Zinc Work Limited (“Zinc”, “we”, “us”, “our”) provides the Zinc Service. You should refer to Zinc Platform Terms & Conditions for further information on Zinc and how the Zinc Service works.
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of any personal data we collect or you provide.
We store your personal data securely on our computers in the UK and elsewhere in the world where our service providers are located (for more information on data transfers see section 4 below).
Additionally, we pseudonymise certain personal data from reports generated via the Zinc Service (e.g.email addresses).
3. Who do we share your personal data with?
When you use the Zinc Service, we may need to disclose your personal data to the following categories of third parties:
We may also need to disclose your personal data in the following limited circumstances:
The personal data we share with these third parties and in these circumstances will in each case be limited to that strictly necessary to satisfy the reasons set out in the table above.
4. Transfers of your personal data
We will not transfer your personal data outside of the EU (or the UK to the extent the UK is no longer part of the EU) except to selected third parties that we have instructed to help us provide the Zinc Service to you. Such third parties may process and store your personal data in geographically distributed data centres.
We may also transfer your personal data outside the UK or EU if requested as part of a foreign background check. For example if Zinc was required to obtain a criminal record check from another jurisdiction e.g. the USA.
In the case of transfers of your personal data outside of the EU (or the UK to the extent the UK is no longer part of the EU), where the transfers are not to countries that provide an adequate level of protection, we will put in place appropriate safeguards to cover transfers of your personal data which may include, for example, signing standard contractual clauses/data protection clauses adopted by theEuropean Commission. Please click here for a link to the standard contractual/data protection clauses.
Where the Zinc Service is a controller in respect of personal data, and the service includes such personal data being transferred to an Employer for that Employer to use for its own purposes, upon receiving such personal data, the Employer will be an independent data controller and such transfer constitutes a controller to controller transfer of personal data (and therefore the Employer may itself determine the means and purposes of processing such personal data). Employers who receive personal data in this manner may only process such personal data fairly and lawfully based on legitimate grounds under applicable data protection legislation.
Cookies are small text files that are placed on your device by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.
Most web browsers allow you to specify cookie preferences via browser settings. You may need to refresh webpages for your settings to take effect.
To opt out of being tracked by Google Analytics across all websites, please visit: http://tools.google.com/dlpage/gaoptout
6. Third party services
7. Data retention
We store your personal data in line with legal, regulatory, financial and good-practice requirements, and unless we have a legal or regulatory obligation to keep that data, until it is no longer necessary to provide our services or until you ask us to delete your personal data. If you delete your account, we will delete the data you provided to us during the set up and operation of your account. We may be required to retain certain information in order to comply with local laws.
Zinc does not retain certain categories of personal data that you provide to us (e.g. your identity documentation). Once such data has been shared via our API, Zinc no longer retains such personal data. Additionally, Zinc deletes certain personal data after 30 days (this includes certain contact details for candidates and referees). We do retain your name, email address and the status of specific reference checks in accordance with the paragraph above.
For further details regarding how long we keep each specific category of personal data, please contact us in relation to our data retention policies.
8. Accessing your personal data and your rights
As a result of us collecting and processing your personal data, you have the following legal rights:
To exercise any of your rights set out above, including to withdraw your consent where we have stated we are processing your personal data based on your consent, please contact us at the address set out below.
9. Contacting us and changes to your personal data
Please keep us informed of any changes to your personal data at any time by updating your details in your account.