Privacy Policy

Last updated: [06/01/2026]

1. Introduction

Britwington Consultancy UK Ltd (“we”, “us”, “our”) is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect personal data in accordance with:

  • the UK General Data Protection Regulation (UK GDPR)

  • the Data Protection Act 2018 (UK)

  • the EU General Data Protection Regulation (EU GDPR), where applicable, including for individuals in Ireland and the European Economic Area (EEA)

This policy applies to candidates, clients, website visitors, and any individuals whose personal data we process as part of our recruitment, staffing, and support services.

2. Data Controller

The data controller responsible for your personal data is:

Britwington Consultancy UK Ltd
Registered in England and Wales
Company Registration Number: [16913776]
Registered Office: 124–128 City Road, London, EC1V 2NX, United Kingdom
Email: admin@britwington.com

3. Personal Data We Collect

We may collect and process the following categories of personal data:

a) Identification & Contact Data

  • Name

  • Address

  • Email address

  • Telephone number

  • Date of birth

b) Recruitment & Professional Data

  • CVs and application forms

  • Qualifications and professional registrations (e.g. CORU, HCPC, NMC, GMC)

  • Employment history and references

  • Right-to-work documentation

  • Compliance and vetting information

c) Sensitive / Special Category Data

Where legally required and with appropriate safeguards, we may process:

  • Health or fitness-to-work information

  • Equality and diversity data

d) Website & Communication Data

  • IP address

  • Website usage data

  • Communications sent to us by email, forms, or other channels

We collect only data that is relevant, necessary, and proportionate for legitimate recruitment and staffing purposes.

4. Lawful Basis for Processing

We process personal data only where a lawful basis exists under UK GDPR and EU GDPR, including:

  • Consent – where you have given clear permission

  • Contractual necessity – where processing is required to take steps at your request or perform a contract

  • Legal obligation – where required by law, regulation, or safeguarding requirements

  • Legitimate interests – where processing is necessary for recruitment and staffing activities and does not override your rights

You will be informed of the lawful basis at the point of data collection where required.

5. How We Use Personal Data

We use personal data for legitimate recruitment and staffing purposes, including:

  • Assessing suitability for roles or assignments

  • Supporting professional registration and compliance processes

  • Matching candidates with employers or recruitment partners

  • Communicating with candidates and clients

  • Meeting legal, regulatory, audit, and safeguarding obligations

We do not sell personal data and do not use it for unrelated or excessive marketing purposes.

6. Data Sharing

We may share personal data with:

  • Employers, end clients, or recruitment partners

  • Regulatory or professional bodies (where required)

  • Background checking or compliance service providers

  • Professional advisors (e.g. legal, accounting)

Personal data is shared only where necessary and with an appropriate lawful basis.

7. International Data Transfers (UK & Ireland)

As we operate across the UK and Ireland, personal data may be transferred between the UK and the EEA.

Where international transfers occur, we ensure appropriate safeguards are in place, including:

  • UK adequacy regulations

  • EU adequacy decisions

  • Contractual and organisational protections

8. Data Retention

We retain personal data only for as long as necessary to fulfil recruitment, staffing, employment, and legal obligations.

Retention periods are reviewed regularly, and data is securely deleted or anonymised when no longer required.

You may request information about our retention periods at any time.

9. Your Data Protection Rights

Under UK GDPR and EU GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate or incomplete data

  • Request erasure of data (where applicable)

  • Restrict or object to certain processing

  • Withdraw consent at any time (where consent is relied upon)

  • Request data portability (where applicable)

  • Lodge a complaint with the relevant supervisory authority

UK supervisory authority: Information Commissioner’s Office (ICO)
Irish supervisory authority: Data Protection Commission (DPC)

10. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Secure digital storage systems

  • Restricted access controls

  • Confidentiality obligations

  • Regular review of data handling practices

11. Cookies & Website Use

Our website may use cookies or similar technologies to improve user experience and analyse website usage.

You can manage or disable cookies through your browser settings.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal or operational changes.

The most current version will always be available on our website.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact:

Email: admin@britwington.com

We aim to respond to data protection requests within 30 days, in line with regulatory requirements.

 
Britwington Consultancy UK LTD