Last updated: 29th October 2020
Fair HQ’s mission is to help companies become more successful by embedding diversity and inclusion (D&I) across the business. Our evidence based product helps businesses audit and benchmark their D&I, create an effective strategy and continuously track improvements.
At Fair HQ we are committed to protecting personal information and respecting data protection laws across national boundaries. We are going to explain how we do this here.
We come into contact with personal data in four distinct ways:
This is when we are contracted by an organisation to deliver a service and are provided with personal data to do so. We act solely under the instruction of the data controller to deliver this service.
This is when we determine what data we are going to collect, where we are going to collect it, for what purpose and how long we are going to keep it. We use this personal information to run our business, including the recruitment of employees and the promotion of our services.
We also act as the data controller for information given to us by users in the provision of our services. This data is pseudonymised, i.e. we are not able to determine the identity of the individuals it belongs to without the instruction of the original data controller, i.e. our client.
Regardless of whether we are acting as the Data Processor or the Data Controller we follow key data protection principles to ensure that the collection, retention and processing of personal data is managed in a compliant and fair way. We only collect the data we need to provide our services or to manage our business.
This means that we will always tell you:
We collect and process different personal information and personal sensitive information according to the context in which you interact with us. This information includes:
We collect this information when you provide it to us directly, or from your interaction with our services.
We use your information as follows:
To fulfil a contract with Employers:
As required by us to conduct our business and pursue our legitimate interests, in particular:
Where you have provided your consent:
For purposes which are required by law:
We may integrate your personal data with the Employers’ software to enable the Employers to continue to monitor and measure their compliance with the diversity and inclusion practices against the established benchmarks to ensure that they are meeting the standard at all times. In this case we will anonymise all personal and sensitive data so that Employers would never be able to identify individuals (the Employees) and attribute your answers to the surveys and other personal data directly to you.
We share your personal details:
We will also share your personal information:
We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
Where your consent is required for us to process your personal information, we will ask for your consent at the point at which you provide your data. You have the right to withdraw that consent at any time. Please note that we may not be able to provide our services if you withdraw consent for us to use your sensitive data. You can also update your personal information at any time. If you wish to do either, contact us at email@example.com.
We may use our secure servers to store your personal data. We take appropriate physical, electronic and procedural measures to ensure that we keep your information secure, accurate and up to date in accordance with this policy.
Your personal information may be stored and processed outside of the country where it is collected, including outside of the European Economic Area (EEA). When transferring information to others, within the EEA or otherwise, we ensure that appropriate and suitable safeguards and technical measures are in place to protect your personal data. To do this, we make use of standard contractual clauses that have been approved by the European Commission, or we implement other similar measures required by laws around the world. If you would like further information about this, please contact us at firstname.lastname@example.org
We will only keep records of your personal information for as long as is reasonably necessary for the purposes for which we have collected it, and in order to comply with any statutory or regulatory obligations in relation to retention of records. We respect requests to stop processing your personal data for marketing purposes. This includes keeping a record of your request indefinitely so that we can respect your request in future.
We may retain your personal data longer:
Finally, we may create anonymised or aggregated records relating to demography or the use of our website or services, from which no individual is identifiable. We may retain those records, which are not personal data, indefinitely.
We do not knowingly collect or store any personal information of children under the age of 16, because the services we offer are not applicable to this age group.
Prior to providing to Fair HQ any personal information concerning another individual, you must (unless we agree otherwise):
You have the right to request access to and rectification or erasure of personal information, the right to restrict processing of your personal information, and the right to object to processing of your personal information. You have the right to object to your personal information being processed on the grounds of our legitimate interests. You have the right to object to us sending you direct marketing and profiling you for the purposes of direct marketing. You can contact us by email at email@example.com in relation to any of the rights described in this paragraph, or if you have any questions regarding this privacy notice.
You can make a request to rectify, erase, restrict or object to the way your information is handled. You can also ask to access the data for which we are the data controller.
When you make a request, we may ask you for some specific information to help us confirm your identity and ensure you have the right to exercise these rights. We will make it easy and secure for you to share this information with us and we will do it in a timely fashion.
You may also request your data in a useable electronic format so that you can use it elsewhere.
To update your personal information, make changes to it, request a copy or ask us to change the way we contact you please email us at firstname.lastname@example.org.
If your request relates to information provided by your employer, we will ensure that it is passed on to them so that they can take the appropriate action.
If you have a complaint or concern about how Fair HQ uses your personal information, please contact us in the first instance and we will attempt to resolve the issue as soon as possible.
If you are not satisfied with the way we have handled a request regarding your information, you have the right to lodge a complaint with the appropriate supervisory authority. Details are given below:
Information Commissioner’s Office https://ico.org.uk/make-a-complaint/ Telephone: +44 303 123 1113
We are Fair HQ LTD, whose registered address is 20-22 Wenlock Road, London, England, N1 7GU. Our Data Protection Officer can be reached by email at email@example.com