Privacy Policy

Rare Recruitment Ltd ("we") are committed to protecting and respecting your privacy.

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us (either directly or via a third party), will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

By visiting our websites listed here: rarerecruitment.co.uk, targetoxbridge.co.uk, contextualrecruitment.co.uk, discusslaw.co.uk, dbihaveadream.co.uk, highyieldprogramme.com, faststreamyourfuture.com, fasttrackyourfuture.co.uk and freshchapters.co.uk (“Sites”) or otherwise providing personal data to us (either directly or indirectly) you are accepting and consenting to the practices described in this policy.

For the purpose of the EU General Data Protection Regulation (GDPR), the data controller is Rare Recruitment Ltd of 8 Blackstock Mews, Islington, London, N4 2BT.

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

If you are in Australia, we adhere to the obligations of the Privacy Act (1988) (Cth) with respect to the collection, storage, use, transfer and disclosure of personal information that we receive from you.

Personal data we may collect from you

“Personal data”, or personal information, means any information that enables us to identify you, directly or indirectly when combined with other information we hold. It does not include data where the identity has been removed (anonymous data). We may collect and process the following kinds of personal data about you:

• Information you give to us. You may give us personal data about you by filling in forms on our Sites, for example, at www.rarerecruitment.co.uk/apply.php, by requesting a demo of our products or services, or by corresponding with us by phone, e-mail or in person during a meeting with us.
  
  This includes personal data you provide when you register to use our Sites or services, and when you report a problem with our Sites.
  
  The personal data you give us may include your name, address, e-mail address, phone number, photograph, gender and social mobility, qualifications and examination grades, work experience and extracurricular activities, job applications and the outcome of those applications.
  
  You may also give us special categories of personal data, including details of your race or ethnicity and information about criminal convictions and offences.

• Information we collect about you. With regard to each of your visits to our Sites we may automatically collect the following information:

• technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version and platform;
  and

• information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Sites (including date and time); page response times, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

• Information we receive from third parties. We may receive personal data about you from employers and potential employers who you apply to with our help, who provide us with feedback and decision outcomes relating to your performance during the recruitment process, during internships and/or work placements.

• Information we receive from third parties when you apply for a position directly with that third party. Many employers in the UK use Rare’s Contextual Recruitment System (CRS) in the context of their application processes. This means that when you apply for a position with some employers you will be asked a series of questions about your socio-economic background (e.g. whether you have lived in care, whether you received free school meals etc). Your answers to these questions are then passed to Rare (only with your consent) but will exclude identifying data such as your name, phone number, postal address, email address or date of birth. This anonymized information is used to help assess whether you overachieved academically in light of your surrounding personal circumstances by comparing your results with national statistics. The results of Rare’s data processing are then passed back to the employer who can link the result to your individual application and further assess your application. If you consent to it when you apply for a position directly with a third party which uses CRS, the data which Rare receives from employers may also be used by Rare for further research purposes (e.g. to identify trends such as the number of people who have lived in care who achieve AAA in their A levels). Please note that the CRS does not involve automated individual decision-making (making a decision solely by automated means without any human involvement). The CRS collects specific data which allows a human recruiter to better evaluate outperformance of an individual.

Do we use cookies?

Google Analytics uses cookies to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they have visited.

To opt out of being tracked by Google Analytics please visit: /tools.google.com/dlpage/gaoptout.

How we use your personal data?

We will only use personal data held about you for purposes described in this privacy policy and when the law allows us to do so. We will generally use your personal data on the following legal grounds:

• where the use of your personal data is necessary for the performance of a contract we are about to enter into or have entered into with you;
• where the use is necessary for the purposes of our legitimate interests (or those of a third party);
• where we need to comply with a legal or regulatory obligation; or
• where you have given your consent, or explicit consent (with regard to special categories of personal data), which can be withdrawn at any time.    

We use personal data held about you for the following purposes:

• to carry out our obligations arising from any agreements between you and us and to provide you with the information and services that you request from us;
• to send you information about suitable job opportunities and newsletters;
• to provide it to our clients (universities and employers) to whom you are applying and with whom you have permitted us to share your personal data;
• to provide those services to employers as described above where you have consented to your personal data being shared;
• to perform those research activities described above (only fully anonymized data will be used for research purposes);
• to notify you about changes to our service;
  and
• to notify your school, sixth form college or university that you have applied to a programme, and the outcome of that application, if the opportunity was promoted to you by your school, sixth form college or university.

Do we disclose your personal data?

We may disclose your personal data to third parties:

• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
• If Rare Recruitment Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Rare Recruitment Ltd, our customers, or others.
• As described elsewhere in this privacy policy.

We use some sub-contractors in the software development part of our business. We use service providers who provide penetration testing services, front end software development, quality assurance application programme interface development and systems administration. 

Quality and security

We require all our sub-contractors to sign contracts which include restrictive covenants, detailed clauses on client confidentiality, and data protection compliance.

We require our sub-contractors to use secure communication for all their work with Rare.

Work devices are encrypted, password protected or both.

We require all our sub-contractors to receive information security training and to have references satisfactory to us.

Storage of your personal data

All information you provide to us is stored on a secure AWS server located in the British Isles.  The backup server is located in Ireland.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. See the section below on data security for further details.

 

How long we store your personal data

We will only retain your personal data, in a form which permits us to identify you, for as long as necessary to fulfil the purposes we collected it for. We will retain and use your personal data as necessary to satisfy any legal, accounting or reporting requirements, to resolve disputes or to enforce our agreements and rights. In line with this privacy policy, we will either securely delete or anonymize your personal data so that it cannot be linked back to you. Generally, we store personal data in a form that can identify an individual for up to 10 years following collection unless it is required to fulfil any legal or contractual obligation, or is required for the establishment, exercise or defence of legal claims.

Your rights

Our Sites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

In accordance with the General Data Protection Regulation (GDPR), in certain circumstances you have:

The right to access your personal data and supplementary information and to be aware of and verify the lawfulness of our processing of your personal data. We will not generally charge a fee for an access request, but a reasonable fee may be charged if a request is manifestly unfounded or excessive, particularly if it is repetitive. We may also charge a reasonable fee to comply with requests for further copies of the same information.

The right to rectification. Your personal data can be rectified if it is inaccurate or incomplete. We respond to requests for rectification within one month of receipt of the request. This can be extended by two months where the request for rectification is complex.

The right to erasure. This is also known as ‘the right to be forgotten’. You have a right to have your personal data erased and to prevent processing in specific circumstances:

1. Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
2. When you withdraw your consent.
3. When you object to the processing and there is no overriding legitimate interest for continuing the processing.
4. If the personal data was unlawfully processed (ie otherwise in breach of the GDPR).
5. If the personal data has to be erased in order to comply with a legal obligation.
6. If the personal data is processed in relation to the offer of information society services to a child.

The right to restrict processing of your personal data. You have a right to ‘block’ or suppress the processing of your personal data. If you contest the accuracy of your personal data, we will restrict its processing until its accuracy has been verified.

The right to data portability. In certain circumstances you have the right to request transfer of your personal data directly to a third party where this is technically feasible.  

The right to object. You have the right to object to us processing your personal data. In this case, you must have an objection on grounds relating to your particular situation.

To exercise any of these rights, in the first instance please contact info@rarerecruitment.co.uk.

If you have any questions in relation to this policy, please contact info@rarerecruitment.co.uk.

Accreditation

Rare Recruitment Limited is an ISO27001:2013 certified company, Certificate Number: 214857.

Rare Recruitment Limited is a Cyber Essentials accredited company, Certificate Number: IASME-A-03878. We have also been issued with the IASME Governance Standard, Certificate Number: SA003194.