The data we collect about you and how we use it will depend on your relationship with us.
The information set out below tells you who we are, what data we may collect, and what we may do with that data. This notice applies if you are a visitor to our website, a contact of ours or are involved in providing services to us.
Collection of personal information
In order for you to request or submit information to Cyber Focus, we may ask you to provide certain information about yourself or your company by completing and submitting an online form. In completing an online form, we ask that you submit personal information, such as your name, company name, postal address, telephone and fax number and e-mail address.
When you submit information to us via our website, you understand and agree that we may store your information in a secure manner on our servers based in the UK. Cyber Focus collects this information in order to record your feedback and respond to your requests for information.
We appreciate the importance of responsible use of this information. We will not use this information unless we have your permission to inform you of other services and special offers from Cyber Focus.
Messages that you send to us by email may not be secure. Cyber Focus recommends that you do not send any confidential information to Cyber Focus by email. If you choose to send any confidential information to us via email you do so at your own risk with the knowledge that a third party may intercept this information. Instructions sent by you via email and to the website are processed exclusively at your risk.
Cookies are used on this site to save your preference for viewing pages as ‘text only’ or with images. No personal information is stored.
Our web servers collect certain information about all visitors to this site, including:
The time and date information is requested
The browser version and platform when information is requested
A record of which pages have been requested
We use this information to produce aggregate visitor statistics in relation to which pages are being accessed. We may also use it to monitor usage patterns on this website in order to improve navigation and design features to help you get information more easily. These statistics do not include information that can be used to identify any individual.
As a contact or third party associated with Cyber Focus what data do we collect about you?
We generally collect data from you directly, but we may also collect data from third parties such as:
Our partners, such as when we host a joint event that you choose to attend.
Publicly available sources, such as social media.
The data we collect and for what purpose will depend on who you are and the nature of the relationship that you have with us.
This data may include:
Basic contact information.
Records of your use of our website.
Records of communications that you have with us.
Other information that you provide to us voluntarily.
How do we use this data that we hold?
To communicate with you, such as in the course of a commercial relationship.
To send you marketing communications, such as via email or post.
To create and manage records of your involvement with us.
To comply with our legal and regulatory obligations.
To share your data with relevant third parties.
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.
On the basis of legitimate interest we will send you communications in the following situations:
The performance of a contract to which you are a party;
Compliance with a legal obligation to which we are subject; or
A legitimate business interest that is not overridden by your interests, rights and freedoms which require protection. When none of the above are relevant we will ask your consent to receive communications from us.
You of course always have the option to opt of receiving our communications and can do so at any time. To opt out please email firstname.lastname@example.org.
We would only share your data with third parties in the following circumstances:
Third parties who provide us with products or services. A full list of third party providers is available on request.
Other third parties, where required or permitted by law.
It may be necessary for us to transfer data outside the country or territory where it was collected, including to a country, territory or international organisation that may not have the same data protection standards.
How do we protect data about you?
We implement appropriate technical and organisational measures to protect personal data that we hold from unauthorised disclosure, use, alteration or destruction. Where appropriate, we use encryption and other technologies that can assist in securing the data you provide. We also require our service providers to comply with strict data privacy requirements.
How long will data about you be kept?
We store data in accordance with legal, regulatory, financial and best-practice business requirements. Once our relationship with you ends, we will securely delete/destroy your data in line with our data retention policies.
As referred to above you can opt out of receiving our communications at any time. You can also request access to any date we hold on our systems.
If you have any questions, or wish to exercise any of the rights detailed above, please contact us at email@example.com.
Updating your personal information
You have the right to access and correct your personal information and privacy preferences. Should you wish to do this, please confirm in writing to us either by letter or email as follows:
Mark Hunter, Cyber Focus
6 Queen Street, Leeds LS1 2TW.
Please include your name, company name, address, and/or email address when you contact us.
Cyber Focus is not responsible for the content or privacy practices of any other website to which this website may link.
As part of the recruitment process, Cyber Focus collects and processes personal data relating to job applicants. The firm is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
During the recruitment process we collect a range of information about an individual. This includes:
Name, address and contact details, including email address and telephone number;
Details of qualifications, skills, experience and employment history;
Information about an individual’s current level of remuneration, including benefit received;
Whether or not an individual has a disability for which the firm needs to make reasonable adjustments during the recruitment process;
Information about an individual’s entitlement to work in the UK; and
Equal opportunities monitoring information, including information about gender, ethnicity, age, marital status and nationality.
This data might be contained in application forms, CVs or resumes, obtained from passport or other identity documents, or gathered through interviews or other forms of assessment processes, including group exercises, case studies and online tests or personality questionnaires.
We also collect personal data about individuals from third parties, such as references supplied by former employers, information from employment background check providers and information from criminal records checks. We will seek information from third parties only once a job offer has been made and will inform the individual that it is doing so.
Data is stored in a range of different places, including on an initial application record, in our HR database and on other IT systems (including email).
In some cases, we need to process data to ensure that the firm is complying with its legal obligations. For example, we are required to check a successful applicant’s eligibility to work in the UK before employment starts.
Cyber Focus has a legitimate interest in processing this personal data during the recruitment process and for keeping records of the process.
Where we rely on legitimate interests as a reason for processing data, we have considered that those interests are not overridden by the rights and freedoms of employees or workers.
We process health information if we need to make reasonable adjustments to the recruitment process for candidates who have a disability. This is to carry out its obligations and exercise a candidate’s specific rights in relation to equality legislation.
Where we process other special categories of data, such as ethnicity, this is done for the purposes of equal opportunities monitoring with the explicit consent of job applicants. This consent can be withdrawn at any time.
For some roles, we are obliged to seek information about criminal convictions and offences. Where we seek this information, we do so because it is necessary for us to carry out our obligations and exercise specific rights in relation to employment.
We will not use an individual’s personal data for any purpose other than the recruitment exercise for which an individual has applied.
Personal data will be shared internally for the purposes of the recruitment exercise. This includes members of the HR department, partners, managers and other staff appropriately trained and involved in the recruitment process.
We will not share personal data with third parties, unless an individual’s application for employment is successful and we make a formal offer of employment. We will then share an individual’s data with former employers to obtain references, employment background check providers to obtain necessary background checks and the Disclosure and Barring Service to obtain necessary criminal records checks.
We will not transfer personal data outside the EU without putting in place adequate safeguards.
We have internal policies and controls in place to ensure that personal data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our trained staff and managers in the proper performance of their duties.
If an individual’s application for employment is unsuccessful, we will hold personal data on file for six months after the end of the relevant recruitment process. At the end of that period, or once an individual withdraws their consent, personal data is securely deleted or destroyed.
If an individual’s application for employment is successful, personal data gathered during the recruitment process will be transferred to the individual’s personnel file and retained during employment. The periods for which personal data will be held will be provided to an individual in a formal privacy notice and data protection policy which forms part of the firm’s staff handbook.
An individual is under no statutory or contractual obligation to provide data to us during the recruitment process. However, if they do not provide the information, we may not be able to process their application for recruitment purposes.
An individual is under no obligation to provide information for equal opportunities monitoring purposes and there are no consequences for an individual’s application if they choose not to provide such information.