Privacy Policy

FourthLine’s Privacy Policy outlines the ways in which we collect and process personal data, and covers the personal data of candidates, clients, website users, suppliers and third-party contacts we may speak to in order to find out more about candidates. Your privacy is important to us and we are fully committed to protecting and safeguarding your data privacy rights.

Fourthline Ltd (company no. 06952875), of Arkwright House, Parsonage Gardens, Manchester, M3 2LF

is the data controller (“we”, “us”, “our” or “FourthLine”) and is responsible for your personal data.  

FourthLine are a registered data controller with the Information Commissioner’s Office (registration no. ZA345522).

FourthLine’s data protection manager can be contacted at data.controller@thefourthline.co.uk. Should you have any concerns, we would appreciate the chance to deal with them in the first instance. However, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

For FourthLine staff, please refer to the FourthLine Staff Privacy Policy found within your employee handbook.

What types of personal data do FourthLine collect?

  • For candidates, our aim is to provide you with a highly tailored and personal recruitment service and in order to match your profile to relevant employment opportunities there is certain personal information that we need to collect. FourthLine will only ever request, use, store, transfer and process personal information that will assist us with the recruitment service we are providing, and this could include but isn’t limited to your name, address, email address, telephone number, bank account, payment card details, employment history, salary, skills and attributes, education details, qualifications, National Insurance Number, your log in data including your username and password.
  • Special Category: In addition, clients may require us to carry out financial or criminal background checks on our candidates, verify their identity using their passports or provide them with diversity information, so there may be additional personal data we need to collect to facilitate these procedures. Diversity information (including details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientatino, political orientation, political opinions, trade union membership, information about your health and genetic and biometric data) will only be collected and processed with your explicit consent.
  • For business clients, there is certain personal data we need to collect, use, store, transfer and process about your organisation and individuals who work there in order to provide an agreed service (e.g. finding suitable candidates for a vacancy). FourthLine will only collect and process personal information that will help us to assist you with the agreed service, and this could include but isn’t limited to name, job titles, email addresses and phone numbers of individuals within the organisation.
  • For suppliers, there are certain details that we need to collect, use, store, transfer and process such as contact details of individuals who work within the organisation and bank details so that we can pay you.
  • FourthLine also collect, use, store, transfer a limited amount of personal data about the visitors of our website. This could include but isn’t limited to your IP address, your log in data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the services you use to access the website and information relating to how you engage with the website (e.g. time spent on the website, number of visits, pages visited etc.).
  • We may collect information about individuals from a candidate or member of staff for referencing or emergency contact purposes including name, address and contact number.
  • We may also collect, use, store and transfer information relating to opinions and market insights for future research and insight services.

How do FourthLine collect personal data?

  • For candidates, FourthLine will generally collect personal information directly from you in order to help us find suitable employment opportunities. There are numerous ways in which this could occur, including the submission of a CV, when you apply for a position directly via the FourthLine website, or during a phone call or email communication with a FourthLine consultant. Additional information about candidates may be provided by clients when in conversation. We may also obtain information about you from third-party sources, such as LinkedIn, job sites including totaljobs.com and CityJobs.com. In this instance we will notify you that personal information has been collected and how we intend to use it. From time to time we may be required to collect personal information from third-parties for verification or vetting purposes.
  • For clients, we would generally collect personal information about your organisation and individuals within that organisation as the result of a direct communication, where either the client has contacted FourthLine via phone or email or where FourthLine has contacted the client by phone or email. Additional information about clients may be provided by candidates when in conversation with FourthLine. From time to time Fourthline may also collect information about clients via market research that we conduct.
  • For suppliers, we will generally collect personal information from you when we enter into an agreement of work or service.
  • For website users, we will collect limited information about you when you visit the FourthLine website. We will also automatically collect your data via cookies in accordance with the cookie settings within your browser.
  • From your current employer, particularly if you are employed by an umbrella/payroll company or personal service company.  Please note: In these circumstances, when you are engaged through such a company, we will be relying on your employer to ensure they have established a legal basis for processing your data with you. Our basis for the ongoing processing of your data will become subject to a contract between us and that company.

How might FourthLine use your personal data?

  • For candidates, we will commonly use the personal information we’ve collected to provide you with a highly tailored and personal recruitment service. The more relevant the information we’re able to collect, the better equipped we are to present you with appropriate and desirable employment opportunities. Your personal information will be stored and updated within our secure database, and may be used:
    • To match your details against job vacancies in order to assess your suitability for the role.
    • To apply for jobs on your behalf, where we will discreetly send your details to a client.
    • To allow you to submit a CV or apply for specific jobs on our website.
    • To enable us to carry out any obligations relating to contracts between yourself and a third party, such as your employer.
    • To facilitate our payroll or invoicing processes.
    • To market and develop other FourthLine product or services.
    • For customer insights and research purposes.
    • To obtain references
  • For clients, we will use the personal information gathered about your organisation and individuals within that organisation to assist us with the delivery of an agreed service. This will most commonly be the sourcing of suitable candidates for a job vacancy, but could also include a bespoke service such as FourthLine’s Technical Advisor Workshop or an on-site scoping meeting.
  • For suppliers, we will generally use the personal information collected to ensure we can easily contact you if necessary and pay you for an agreed service.
  • For website users, the data collected may be used to analyse the performance of the FourthLine website and improve its functionality.
  • For individuals that we receive data for from candidates or staff for referencing or emergency contact purposes, we will only use your personal information to contact you as and when required (e.g. for a referee when we need a reference for a candidate or staff member, or for emergency contacts in the case of an accident or emergency).
  • FourthLine may also use the personal information collected from our candidates and clients to send targeted and relevant marketing communications which we think will be of interest to you, in accordance with local laws and requirements. This may include sending latest job vacancies, information relating to available candidates, FourthLine’s industry insights and opinion pieces, surveys and event invitations. If your interests or requirements change you can unsubscribe from our marketing communications via the unsubscribe link in the email.
  • For all of the abovementioned individuals, including candidates, clients, suppliers, website users and referees, most commonly we will also use your personal information in the following circumstances:
    • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
    • Where we need to comply with a legal or regulatory obligation.

Who do FourthLine share your data with?

  • For candidates, we will need to share certain personal information with other parties in order to help find you employment opportunities. Most typically this will include discreetly sharing relevant details with a client/potential employer in relation to a specific vacancy or on a more speculative basis. We may also be required to share your personal information with third-party service providers who perform functions on our behalf (e.g. in the instance of a financial or criminal background check, our accountants, payroll service providers and HM Revenue & Customs, regulators and other authorities acting as processors in the United Kingdom).
  • For clients, we will need to share some of the personal information about your organisation with suitable candidates in order to assist you with your resourcing requirements.
  • For candidate and clients, we may share your personal information with marketing technology platforms and suppliers or IT storage providers.
  • For suppliers, we may need to share your details with other services providers or organisations to whom we provide services.
  • For website users we will share your personal information with web analytic services, to help us analyse and improve the functionality of the website.
  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If Fourthline Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

How will FourthLine keep your personal data secure?

  • Keeping your personal data secure is extremely important to us at FourthLine, and we have put measures in place to prevent the misuse of your data and unauthorised access to it.
  • FourthLine holds personal data relating to our candidates, clients and suppliers in a variety of places, including within our CRM system, saved on the computers of FourthLine employees, within Microsoft applications, in emails, and within paper files.
  • Processes are in place to protect your personal data, including:
    • Computer passwords
    • The encryption of data and restricted access of specific data within our CRM system to authorised staff only
    • A restricted printing policy within our working environment
    • Staff training to increase awareness on the importance of data privacy and company processes
    • Virus checking
    • Regular auditing of data and data integrity checks

Where do FourthLine store your data?

  • In nearly all instances, your personal information will be stored securely and backed up within the UK, however in some rare instances the data we collect may be transferred to, processed and stored at a destination outside of the European Economic Area (EEA) (e.g. if you apply for a specific job outside of the EEA). If this were to occur, we would gain your explicit consent beforehand.

How long do FourthLine keep your personal data for?

  • Fourthline will keep your personal data no longer than necessary and will remove personal data when it is no longer required. We will usually keep data for the following durations:
    • Permanent candidate data (Placed) - 6 years from commencement of employment
    • Permanent candidate data (Not Placed) - 6 years from collection of data
    • Contractor data (Placed) - 6 years from the end of an assignment
    • Contractor data (Not Placed) - 6 years from collection of data

How can you access your data?

  • In accordance with the General Data Protection Regulation (Regulation (EU) 2016/679), you have the right to be informed about the collection and use of your personal data. If you would like to get in touch with us about the data that we hold for you, please contact us and we will respond to your request promptly and in any event within one month of receiving your request (unless the type of personal data request is exempt from the right of subject access).
  • You have the right to access your personal data and supplementary information. This can include confirmation that your data is processed, access to your personal data, and other supplementary information. If you would like to access your data, please contact us and we will respond to your request promptly and in any event within one month of receipt. Any access request will usually be free of charge. We will endeavour to provide information in a format requested, but we may charge you a reasonable fee for additional copies.
  • You have the right to rectify your personal data if you believe any of it to be incorrect or incomplete. Please contact us if you believe this to be the case and we will respond to your request promptly and in any event within one month of receipt.
  • You have the right to erasure if you would like us to delete the personal data we have for you including if we no longer need it for the purpose we collected it, or you withdraw your consent. Please let us know verbally or in writing if you would like us to erase any of the personal data we hold for you and we will respond to your request promptly and in any event within one month of receipt. Following such a request we will erase your personal data without undue delay unless continued retention is necessary and permitted by law. If we made the personal data public, we will take reasonable steps to inform other data controllers processing your personal data about your erasure request. Please note, if personal data is erased we will keep no record of your details so in some circumstances personal information may be recollected at a future date if publicly available via a third party source.
  • You have the right to restrict processing of your personal data in certain circumstances. In this instance we would only be able to store your data but wouldn’t be able to carry out any further processing activities.  This right could apply if you dispute the accuracy of the data we are processing about you, where you object to the processing of your data for our legitimate interests, where our processing of your data is unlawful but you would prefer that we ceased to process it rather than erase it, or where we have no further need to process your personal data but you require the data in order to assist with legal claims. Please contact us if you would like to exercise your right to restrict processing and we will respond to your request promptly and in any event within one month of receipt.           
  • You have the right to withdraw consent, whereby you may withdraw a previously given consent and we will cease to carry out that activity any longer unless we consider there is a legitimate reason for us to continue processing your data for this purpose. Please contact us if you would like to withdraw your consent and will respond to your request promptly and in any event within one month of receipt. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • You have the right of data portability, should you wish to transfer the data that we have for to another data controller. In this instance we will provide you with the personal data required in a commonly read format that is password encrypted. Please contact us to discuss this requirement and we will respond to your request promptly and in any event within one month of receipt.
  • You have the right to object to us processing your personal data where we do so based on our legitimate interests or the performance of a task in the public interest or exercise of official authority, in the case of direct marketing (including profiling), or for the purpose of research and statistics. If your objection relates to the processing of personal data where we do so based on our legitimate interests or the performance of a task in the public interest or exercise of official authority and you feel it impacts your fundamental rights and freedoms, we will stop processing your personal data unless specific exemptions apply.  If your objection relates to the processing of personal data for direct marketing purposes, we will stop processing your data for direct marketing purposes immediately. Please contact us if you would like to object to us processing your data for any of these purposes.

What is FourthLine’s legal basis for processing your data?

  • In accordance with Article 6(1)(f) of the General Data Protection Regulation, which states that organisations can process data where it is necessary for the purposes of the legitimate interests pursued by the organisation or by a third-party, we believe that it is necessary for us to collect and process certain personal data in order to fulfil the functions and services that we offer, namely as a recruitment services provider.
  • In short, whether you are a candidate or a client, we need certain details about you or your organisation in order to provide a highly tailored, efficient and personal service. Ultimately, we want to be able to find you new employment opportunities or help resolve your organisation’s resourcing requirements, and there are certain personal details that we need in order to deliver these services.
  • We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

We may use candidate’s personal data as follows:

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you

(a) identifying information including name, username or similar identifier (‘Identity Data’); and

(b) contact information including address, email address and telephone number (‘Contact Data’).

(a) Necessary for our legitimate interest to provide our recruitment services to you

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

(b) Asking you to leave a review or take a survey


(a) Identity Data;

(b) Contact Data;

(c) profile data including your username and password, your interests, preferences, feedback and survey responses (‘Profile Data’); and

(d) Marketing and communications information including your preferences in receiving marketing from us and our third parties and your communication preferences (‘Marketing and Communications Data’).

(a) Necessary to comply with a legal obligation

(b) Necessary for our legitimate interests (to keep our records updated and to study how candidates use our services)

To administer and protect our business (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity Data;

(b) Contact Data; and

(c) Technical data including IP address, log in data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website (‘Technical Data’).

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Identity Data;

(b) Contact Data;

(c) Profile Data,

(d) Usage Data,

(e) Marketing and Communications Data; and

(f) Technical Data.

(a) Necessary for our legitimate interests (to study how candidates use our services, to develop them, to grow our business and to inform our marketing strategy)

To provide recruitment services to you and find you employment opportunities

(a) Identity Data;

(b) Contact Data;

(c) Profile Data,

(d) Usage Data,

(e) Marketing and Communications Data;

(f) Technical Data;

(g) bank account and payment card details (‘Financial Data’);

(h) employment related data including employment history, salary, skills and attributes, education details, qualifications and national insurance number (‘Employment Data’); and

(i) in some circumstances potential employers may require diversity information including details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data (‘Diversity Information’)

(a) Necessary for our legitimate interest to provide our recruitment services to you.

 

(b) conducted on the basis of your explicit consent

 

To carry out financial or criminal background checks

(a) Identity Data;

(b) Contact Data; and

(c) Financial Data.

(a) on the basis of your explicit consent

(b) Necessary to comply with a legal obligation

(c) Employment exemption (necessary in connection with employment)

To carry out payroll or invoicing activities

 

(a) Identity Data;

(b) Contact Data;

(c) Financial Data;

(d) Transaction Data; and

(e) Marketing and Communications.

(a) Performance of a contract with your employer (please review your employment relationship for information on data processing)

(b) Necessary for our legitimate interests (to recover fees and debts due to us)

For business clients, we may collect and process certain personal data about your organisation and individuals within your organisation as follows:

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

(b) Asking you to leave a review or take a survey

(a) Identity Data;

(b) Contact Data;

(d) Marketing and Communications Data.

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how clients use our services)

To administer and protect our business (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)


(a) Identity Data;

(b) Contact Data; and

(c) Technical Data.

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Identity Data;

(b) Contact Data;

(c) Profile Data,

(d) Usage Data,

(e) Marketing and Communications Data; and

(f) Technical Data.

Necessary for our legitimate interests (to study how clients use our services, to develop them, to grow our business and to inform our marketing strategy)

To provide recruitment services to you and assist you with a particular resourcing requirement

(a) Identity Data;

(b) Contact Data;

(c) Profile Data;

(d) Usage Data;

(e) Marketing and Communications Data; and

(f) Technical Data.

(a) Performance of a contract with you

To provide you with relevant information that we think will be of interest to you, such as information relating to available candidates, industry insights, opinion pieces, surveys and event invitations.

(a) Contact Data; and

(b) Identity Data.

(a) Necessary for our legitimate interests (to develop our services and grow our business)

 

For suppliers, we may use personal data of individuals within your organisation as follows:

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest

To obtain your services and perform and manage a contract with you.

(a) Contact Data; and

(b) Identity Data.

(a) Performance of a contract with you.

To carry out invoicing activities


(a) Identity Data;

(b) Contact Data;

(c) Financial Data;

(d) Transaction Data

(a) Performance of a contract with you.

For individual referees of candidates, we may use personal data as follows:

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest

To obtain a reference for a candidate.

(a) Contact Data; and

(b) Identity Data.

(a) Necessary for our legitimate interests (to confirm the information given by a candidate is correct to enable us to consider a candidate’s suitability for a role applied for).

For individual emergency contacts of candidates, we may use personal data as follows:

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest

To hold emergency contact details for candidates.

(a) Contact Data; and

(b) Identity Data.

(a) Necessary for our legitimate interests (in cases of accidents or emergency).

For website users, we may use personal data as follows:

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest

To administer and protect our business (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Technical Data

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

 

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Usage Data,

(b) Marketing and Communications Data; and

(c) Technical Data.

 

(a) Necessary for our legitimate interests (to study how individuals use our website, to develop it, to grow our business and to inform our marketing strategy)

How do FourthLine use cookies?

  • Cookies are used by nearly all websites and are small files which are stored on a user’s computer. FourthLine use them to track your activity whilst browsing our website and help us to ensure we can deliver the best experience whilst using our site. We also use cookies to analyse traffic and ultimately improve the functionality of the website.
  • If you want to take a look at the types of cookies you accept or change them, this can usually be done within your browser. If you don’t want to receive cookies, you may choose to opt-out by changing the settings of your browser. Please be aware that rejecting all cookies may affect the performance and functionality of our website.

Our website uses the following cookies:

  • Analytics - This is a small cookie that allows the site owner to check which pages are the most popular on the site and so provide more site content that is popular to users. It contains no personal or private data at all and is used on millions of websites worldwide.
  • Remember Me - This is used when you ask the system to remember your login and stores the email address you use to login only.
  • Shortlist - This is used to be able to remember jobs you place in your shortlist and is classed as essential to the site functionality and thus can be stored regardless of your selection to ensure the site works. However, we wanted to bring this to your attention as we are keen not to hide anything from you.

Changes to Privacy Policy    

FourthLine’s privacy policy may be altered or updated by FourthLine at any time. In the instance of a Privacy Policy update we will advise you of any changes on the FourthLine website.