You can withdraw and manage your consent at any time, by clicking "Manage cookies" at the bottom of each website page.
On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.
If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.
These cookies are necessary to make the site work properly, and are always set when you visit the site.
These cookies collect information to help us understand how the site is being used.
These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.
Should you wish to understand more about how GDPR affects you as a candidate you can download a useful document
Rethink Group processes personal data
in relation to its own staff, work-seekers and individual client contacts. It
is vitally important that we abide by the principles of the Data Protection Act
1998 set out below. Rethink Group holds data on individuals for the following
marketing and public relations
and processing of work-seekers personal data for the purposes of work-finding
The Data Protection Act 1998 requires Rethink Group
as data controller to process data in accordance with the principles of data
protection. These require that data shall be:
and lawfully processed
for limited purposes
relevant and not excessive
kept longer than necessary
in accordance with the data subjects rights
transferred to countries outside the European Economic Area without adequate
Personal data means data, which relates to a living
individual who can be identified from the data or from the data together with
other information, which is in the possession of, or is likely to come into
possession of, Rethink Group. Processing means obtaining, recording or holding
the data or carrying out any operation or set of operations on the data. It
includes organising, adapting and amending the data, retrieval, consultation
and use of the data, disclosing and erasure or destruction of the data. It is
difficult to envisage any activity involving data, which does not amount to
processing. It applies to any processing that is carried out on computer
including any type of computer however described, main frame, desktop, laptop,
ipad etc. Data should be reviewed on a regular basis to ensure that it is
accurate, relevant and up to date and those people listed in the appendix shall
be responsible for doing this. Data may only be processed with the consent of
the person whose data is held. Therefore if they have not consented to their
personal details being passed to a third party this may constitute a breach of
the Data Protection Act 1998.
By instructing Rethink Group to look for work and
providing us with personal data contained in a CV work-seekers will be giving
their consent to processing their details for work-finding purposes. If you
intend to use their data for any other purpose you must obtain their specific
consent. However caution should be exercised before forwarding personal details
of any of the individuals on which data is held to any third party such as
past, current or prospective employers; suppliers; customers and clients;
persons making an enquiry or complaint and any other third party. Data in
respect of the following is “sensitive personal data” and any information held
on any of these matters MUST not be passed on to any third party without the
express written consent of the individual:
offence committed or alleged to be committed by them
in relation to any offence and any sentence passed
or mental health or condition
or ethnic origins
beliefs or beliefs of a similar nature
someone is a member of a trade union
From a security point of view, only those staff listed
in the appendix should be permitted to add, amend or delete data from the
database. However all staff are responsible for notifying those listed where
information is known to be old, inaccurate or out of date. In addition all
employees should ensure that adequate security measures are in place. For
screens should not be left open by individuals who have access to personal data
should not be disclosed
should be used with care
files and other personal data should be stored in a place in which any
to access them will be noticed. They should not be removed from their usual
without good reason
files should always be locked away when not in use and when in use should not
breaches of security should be treated as a disciplinary issue
should be taken when sending personal data in internal or external mail
Destroying or disposing of personal data counts as
processing. Therefore care should be taken in the disposal of any personal data
to ensure that it is appropriate. For example, it would have been more
appropriate to shred sensitive data than merely to dispose of it in the dustbin
It should be remembered that the incorrect processing of personal data e.g.
sending an individual’s details to the wrong person; allowing unauthorised
persons access to personal data; or sending information out for purposes for which
the individual did not give their consent, may give rise to a breach of
contract and/or negligence leading to a claim against Rethink Group for damages
from an employee, work-seeker or client contact.
A failure to observe the contents of this policy will
be treated as a disciplinary offence. Data subjects, i.e. those on whom
personal data is held, are entitled to obtain access to their data on request
and after payment of a fee. All requests to access data by data subjects i.e.
staff, members, customers or clients, suppliers, students etc should be
referred to Rudolph Botha, 4th Floor Southwark Street, London SE1 0HX, or email [email protected].
Any requests for access to a reference given by a
third party must be referred to Rudolph Botha and should be treated with caution
even if the reference was given in relation to the individual making the
request. This is because the person writing the reference also has a right to
have their personal details handled in accordance with the Data Protection Act
1998, and not disclosed without their consent.
Therefore when taking up references an individual
should always be asked to give their consent to the disclosure of the reference
to a third party and/or the individual who is the subject of the reference if
they make a subject access request. However if they do not consent then
consideration should be given as to whether the details of the individual
giving the reference can be deleted so that they cannot be identified from the
content of the letter. If so the reference may be disclosed in an anonymised
form. Finally it should be remembered that all individuals have the following
rights under the Human Rights Act 1998 and in dealing with personal data these
should be respected at all times:
to respect for private and family life [Article 8]
of thought, conscience and religion [Article 9]
of expression [Article 10]
of assembly and association [Article 11]
from discrimination [Article 14]
or continue with
Already connected? Sign in.
Help us match your profile by telling us a bit more about yourself.
Be the first to know about our job openings.
Add people who can recommend you as a colleague.