official recognition of a countries safeguarding procedures, FinTrU will assess adequacy itself by following the ICO guidelines.
If you require further information about this protective measure, you can request it from a member of the Data Protection Team by emailing firstname.lastname@example.org
We use appropriate technical and organisational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
While we operate to the highest standards we are also aware that the transmission of information via the internet is not completely secure. We cannot guarantee the security of your data transmitted to our website and any transmission is at your own risk. Where we have given you (or where you have chosen) a password which enables you to access any of our online or electronic resources, you are responsible for keeping this password confidential. We advise you not to share your password with anyone.
You should note that this website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their content or privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
FinTrU use "cookies" on its sites. A cookie is a piece of data stored on a site visitor's system that help us improve your access to our site and identify repeat visitors to our site.
Cookies can also enable us to track and target the interests of our users to enhance their experience on our site. Except where 1) contacts elect to identify themselves for purposes of receiving information from FinTrU or inquiring as to a business relationship with FinTrU or 2) candidates elect to establish and use an account to apply to FinTrU and employment opportunities with FinTrU, cookies are not linked to any personally identifiable information.
You can disable or remove any cookies already stored on your computer, but these may stop our websites from functioning properly.
Where we collect your Personal Data, the length of time for which we retain it depends on the type of data, the purpose for which we use that data and our accounting, regulatory and legal data retention obligations.
We take into account the following criteria when determining the appropriate retention period for personal data:
the amount, nature, and sensitivity of the personal data
the risk of harm from unauthorised use or disclosure
the purposes for which we process your personal data and how long we need the particular data to achieve these purposes
how long the personal data is likely to remain accurate and up-to-date
for how long the personal data might be relevant to possible future legal claims
any applicable legal, accounting, reporting or regulatory requirements that specify how long certain records must be kep
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.
Your legal rights
You have a number of legal rights relating to your personal data, which are outlined here:
The right to make a subject access request. This enables you to receive certain information about how we use your personal data, as well as to receive a copy of it and to check that we are lawfully processing it.
The right to request that we correct incomplete or inaccurate personal data that we hold about you.
The right to request that we delete or remove personal data that we hold about you where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
The right to object to our processing your personal data where we are relying on our legitimate interest (or those of a third party), where we cannot show a compelling reason to continue the processing
The right to request that we restrict our processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
The right to request that we transfer your personal data to you or to another party, in a structured format. This right applies in respect of data that you have provided where our legal ground for using the data is that it is necessary for the performance of a contract or that you have consented to us using it (this is known as the right to “data portability”).
If you would like to exercise any of the above rights, or have any questions or concerns about how your personal data is being used by FinTrU, please contact email@example.com.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.
To withdraw your consent, please send us email at firstname.lastname@example.org. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate legal basis for doing so.
How to make a complaint
Data privacy laws are constantly evolving and we endeavour to maintain best practice. However, we recognise that we may not always get it right and if you are not satisfied in the way we handle your Personal Data or you wish to discuss our processes then we would like to hear from you.
FinTrU Compliant Process
If there is something which we have not done correctly with your Personal Data then we would appreciate the chance to deal with your concerns before you approach a Supervisory Authority so please contact us in the first instance – email@example.com.
UK Supervisory Authority
In any case, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
LAST UPDATED: 17th January 2019