Who we are

Ellie Rich Poole-Ltd, Registered no: 10239349
Our website address is: https://www.ellierichpoole.com.

What personal data we collect and why we collect it

Client Information

Client names, email addresses and other information required in the course of business will be retained electronically on our email server.

Candidates for Recruitment

When assisting clients with recruitment, we collect the information necessary to be able to find and match available opportunities with candidates and further information needed to assess eligibility through the different stages of recruitment. This information includes CVs, identification documents, educational records, work history, employment, and references.

We may also collect sensitive personal data about you, in the form of background reference checks, remuneration and compensation details. We ask for candidates’ consent to collect sensitive personal data from you, and further process this data.

Information will be stored securely on email servers and on a laptop.

User Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

Contact Forms and Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. This information will not be shared with third parties. If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser. Please note, however, that if you delete cookies or refuse to accept them you may not be able to store your preferences.

Who we share your data with

Whatever your working relationship with Ellie Rich-Poole Ltd, we will not share your data with any third parties for marketing purposes. Client names and email addresses and information about prospective candidates will be saved on the secure email server used by my business which is hosted by Microsoft. This is their privacy policy. Visitor comments may be checked through an automated spam detection service.

What third parties we receive data from

The personal data we keep is only the basic information provided by clients in the nature of doing business. We may receive data from clients about prospective candidates. This is securely transmitted and permission will be obtained by them according to their own privacy policies.

How long we retain your data

We retain contact information of existing clients and for previous clients indefinitely within our email system. Information about candidates is retained for 2 years.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

What rights you have over your data

If you are an existing or previous client, are a candidate we have placed in a role or considered for a role, have an account on this site, or have left comments, you can request to receive a copy of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Please contact ellie@ellierichpoole.com to request these services.

How we protect your data

We take the minimum data required from clients and website users to ensure the smooth operation of the business (usually names, and contact details only). This minimises the risk to individuals in the event of a data breech. Personal information is not stored on separate databases or shared with third parties. Emails are stored on Microsoft’s server and on a laptop and mobile devices for business use. These are kept locked with passwords and due consideration of hardware is given when in public places to avoid risk of theft.

What data breach procedures we have in place

Any breach of data will be reported to the ICO within 72 hours if a risk to individuals has been identified. We will also inform clients and users if their data has been compromised. By taking minimal information about clients and users this action is highly unlikely to be necessary.