At Mosaic Island Limited we are committed to safeguarding and preserving the privacy of our visitors.
We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information, how to contact us and details of the supervisory authorities in the event you have a complaint.
Mosaic Island Ltd collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as 'controller' of that personal information for the purposes of those laws.
In the course of delivering Design & Delivery Assurance outcomes for our clients and recruiting great people for challenging and rewarding opportunities, we collect the following personal information when you provide it to us:
We also obtain personal information from other sources as follows:
The provision of contact information, CV data, identification data and payment details are required from you to enable us to engage with clients, match your skills with our job opportunities, to process offers and if engaged, to on-board and to pay and charge for the services provided.
We will only use your personal data for specific purposes so that we can;
We want the experience of working with Mosaic Island to be positive for everyone concerned. Your personal data will help us to operate our business in the most efficient and effective way we can. In the case of employees this will require Mosaic Island to maintain contact information, provide licenced tools and services, maintain effective personnel records, run a payroll, offer benefits and deliver any statutory reporting to the relevant UK authorities. For our Associates and Candidates, holding your personal data will allow us to contact you when we have an opportunity we would like to discuss with you and to establish the appropriate business systems to maintain an effective commercial relationship with your company.
Only after discussion in person, we may share your name and job experience details with clients with whom we are engaged to provide consultancy services. In addition we may pass your personal information to our third party suppliers including ;
This data sharing enables Mosaic Island to meet its legal obligations and provide the capabilities required to keep our business operating efficiently. Any third party recipients of your personal data may only use that data for the purposes agreed in our contract with them. If we stop using their services, any of your data held by them will either be deleted or rendered anonymous. Certain third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.
We will share personal information with law enforcement or other authorities if required by applicable law.
We may, from time to time, expand, reduce or sell Mosaic Island Ltd and this may involve the transfer of divisions or the whole business to new owners. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.
We will only use your personal data in an identifiable form for the following reasons.
Consent: We rely on your consent as the lawful basis on which we use your personal data to put you forward to our client organisations for roles that match your skills and experience against our requirements.
Contractual obligations: If we engage you or your company, we will use your personal data to fulfil our contractual obligations to you for instance to capture timesheets and to establish payment arrangements.
Legal compliance: We will use your personal data if required by law, for instance to provide reports to the appropriate authorities (e.g. HMRC).
Legitimate Interest: We will use your personal data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For instance your personal data may be used to send you information about client organisations and roles that may be of interest, to exchange contact data for interview scheduling, to record the personal data required for tool and equipment provisioning and to use anonymised CV data for profiling the breadth of our skills networks.
We may transfer your personal information to the following which are located outside the European Economic Area (EEA) as follows:
Such countries do not have the same data protection laws as the United Kingdom and EEA however any transfer of your personal information outside the EEA will only be with organisations (typically those providing productivity tools e.g. email and storage services) that are signed up to the US Privacy Shield agreement that exists between the EU and the USA, safeguarding your privacy rights and giving you remedies in the unlikely event of a misuse of your personal information.
If you would like further information please contact our Head of Information Security (see ‘How to contact us’ below).
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
This privacy notice was published in May 2018.
We may change this privacy notice from time to time, when we do we will inform our contacts who have provided their consent via email and direct you to the latest information.
Please contact Head of Information Security if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us, please send an email to Head of Information Security at firstname.lastname@example.org