This privacy policy contains three separate privacy notices:
All three notices can be read below. The first or the second may be relevant to you. The third, for users of this website, is also likely to be relevant; if you use our website, that notice should be read in addition to any other relevant notice below.
1. Clients and others
Who we are
We are Source Professional Support Limited, a limited company registered in England and Wales with registered number 14956194. “Source” and “Source by Temple Bright” are the business names for the business carried on by Source Professional Support Limited. Accordingly, all references on this website to “Source”, “Source by Temple Bright”, “we”, “us” or “our” should be read as referring to Source Professional Support Limited (and not to Temple Bright LLP or any other person).
Purpose of this privacy notice
This privacy notice is addressed to clients and any others whose personal data we may use. “Others” in this context may include, without limitation: prospective clients and those to whom we market our services; suppliers and prospective suppliers; parties which are, or may be in prospect of becoming, involved in any transaction or dispute with our clients or prospective clients; persons who work for our clients or for others in any of the foregoing categories; persons who conduct or provide for us to share in the public domain any interview, profile, case study or media appearance in any medium (e.g. filmed, recorded or written).
This privacy notice aims to give you information on how we collect and process your personal data. We are the data controller of your personal data. We are responsible for its security and for ensuring that we use it only for the purposes outlined in this notice. This notice tells you about how we look after your personal data, about your privacy rights and about how the law protects you.
Other privacy notices on our website
There are separate notices relevant to candidates to join the Source Panel and users of our website, which are included in sections 2 and 3 below. The notice for website users is also likely to be relevant to you; if you use our website, that notice should be read alongside this one.
Questions and concerns
If you have any questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact Justyn McIlhinney, whom we have appointed as our representative for the purposes of the Data Protection Act 2018 and UK GDPR:
justyn.mcilhinney@sourceprosupport.com
Although you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk), we would, of course, appreciate the chance to deal with your concerns about data protection directly so please contact us in the first instance.
The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data including first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender, your job function, your employer or department.
- Contact Data including billing address, postal address, email address and telephone numbers including frequency of contact (these details may relate to your organisation or to you personally, depending on the nature of our relationship with you or the organisation that you work for).
- Financial Data including bank account and other payment method details.
- Transaction Data including details about payments to and from you and other details of services you have received from us.
- Profile Data including information you give us or that we obtain when you use our services, supply us with goods or services, enquire about a service, place a service request, enter a survey, or contact us to report a problem, or do any of these things on behalf of your organisation.
- Client Data including information about how you use our services, as well as personal data which can include Identity, Contact, Financial, Transaction and Profile Data of you and/or your family members, beneficiaries, employees or employers, or other third parties about whom we need to collect personal data by law, or under the terms of a contract we have with you or your organisation.
- Marketing and Communications Data including your preferences in receiving marketing from us and your communication preferences. This may include information about events to which you or your colleagues are invited, and your personal data and preferences to the extent that this information is relevant to organising and managing those events (for example, your dietary requirements, but excluding sensitive data).
- Media Data which may be collected if you conduct or provide for us to share in the public domain any interview, profile, case study or media appearance in any medium (e.g. filmed, recorded or written) (a Media Contribution), comprising Identity Data including any attributes conveyed by the medium (e.g. your voice and/or physical appearance) and any personal data you share as part of the Media Contribution.
How is your personal data collected?
We (and any person acting on our behalf) may collect data about you from different sources, including without limitation:
- From you.
- From third parties. It is possible that we may collect your data from other parties connected with you or your assignment. These might include (for instance) your organisation, your business partners or your family members, or other parties to transactions or disputes in which you or your organisation are or may become involved, or such parties’ advisers.
- From publicly accessible sources. It is possible that we may collect your data from publicly available databases or websites, including without limitation credit reference agencies, Companies House, LinkedIn and other social media platforms.
We (and any person acting on our behalf) may use a range of different collection methods, including without limitation:
- Communication in person.
- Communication by phone, email, fax, SMS or any other electronic communication method.
- Communication by letters, notices, information sheets or any other paper-based communication methods.
- Your use of our website, social media channels, or other technologies.
- You visiting us (for example, if you sign in or are recorded on CCTV while visiting our offices, or you give us the registration details of your vehicle).
- Recordings of a Media Contribution which generate Media Data as referred to above.
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we (and any person acting on our behalf) will use your personal data in the following circumstances:
- Where it is necessary for our legitimate interests in the operation of our business (or the legitimate interests of a third party) and we have made an objective assessment that your interests and fundamental rights do not override those interests (for example to manage our relationship with you or where you ask us to provide more details about our business to you).
- Where we need to do so for the performance of a contract to which you or your organisation are a party (including without limitation our engagement for the provision of legal support) or in order to take necessary steps prior to entering into such a contract.
- Where we need to comply with a legal or regulatory obligation.
- Where you have given us your express consent for use of your data in connection with a particular purpose.
- Where we have received such data from a third party, such as one of our clients or another business, or from publicly accessible sources, and our use of such data is necessary in order for us properly to perform our contracted role.
- In the case of Media Data generated by your conducting or providing a Media Contribution, where we publish this in the media or on the internet (including our website and social media platforms).
Please contact us if you need details about the specific legal ground we are relying on to process your personal data.
Disclosures of your personal data
For the purposes set out above (“How we use your personal data”), we (and any person acting on our behalf) may need to share your personal data with appropriate third parties, including without limitation:
- Our IT support and hosting companies, providing us with IT services.
- Our client relationship software provider.
- Credit reference agencies for the purpose of assessing your credit score where this is in the context of us entering into a contract with you or your organisation.
- Company data providers and similar information providers for the purpose of carrying out our client and assignment acceptance checks (including client due diligence).
- Our third party back office and finance provider, enabling it to carry out its own assessments and checks such as those referred to in the two preceding bullet points.
- Other business partners, suppliers and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or your organisation (including without limitation providers of services such as typing or photocopying).
- Google Analytics or similar, for analysis of website use (see the separate privacy notice for website users in section 3 below).
- Organisations involved in fraud protection, credit risk reduction and preventing cybercrime.
- Our auditors, legal advisers and other professional advisers.
- Expert witnesses.
- Advisers appointed by another party to a transaction or dispute on which we are working with you.
- Third parties to whom we may sell, transfer, or merge parts of our business, or whose businesses we may acquire in whole or in part (or third parties with whom we are considering doing any of the foregoing) and their advisers and funders in each case. If our business is subject to a change of ownership, the new owners may use your personal data in the same way as set out in this privacy notice.
- Relevant public bodies including without limitation courts and regulators.
- Other businesses associated with us (such as Temple Bright LLP).
As far as lies within our power, we require all third parties to respect the security of your personal data and to treat it in accordance with the law.
We may allow Temple Bright LLP to use your personal data for equivalent purposes to those for which we use your personal data (as detailed above), subject to the firm’s own privacy policies which can be found linked from the firm’s website here. Temple Bright LLP may also provide us with certain services from time to time and in so doing, may process your personal data.
Subject to the foregoing points which are specific to Temple Bright LLP, we do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
International transfers
We do not normally copy personal data to anyone outside the European Economic Area, but we may do so when the particular circumstances of your matter so require and we will ensure that we follow appropriate procedures in so doing. To the extent that our third party service providers may have servers or operations based outside the UK or the EEA, we ask that they have appropriate protections in place so that we know all data will be looked after as though it were subject to the UK’s laws on data protection. Should you need further details on which third party processors we use that are based outside the UK, please let us know.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
How long will you use my information for?
We will retain your data until the date which is the later of one year from you or your organisation seeking our services or any other transaction with us, and one year from our concluding the provision of services or any such other transaction. We may also, in any event, retain certain details of our communications with you and your organisation on file (which may include your name, your contact details and our correspondence and any contractual arrangements with you or your organisation). This is for reference should there be a future transaction with you or your organisation or any discussion of a potential transaction, in respect of which it is helpful for us to have such a record available. A longer period of retention may also apply for any of your personal data which is also subject to one of the other two notices below, where a longer period of retention for such data is anticipated under that notice.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data (see below for further information).
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Notwithstanding any other terms of this privacy policy, Media Data generated by any Media Contribution from you cannot reliably be removed from the public domain once it has been published and we will not take any steps to take down any already published Media Data, except from our own website and social media channels if you so request in writing (including email).
Data protection – your obligations
If you send us personal data about anyone other than yourself you will ensure you have any appropriate consents and notices in place to enable you to transfer that personal data to us, and so that we may use it for the purposes for which you provide it to us.
Data protection – your rights
Under certain circumstances, by law you have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact Justyn McIlhinney:
justyn.mcilhinney@sourceprosupport.com.
More information on these rights and when they apply is available here: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
2. Candidates
Who we are
We are Source Professional Support Limited, a limited company registered in England and Wales with registered number 14956194. “Source” and “Source by Temple Bright” are the business names for the business carried on by Source Professional Support Limited. Accordingly, all references on this website to “Source”, “Source by Temple Bright”, “we”, “us” or “our” should be read as referring to Source Professional Support Limited (and not to Temple Bright LLP or any other person).
Purpose of this privacy notice
This privacy notice is addressed to candidates who apply to join the Source Panel. It aims to give you information on how we collect and process your personal data. We are the data controller of your personal data. We are responsible for its security and for ensuring that we use it only for the purposes outlined in this notice. This notice tells you about how we look after your personal data, about your privacy rights and about how the law protects you.
Other privacy notices on our website
There are separate notices relevant to clients and others and users of our website, which are included in section 1 above and section 3 below. The notice for website users is also likely to be relevant to you; if you use our website, that notice should be read alongside this one. If you conduct or provide for us to share in the public domain any interview, profile, case study or media appearance in any medium (e.g. filmed, recorded or written), you should also read the notice for clients and others as this covers Media Data.
Questions and concerns
If you have any questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact Justyn McIlhinney, whom we have appointed as our representative for the purposes of the Data Protection Act 2018 and UK GDPR:
justyn.mcilhinney@sourceprosupport.com
Although you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk), we would, of course, appreciate the chance to deal with your concerns about data protection directly so please contact us in the first instance.
The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data including first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender, your job function, your employer or department.
- Contact Data including postal address, email address and telephone numbers including frequency of contact.
- Correspondence Data includes email and other correspondence (which may include information included in your CV).
- Career History Data includes information about your career history, including current and previous roles, where you choose to provide this to us or where such information is available from publicly accessible sources (see below for examples) on a search of your name.
- Interview Data includes information you share with us in conversations.
How is your personal data collected?
We (and any person acting on our behalf) may collect data about you from different sources, including without limitation:
- From you.
- From third parties. It is possible that we may collect your data from other parties, such as recruitment agencies, your named referees or other persons who are connected with you or who have worked with you, as colleagues or otherwise.
- From our contractors who carry out screening checks on our behalf.
- From publicly accessible sources. It is possible that we may collect your data from publicly available databases or websites, including without limitation Companies House, LinkedIn and other social media platforms, and professional regulation websites such as those of the Solicitors Regulation Authority and the Law Society.
We (and any person acting on our behalf) may use a range of different collection methods, including without limitation:
- Communication in person.
- Communication by phone, email, fax, SMS or any other electronic communication method.
- Communication by letters, notices, information sheets or any other paper-based communication methods.
- Your use of our website, social media channels, or other technologies.
- You visiting us (for example, if you sign in or are recorded on CCTV while visiting our offices, or you give us the registration details of your vehicle).
- You providing information to our contractors who carry out screening checks on our behalf.
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we (and any person acting on our behalf) will use your personal data:
- To assess your skills, qualifications, and suitability for the Source Panel and/or specific placement opportunities.
- To carry out background and reference checks, where relevant.
- To communicate with you about the recruitment process or your employment.
- To keep records related to our recruitment process or your employment.
- To assist the employing entity in preparing for your prospective employment, or in connection with such employment once the relevant placement is under way or after its conclusion.
- Where we need to comply with a legal or regulatory obligation.
- To propose you as a candidate for placement opportunities or to communicate with a client or prospective client about you.
- Where you have given us your express consent for use of your data in connection with a particular purpose.
Our third party screening provider and our third party back office and finance provider will also need to process your personal data to help us with assessments under the first and second points (and potentially also for other purposes from the above list). Background checks may include searches as to criminal offences, proceedings and convictions. Personal data processed by such third parties will form part of their ongoing records, to be processed in accordance with their respective privacy policies. Where false or inaccurate information is provided and potential fraud is identified, we or they may pass details to fraud prevention agencies.
Having received your CV and covering message, we will then process that information, and we may also collect further personal data from the sources and using the methods referred to above (“How is your personal data collected?”), to decide whether you meet the basic requirements to be considered for the Source Panel and/or any relevant role. If you do, we will decide whether your application is strong enough to invite you for an interview. If we decide to call you for an interview, we will use the information we have already collected, together with information which you provide to us at the interview, to decide whether to offer you membership of the Source Panel and potentially an introduction to our client for discussion of a role. If we are considering taking either course, we may then take up references and/or collect further personal data before confirming our decision.
While you are a member of the Source Panel, we may process your personal data to select potential placement opportunities to share with you and to communicate that information. Either you or we may terminate your membership of the Source Panel, and thus our communication of potential placement opportunities, as provided in our contract with you as a Source Panel member.
If you fail to provide personal data
If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require references and you fail to provide us with relevant details, we will not be able to take your application further.
Disclosures of your personal data
For the purposes set out above (“How we use your personal data”), we (and any person acting on our behalf) may need to share your personal data with appropriate third parties, including without limitation:
- Our IT support and hosting companies, providing us with IT services.
- Our third party back office and finance provider and the entity which would be your employer during any placement.
- Our contractors who carry out screening checks on our behalf, and personal referees.
- Other business partners, suppliers and sub-contractors with whom we work.
- Clients and prospective clients with whom you wish to be considered for a placement.
- Google Analytics or similar, for analysis of website use (see the separate privacy notice for website users found in section 3 below).
- Our professional advisers.
- Third parties to whom we may sell, transfer, or merge parts of our business, or whose businesses we may acquire in whole or in part (or third parties with whom we are considering doing any of the foregoing) and their advisers and funders in each case. If our business is subject to a change of ownership, the new owners may use your personal data in the same way as set out in this privacy notice.
- Relevant public bodies including without limitation courts and regulators.
- Other businesses associated with us (such as Temple Bright LLP).
As far as lies within our power, we require all third parties to respect the security of your personal data and to treat it in accordance with the law.
We may allow Temple Bright LLP to use your personal data for equivalent purposes to those for which we use your personal data (as detailed above), subject to the firm’s own privacy policies which can be found linked from the firm’s website here. Temple Bright LLP may also provide us with certain services from time to time and in so doing, may process your personal data.
Subject to the foregoing points which are specific to Temple Bright LLP, we do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
International transfers
To the extent that our third party service providers may have servers or operations based outside the UK or the European Economic Area, we ask that they have appropriate protections in place so that we know all data will be looked after as though it were subject to the UK’s laws on data protection. Should you need further details on which third party processors we use that are based outside the UK, please let us know.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
How long will you use my information for?
Except where you take up membership of the Source Panel (in which case we will retain your personal data throughout your membership and for five years after your final placement generated by Source), we will retain your personal data for a period of six months after the later of: (i) us communicating to you (or a person acting on your behalf) our decision about whether to appoint you to the Source Panel, and (ii) you (or a person acting on your behalf) communicating to us your decision about whether to take up membership of the Source Panel. We retain your personal data for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal data in accordance with applicable laws and regulations; save that a longer period of retention may apply for any of your personal data which is also subject to one of the other two notices in sections 1 and 3 on this page, where a longer period of retention for such data is anticipated under that notice.
If we wish to retain your personal data on file for a longer period, on the basis that a further opportunity may arise in future and we may wish to consider you for that, we will write to you separately, seeking your explicit consent to retain your personal data on that basis. We may also, in any event, retain certain details of your application and our communications with you on file (including your name, contact details and our correspondence with you). This is for reference should there be a future application by you or, in a case where you have taken up any placement through Source, should issues later arise in respect of which it is helpful for us to have such a record available.
Data protection – your obligations
If you send us personal data about anyone other than yourself you will ensure you have any appropriate consents and notices in place to enable you to transfer that personal data to us, and so that we may use it for the purposes for which you provide it to us.
Data protection – your rights
Under certain circumstances, by law you have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact Justyn McIlhinney: justyn.mcilhinney@sourceprosupport.com.
More information on these rights and when they apply is available here: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Right to withdraw consent
When you applied for this role, you provided consent to us processing your personal data for the purposes of the recruitment exercise. You have the right to withdraw your consent for processing for that purpose at any time. To withdraw your consent, please contact Justyn McIlhinney in writing, such as by using the above email address. Once we have received notification that you have withdrawn your consent, we will no longer process your application and, subject to our retention policy, we will dispose of your personal data securely.
3. Users of this website
Who we are
We are Source Professional Support Limited, a limited company registered in England and Wales with registered number 14956194. “Source” and “Source by Temple Bright” are the business names for the business carried on by Source Professional Support Limited. Accordingly, all references on this website to “Source”, “Source by Temple Bright”, “we”, “us” or “our” should be read as referring to Source Professional Support Limited (and not to Temple Bright LLP or any other person).
Purpose of this privacy notice
This privacy notice is addressed to users of our website. It aims to give you information on how we collect and process your personal data through your use of our website. We are the data controller of your personal data. We are responsible for its security and for ensuring that we use it only for the purposes outlined in this notice. This notice tells you about how we look after your personal data, about your privacy rights and about how the law protects you.
Other privacy notices on our website
There are separate notices relevant to candidates to join the Source Panel and clients and others with whom we deal more extensively, which are included in sections 1 and 2 above. Either of these may be relevant to you and if so, the relevant notice should be read alongside this one. If you conduct or provide for us to share in the public domain any interview, profile, case study or media appearance in any medium (e.g. filmed, recorded or written), you should read the notice for clients and others as this covers Media Data.
Questions and concerns
If you have any questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact Justyn McIlhinney, whom we have appointed as our representative for the purposes of the Data Protection Act 2018 and UK GDPR:
justyn.mcilhinney@sourceprosupport.com
Although you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk), we would, of course, appreciate the chance to deal with your concerns about data protection directly so please contact us in the first instance.
The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We (and any person acting on our behalf) may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data including first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender, your job function, your employer or department.
- Contact Data including postal address, email address and telephone numbers including frequency of contact.
- Correspondence Data includes email correspondence and notes of conversations.
- Career History Data includes information about your career history, including current and previous roles, where you choose to provide this to us or where such information is available from publicly accessible sources (see below for examples) on a search of your name.
- Usage Data includes information about how you use our website.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
How is your personal data collected?
We (and any person acting on our behalf) use different methods to collect data from and about you, including through:
- Direct interactions. We collect your data when you choose to give this to us on our website, by email, over the phone, in person at meetings or otherwise.
- Cookies. We may collect Usage Data and Technical Data about your browsing actions and patterns.
- Publicly accessible sources. If you provide us with your name or email address, we may collect Career History Data about you from publicly available databases or websites, including without limitation Companies House, LinkedIn and other social media platforms, and professional regulation websites such as the Solicitors Regulation Authority and the Law Society.
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we (and any person acting on our behalf) will use your personal data in the following circumstances:
- Where it is necessary for our legitimate interests in the operation of our business (or the legitimate interests of a third party) and we have made an objective assessment that your interests and fundamental rights do not override those interests. Examples of our legitimate interests in this context include, without limitation, accessing public domain information about you to inform our view of you as a potential future applicant.
- Where we need to comply with a legal or regulatory obligation.
- Where you have given us your consent, for instance by making an enquiry or agreeing to the use of cookies (see below).
Please contact us if you need details about the specific legal ground we are relying on to process your personal data.
Cookies
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website, and also allows us to improve our site.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use different types of cookies for different reasons. You can choose to accept our use of non-essential cookies (i.e. Google Analytics), or you can choose to disable these if you wish, by adjusting your browser settings or by responding to the cookie banner. We use Google Analytics to allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Please see the table below which explains the cookies used on, or in relation to, our website:
Cookie | Domain | Description | Duration | Type |
PHPSESSID | sourceprosupport.com | This cookie is native to PHP applications. The cookie is used to store and identify a users’ unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. | Session | Necessary |
__cf_bm | .vimeo.com | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. | 30 minutes | Functional |
vuid | .vimeo.com | Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website. | 2 years | Analytics |
player | .vimeo.com | Vimeo uses this cookie to save the user’s preferences when playing embedded videos from Vimeo. | 1 year | Functional |
aka_debug | .akamaized.net | Vimeo sets this cookie which is essential for the website to play video functionality. | Session | Functional |
sync_active | This cookie is set by Vimeo and contains data on the visitor’s video-content preferences, so that the website remembers parameters such as preferred volume or video quality. | Never | Performance | |
_ga | sourceprosupport.com | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. | 2 years | Analytics |
_gid | sourceprosupport.com | This cookie is installed by Google Analytics. The cookie is used to store information on how visitors use a website and helps in creating analytics reports. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form. | 24 hours | Analytics |
_gat_gtag_* | sourceprosupport.com | This cookie is installed by Google Tag Manager which stores the Google Analytics data. | Session Only | Analytics |
_GRECAPTCHA | sourceprosupport.com | Security feature cookie to help prevent spam contact form submissions using the reCaptcha Google service. | Session Only | Functional |
moove_gdpr_popup | sourceprosupport.com | Cookie to confirm that the visitor has approved / declined cookies within their browser using the cookie banner. | 1 year | Functional |
wordpress_test_cookie | sourceprosupport.com | This cookie is installed by WordPress to test whether cookies are enabled within the browser. | Session Only | Functional |
pref | youtube.com | This cookie is installed by Youtube to store information such as a user’s preferred page configuration and playback preferences like autoplay, shuffle content, and player size. | 8 months | Performance |
Yt-Player-Bandwidth | youtube.com | This cookie is installed by Youtube to provide bandwidth estimations. | Session | Functional |
Yt-Player-Headers-Readable | youtube.com | This cookie is installed by Youtube to store configuration settings. | 17 days | Functional |
GPS | youtube.com | This cookie is installed by Youtube to store location data. | Session | Marketing |
VISITOR_INFO1_LIVE | youtube.com | This cookie is installed by Youtube to provide ad delivery or retargeting, store and track a visitor’s identity, Store and track interaction. | 6 months | Marketing |
YSC | youtube.com | This cookie is installed by Youtube to Store and track interaction. | Session | Marketing |
Disclosures of your personal data
For the purposes set out above (“How we use your personal data”), we (and any person acting on our behalf) may need to share your personal data with appropriate third parties, including without limitation:
- Our IT support and hosting companies, providing us with IT services.
- Google Analytics or similar, for analysis of website use.
- Our professional advisers.
- Third parties to whom we may sell, transfer, or merge parts of our business, or whose businesses we may acquire in whole or in part (or third parties with whom we are considering doing any of the foregoing) and their advisers and funders in each case. If our business is subject to a change of ownership, the new owners may use your personal data in the same way as set out in this privacy notice.
- Relevant public bodies including without limitation courts and regulators.
- Other businesses associated with us (such as Temple Bright LLP).
As far as lies within our power, we require all third parties to respect the security of your personal data and to treat it in accordance with the law.
We may allow Temple Bright LLP to use your personal data for equivalent purposes to those for which we use your personal data (as detailed above), subject to the firm’s own privacy policies which can be found linked from the firm’s website here. Temple Bright LLP may also provide us with certain services from time to time and in so doing, may process your personal data.
Subject to the foregoing points which are specific to Temple Bright LLP, we do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
International transfers
To the extent that our third party service providers may have servers or operations based outside the UK or the European Economic Area, we ask that they have appropriate protections in place so that we know all data will be looked after as though it were subject to the UK’s laws on data protection. Should you need further details on which third party processors we use that are based outside the UK, please let us know.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
How long will you use my information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, we hold on to Usage Data and Technical Data for the periods set out in the above table and we hold on to Identity Data, Contact Data, Correspondence Data and Career History Data for two years, save that a longer period of retention may apply for any of your personal data which is also subject to one of the other two notices above, where a longer period of retention for such data is anticipated under that notice.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data (see below for further information).
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Data protection – your obligations
If you send us personal data about anyone other than yourself you will ensure you have any appropriate consents and notices in place to enable you to transfer that personal data to us, and so that we may use it for the purposes for which you provide it to us.
Data protection – your rights
Under certain circumstances, by law you have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact Justyn McIlhinney:
justyn.mcilhinney@sourceprosupport.com.
More information on these rights and when they apply is available here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/