1. Privacy Notice

Tatton Recruitment Group Limited (“we”, “us”, “our”) includes Certain Advantage, Crone Corkill, Simply Education, Healthii People and Creideas.

We are committed to protecting your personal data and being transparent about how we use it. This notice explains what information we collect, how we use it, and your rights.

This notice applies to:

  • candidates, temporary workers, contractors and individuals engaged through our services
  • current and former employees (colleagues) engaged on a contract of employment
  • prospective applicants
  • individuals who represent or work for organisations we engage with, including clients, prospective clients and suppliers

1.1 Who we are

Tatton Recruitment Group Limited is the data controller. This means we decide how and why your personal data is used.

Depending on the circumstances, organisations we share data with may act as independent data controllers or process personal data on our behalf in line with our instructions.

If you have any questions, contact:
gdpr@tattonrecruitmentgroup.com

1.2 Our approach to data protection

We follow UK GDPR principles. Personal data must be:

  • used lawfully, fairly and in a transparent way
  • collected for clear, legitimate purposes
  • limited to what is necessary
  • accurate and kept up to date
  • held only as long as needed
  • kept secure

1.3 Your rights

You have the right to:

  • access your data
  • correct inaccurate data
  • request deletion
  • restrict processing
  • object to processing (including marketing)
  • transfer your data
  • withdraw consent where it applies

You have the right to raise a concern or complaint directly with us if you are unhappy with how we have handled your personal data.

You can do this by contacting us at:
gdpr@tattonrecruitmentgroup.com

We will:

  • acknowledge your complaint within 30 days
  • review and investigate the issue
  • keep you updated on progress where appropriate
  • provide a response once the review is complete

If you are not satisfied with our response, you have the right to escalate your complaint to the Information Commissioner’s Office (ICO)

1.4 How we keep your data safe

We use appropriate technical and organisational measures to protect data and limit access to those who need it.

1.5 How long we keep your data

We only keep your data as long as necessary for legal, operational and regulatory purposes.

Retention varies depending on whether you are a worker, candidate, employee or client.

As a guide, candidate data is typically retained for up to 3 years from last meaningful contact. Worker and employee data is retained for up to 7 years in line with legal, tax and employment record requirements.

We retain client information for as long as necessary to maintain our business relationship and to enable us to contact organisations regarding relevant services in the future. We periodically review our data to ensure it remains accurate, relevant, and necessary.

1.6 Use of automation and AI Tools

We may use technology, including tools that support automation and content generation, to assist with certain business processes such as drafting communications, job descriptions and internal administrative tasks.

These tools are used to support our teams and are not used to make decisions that have a significant effect on individuals without human involvement.

Where such tools process personal data, we ensure appropriate safeguards are in place and that use is limited, proportionate and compliant with data protection law.

We do not make decisions that have a significant impact on you without human involvement.

1.7 Website and cookies

When you use our website, we may collect information through cookies and similar technologies to improve your experience, analyse usage and support our services.

2. Candidates, Temporary Workers and Contractors

This applies if you register with us, apply for roles, or work through us.

2.1 What data we collect

We may collect:

  • contact details and CV information
  • work history, qualifications and references
  • right to work documentation
  • payroll and tax data
  • assignment and placement information
  • interview feedback and client interactions
  • health or diversity data where required

We may use your information to assess suitability for roles, including reviewing skills, experience and preferences. These assessments are always reviewed by our consultants.

We may also generate information about you, such as suitability assessments and internal notes, as part of our recruitment process.

2.2 How we collect your data

We may collect:

  • directly from you
  • from job boards, CV databases and LinkedIn
  • from referees and background check providers
  • from clients during assignment processes

Where we obtain data indirectly, we will notify you within the required timeframe.

2.3 Why we process your data

We use your data to:

  • find you suitable work
  • submit you to clients
  • manage placements and assignments
  • pay you and manage tax
  • check right to work in the UK
  • meet legal and regulatory requirements (including AWR where applicable)
  • support safeguarding and compliance processes in regulated sectors
  • maintain business operations and prevent fraud

2.4 Lawful Basis

We rely on:

  • contract (placing you in roles and paying you)
  • legal obligations (e.g. right to work checks, tax)
  • legitimate interests (recruitment services and client delivery)

Where we rely on legitimate interests, these include providing recruitment services, matching candidates to roles, and maintaining our candidate network.

2.5 Who we share your data with

We may share your data with:

  • clients and hiring managers
  • umbrella companies and payroll providers
  • background checking providers
  • regulators where required
  • technology platforms such as vendor management systems
  • trusted third-party service providers who support compliance, onboarding and administrative activities

This may include the use of recruitment systems, CRM platforms and other technology providers who support our operations.

These providers are required to process personal data only on our instructions and to maintain appropriate security measures.

2.6 Marketing

We may contact you about relevant job opportunities as part of our recruitment services (legitimate interest).

Separate marketing communications will only be sent where required with your consent.

3. Internal Colleagues

This applies if you work for us directly under a contract of employment.

3.1 What data we collect

We may collect:

  • personal details and contact information
  • employment records, contracts and pay
  • disciplinary and performance records
  • training, appraisals and career progression data
  • absence and leave records
  • CCTV and building access data
  • benefits and pension data

3.2 How we collect your data

We may collect:

  • during recruitment
  • through onboarding documentation
  • throughout your employment
  • from third parties such as referees

3.3 Why we process your data

We use your data to:

  • manage your employment
  • pay you and administer benefits
  • manage performance and conduct
  • comply with employment law
  • manage absence and wellbeing
  • support learning and development
  • manage business planning and risk

3.4 Lawful Basis

We rely on:

  • contract (your employment agreement)
  • legal obligations
  • legitimate interests

3.5 Who we share your data with

We may share your data with:

  • internal teams and managers
  • payroll and pension providers
  • benefits providers
  • training providers
  • IT Systems providers
  • regulators or legal advisers where required

4. Special Category data

This includes data such as:

  • health information
  • ethnicity, religion or beliefs
  • sexual orientation
  • criminal records (where required)

We only process this type of data where it is lawful to do so, including where:

  • it is necessary to meet our legal obligations
  • it is required for recruitment, employment or safeguarding purposes
  • you have given explicit consent where required
  • it is necessary for reasons of substantial public interest

In sectors such as education and healthcare, we may process this information to meet safeguarding, regulatory and compliance requirements.

5. International Transfers

Where personal data is accessed from outside the UK, including by team members or service providers located in countries such as South Africa, individuals access our systems remotely rather than holding personal data locally.

All such access is controlled, monitored and secured through our IT environment. Devices, systems and security arrangements are managed and maintained by us to ensure appropriate protection of personal data at all times.

We use international processing locations to support our business operations and deliver our services efficiently.

Where international access to personal data takes place, we implement appropriate safeguards in line with UK data protection law. This includes the use of approved contractual protections, such as Standard Contractual Clauses (SCCs), together with access controls and security measures designed to protect personal data.

You can request further information about these safeguards by contacting us using the details set out in this notice.

6. If you do not provide data

If you do not provide required information, we may not be able to:

  • place you in work
  • employ you
  • meet our legal obligations

7. Website, Client Contacts and Sector-Specific Processing

7.1 Website Interactions

When you interact with our websites (including submitting forms, registering for updates, downloading content or contacting us), we may collect personal data such as your name, contact details, organisation and details of your enquiry.

We use this information to respond to your requests, provide information about our services, manage our relationship with you and improve our website and services.

We may also use cookies and similar technologies to understand how our websites are used and to support functionality and performance

7.2 Client and business contacts

This section applies to individuals who work for, or represent, organisations that we work with or may work with (including clients, prospective clients and suppliers).

We may collect and use business contact information such as your name, job title, company details, work contact information and records of our interactions.

We use this information to:

  • provide and manage recruitment and staffing services
  • manage commercial relationships and contracts
  • respond to enquiries and maintain communication
  • meet legal, regulatory and financial obligations
  • develop and improve our services

We rely on a combination of contract, legal obligations and legitimate interests to process this data. Where we rely on legitimate interests, this includes managing business relationships and delivering our services.

We retain this information in line with our legal and contractual obligations, which may include retaining certain records after the end of a client relationship.

7.3 Sector specific processing

In some sectors, we are required to carry out additional checks or process additional types of personal data in order to meet legal, regulatory and safeguarding requirements.

  • Education and childcare: this may include safeguarding checks such as DBS, barred list checks, regulatory body checks and employment history verification in line with applicable guidance.
  • Healthcare and regulated environments: this may include professional registration checks, compliance with regulatory standards and verification of qualifications and fitness to work.
  • General regulated sectors: we may process additional data where required to meet industry-specific compliance, audit or risk management requirements.

These processes are carried out only where necessary and in accordance with data protection law, and are limited to the information required for those purposes.

8. Changes to this notice

We may update this notice from time to time.

CV Drop

Enter your details and drop your CV in the form below. A consultant will be in touch when they have a relevant opportunity.

Upload CV*