Welcome to the Slync Privacy Policy (“Policy”). This Policy explains how and why we use your personal data and other device data (“Your Data”), what we do to keep it safe, and what your rights are in relation to it.
Before joining Slync and uploading Your Data to the platform please read this Privacy Policy carefully. Some information you provide (such as Profile Information, please see section 2 for further information) will be available to any employer or recruiter which uses the Slync platform. You should only join Slync and provide this information if you are happy for it to be shared and accessible to others.
1. About Slync and this Policy
Slync is an online platform that lets candidates connect and share information with recruiters and potential employers (which we’ll refer to in this Policy as “employers”). We use Your Data to provide, improve and market Slync and to personalise content.
This Policy is all about Your Data. We may update it from time to time so please check the latest version. There are other terms which also apply when you use Slync, as explained in the Slync Candidate Terms and Conditions. If you are a website user, please make sure you also review our Cookie Policy. Employers should also review the Slync Employer Terms.
We are Slync Limited, a limited liability company registered in England. Our company number is 08804737 and our office address is 2 Eastbourne Terrace, London, England, W2 6LG. Under data protection laws we are a ‘controller’ (meaning we control how and why we use personal data) though we also act as a ‘processor’ on behalf of employers in some situation (please see section 3 for details). Our Information Commissioner’s Office registration number is ZA464019.
If you have any questions about how Your Data is used, or want to exercise your rights in relation to it, you can contact us by writing to our office or emailing us at hello@slync.com
2. What personal and other data we collect
This section 2 and table below set out the categories and types of Your Data we collect, how we use it, the purposes for doing so and our legal basis (which is a requirement of data protection laws) for such use.
|
Category |
Types of information |
How we use it |
Purpose and legal basis |
|
Profile information (which you provide when signing up)
|
· Name, date of birth, gender · Login details (including your password) |
Your name and email address are used to set up your Slync account and link it to you. Your login details allow you to securely access Slync |
We need to use this information to provide you with access to Slync (namely, to perform our contract with you) |
|
· Photos, videos, bios, tagline and other information you upload |
Photo, videos, bios and taglines are visible to all employers on Slync, and help them get to know you. This information also helps employers search for candidates
|
We need to use this information to provide Slync’s functionality (, namely, to perform our contract with you) |
|
|
· Your qualifications, where you’ve studied and when you graduated |
This is made available to employers to help get a better understanding of who you are, and make sure your skills and qualifications are appropriate |
We need to use this information to provide Slync’s functionality (namely, to perform our contract with you) |
|
|
· Race/ethnicity |
Information about your race/ethnicity is used by employers for equal opportunities monitoring |
We use this information with your explicit consent, which you are free to refuse and can withdraw. Once collected, this information will be stored anonymously and will not identify you personally |
|
|
Contact details and messages (which you provide when signing up, and create by sending messages) |
· Address, email address and telephone numbers |
We collect this information in case we need to contact you about your account (although we promise not to spam you!) Also, if you want to submit a CV by email then we can send the job details to your email address |
We use this information to keep you up to date about Slync and your account, which is in our legitimate interests Emailing job details at your request is part of our service to you (namely, it is necessary to perform our contract with you) |
|
· Marketing and communication preferences |
Sometimes we run events and competitions which might be relevant to you. If you’re an individual candidate, we’ll only contact you about these with your consent If you are a business (i.e. a corporate employer/recruiter) we may contact you about our services, particularly if we’ve been introduced to you or have had dealings with you (e.g. interactions on social media) |
If you are an individual candidate, we’ll only contact you with marketing communications if you’ve consented If you are a business, we may contact you about our services as this in our legitimate interests |
|
|
· Messages you send and receive |
We host communications sent via Slync and keep a record so the sender and recipient can see their messages |
We do this because it is part of Slync functionality and it is in the message sender’s and recipient’s legitimate interests to have access to their past communications |
|
|
CV information (which is uploaded by users) |
· Your CV (which typically includes employment history, education, qualification, skills and interests) |
Part of our service involves allowing you to share CV information with employers, but we’ll always check before submitting your CV to an employer via Slync |
We host this information as it is part of Slync’s essential functionality (namely, it is necessary to perform our contract with you) We will only share your CV with your consent |
|
Device data (which is generated by accessing Slync) |
· The type of mobile device used, mobile network type (i.e. wifi or cellular), your mobile operating system, your internet protocol (IP) address, time zone setting |
Accessing the app generates technical information which is automatically collected and used to enable you to access Slync and which we use to optimise the app This information is technical data and doesn’t directly identify you, though it is still personal. For example, it could be used to identify what IP address accessed your account We use this information to make sure Slync functions properly with your device, and is optimised and secure to use |
We collect this information because it is in our legitimate interests to make sure our users have the best possible experience of Slync |
|
· A push notification token (an authentication key required for making push notifications to your device) |
We use this to enable us to provide app users with in-app notifications about their Slync account |
Push notifications are made with your consent. You will be asked when you install the app whether to allow these notifications, you can change this later in the settings menu in the app |
|
|
Usage data (which is generated when you use Slync) |
· Details of how you use Slync, including access times, traffic data and data about usage (such as adverts viewed, jobs applied to) |
Usage data helps us understand how Slync is used (which in turns helps us optimise and improve it). We may aggregate (i.e. combine) your information with data about how other users interact with Slync to provide us with a bigger picture, and may anonymise it the information (so it doesn’t identify you personally) in order to provide analytics information (e.g. to tell an employer how many times their job advert has been viewed) Our analytics services are powered by Crashlytic’s Fabric service. For more detail about how these work and collect personal data please visit: https://docs.fabric.io/apple/fabric/data-privacy.html |
We use this information because it is in our legitimate interests to maintain and improve Slync We also aggregate and provide analytics as it is in the interests of employers to view this information
|
Sensitive personal data: Sensitive personal data includes information relating to someone’s health, beliefs, ethnicity, political affiliation or trade union membership, sex life or sexual orientation.
Except for information about your race and ethnicity (which we collect with your consent for equal opportunities monitoring, and which we won’t store in a way which identifies you) we don’t actively collect this type of information, but it may be included in some of the information we receive (for example, your CV Information or your Profile Information, as set out in the table above). It may also be possible to derive sensitive personal data from other information you provide. We only collect and use sensitive personal data with your explicit consent or where you have made this information public (e.g. by uploading it and sharing it publicly).
Business data we collect: In addition to information about Slync users, we also collect personal data about individuals we do business with. These people include individual (or representatives from corporate) employers and professional advisers (such as lawyers and accountants), service providers and suppliers.
The types of personal data we hold about these individuals typically consists of basic personal details and contact information, such as position title, name, email, address, telephone and the person’s employer. We might receive this from the business itself, from third parties or through our dealings with the business (e.g. interactions on social media). We collect this information because it is necessary for us to pursue our legitimate interest in promoting and running our business (including by marketing Slync to employers) and building relationships with other organisations.
3. Information we share with employers
Any employer which registers with Slync will be able to access your basic profile information (such as profile photo, video, and tagline). Since we don’t verify or vet employers, you should consider this information to be public.
Employers which paid for a subscription will be able to see your name, contact you and request your CV. No employer is able to see your CV unless you decide to submit it to them (either via Slync or by email).
When you communicate with or provide information (including your CV) to an employer or recruiter, any personal data you share will then be under their control (and they will decide how and why to use it). Employers may also make their own notes and comments and store these on Slync (which again, will be under their control). In these situations we only process your information on the employer’s behalf and their instructions, and any questions about your personal data should be directed to them. You should always consult an employer or recruiter’s privacy policy before messaging them or submitting your CV.
Employers will also see analytics (about how many times their job adverts etc. have been viewed), but this information won’t identify you personally.
4. Who has access to your information
We share Your Data with some of the third parties which provide services to our business. This includes software providers (such as Microsoft), cloud service providers (such as Google) and IT support services providers. However, these third parties will only have access to your information where they need to in order to provide these services, and will have to follow our strict instructions (and we’ll make sure there are contractual safeguards and guarantees in place to protect Your Data).
Except as set out above, Your Data will be kept private and confidential, and we won’t disclose or share it with other data controllers without your permission except where absolutely necessary, for example to comply with a court order or if the Slync platform or business is bought by or merges with a third party.
5. Where we store Your Data
We normally only store Your Data within the European Economic Area (“EEA”), where your rights will be protected under the terms of the General Data Protection Regulation (“GDPR”). However, some of the services we use are provided by international organisations (such as the Microsoft Corporation or Google) and/or companies based outside the EEA.
Before using non-EEA service providers, we make sure that any of Your Data they have access to is adequately protected, usually by one or more of the following methods:
(a) ensuring the recipient is in a country which provides adequate protection for personal data;
(b) using data transfer contracts which the EU or UK data protection authorities have approved as appropriate safeguards; or
(c) (if the recipient is based in the USA) making sure the recipient is certified under the EU-US Privacy Shield scheme.
The only other time we’ll transfer data outside the EEA is if a legal derogation (i.e. an exception) or requirement under data protection laws or other applicable laws allows or requires us to do so and, even then, we’ll only do so if the transfer is necessary, legally required or made with your explicit consent.
6. How long we store information for
We only collect and use Your Data for specific reasons (see section 2 above), and only keep it as long as it is need for those reasons or for related reasons (such as record keeping or to comply with a legal requirement).
If you delete your account then Your Data will be deleted from our accessible systems immediately. Some information may remain in our secure back-ups for up to 6 months after account deletion.
This doesn’t apply to information, correspondence or documents you’ve shared with others (such as messages or CVs sent to employers), which will continue to be available to those other parties and until they decide to delete it from their account. Slync only allows employers to store CVs and notes about applicants on the platform for a period of 6 months from the date they were received or created, after which they will automatically be deleted. However, employers may make their own copies of information and retain it if they choose to do so. You should always consult an employer’s privacy policy before sharing any information with them.
There may also be occasional situations when we need to keep Your Data longer (such as in the case of a possible legal claim or action). We may also keep a record of our dealings with you and this will include some information about you (and we’ll decide how long to keep this information based on the amount, nature, and sensitivity of the personal data, the potential risk of harm from its unauthorised use or disclosure).
If you deactivate your account, you won’t show up in searches and your account won’t be active, but your profile and information will remain on file in case you later want to re-activate them. Generally, we’ll continue to store Your Data until you ask to delete it, though accounts which have remained inactive for a prolonged period may be deleted where we consider it appropriate.
7. Safety and security
We have put in place a variety of security measures to prevent Your Data from being accidentally lost, stolen, damaged or destroyed. These include:
· multiple backups, across different systems and locations;
· secure system firewalls and authentication controls;
· secure encryption technologies;
· organisational security measures;
· data system access controls and password controls;
· contractual confidentiality obligations for personnel; and
· physical access controls to premises.
In the unlikely event we suspect there has been personal data breach involving Your Data, we’ll notify you and any applicable supervisory authority of a breach when this is legally required.
8. Your legal rights
Data protection law provides you with certain rights in relation to personal data contained in Your Data. These are as follows:
· the right to access and receive a copy of your personal data;
· the right to request correction or completion of personal data;
· the right to be forgotten (i.e. to request that we delete your personal data). This may not apply where we have a good lawful reason to continue using the information in question;
· the right to object to us using your personal data where we do so for our (or a third parties’) legitimate interests or for direct marketing;
· the right to restrict how your personal data is used;
· the right to have a portable copy or to have your personal data transferred to a third party; and
· where we use data on the basis of your consent, the right to withdraw that consent.
Responding: We try to respond to all personal data requests within one month. Occasionally it may take us longer (for example, if your request is particularly complex). Please also bear in mind that there are exceptions to the rights above and some situations where they do not apply. We might need additional information from you to help us confirm your identity or to clarify your request.
These rights are free to exercise, though if your request is unfounded, repetitive or excessive we may charge a reasonable fee (or refuse your request altogether).
If you want to exercise any of the rights described above, please contact us using the details set out at the start of this Policy and make clear the nature of your request. You also have the right to complain to a data protection supervisory authority (which, in the UK, is the Information Commissioners Office) if you are not satisfied with our response to a data protection request or if you think your personal data has been mishandled. For further information on how to make a complaint, please visit https://ico.org.uk.
This Privacy Policy was last updated on 1 November 2018.