It’s Your Life, Make it Work: iContract

PRIVACY POLICY

iContract.co.uk. is a website and/or mobile device application operated by iContract Ventures Ltd (“we/us/our/iContract”) registered in the UK (with company number 10096501) and we are committed to protecting and respecting your privacy.

This policy has been updated to reflect EU Regulation 2016/679 General Data Protection Regulation (GDPR) principles and applicable law effective from 25 May 2018 onwards and explains our data processing practices and your options regarding the ways in which your personal data is used. It forms part of our contract with you and should be read together with our Website Terms of Use, General Terms and Conditions and any other documents referred to in this policy. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

By registering, placing an order, downloading information or entering our site (as defined below) and provide us with personal data you consent to the collection, use and transfer of your information under the terms of this policy. In particular, if you register as a recruiter, we will process data on the basis that it is necessary to do so in order to perform the contract you into with us; and if you register as a contractor, even if the use of the site is free, we will process your personal data on the basis as set out below as it is in our legitimate interests to do so following your registration.

Information we collect from you

We may collect and process the following data about you in order to provide you with the services through the website or mobile device application:

Information that you provide by registering (in particular, but not limited to, your name, email address, telephone number, and if you are a contractor, details of the kind of work you are looking for and preferred work location, preferred salary and your personal services company details). The details requested during registration may vary from time to time.
If you upload a CV or similar information we may keep that information for as long as you want to keep your registered account with us.
Information you provide by ordering products, using our services or otherwise filling in any forms on our website (our site). This includes information provided at the time of registering to use our site, purchasing products from our site, subscribing to our services including receiving promotional material and news and information posted on our site, posting material or requesting further services. We may also ask you for information in connection with or participation in any promotions or competitions sponsored, promoted or offered by us and/or any third party and information you provide when giving us feedback or completing profile forms and when you report a problem with our site or information we learn from your use of our service and your visits to our site.
If you contact us, we may keep a record of that correspondence.
Details of transactions you carry out through our site and of the fulfilment of your orders, including, but not limited to your name, address, email address, telephone number and credit card number.
Details of your visits to our site including, but not limited to, traffic data, location data, purchase information, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.

Where we store your personal data

Your personal data is stored on servers which are in the European Economic Area. If we store or host your personal data with any third party service provider in the course of providing you with our services, those third parties are required to process your data in accordance with contracts which comply with applicable data protection legislation.

Uses made of the personal data

As a registered contractor user, it is understood that you are either actively seeking contact from potential recruiters or hirers about roles which match your profile, and as a registered recruiter user, it is understood that you are actively seeking contact from potential candidates that may match the roles that you post or your profile. We therefore make your personal data available to each other via the website. You can manage certain preferences via your profile and/or privacy settings.

We use information held about you in the following ways:

To ensure that content from our site is presented in the most effective manner for you and for your computer.
To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
To carry out our obligations arising from any contracts entered into between you and us.
To allow you to participate in interactive features of our service, when you choose to do so.
To contact you for your views on our services or products and to notify you about changes or developments to our service or products.

We will only send you marketing information if you have specifically opted in to receiving marketing material or we have a legitimate interest in doing so. You may control and change your preferences on your profile.

Sharing or Transfer of your information

We do not share personal data with third parties. Where it is necessary to do so to provide you with our services, we may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.

We may also pass your information on to any successor or potential successor in title to our business. and suppliers that process data on our behalf both in the United Kingdom and abroad.

We may also use and disclose information in aggregate (so that no individual customers are identifiable from the personal data) for marketing and strategic purposes.

Third-party Websites or Links

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Your rights to access, correct or delete information

Should you wish to delete your account and all personal data you may do so at any time (unless we are in the process of responding to any complaint that you may have made) by contacting us at info@icontract.co.uk

Amendments to your account can be made online by signing in to your account and editing your profile or other data.

Should you wish to receive a copy of the personal data we hold about you, you may do so at any time by contacting us at info@icontract.co.uk

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page. This policy was last updated on 15 May 2018.

DATA SECURITY POLICY

iContract is committed to providing a safe and secure online environment. You can learn more about some of the most common internet security threats, what you can do to protect yourself, and what we do to ensure your details remain secure.

What you can do to protect yourself:
1. Be aware of common security threats such as:
  - Money laundering (usually involving unusual requests to transfer or receive money)
  - Phishing (emails requesting unusual or sensitive data from you)
  - Spoofing (a fake website looking like a legitimate one)
  - Identity theft (use of your personal data, usually following a security breach, for fraudulent purposes
  If you're suspicious of any email you receive from, or apparently from, iContract, please contact us immediately at info@icontract.co.uk including the subject line of the email you received, and the email address it was sent from.
2. ensure that your password is always kept secure and changed regularly. Where we have given you (or where you have chosen) a username, login or password, which enables you to access certain parts of our site, you are responsible for keeping this information confidential. You must not share a username, login or password with anyone
3. but never include the following in your online or uploaded CV/resume:
  - National Insurance number
  - Driving license number
  - Bank details
  - Credit card details
  - Passwords
  - Sensitive personal data about ethnicity, religion, disability, sexual orientation etc.
What we're doing to protect you
We've partnered with leading tech providers to ensure you receive the most secure levels of service possible whilst using the site.
1. Encryption
  To protect your personal information, we use industry standard protection mechanisms, such as TLS (Transport Layer Security, also known as SSL) encryption to ensure your data is safe when in transit between your browser and our servers. We also use salted, one-way encryption on any passwords that you use to ensure that, in the unlikely event of a data breach, you're password will not be visible in a usable form.
2. Virus protection
  We have software that automatically scans, detects, and quarantines new viruses, ensuring that all documents uploaded to or downloaded from our site, including your CV, are safe and virus-free.
3. Data
  Our servers are securely hosted and managed by industry leader Amazon Web Services (AWS). The servers are physically hosted in Ireland and AWS provides consistent and standardised auditing, vulnerability and integrity assessments across all of their locations. As of March 2018, AWS have completed a major GDPR service readiness audit across all of their services and also offer public information on their achievements.
  
  We will do our utmost to ensure that we provide the means to receive and transmit your data to and from our systems as securely as possible. Unfortunately, the transmission of information via the internet may never be completely secure. Once we have received your information, our strict security procedures as detailed in this policy aim to prevent unauthorised access, but we cannot guarantee the security of your data transmitted to our site and any transmission is at your own risk.

COOKIE POLICY

Cookies are small text files placed on your computer via our servers, which serve a useful purpose to enhance the ease and convenience of using our site, as well as providing information to help us to continually approve our services and offering. They are generally not harmful to your computer and don’t store personally identifiable information. We use our own and third party cookies as detailed in the table below, as may be amended from time to time.

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual. Although we don’t currently have any advertisers on our site, we may share any of this with advertisers in future.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalised service and can be used to integrate with social networks, such as LinkedIn. They enable us:

To estimate our user base size and usage patterns.
To store information about your preferences and purchases, which allows us to customise our site to you.
To speed up your searches.
To recognise you when you return to our website.

You may refuse to accept cookies by activating the setting on your browser, which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site or affect the intended functionality. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

Below is a list of the main cookies and what each is used for:

Cookie name	Company	Details
__cfduid	CloudFlare	The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. For example, if the visitor is in a coffee shop where there are a bunch of infected machines, but the specific visitor's machine is trusted (e.g. because they've completed a challenge within your Challenge Passage period), the cookie allows us to identify that client and not challenge them again. It does not correspond to any user ID in your web application, and does not store any personally identifiable information.
_ga & _gid	Google	We use Google's Analytics service to discover which parts of our website are most interesting to our users so we can focus on where we need to make improvements that will have the greatest impact. This is similar to how we use MixPanel (see below). In order for Google to determine whether a user action is unique or not, they use a number of different cookies, including the "_ga" cookie and the "_gid" cookie, for storing a unique user identity number. This number does not contain your personal information. If we are running a Google Analytics campaign, you may also see Google Analytics creating a "_gac_<property-id>" cookie for tracking each campaign.
mp_<....>_mixpanel	MixPanel	We use MixPanel's service to discover which parts of our website are most interesting to our users so we can focus on where we need make improvements that will have the greatest impact for our users. This is similar to how we use Google Analytics. In order for MixPanel to discover whether a user action is unique or not, the use one or more cookies of the form "mp_<property-id>_mixpanel". These cookies can contain different data inside that includes a distinct ID to distinguish users from one another, an initial referrer URL that was the link to our website, and an initial referring domain that is the domain part only of the URL that linked to our website. Both of these values could be simply "direct" if a user has come directly to our website rather than following a link.
token	iContract	token - iContract - We use our own, special user identification ID that we store in a cookie called "token". This cookie is used to identify you to our service so that you do not have to sign-in each time you visit our website or so you can move seamlessly between different services that we offer without having to sign-in to each service. Our token does not containing any personal information itself, but can be used by our internal systems to identify who each user is.
resource_unlocked	iContract	resource_unlocked - iContract - We use this to identify access granted to our free contractor resources and guides. The cookie does not contain any personal information and will only store true or false.
(social signing cookies)	Facebook Google LinkedIn	We allow users to access our service using "social signin"; that is, the ability to identify yourself using either your Facebook, Google or LinkedIn account. If you use one of these services, then Facebook, Google or LinkedIn may place a cookie in your browser that identifies you to their services. We are not in control of these actions or cookies and you are encouraged to check with Facebook, Google or LinkedIn to ensure that you are happy with their cookie policies.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to info@icontract.co.uk.

Jurisdiction and applicable law

This Privacy Policy and our site are governed by and construed in accordance with the laws of England and Wales and any disputes will be decided only by the English courts.

PRIVACY, DATA SECURITY & COOKIE POLICIES