Policies

WHAT ARE COOKIES?

Cookies are small files which are stored on your computer. They are designed to hold a modest amount of data specific to your website visit on our site.

Cookies help to improve your visit to our website by helping with the following:

We’re giving you this information as part of our initiative to comply with UK legislation, and to make sure we’re honest and clear about your privacy when using our website.

Please be assured that we’re working on a number of other privacy and cookie-related improvements to the website.

THE COOKIES WE USE

GENERAL WEBSITE COOKIES

This website is built using Microsoft’s ASP.Net web technologies, as part of that we use the built-in session cookie (ASP.Net_SessionID) to manage your session. When you navigate to the site, the server establishes a unique session that last for the duration of your visit.

MEASURING WEBSITE USAGE – GOOGLE ANALYTICS

Google Analytics uses cookies to define user sessions, as well as to provide a number of key features in the Google Analytics reports. Google Analytics sets or updates cookies only to collect data required for the reports.

Additionally, Google Analytics uses only first-party cookies. This means that all cookies set by Google Analytics for your domain send data only to the servers for your domain. This effectively makes Google Analytics cookies the personal property of this website domain, and the data cannot be altered or retrieved by any service on another domain.

The following table lists the type of information that is obtained via Google Analytics cookies and used in Analytics reports.

FUNCTIONALITYDESCRIPTIONCOOKIE USED
Setting the Scope of Your Site ContentBecause any cookie read/write access is restricted by a combination of the cookie name and its domain, default visitor tracking via Google Analytics is confined to the domain of the page on which the tracking code is installed. For the most common scenario where the tracking code is installed on a single domain (and no other sub-domains), the generic setup is correct. In other situations where you wish to track content across domains or subdomains, or restrict tracking to a smaller section of a single domain, you use All Used additional methods in the ga.js tracking code to define content scope. See Domains & Directories in the Collection API document for details. 
Determining Visitor SessionThe Google Analytics tracking for ga.js uses two cookies to establish a session. If either of these two cookies are absent, further activity by the user initiates the start of a new session. You can customize the length of the default session time using the _setSessionCookieTimeout () method. This description is specific to the ga.js tracking code for web pages. If you use Analytics tracking for other environments—such as Flash or mobile, you should check the documentation for those environments to learn how sessions are calculated or established._utmb __utmc
Identifying Unique VisitorsEach unique browser that visits a page on your site is provided with a unique ID via the __utma cookie. In this way, subsequent visits to your website via the same browser are recorded as belonging to the same (unique) visitor. Thus, if a person interacted with your website using both Firefox and Internet Explorer, the Analytics reports would track this activity under two unique visitors. Similarly, if the same browser were used by two different visitors, but with a separate computer account for each, the activity would be recorded under two unique visitor IDs. On the other hand, if the browser happens to be used by two different people sharing the same computer account, one unique visitor ID is recorded, even though two unique individuals accessed the site.__utma
Tracking Traffic Sources & NavigationWhen visitors reach your site via a search engine result, a direct link, or an ad that links to your page, Google Analytics stores the type of referral information in a cookie. The parameters in the cookie value string are parsed and sent in the GIF Request (in the utmcc variable). The expiration date for the cookie is set as 6 months into the future. This cookie gets updated with each subsequent page view to your site; thus, it is used to determine visitor navigation within your site.__utmz
Custom VariablesYou can define your own segments for reporting on your particular data. When you use the _setCustomVar() method in your tracking code to define custom variables, Google Analytics uses this cookie to track and report on that information. In a typical use case, you might use this method to segment your website visitors by a custom demographic that they select on your website (income, age range, product preferences).__utmv
Website OptimiserYou can use Google Analytics with Google Website Optimizer (GWO), which is a tool that helps determine the most effective design for your site. When a website optimizer script executes on your page, a _utmx cookie is written to the browser and its value is sent to Google Analytics. See the Google Analytics Help Center for more information.__utmx

Once the cookies are set/updated on the web browser, the data they contain that is required for reporting purposes is sent to the Analytics servers in the GIF Request URL via the utmcc parameter.

COOKIES SET BY GOOGLE ANALYTICS

Google Analytics sets the following cookies as described in the table below. A default configuration and use of Google Analytics sets only the first 4 cookies in the table.

NameDescriptionExpiry
__utmaThis cookie is typically written to the browser upon the first visit to your site from that web browser. If the cookie has been deleted by the browser operator, and the browser subsequently visits your site, a new __utma cookie is written with a different unique ID. This cookie is used to determine unique visitors to your site and it is updated with each page view. Additionally, this cookie is provided with a unique ID that Google Analytics uses to ensure both the validity and accessibility of the cookie as an extra security measure.2 years from set/update
__utmbThis cookie is used to establish and continue a user session with your site. When a user views a page on your site, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on your site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals. This cookie expires when a user pauses on a page on your site for longer than 30 minutes. You can modify the default length of a user session with the _setSessionCookieTimeout() method.30 minutes from set/update
__utmcThis cookie is no longer used by the ga.js tracking code to determine session status. Historically, this cookie operated in conjunction with the __utmb cookie to determine if to establish a new session for the user. For backwards compatibility purposes with sites still using the urchin.js tracking code, this cookie will continue to be written and will expire when the user exits the browser. However, if you are debugging your site tracking and you use the ga.js tracking code, you should not interpret the existence of this cookie in relation to a new or expired session.Not set
__utmzThis cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation within your own site. The cookie is updated with each page view to your site6 months from set/update
__utmvThis cookie is not normally present in a default configuration of the tracking code. The __utmv cookie passes the information provided via the _setVar() method, which you use to create a custom user segment. This string is then passed to the Analytics servers in the GIF request URL via the utmcc parameter. This cookie is only written if you have added the _setVar() method for the tracking code on your website page.2 years from set/update
__utmxThis cookie is used by Website Optimizer and only set when the Website Optimizer tracking code is installed and correctly configured for your pages. When the optimizer script executes, this cookie stores the variation this visitor is assigned to for each experiment, so the visitor has a consistent experience on your site. See the Google Analytics Help Center for more information2 years from set/update

For further information about the Cookies Google uses please visit their website.

MEASURING WEBSITE USAGE – DC STORM

DC Storm Cookies are used by this website to identify how users interact the website so that they can see things like the most popular pages and the journey that users take through their site.

First Party cookies – These cookies are set by this website that you are visiting.

Impressions – Cookies are also created to identify when a user has viewed an advert for this website on an external site.

The cookie contains a unique identifier and nothing else. If you subsequently visit this website, then we link that cookie (and hence the advert) to your visit, but if you never visit the website, the cookie is meaningless and will expire automatically, 90 days after you last saw one of the adverts.

FIRST-PARTY COOKIES INFORMATION

These cookies are written to track website usage of this site:

Cookie NameDescriptionExpiry
_#srchistStores the history of traffic sources the user has arrived to the site1000 days
_#sessStores information about the session1000 days
_#vdfStores the visit definition – ts type, number of visits1000 days
_#uidStores a user identifier (only within a site)1000 days
_#slidUnique sale ID1000 days
_#clkidUnique identifier for a click generating a landing1 year
_#lpsFlags that the last page was secure and therefore has no referrer20 min
_#tsaStores the referrer details to avoid duplicate Landing events10 min
_#envFlags whether the environment variables (screen size, browser etc) need to be collected again30 days

For further information about the Cookies DC Storm uses please visit their Cookie Information page

OTHER 3RD PARTY COOKIES WE MAY USE

When you visit our website, you may notice some cookies that are collecting information for other websites. For example, if you visit a page that has video content, cookies from YouTube may be served. We do not control the setting of these cookies and we recommend you visit the third-party websites for more information.

Please find a list of some third-party cookies you may find present on this website and links to their specific information:

HOW DO I CONTROL OR DELETE COOKIES?

If cookies are not enabled on your computer is could mean that your experience with our website will be impacted.

However, if you want to control or delete cookies you can do so.

Information on deleting cookies or controlling cookies is available at www.aboutCookies.org. To reiterate though, by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.

Accessibility Policy

ACCESS KEYS

Most browsers support jumping to specific links by typing keys defined on the web site. On Windows, you can

press ALT + an access key; on Macintosh, you can press CTRL + an access key.

The access keys used on this site are designed to be as standardised as possible and are based on the

recommendations of the UK Government.

STANDARDS COMPLIANCE

1. All pages on this site are WCAG AA approved, complying with all priority 1 and 2 guidelines of the W3C Web Content Accessibility Guidelines. Again, this is a judgement call; many guidelines are intentionally vague and cannot be tested automatically. This site has been reviewed and it is believed that all these pages comply.

2. All pages on this site are Section 508 approved, complying with all of the U.S. Federal Government Section 508 Guidelines. Again, a judgement call. This site has been reviewed and it is believed that all these pages comply.

3. All pages on this site validate as XHTML 1.0 Strict. This is not a judgement call; a program can determine with 100% accuracy whether a page is valid XHTML. For example, check the home page for XHTML validity.

TEXT

1. This site uses only relative font sizes, compatible with the user-specified “text size” option in visual browsers. For those using Internet Explorer, go to View > Text Size > and select your desired size. For Firefox users, simply hold the CTRL button and press + or – to increase or decrease the size.

2. Many links have title attributes which describe the link in greater detail, unless the text of the link already fully describes the target (such as the headline of an article).

3. Links are written to make sense out of context.

VISUAL DESIGN

1. This site uses cascading style sheets for visual layout, and semantic XHTML for structure.

2. If your browser or browsing device does not support style sheets at all, the content of each page is still readable.

3. All images used in this site include descriptive ALT attributes. Purely decorative graphics include null ALT attributes.

4. Complex images include LONGDESC attributes or inline descriptions to explain the significance of each image to non-visual readers.

Environmental Policy

QGate Software Limited recognises that it has a responsibility to the environment beyond legal and regulatory requirements. We are committed to reducing our environmental impact and continually improving our environmental performance as an integral part of our business strategy and operating methods.

POLICY AIMS

We endeavour to:

PAPER

We will:

ENERGY AND WATER

We will seek to:

OFFICE SUPPLIES

We will:

TRANSPORTATION

We will:

MAINTENANCE AND CLEANING

We will:

MONITORING AND IMPROVEMENT

We will:

CULTURE

We will:

Modern Slavery Statement

A) ORGANISATION

This statement applies to QGate Software Limited (referred to in this statement as ‘the Organisation’). The information included in the statement refers to the financial year 2023/2024.

B) ORGANISATIONAL STRUCTURE

QGate Software Limited is part of a group of companies, wholly owned by QGate Holdings Limited.

The group of companies also includes the associated company, QWARE Limited, wholly owned by QGate Holdings Limited. The Organisation is controlled by a Board of Directors. The Organisation’s registered address is Newfrith House, Winchester, SO23 7DR, England.

The Organisation provides services to support small to medium-sized organisations optimise their business processes, transforming the way their people work, and enhancing their customers’ experience through CRM-oriented business applications. To enable this, the Organisation resells appropriate technology solutions.

The labour supplied to the Organisation in pursuance of its operation is carried out in United Kingdom and Channel Islands and outsourced external agencies (current providers are based in New Jersey, US and Bangalore, India).

C) DEFINITIONS

The Organisation considers that modern slavery encompasses:

D) COMMITMENT

The Organisation acknowledges its responsibilities in relation to tackling modern slavery and commits to complying with the provisions in the Modern Slavery Act 2015. The Organisation

understands that this requires an ongoing review of both its internal practices in relation to its labour force and, additionally, its supply chains.

The Organisation does not enter into business with any other organisation, in the United Kingdom or abroad, which knowingly supports or is found to involve itself in slavery, servitude and forced or compulsory labour.

No labour provided to the Organisation in the pursuance of the provision of its own services is obtained by means of slavery or human trafficking. The Organisation strictly adheres to the minimum standards required in relation to its responsibilities under relevant employment legislation in the United Kingdom, and in many cases exceeds those minimums in relation to its employees.

E) SUPPLY CHAINS

In order to fulfil its activities, the Organisation’s main supply chains include those related to provision of Cloud hosted Microsoft Services and Vendor provided software solutions provided from US-owned suppliers.

We understand that the Organisation’s first-tier suppliers are intermediary traders and there have further contractual relationships with lower-tier suppliers.

F) POTENTIAL EXPOSURE

In general, the Organisation considers its exposure to slavery/human trafficking to be relatively limited. Nonetheless, it has taken steps to ensure that such practices do not take place in its business nor the business of any organisation that supplies goods and/or services to it.

G) IMPACT OF COVID-19

During the reporting period covered by this statement, the COVID-19 pandemic had taken hold. For several months, the UK was placed into lockdown to stem the spread of COVID-19. This created several challenges for the Organisation, as it did for others across the nation.

The Organisation concludes that the COVID-19 pandemic did not adjust the risk of modern slavery to a level above that which existed before the pandemic, which is as set out under ‘POTENTIAL EXPOSURE’ above.

During the pandemic, the Organisation’s employees still had access to the grievance procedure to raise any concerns that they may have had.

The Organisation’s modern slavery risks were subject to the same monitoring procedures during the pandemic as at all other times.

H) STEPS

The Organisation carries out due diligence processes in relation to ensuring slavery and/or human trafficking does not take place in its organisation or supply chains, including conducting a review of the controls of its suppliers.

The Organisation has not, to its knowledge, conducted any business with another organisation which has been found to have involved itself with modern slavery.

In accordance with section 54(4) of the Modern Slavery Act 2015, the Organisation has taken the following steps to ensure that modern slavery is not taking place:

I) TRAINING

The Organisation provides the following induction training to staff to effectively implement its stance on modern slavery.

J) SLAVERY COMPLIANCE OFFICER

The Organisation has a Slavery Compliance Officer, to whom all concerns regarding modern slavery should be addressed, and who will then undertake relevant action with regard to the Organisation obligations in this regard.

This statement is made in pursuance of Section 54(1) of the Modern Slavery Act 2015 and will be reviewed for each financial year.

Date of approval 26th April 2023

Signed James Jury

Director

Date 26th April 2023

Privacy Policy

GENERAL

QGate cares about your privacy and we want to be as transparent as possible about how we process your personal data.

This policy is intended to explain what personal data we may collect about you, where we may obtain your data, how we use your data, and who we may disclose your data to and why.

This policy also explains your data rights; namely how to request access to your data, how to update your data, and how to request that your data be deleted when applicable.

This policy is under regular review. Please check this page for any policy updates.

Should we need to process your data in a new way, we will only do so after conducting a Privacy Impact Assessment. We will contact you to inform you of our lawful base for processing, to give you the opportunity to oppose the processing, and if applicable, to request your consent to process.

PERSONAL INFORMATION WE MAY PROCESS

We may process:

We do not record the audio of telephone calls, but we may have a log of when you called, call length, who you spoke to, and what the subject of that call was.

HOW WE COLLECT PERSONAL INFORMATION

We may obtain information about you when:

Your contact information may be passed on to us from a partner or vendor if we may be able to help you with our products or services.

We expect the partner or vendor in question to have informed you of this prior to passing your information to us.

If that was not the case, and you have just realised that a partner has given us information about you without your knowledge, please contact us immediately by sending an email to privacy@qgate.co.uk.

We will tell you what data we hold, how we use it, and we will delete it if you wish us to.

USE OF PERSONAL INFORMATION

Contact information may be used to respond to requests for contact, deliver product trials, or provide relevant service or product information and newsletters.

Contact history is maintained to provide a consistent quality experience with us.

Purchase history is retained for accounting purposes.

Support Cases are stored to determine where you are in solving a problem or if you have had a similar problem before.

Marketing subscriptions and opt-outs are recorded.

Activity on our website is used to improve website experience; for example, by ensuring that our commonly accessed information is easily accessible.

Contracts are retained for legal purposes.

Responses to marketing campaigns are monitored to ensure that our marketing is useful and relevant to you.

If you are a customer of ours, for support or development purposes, we may require access to your system. In these cases, we will require written confirmation from the Data Controller that either

Having received such confirmation, we will accept transfer of the data to us and, once we have completed the work required, shall retain it for a limited period of no more than 60 days after completion. If appropriate, we will return a single back up of any such database in order that the customer may then hold a copy of the complete data/database for future development or support processes.

Product use details, including performance data, is used to improve our products. If we publish any statistical data, and any personal information will be removed.

If you send us your CV, we may choose to retain it for consideration in future recruitment processes. Should this be the case, you will be informed and given the opportunity to oppose, in which case we will delete it.

We do not use automated decision making when processing data.

We may share limited personal data with another vendor to complete a commercial transaction; for example, to obtain product licenses. In this case you will be informed of who that vendor is.

DATA RETENTION

The type of engagement you may have with us dictates our retention period for your personal information. We retain information only for as long as is necessary for the purposes specified in this policy.

Should you cease to be a customer, we will delete the data that is no longer relevant, and we will keep the data that is necessary for legal and accounting reasons.

It is part of QGate’s commitment to the principle of Data Minimisation to conduct data culling once a year.

MARKETING

We do not share data with third parties for marketing purposes.

As with most technological based businesses operating solely in a Business-to-Business capacity, our marketing communications are sent to professional email addresses and consist of relevant, informative industry and product updates, including blog articles and white papers from QGate and other experts. News about industry conferences and other events, about product releases and new versions, and technical information such as “howto” guides and tutorials. They are sent to our customers, our partners, our prospective customers and our prospective partners, and who have not opted out. We send these emails as a Legitimate Interest, and in all of them, there is an obvious and simple way of opting out of such messages in the future. This opt-out is automatic and is registered immediately. The tool that QGate uses for marketing communications has a safety feature that stops it from sending emails to anyone who has opted out.

COOKIES

Cookies are small data files websites may save on your computer or handheld device that usually include an anonymous unique identifier. Our website may use cookies for user authentication, keeping track of your preferences, promotional campaigns, tracking our audience size and traffic patterns, and in certain other cases.

If you do not wish cookies to be placed on your computer or handheld device, then they can be disabled in your web browser. The option to do so is normally found in your browser’s “security settings” section.

Please note that permanently disabling cookies in your browser may hinder your use of our websites as well as other websites and interactive services.

BUSINESS TRANSACTIONS AND DATA TRANSFERS

QGate may at any time carry out a business transaction such as the buying or selling of QGate assets, merger, restructuring etc. Information about Customers as well as aggregated and anonymized data is typically one of the business assets that is transferred. Should the QGate in whole or partially, be acquired, user information would be one of the assets that is reviewed and transferred or acquired by a third party. You acknowledge that such transfers may occur and that any acquirer of the company may continue to use your Personal Data as set forth in this Privacy Policy.

INTERNATIONAL TRANSFERS

We may transfer information outside the EEA to execute commercial transactions, as above.

This privacy notice does not cover the links within this site linking to other websites (some of which are based outside of the EEA). We encourage you to read the privacy statements on the other websites you visit.

YOUR DATA RIGHTS

If we hold any personal information about you, then you are entitled to certain data rights.

You have the following rights:

You can read more about these rights here – https://ico.org.uk/for-organisations/guide-to-the-general-dataprotection-regulation-gdpr/individual-rights/

SUBJECT ACCESS REQUESTS

If you want to make a Subject Access Request (SAR), email us to privacy@qgate.co.uk. We may require

additional identifying information to carry out your request. You will not be charged for making a request or for us delivering your request. We will respond to your request without undue delay and always within one calendar month.

COMPLAINTS

If you are concerned about the way we are processing your data, send us an email to privacy@qgate.co.uk.

If you still have questions or complaints about your data privacy, you have a right to contact or report a concern to the UK’s data privacy supervisory authority, the Information Commissioner’s Office –

https://ico.org.uk/global/contact-us

If we unlawfully refuse your request regarding your data rights, you have a right to complain to the Information

Commissioner’s Office and possibly receive a judicial remedy.

SPECIAL CATEGORY DATA AND CHILDREN’S DATA

QGate do not collect or process special category data from users of this website, individuals who contact us, or users/interested parties of our products and services. If we receive any special category information (for example, in a CV sent to us) it is our policy to delete it from our records as soon as possible.

We may only process information of a person under the age of 16 for work experience purposes. It is very unlikely, given the nature of our business, that a child would provide us with their data even if inadvertently, outside this context.

However, and while we do not have the intention of processing any kind of data related or belonging to children, we have contact forms publicly available in our website. As with all online activity, children should be supervised at all times while engaging with QGate’s websites.

If at any time we suspect that an online form was submitted by a child, we will delete all the information obtained via such form, from all systems where that data may have been stored.

FURTHER INFORMATION

QGate Software Ltd are a private limited company (Company Number: 03301336), registered at:

Newfrith House

Winchester

SO23 7DR

United Kingdom

If you want to request more information, request access to your data, or if you have a question or complaint about our approach to data protection, privacy or security, email us at privacy@qgate.co.uk.

Privacy Notice for Job Applicants

In accordance with the General Data Protection Regulation (GDPR), we have implemented this privacy notice to inform you, as prospective employees of our Company, of the types of data we process about you. We also include within this notice the reasons for processing your data, the lawful basis that permits us to process it, how long we keep your data for and your rights regarding your data.

  1. DATA PROTECTION PRINCIPLES

Under GDPR, all personal data obtained and held by us must be processed according to a set of core principles. In accordance with these principles, we will ensure that:

TYPES OF DATA HELD

We keep several categories of personal data on our prospective employees in order to carry out effective and efficient processes. We keep this data in recruitment files relating to each vacancy and we also hold the data within our computer systems, for example, recruitment logs.

Specifically, we hold the following types of data:

  1. personal details such as name, address, phone numbers;
  2. name and contact details of your next of kin;
  3. your photograph;
  4. your gender, marital status, information of any disability you have or other medical information;
  5. right to work documentation;
  6. information on your race and religion for equality monitoring purposes;
  7. information gathered via the recruitment process such as that entered into a CV or included in a CV cover letter;
  8. references from former employers;
  9. details on your education and employment history etc;
  10. driving licence;
  11. criminal convictions.

COLLECTING YOUR DATA

You provide several pieces of data to us directly during the recruitment exercise.

In some cases, we will collect data about you from third parties, such as employment agencies, former employers when gathering references or credit reference agencies.

Should you be successful in your job application, we will gather further information from you, for example, your bank details and next of kin details, once your employment begins.

LAWFUL BASIS FOR PROCESSING

The law on data protection allows us to process your data for certain reasons only.

The information below categorises the types of data processing we undertake and the lawful basis we rely on.

Activity requiring your dataLawful basis
Carrying out checks in relation to your right to work in the UKLegal obligation
Making reasonable adjustments for disabled employeesLegal obligation
Making recruitment decisions in relation to both initial and subsequent employment e.g. promotionOur legitimate interests
Making decisions about salary and other benefitsOur legitimate interests
Making decisions about contractual benefits to provide to youOur legitimate interests
Assessing training needsOur legitimate interests
Dealing with legal claims made against usOur legitimate interests
Preventing fraudOur legitimate interests

SPECIAL CATEGORIES OF DATA

Special categories of data are data relating to your:

We carry out processing activities using special category data:

  1. for the purposes of equal opportunities monitoring
  2. to determine reasonable adjustments

Most commonly, we will process special categories of data when the following applies:

  1. you have given explicit consent to the processing
  2. we must process the data in order to carry out our legal obligations
  3. we must process data for reasons of substantial public interest
  4. you have already made the data public.

FAILURE TO PROVIDE DATA

Your failure to provide us with data may mean that we are unable to fulfil our requirements for entering into a contract of employment with you. This could include being unable to offer you employment, or administer contractual benefits.

CRIMINAL CONVICTION DATA

We will only collect criminal conviction data where it is appropriate given the nature of your role and where the law permits us. This data will usually be collected at the recruitment stage, however, may also be collected during your employment. We use criminal conviction data to determine your suitability, or your continued suitability for the role. We rely on the lawful basis of Our legitimate interests to process this data.

WHO WE SHARE YOUR DATA WITH

Employees within our company who have responsibility for recruitment will have access to your data which is relevant to their function. All employees with such responsibility have been trained in ensuring data is processed in line with GDPR. 

We may also share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us. We have a data processing agreement in place with such third parties to ensure data is not compromised. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

We do not share your data with bodies outside of the European Economic Area.

PROTECTING YOUR DATA

We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such.

RETENTION PERIODS

We only keep your data for as long as we need it for, which, in relation to unsuccessful candidates, is six months to a year.

If your application is not successful and we have not sought consent or you have not provided consent upon our request to keep your data for the purpose of future suitable job vacancies, we will keep your data for six months once the recruitment exercise ends.

If we have sought your consent to keep your data on file for future job vacancies, and you have provided consent, we will keep your data for nine months once the recruitment exercise ends. At the end of this period, we will delete or destroy your data, unless you have already withdrawn your consent to our processing of your data in which case it will be deleted or destroyed upon your withdrawal of consent.

Where you have provided consent to our use of your data, you also have the right to withdraw that consent at any time. This means that we will stop processing your data and there will be no consequences of withdrawing consent.

If your application is successful, your data will be kept and transferred to the systems we administer for employees. We have a separate privacy notice for employees, which will be provided to you.

AUTOMATED DECISION MAKING

Automated decision making means making decision about you using no human involvement e.g. using computerised filtering equipment. No decision will be made about you solely on the basis of automated decision making (where a decision is taken about you using an electronic system without human involvement) which has a significant impact on you.

YOUR RIGHTS

You have the following rights in relation to the personal data we hold on you:

In addition to the above rights, you also have the unrestricted right to withdraw consent, that you have previously provided, to our processing of your data at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.

If you wish to exercise any of the rights explained above, please contact privacy@qgate.co.uk .

MAKING A COMPLAINT

If you think your data rights have been breached, you are able to raise a complaint with the Information Commissioner (ICO). You can contact the ICO at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone on 0303 123 1113 (local rate) or 01625 545 745.

DATA PROTECTION COMPLIANCE

Our appointed compliance officer in respect of our data protection activities is:

James Jury

privacy@qgate.co.uk