smith + roper privacy policy.

This Privacy Notice describes how we collect and use Personal Data about visitors to our website, clients and potential clients, third party consultants and any other individuals whom we may collect Personal Data on in accordance with the General Data Protection Regulation (GDPR).  

(Past, present and prospective employees, workers, and contractors should refer to our Privacy Notice for Employees found on our recruitment page.)

 

 

We comply with the GDPR. This says that the Personal Data we hold must be:

1. Used lawfully, fairly and in a transparent way.
2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
3. Relevant to the purposes we have told you about and limited only to those purposes.
4. Accurate and kept up to date.
5. Kept only as long as necessary for the purposes we have told you about.
6. Kept securely.

 

The kind of information we hold about you 
Personal Data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, country of residence, company, and job title.

  • Contact Data includes address, email address and telephone numbers.

  • Professional Data includes CVs, and documents related to your qualifications, experience, and role, current salary, eligibility to work in the UK.

  • Usage Data includes information about how you use our website.

 

  • How is your Personal Data collected? 

 


Personal Data may be collected in the following ways: 

1. Through information collected by cookies when you use our website.

 


Within this website cookies are used to facilitate features and functions which improve your browsing experience. They are also used to measure the performance of the site and the ways in which visitors navigate their way around.

 

 You can accept or decline cookies by modifying the settings in your browser. However, you will not be able to use all the interactive features of the site if cookies are disabled.

2.  Direct interactions – where you provide information by filling in forms or corresponding with us by post, phone, email or otherwise. This includes Personal Data you provide when you:

Make business enquiries via email or telephone; and

Enter into a working relationship with us.

or

3. Third parties or publicly available sources. For example, consultants working with us whose CVs might be sent by their employer for bid documents or so we can assess their suitability for a project.

 How we will use information about you 

 


We will only use your Personal Data when the law allows us to, such as:

1. Where it is necessary to perform a contract with you or in order to take steps at your request prior to entering into a contract.

 

2. Where we need to for compliance with a legal obligation.

 

3. Where it is necessary for the purposes of our legitimate business interests to run a successful international design studio, and your interests and fundamental rights do not override those interests.

 


We may also use your Personal Data in the following situations, which are likely to be rare:


1. Where we need to protect your interests (or someone else’s interests).

2. Where it is needed in the public interest.

 


Special Category Personal Data 

Special Categories of sensitive Personal Data require higher levels of protection and we will need to have further justification for collecting, storing and using this type of Personal Data, such as:
1. In limited circumstances, with your explicit written consent.
2. Where it is necessary for us to meet legal obligations.
3. Where it is necessary for reasons of public interest.
4. Where it is needed on health grounds, subject to appropriate confidentiality safeguards. 
5. Where it is needed for legal claims.
6. Where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

It is unlikely that we will need to collect or process Special Categories of sensitive Personal

Data. Where we do need to, we will notify you and (where required) obtain your consent to the processing.

 

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

 

 Security 
All information you provide to us is stored on our secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. 
Once we have received your information, we will use strict procedures and security features to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.

 

Retention 
We will only retain your Personal Data for as long as necessary to fulfil the purposes for which we collected it or for the purposes of satisfying any legal, accounting, or reporting requirements. 
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. 

 

If you have any questions about this Privacy Notice or how we handle your Personal Data, please contact the Data Protection Manager.