Blackwater Search & Advisory

Privacy Statement

Blackwater is committed to respecting and protecting your privacy

We have prepared this privacy statement to disclose and describe our information gathering and dissemination practices for this website.

Notice and Disclosure 

In general, you may visit this website without identifying yourself or revealing any personal information. Blackwater collects domain information from your visit to customise and improve your experience on our website.

Registering personal information 

Some areas of this website may require you to give us personally identifiable information, which is information that enables us to identify you, such as your name, email or other address. By submitting your information to Blackwater by email, use of the Blackwater web site or otherwise, you consent to the use of that information as set out in this policy. Blackwater may from time to time modify the terms of this policy and any changes will be posted on this page.

Should you provide Blackwater with your contact information (such as name, company, address, and email address) this information will only be used to contact you for the purpose for which you have expressed an interest such as, for example, the services, career opportunities, surveys, seminars or webinars of Blackwater.

Data Security 

Whilst Blackwater takes all reasonable precautions to protect personally identifiable information from loss, misuse, alteration or destruction and complies with applicable data protection legislation (including but not limited to the Data Protection Act 2018), data transmission over the internet may not be adequately secured by the sender. As a result, Blackwater cannot ensure the secure receipt of any information that is sent to Blackwater by this medium and any such information is sent at your own risk.

Business Relationships 

This website may contain links to other websites. Blackwater is not responsible for the privacy practices or the content of such websites.

Cookies 

The Blackwater website only uses cookies as an aid to the user experience to enable a user’s browser to remember user location and pages on the web site that have already been accessed.

Contacting Us 

If you have any questions or comments about our privacy statement or practices, please contact us via email at enquiries@blackwatersearch.com with the words ‘privacy policy’ in the subject line.

Blackwater reserves the right to modify or update this privacy statement at any time without notice.

Blackwater Privacy Statement

Personal Data – Privacy Statement

This Privacy Statement lays out how Blackwater treats client personal data (where ‘client’ refers to all of the following; client organisation, TPA or Vendor, or third party such as industry bodies), and what rights Blackwater’s clients have in relation to this information.

In respect of the processing of your personal data in line with this Privacy Statement, Blackwater act as a controller for the personal data they process and comply with the associated requirements as laid out under the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA) and other data protection laws and regulations that apply to them. The controlling entity will be Blackwater. 

1.1. Categories of personal data

When we refer to “personal data” we mean any data relating to an identified or identifiable individual. This could include information that could identify an individual, directly or indirectly, in particular, by reference to an identifier such as a name, ID number, location data or online identifier. It also includes factors specific to an individual’s characteristics.

Blackwater collects limited personal data on its clients; and this primarily encompasses the following types of information:

• contact and organisation related material such as an individual’s work email and business role;

• business communications, such as email exchanges or online / in-person meetings.

1.2. Sources of personal data

We collect your personal data during the course of your dealings with us. For example, when you engage with us in respect of a project we are undertaking for your organisation. Otherwise, we gather information about you when you provide it to us, for example when you correspond with your contacts within Blackwater.

We may also receive information about you from other sources, such as directly from your organisation or via online resources including LinkedIn and other publicly available sources. We combine information about you from various sources, including the information that you have provided to us directly.

1.3. Purposes of processing

Blackwater collects client personal data for the following purposes:

• to manage past, current and future business engagements;

• to send information such as engagement related proposals and materials, industry relevant information (such as newsletters, insights, video interviews), event invitations;

• direct marketing communications; and.

• to comply with our legal and regulatory obligations.

1.4. Lawful basis for processing

Blackwater collects, uses, processes and discloses personal data in accordance with applicable data protection and privacy laws. We process personal data on the following bases:

• for legitimate business purposes, including ensuring that Blackwater (i) is able to maintain its relationships with existing clients, (ii) is able to manage past, current and future client engagements and (iii) to promote its services and products;

• for the performance of a contract that we have entered into with our client;

• consent, where required by law (including marketing to individuals in a personal capacity by email or SMS).

1.5. Data recipients

Your personal data may be shared with Blackwater’s affiliates throughout the world, and with certain third parties such as:

• service providers that provide services on our behalf, including IT service providers;

• legal and other professional advisors and auditors; and

• regulators and law enforcement agencies.

Where third parties are given access to your personal data, Blackwater will take the required contractual, technical and organisational measures to ensure that your personal data is only processed to the extent necessary.

1.6. Third country transfers

Blackwater may transfer personal data outside of the UK and the EEA, where data protection laws may not offer the same level of protection available in your home country. Personal data may be transferred to third countries outside of the EEA. Where we use third parties to provide data hosting solutions, these transfers comply with relevant equivalent programmes, such as the EU-US Privacy Shield (frameworks developed to enable organisations to comply with data protection requirements when transferring personal data from the European Union to third countries). When we transfer your personal data to any Blackwater affiliates based outside the EEA or any country considered “adequate” by the European Commission to a country that is outside the EEA or an “adequate country”, we rely on an intra-group transfer agreement that incorporates EU Standard Contractual Clauses designed to protect your personal data. You may obtain information and a copy of the relevant mechanism relied on for the transfer of your personal data by contacting us via the details set out in the “Contact us” section. You may also find a copy of the EU Standard Contractual Clauses and related information at the Europa website (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en)

1.7. Retention period

Blackwater will only hold your personal data for as long as required to undertake the purposes of our processing, plus a prescribed period of time as required by national laws in your jurisdiction.

We hold personal data about our clients for the following periods:

• Data relating to prospective clients will be retained for up to five years, after which the record will be deleted if there is no recorded contact between Blackwater and the prospective client or the prospective client has asked to be deleted within this period;

• Data relating to clients will be retained for the duration of the client relationship plus a further period to comply with certain obligations, legal requirements and best practices.

We will also retain your personal data for as long as necessary in connection with legal action or any investigations involving Blackwater.

1.8. Individual data rights

Individuals may have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, if your personal data is processed by Blackwater in respect of our client relationship activities, you may have the following rights:

• to receive confirmation from Blackwater as to whether we process your personal data, and where we do, access to that personal data and certain other information;

• to request the rectification of any inaccurate personal data that we hold about you;

• to request the erasure of your personal data in certain circumstances;

• to request the restriction of our processing of your personal data in certain other circumstances, for example in certain scenarios where we are unable to comply with a request to erase your personal data;

• to receive a copy of the personal data that you have provided to Blackwater in a structured, machine-readable and commonly-used format and/or, where possible, to request we transmit that personal data to another organisation;

• to object to certain processing of your personal data and to automated decision making and where our processing is based on your consent, you have the right to withdraw consent at any time by contacting us.

Where you are given the option to share your personal data with us, you can always choose not to do so. If you object to the processing of your personal data, we will respect that choice in accordance with its legal obligations. This could mean that we are unable to perform the actions necessary to achieve the purposes of processing described in the Purposes of Processing section above.

1.9. Right to lodge a complaint with a supervisory authority

Under the GDPR and the DPA, individuals have the right to lodge a complaint with their local data protection authority (in the EEA) or the Information Commissioner’s Office (in the UK). Information about reporting a complaint to the ICO can be found at https://ico.org.uk/concerns/.

A list of EEA data protection authorities by jurisdiction is available at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

1.10. Contact us

Please feel free to contact Blackwater if you have any questions about this Privacy Statement or any of Blackwater’s practices in relation to your personal data. Clients should direct requests to their primary contact at Blackwater in the first instance, whether this is to seek further information or to exercise any of your statutory rights.

You can contact us by emailing enquiries@blackwatersearch.com

Blackwater Recruitment Privacy Statement

Personal Data – Privacy Statement

Blackwater is committed to the fair treatment of individuals’ personal data and complies with all applicable data protection laws and regulations including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA). Blackwater is also committed to ensuring the security of individuals’ data and has taken appropriate technical and organisational measures to this end. This document provides the required information on the treatment of any personal data that you submit to Blackwater or that Blackwater may request from you.

In respect of the processing of your personal data in line with this Privacy Statement, Blackwater Search & Advisory entiy act as a controller for the personal data they process and comply with the associated requirements as laid out under the GDPR, DPA and other data protection laws and regulations that apply to them. The controlling entity will be Blackwater.

1.1. The personal data we process about you

When we refer to “personal data”, we mean any information that allows an individual to be identified, either directly or indirectly, in particular by reference to an identifier such as a name or identification number or other characteristic that may reveal identity. Any references to “sensitive personal data” relate to personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and genetic data, biometric data for the purpose of uniquely identifying an individual, data concerning health or an individual’s sex life or sexual orientation.

In respect of our job candidates’ personal data, we typically process personal data including:

• Contact details such as your name, address, email address and telephone numbers;

• Personal details including your date of birth, marital status, as well as your national insurance number or driving licence number, passport number, and photo;

• Recruitment information such as copies of documents proving your right to work, background checks, references, CV information, cover letter or correspondence with us as part of the application and recruitment process (such as information about your qualifications, experience, knowledge, skills and abailities);

• Financial information such as your current salary, and your bank account details for the purposes of reimbursing expenses;

• Other people’s opinions about you, including references;

• Travel information such as your name, address, car registration number, personal details required for any public transport tickets;

• Sensitive personal data (as required and permitted under applicable law), including:

(i) Health records, including information relating to health and medical conditions as necessary to establish your fitness for work and to ensure compliance with our health and safety obligations;

(ii) Diversity-related data, including information about your racial or ethnic origin, sexual orientation and marital status, for compliance with legal obligations and internal policies relating to diversity in the workforce;

(iii) Background checks, including criminal record checks and government screening

1.2. Sources of processing

We collect your personal data during the recruitment process for which you have put yourself forward. For example, your CV and cover letter, your communications with Blackwater HR staff and, as appropriate, your performance in assessments.

We may also receive information about you from other sources, such as background checking and online resources including LinkedIn and other publicly available sources. We combine information about you from various sources, including the information that you have provided to us directly.

1.3. Purpose of processing

Candidate personal data is collected for the following purposes:

• Assessing your suitability for employment;

• Checking you are legally entitled to work in the jurisdiction in which the role you have applied for is based;

• Ascertaining your fitness for work;

• Monitoring and reporting on equal employment opportunities;

• Establishing, exercising or defending legal rights and disputes;

• Ensuring compliance with our internal policies and procedures.

1.4. Lawful basis for processing
Blackwater collects, uses, processes and discloses personal data in accordance with applicable data protection and privacy laws. We process personal data on the following bases:

• For our legitimate business purposes of our employee recruitment activities; and

• To comply with certain legal and regulatory obligations of Blackwater.

1.5. Data recipients

Your personal data may be shared with Blackwater’s affiliates throughout the world, and with certain third parties such as:

• Service providers that provide services on our behalf, including IT service providers;

• Legal and other professional advisors and auditors; and

• Regulators and law enforcement agencies.

Where third parties are given access to your personal data, Blackwater will take the required contractual, technical and organisational measures to ensure that your personal data is only processed to the extent necessary. Third parties will only process your personal data in accordance with applicable law.

1.6. Third country transfers

Blackwater may transfer personal data outside of the UK and the EEA, where data protection laws may not offer the same level of protection available in your home country. Personal data may be transferred to third parties outside of the UK and the EEA. Where we use third party data hosting solutions comply with relevant equivalence programs such as the EU-US Privacy Shield (frameworks developed to enable organisations to comply with data protection requirements when transferring personal data from the European Union to third countries). When we transfer your personal data to any Blackwater affiliates based outside the EEA or any country considered “adequate” by the European Commission to a country that is outside the EEA or an “adequate country, we rely on an intra-group transfer agreement that incorporates EU Standard Contractual Clauses designed to protect your personal data. You may obtain information and a copy of the relevant mechanism relied on for the transfer of your personal data by contacting us via the details set out in the “Contact us” section. You may also find a copy of the EU Standard Contractual Clauses and related information at the Europa website (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en).

1.7. Retention period

Your personal data will be retained by Blackwater for 3 years from the close of the recruitment process so that we may contact you in the future if there are further opportunities, unless you have informed us that you are no longer interested in a role with Blackwater. Blackwater may also delete certain records from your recruitment process within this timeframe if we deem that they are no longer required. Records will always be retained in line with relevant statutory retention periods.

1.8. Individual data rights

Under the GDPR and the DPA, individuals may have a number of explicit rights in respect of their personal data, which are enforced by Blackwater. These rights include:

• to receive information from Blackwater as to whether we process your personal data and, where we do, access to that personal data and certain other information;

• to request the rectification of any inaccurate personal data that we hold about you;

• to request the erasure of your personal data in certain circumstances;

• to request the restriction of our processing of your personal data in certain other circumstances, for example in certain scenarios where we are unable to comply with a request to erase your personal data;

• to receive a copy of the personal data that you have provided to Blackwater in a structured, machine-readable and commonly-used format and/or, where possible, to request we transmit that data to another organisation; and

• to object to the processing of your personal data in certain circumstances, and to object to automated decision making.

1.9. Right to lodge a complaint with a supervisory authority

Under the GDPR and the DPA, individuals have the right to lodge a complaint with their local data protection authority (in the EEA) or the Information Commissioner’s Office (in the UK). Information about making a complaint is available on the ICO’s website, (https://ico.org.uk/concerns/).

You may wish to raise a complaint with your local supervisory authority if you are not based in the UK or if the alleged infringement took place in another Member State. A list of EU data protection authorities by jurisdiction can be found at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

1.10.  Contact us

If you have any questions or comments about our privacy statement or practices, please contact us via email at enquires@blackwatersearch.com

Alternatively, if you have any questions about anything contained within this privacy statement please don’t hesitate to reach out to your contact point at Blackwater.

Personal Data – Privacy Statement

Blackwater is committed to the fair treatment of individuals’ personal data and complies with data protection regulation such as the General Data Protection Regulation (GDPR), the UK Data Protection Act 2018 (DPA) and other data protection laws and regulations. Blackwater is also committed to ensuring the security of individuals’ data and has taken appropriate technical and organisational measures to this end.

This Privacy Statement explains how we collect, use and disclose your personal data. You are advised to review this Privacy Statement periodically as it may change from time to time. You will also receive training on data protection. In respect of the processing of your personal data under this Privacy Statement, Blackwater entity act as a controller for the personal data they process and comply with the associated requirements as laid out under the GDPR, the DPA and other data protection laws and regulations that apply to them. The controlling entity will be Blackwater Search & Advisory.

1.1. The personal data we process

When we refer to “personal data” we mean any data relating to an identified or identifiable individual. This could include information that could identify an individual, directly or indirectly, in particular by reference to an identifier such as a name, ID number, location data or online identifier. It also includes factors specific to an individual’s characteristics. Where we refer to this data as “sensitive”, we talk about personal data that reveals an individual’s racial or ethnic background, political opinions, religious or philosophical beliefs, trade union membership, the processing of genetic data, biometric data when used for ID purposes, data concerning health, sex life or sexual orientation, and information relating to criminal convictions and offences.

In respect of our contractors, we typically process personal data including:

• your personal contact information, including name, title, addresses, telephone numbers, and personal email addresses;

• your personal details, including name, title, surname, birth date, government issued national identification or passport number, gender, civil status, beneficiaries and dependents, emergency contact information and photograph;

• engagement information, including copies of your right to work documentation, background checks, references and other information included in your CV, cover letter or correspondence with us as part of the engagement process (such as information about your qualifications, experience, knowledge, skills and abilities);

• disciplinary and grievance records including details contained in or relating to any disciplinary or grievance investigations or proceedings;

• information about your engagement terms;

• bank account details, payroll records and tax status information;

• records containing information about incidents that involve or relate to you;

• information about your usage on our information and communications systems or other electronic systems;

• references or feedback on your performance by colleagues or customers;

• information about business travel and expenses, including name, address, vehicle registration number (if applicable for company or private car), personal details required for any travel, hotel, insurance, personal or corporate banking details or personal and corporate credit card details;

• position/role details, work contact details, work history, engagement and termination reasons, and date and length of service;

• absence and leave records, as they may be agreed to apply to you;

• Office data, including entry and exit data, work telephone number or work email address.

1.2. Sources of personal data

We collect your personal data during the course of your engagement with us. For example, material submitted during the onboarding process, or records generated when you engage with our internal departments. We gather information about you when you provide it to us, for example your CV and details to arrange payment for your services.

We may also receive information about you from other sources, such as online resources including LinkedIn and other publicly available sources. We combine information about you from various sources, including the information that you have provided to us directly.

1.3. Purpose of processing

Contractor information is collected for the following purposes:

• Background checks and onboarding: such as assessing your suitability for the engagement, checking you are legally entitled to work in the jurisdiction in which your engagement is based, confirming your fitness for work, establishing a contractual relationship and determining the terms of your engagement.

• Personnel administration, such as invoice administration, general administration of your service contract, facilitating communications, to deploy potential contractors on client projects, supporting any business or administrative function required (e.g. business visas), making business travel arrangements, and administering and managing our business operations;

• Compliance with legal and regulatory, including complying with health and safety obligations, complying with applicable laws and regulations;

• General business purposes, including ensuring business continuity, strategic planning and project management, budgeting and financial management and reporting;

• Post-engagement relations, including to contact contractors about future opportunities;

• Managing Blackwater’s network and IT systems, such as operating and managing the information and communications systems to allow you to use them, to confirm you are using appropriately our information and communications systems and other electronic systems such as the internet, and ensuring network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution; and

• to establish, exercise, or defend legal rights and disputes.

Blackwater also may require you to submit and periodically update a CV so that we can provide clients with information relevant to our project engagements. This experience, as well as your LinkedIn profile, may also be used by ‘Stitched’, a third party provider we are engaging to create experience profiles. While you work as a contractor for Blackwater, you may be asked to participate.

Some of the purposes will overlap and there may be several grounds that justify our use of your personal data.

We collect, use, process and disclose personal data in accordance with applicable data protection and privacy laws. We do not collect, use, process, or disclose personal data for any purpose or in any way other than as described in this document (or, to the extent permitted under applicable data protection and privacy laws, any purpose directly related to, or compatible with, such purpose), unless we are required or permitted by applicable data protection and privacy laws to do so, you are so informed at the time of collection, or we have obtained your consent, directly or indirectly, to use or disclose your personal data for another purpose or in another manner.

1.4. Lawful basis for processing

Blackwater collects, uses, processes and discloses personal data in accordance with applicable data protection and privacy laws and regulations. We process personal data on the following bases:

• for the legitimate interests of Blackwater, including administration, conducting onboarding checks, and to enable the functioning of our;

• for the performance of our contract with you; and

• to comply with certain legal and regulatory obligations of Blackwater.

Please note that any failure on the part of any contractor to provide information that Blackwater requires in order to meet its contractual obligations may result in Blackwater being unable to comply with those requirements. This may result in a delay in your start date working for us, delay in the payment of any funds owed to you, or may ultimately prevent us from engaging your services.

1.5. Data recipients

Your personal data will be shared with other entities within Blackwater, your Engagement Lead and appropriate levels of your management chain, and personnel and other departments throughout Blackwater.

In addition, your personal data will be shared with third parties, including companies that provide products and services to us (such as computer backup services, archival storage services, advisory services, payroll services, pension and benefits administration, human resource management services, termination services, IT systems suppliers and support and/or other third party services related to services rendered by us) and with Blackwater’s clients.

From time to time, we may also need to make your personal data available to other third parties, such as legal and regulatory authorities, accountants, auditors, lawyers and other outside professional advisors.

All our third-party service providers and entities in our group are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes.

1.6. Third country transfers

Blackwater may transfer personal data outside of the EEA and the UK, where data protection laws may not offer the same level of protection available in your home country. Personal data may be transferred to third countries outside of the EEA and the UK due to the data hosting locations of Blackwater’s IT infrastructure. These data hosting solutions comply with relevant equivalence programs such as the EU-US Privacy Shield (frameworks developed to enable organisations to comply with data protection requirements when transferring personal data from the EEA to third countries). When we transfer your personal data to any Blackwater affiliates based outside the EEA or any country considered “adequate” by the European Commission to a country that is outside the EEA or an “adequate country”, we rely on an intra-group transfer agreement that incorporates EU Standard Contractual Clauses designed to protect your personal data. You may obtain information and a copy of the relevant mechanism relied on for the transfer of your personal data by contacting us via the details set out in the “Contact Us” section. You may also find a copy of the EU Standard Contractual Clauses and related information at the Europa website (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en).

1.7. Retention period

Blackwater will only hold your personal data for as long as required to undertake the purposes of our processing, plus a prescribed period of time as required or permitted by national laws in your jurisdiction.

We hold personal data about contractors for the following periods:

  • contractor contact and CV data will be held by Blackwater for up to three years, at which point we contact individuals to ask whether they would still be interested in offering contractor services to Blackwater and update our records accordingly.

  • Finance and certain other records will be retained for as long as necessary for Blackwater’s accounting purposes and to ensure that contractors are correctly remunerated for their time and expenses, [plus a period of 7 years in case any legal action arises relevant to this information].

We will also retain your personal data for as long as it is required in connection with legal action or any investigations involving Blackwater.

1.8. Individual data rights

Under the GDPR and the DPA individuals may have certain rights that are enforced by Blackwater. These rights are detailed below:

• To receive confirmation from Blackwater as to whether we process your personal data, and where we do, access to that personal data and certain other information;

• To request the rectification of any inaccurate personal data that we hold about you;

• To request the erasure of your personal data in certain circumstances;

• To request the restriction of our processing of your personal data in certain other circumstances, for example in certain scenarios where we are unable to comply with a request to erase your personal data;

• To receive a copy of the personal data that you have provided to Blackwater in a structured, machine-readable and commonly-used format and/or, where possible, to request we transmit that personal data to another organisation;

• To object to the processing of your personal data in certain circumstances, and to object to automated decision making.

1.9. Right to lodge a complaint with a supervisory authority

Under the GDPR and the DPA, individuals have the right to lodge a complaint with their local data protection authority (in the EEA) or the Information Commissioner’s Office (in the UK). Information on raising a complaint is available on the ICO’s website (https://ico.org.uk/concerns/). Where you wish to make a complaint to an alternative supervisory authority, a list of EU data protection authorities by jurisdiction is available at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

1.11.   Contact Us

If you have any questions or comments about our privacy statement or practices, please contact us via email at enquiries@blackwatersearch.com