Privacy Policy:
1. Introduction
THJ Technology is committed to ensuring that your personal information is protected and that we are being transparent about the information we hold about you. This Privacy Policy applies to the personal information we collect and hold about individuals that: (i) visit our websites, 1 and/or (ii) elect to receive direct marketing and subscribed mailings from us as set out below.
Please read this Privacy Policy carefully, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you, so you are informed about how and why we collect, store, use and share your personal information. This Privacy Policy also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.
This Privacy Policy is issued on behalf of THJ Consulting Ltd so when we refer to “THJ”, “us”, “we” or “our” in this Privacy Policy, we mean THJ Consulting Ltd.
2. Scope
This Privacy Notice describes how THJ collects and processes personal data gathered through our website. It is available for anyone who wishes to understand how THJ uses the limited personal data gathered through our website. If you have any further questions regarding this Privacy Notice or how personal data is processed by THJ, please contact info@THJTechnology.co.uk
3. Principles of Data Protection
When using the term “personal data” or “personal information” in this Privacy Policy, we mean information (including opinions) that relates to you and from which you could be identified, either directly or in combination with other information which we may have in our possession.
To help you understand how we handle your personal information more clearly, below is a summary of the data protection principles which guide how we use your personal information. These principles provide that personal data should be:
Used lawfully, fairly and in a transparent way;
Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
Relevant to the purposes we have told you about and limited only to those purposes;
Accurate and kept up to date;
Kept only as long as necessary for the purposes we have told you about; and
Kept securely.
We have put policies and procedures in place to seek to adopt these principles in our everyday processing activities set out in this Privacy Policy.
4. Sources of Personal Data
We may collect personal data about you when:
The personal data is provided by you (e.g. when you apply for a role and register with us, including additional communications via email, telephone, social media, or videophone (e.g. Teams);
The personal data is collected in the normal course of our relationship with you;
The personal data has been made public by you (e.g. contacting THJ via a social media platform about future career opportunities);
The personal data is received from our business partners and suppliers (e.g. marketing partners, IT support services);
The personal data is collected when you visit our website or use any features or resources available on or through the website (including subscribing to marketing), some of which may be personal data; or
The personal data may be created by us, such as records of your communications with us or reports from your job interviews.
5. Cookies
We use cookies on our websites. Cookies are small text files that are downloaded onto your device when you visit a website. The cookies on our website records minimal personal data for the purposes of analysis, to help us understand how people use our website. Please refer to our cookies policy for further information about our use of cookies.
6. Personal Data Collected
The following sets out the types of personal data we collect on our websites:
Personal Details: title, first and last name, address, telephone numbers, email address.
Consents: consents, permissions, or preferences that you have specified, such as whether you wish to receive direct marketing by subscribing to receive THJ news and media alerts and THJ regulatory news alerts.
Website Access Details: your computers unique identifier (e.g. IP Address), the date and time you accessed the website, passwords to access alerts preferences.
Security Information: security clearances and vetting information.
Correspondence: responses, comments, views and opinions when you communicate with us for instance when making a complaint and record a video interview.
7. Purpose and Use of Personal Data
The main purpose for using your personal information is to:
Improve and monitor the operation of our website; and
Deliver any requested services, such as job alerts.
We use information held about you in the following ways: –
To contact you, for instance, to arrange a service;
To contact you with relevant marketing communications (please refer to Section 10 below);
To administer our website and for internal operational purposes to make user experience more efficient (including troubleshooting) and to analyse how the systems are used;
To enable you to participate in interactive features within our website;
To prevent unauthorised access and modifications to systems;
To ensure business policies are adhered.
8. Legal Basis for Processing Your Personal Data
Data protection and privacy laws requires us to have a “legal basis” or “lawful ground” to collect and use your personal information. We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do this. This may include:
We have obtained your prior consent, for instance when you sign up to marketing.
We need to use your personal information in connection with the performance of a contract with you or to take steps at your request prior to entering a contract with us.
We need to use your personal information to comply with a relevant legal or regulatory obligation that we have.
Where it is necessary for our legitimate interests (or those of a third party) as a commercial organisation (to the extent that your interests and fundamental rights do not override those interests), such as:
To detect and protect against fraud;
To make sure we are following our own internal procedures so we can deliver a quality service;
Establishing, exercising or defending our legal rights in the event of a claim;
Monitoring, managing and operating our website IT systems and ensuring security of those systems; and/or
In connection with compliance, regulatory and investigative purposes as necessary.
How do we justify our legitimate interests?
We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Exemptions
THJ sometimes handles personal information relying on exemptions under the applicable data protection law. Any permitted handling of personal information under such exemptions will take priority over this Privacy Policy to the extent of any inconsistency.
9. When Is Special Category And Criminal Offence Personal Data Collected And Used?
Special categories of personal data are particularly sensitive and require higher levels of protection. They include information about your health status, racial or ethnic origin, political views, religious or similar beliefs, sex life or sexual orientation, genetic or biometric identifiers and trade union membership.
THJ do not collect special category information from our website.
10. Sharing Your Personal Information With Others
We will only disclose personal information to a third party in very limited circumstances, or where we are permitted to do so by law. The third parties to whom we provide your personal data include:
Other organisations within the THJ Group of companies for the purposes of providing marketing and other services or to manage our business (e.g. the purposes of recruitment).
Customers where required for specific business purposes.
Banks and payment providers to authorise and complete payments.
Credit reference agencies and organisations working to prevent fraud in financial services.
THJ’s third-party providers including information technology suppliers and infrastructure support services, law firms and other third party suppliers/partner organisations.
Professional advisors (e.g. legal advisors, insurance organisations and auditors).
Government, regulatory and law enforcement bodies where we are required in order:
To comply with our legal obligations;
To exercise our legal rights (e.g. pursue or defend a claim); and
For the prevention, detection, and investigation of crime.
We may also transfer your personal information to third parties in connection with a reorganisation, restructuring, merger, acquisition, sale or transfer of assets, or changing services suppliers provided that the receiving party agrees to treat your personal information in a manner consistent with this Privacy Policy.
THJ may from time to time share your personal data with our service providers. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We may transfer your personal data to service providers that carry out certain functions on our behalf. This may involve transferring personal data outside the UK to countries which have laws that do not provide the same level of data protection as the UK law. Whenever we transfer your personal data out of the UK to service providers, we ensure a similar degree of protection is afforded to it by ensuring that the following safeguards are in place:
We will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data; or We may use specific standard contractual terms approved for use in the UK which give the transferred personal data the same protection as it has in the UK, namely the International Data Transfer Agreement.
11. Security Of Your Personal Data
THJ takes precautions including administrative, technical and physical measures to safeguard your personal information against loss, theft and misuse, as well as against unauthorised access, modification, disclosure, alteration and destruction. We protect electronic data using a variety of security measures including (but not limited to):
Data back-up;
Encryption;
Firewalls;
Placing confidentiality requirements on employees and service providers and providing training to ensure that your personal data is handled correctly; and Destroying or permanently anonymising personal information if it is no longer needed for the purposes it was collected.
12. Retention of Your Personal Data
THJ will only retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy and as otherwise needed to comply with applicable law and internal company policies. Where your personal information is no longer needed, we will ensure that it is disposed of in a secure manner.
In some circumstances you can ask us to delete your data.
In some circumstances we may store your personal information for longer periods of time where we are required to do so in accordance with legal or regulatory requirements or so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
13. Your Legal Rights
You have legal rights in connection with personal information. Under certain circumstances, by law you have the right to:
Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Object to processing of your personal information by us or on our behalf which has our legitimate interests as its legal basis for that processing, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
Request the transfer of your personal information. You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller, but in each case only where: (i) the processing is based on your consent or on the performance of a contract with you; and (ii) the processing is carried out by automated means.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, but only where: its accuracy is contested, to allow us to verify its accuracy; the processing is unlawful, but you do not want it erased;
it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; oryou have exercised the right to object, and verification of overriding grounds is pending.
Request erasure of your personal information (commonly known as the “right to be forgotten”). This enables you to ask us to delete or remove personal information in limited circumstances, where: it is no longer needed for the purposes for which it was collected; you have withdrawn your consent (where the data processing was based on consent); following a successful right to object (see Object to processing); it has been processed unlawfully; or to comply with a legal obligation to which THJ is subject.
We are not required to comply with your request to erase personal information if the processing of your personal information is necessary for several reasons, including: for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
You can also object at any time to your personal information being processed for direct marketing, profiling or automated decision-making.
We can continue to use your personal information following a request for restriction, where: we have your consent; to establish, exercise or defend legal claims; or to protect the rights of another natural or legal person.
If you want to exercise any of these rights, please your requests to info@THJTechnology.co.uk. Please note, to ensure security of personal information, we may ask you to verify your identity before proceeding with any such request.
We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
14. Data Protection Contacts
We have appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy. If you have any questions about this Privacy Policy or how we handle your personal information, please address these to:
Data Protection Officer
THJ Consulting Ltd
135 Brackley Square
Woodford Green
Essex
IG8 7LN
Supervisory authority
If you have any questions, concerns or complaints regarding this Privacy Policy or how we manage your personal information, we encourage you to first contact our DPO. However, you have a right to contact your local supervisory authority at any time and lodge a complaint (which in the UK is the Information Commissioner’s Office). The supervisory authority will then investigate your complaint accordingly.
16. Changes To This Privacy Policy
This Privacy Policy was last reviewed and updated in October 2024. We may amend this Privacy Policy from time to time to keep it up to date with legal requirements and the way we operate our business. Please regularly check this page for the latest version of this Privacy Policy.