Privacy Policy

We take the privacy of your information seriously and we ask that you read our Privacy Policy as it explains what information we hold, how we use it and your rights in respect of its management.

Privacy Policy

We take the privacy of your information seriously and we ask that you read our Privacy Policy as it explains what information we hold, how we use it and your rights in respect of its management.

Who are we?

Grosvenor Clive & Stokes (GC&S) provides executive search services to clients looking to recruit personnel for their businesses. We also offer a range of human resources, talent management, remuneration benchmarking, new market entry, market mapping, research and advisory services to businesses.

Why do we have a privacy policy?

Grosvenor Clive & Stokes is an Executive Search firm. We collect and process data and are therefore classified as a Data Controller by the General Data Protection Regulation (GDPR). We are committed to privacy for everyone with whom we deal with either face to face, in writing or by email, on the telephone or through our website. Under the EU General Data Protection Regulation (GDPR), we must comply with certain requirements which are designed to ensure that any data provided to us is processed with due care and attention.

What does this Policy Cover?

At GC&S we take your personal data seriously. This policy:

  • sets out the types of personal data that we collect about you
  • explains how and why we collect and use your personal data
  • explains how long we keep your personal data
  • explains when, why and with whom we will share your personal data;
  • sets out the legal basis we have for using your personal data;
  • explains the effect of refusing to provide the personal data requested;
  • explains the different rights and choices you have when it comes to your personal data; and
  • explains how we may contact you and how you can contact us.

What sort of personal data do we collect?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in our possession or likely to come into such possession. The processing of personal data is governed by the GDPR. Grosvenor Clive & Stokes collects personal data from candidates, clients, suppliers and staff as a consequence of its role as an Executive Search firm. It is used for the purpose of executive recruitment and advisory services such as consulting, salary benchmarking, market mapping. The data we hold consists of information such as name, address, telephone number, e-mail address, resume information (e.g., employment history, education, professional credentials, memberships in professional organizations, skills), citizenship, information from former employers and referees, and other information from sources such as public databases, joint marketing partners and social media platforms. In rare situations we may also collect sensitive personal data about you, such as your ethnic origin or religious belief, sexual orientation (for diversity purposes), criminal or health records etc. We only collect sensitive personal data from you, and further process this data, where you have given your explicit consent.

From where do we collect personal data about you

We collect data on you from a range of sources including:

  • Directly from you. This is information you provide while searching for a new opportunity and/or during the various different stages of the recruitment process.
  • From an agent/third party acting on your behalf – such as an Outplacement firm
  • Through publicly available sources such as:
    • LinkedIn, ZoomInfo, Xing
    • Conference speaker or delegate lists
    • Trade association or professional institution membership lists
  • By Reference or word of mouth. For example, you may be recommended by a friend, a former employer, a former colleague or even a present employer.

How do we process your personal data?

Grosvenor Clive & Stokes processes this personal data as necessary to aid the recruitment process and, for its employees and suppliers, through the normal course of its business. We may aggregate data to help us to understand market trends. Grosvenor Clive & Stokes complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data. If you contact us, we may keep a record of your contact information and correspondence, and we may use any information you provide in your message to respond to your inquiry. We may use personal information for our business purposes, such as audits, internal communication regarding candidates and clients, determining the effectiveness of our promotional activities, administering our products and services, maintaining and securing our infrastructure, and for procurement and financial transactions. We may from time to time send informational e-mails, articles, white papers, proposals, engagement letters, and other information regarding our services. We also may use personal information such as e-mail or postal addresses to conduct surveys. In the course of our Search Services, we use the personal information that we have collected concerning candidates to identify professional opportunities that we think may be of interest. We may contact potential candidates from time to time regarding such opportunities. We also may contact individuals from time to time to solicit names of, or other personal information regarding, potential candidates in connection with a search that we are conducting and for purposes of market intelligence. We also use personal information to confirm references and conduct education and background checks, as appropriate. We may further use personal information that we collect for purposes of aggregating and disclosing diversity statistics and other statistical information regarding our candidates and placement activities.

How long will we keep your data?

Your information is maintained on our database, which is secure and accessible only to our employees. Outside of our business, your information may be disclosed on a confidential basis to clients for the reasons described above. Personal information is retained until the purposes have been fulfilled or otherwise required by law, and we assume that you are happy for us to retain your personal information for consideration for future job opportunities unless we hear otherwise from you. Given the seniority of the work we handle and the level of due diligence we conduct, it valuable to both candidates and clients that we hold their data for a period that allows us to evaluate their experience, skills and career trajectory over time. As a consequence, we will hold candidate data no longer than 10 years.

What is the legal basis for processing your personal data?

Our holding and processing of current, up to date and relevant data on candidates is in the Legitimate Interest of Grosvenor Clive & Stokes as an executive search firm, in that we need the information in order to be able to assess suitability for potential roles, to find potential candidates and to contact clients and referees. Processing is necessary for the performance of a contract of recruitment on behalf of our clients and in the interest of our data subjects. If you are shortlisted as a candidate, then this may involve the processing of more detailed personal data including sensitive data such as health information that you or others provide about you. In that case we always ask for your consent before undertaking such processing. For clients, we need to hold your data in order to execute our recruitment contract with you.

What happens if your do not provide us with the information we request or ask that we stop processing your information?

If you do not provide the personal data necessary, or withdraw your consent for the processing of your personal data, we may not be able to match you with available job opportunities.

Do we make automated decisions concerning you?

GC&S does not conduct any automated decisions about you or conduct any type of automated processing.

Why do we collect and process sensitive personal data?

We do not as a matter of course collect and process sensitive personal data. Where it is necessary we will secure your explicit consent.

Do we pass data to third parties?

Your personal data will be treated as strictly confidential, and it may be shared to prospective or intended employers or customers for the purpose of recruitment, both inside the EU and internationally. We may also share information securely within our business for recruitment purposes. In some situations, we may conduct checks on you to verify the information you have provided. In such cases we will provide you with the name of the background checking company we use.

How is this data safeguarded?

The security of your data is extremely important to us. Access to your personal data is only provided to our staff, in order to help with the recruitment process, and to prospective employers or customers. We take all practicable steps to keep your data secure. However, no process that involves communication over email or the Internet can be guaranteed 100% secure.

Do we transfer your data outside of the European Economic Area (EAA)?

To better match your employee profile with current opportunities we may transfer your personal data to clients and partners in countries outside the EEA. These countries privacy laws may be different from those in your home country. Where we transfer data to a country which has not been deemed to provide adequate data protection standards we always have security measures and approved model clauses in place to protect your personal data. To find out more about how we safeguard your information as related to transfers contact us on dataprotection@gcands.com

What are your rights in relation to the data we hold on you?

By law, you have the following rights with respect to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country

Rights What does this mean?
1.    The right to be informed   You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.
2.     The right of access You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law.
3.     The right to rectification You are entitled to have your information corrected if it’s inaccurate or incomplete.
4.     The right to erasure This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
5.     The right to restrict processing You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6.     The right to data portability You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
7.     The right to object to processing You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
8.     The right to lodge a complaint You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
9.     The right to withdraw consent If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.

  We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:

  • baseless or excessive/repeated requests, or
  • further copies of the same information.

Alternatively, we may be entitled to refuse to act on the request. Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.

Effective date amendments

This Policy is effective as of 10 April 2018. We reserve the right to change, modify, add or remove portions of this Policy at any time, at our sole discretion, and will inform you if we make material changes by indicating on the Policy the date it was last updated or otherwise. When you visit the website or are engaged with us in connection with our board and executive search and assessment services, you are accepting the current version of this Policy as posted on the site at that time.

Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

How will we contact you?

To exercise all relevant rights, queries or complaints in relation to data privacy please in the first instance contact our organisation to have the matter investigated either on 020 7828 9900 or via email at dataprotection@gcands.com. You can also contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

Grosvenor Clive and Stokes Head Office

First Floor,
Radius House,
51 Clarendon Road,
Watford.
WD17 1HP.
UNITED KINGDOM

Tel: 020 7828 9900

Email: dataprotection@gcands.com

Company Number 5229381. Registered in England and Wales.