Staff and Job Applicants Privacy Notice

This notice relates to staff and job applicants

We last updated our Privacy Notice on 15 August 2022.

This Privacy Notice applies to members of staff and job applicants who are referred to in this Privacy Notice as you and your. We are committed to ensuring the privacy of your personal data and we want you to know that we respect your privacy. We seek to ensure that any personal data we collect about you will be held and processed strictly in accordance with the Data Protection Act 2018 (DPA 2018), and the UK General Data Protection Regulation (UK GDPR).

This Privacy Notice explains our approach to personal information that we collect from you or which we have obtained about you from a third party and the purposes for which we process your personal information or share it. It also explains your rights with respect to our processing of your personal information. 

Who are we and what do we do?
We (ELDENS Limited) are fully owned and operated by COIN Fintech Ltd, a company registered in England & Wales with registered no. 13354651. Our registered office is at 78a Luke Street, Shoreditch, London EC2A 4XG. We are authorised by the Financial Conduct Authority (No. 950762). We are a data controller

What personal information do we collect and how do we use it?
Our primary goal in collecting personal information from you is:

  • to permit us to answer queries raised during the recruitment process and to undertake our due diligence in relation to the recruitment process;
  • for Human Resources administration and personnel management including payroll and benefits and personnel management;
  • to provide useful insight and assist with analysis of our recruitment methods;
  • workplace monitoring;
  • education, training, and development activities;
  • to keep you informed of our activities;
  • to investigate or settle inquiries or disputes;
  • to comply with applicable laws, court orders, other judicial process and the requirements of regulators and our internal policies;
  • to enforce any agreement we may have with you; and
  • to use as otherwise required or permitted by law.

We will collect the following information from (i) you; (ii) former employers; (iii) an employment agency; (iv) background check agencies; and/or(v) from public sources:

  • Name and contact information.
  • Date of birth.
  • Gender.
  • Marital status.
  • Government identification numbers.
  • Education and training details/professional qualifications.
  • Bank account details and payroll information.
  • Wage and benefit information.
  • Performance information.
  • Employment details.
  • Photo IDs and CCTV footage
  • Next of kin and emergency contact information.
  • Employment records (including job titles, work history, working hours, training records and professional memberships)
  • Compensation history
  • Disciplinary and Grievance information.

Who do we share your personal information with for these purposes?
We may share your information with our professional advisers such as payroll agents, lawyers and accountants and/or governmental or regulatory authorities where legally required to do so. We may also share your personal information with agencies to carry out background checks and banks to check that bank account details are correct and not subject to embargo or sanction (or as may be required by law).

What is our legal basis?
It is for the purposes of fulfilling our contractual obligations with you, to comply with legal and regulatory obligations and for legitimate purposes. Consent will be requested from Job applicants.

Your Rights
You have the following rights in relation to the personal information we hold about you:

Your right of access
If you ask us, we’ll confirm whether we’re processing your personal information and, if so, provide you with a copy of that personal information. If you require additional copies, we may need to charge a reasonable fee.

Your right to rectification
If the personal information we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have shared your personal information with others, we’ll let them know about the rectification where possible. Where it is possible and lawful to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.

Your right to erasure
You can ask us to delete or remove your personal information in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If we’ve shared your personal information with others, we’ll let them know about the erasure (where possible). Where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.

Your right to restrict processing
You can ask us to ‘block’ or suppress the processing of your personal information in certain circumstances such as where you contest the accuracy of that personal information or you object to us processing it. It won’t stop us from storing your personal information though. We’ll tell you before we lift any restriction. If we’ve shared your personal information with others, we’ll let them know about the restriction where it is possible for us to do so. Where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal information with so that you can contact them directly.

Your right to data portability
You have the right, in certain circumstances, to obtain personal information you’ve provided us with (in a structured, commonly used and machine-readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.

Your right to object
You can ask us to stop processing your personal information, and we will do so, if we are:

  • relying on our own or someone else’s legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing; or
  • processing your personal information for direct marketing.

Your right to withdraw consent
If we rely on your consent as our legal basis for processing your personal information, you have the right to withdraw that consent at any time

Your right to lodge a complaint with the supervisory authority
If you have a concern about any aspect of our privacy practices, including the way we’ve handled your personal information, you can report it to the UK Information Commissioner’s Office (ICO). You can find details about how to do this on the ICO website at https://ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.

How to contact us?
If you have any questions about this Privacy Notice or want to exercise your rights, please send an email to contact@eldens.co.uk or write to us at:

ELDENS Limited
29 Curzon Street, Mayfair, London, W1J 7TL

How do we obtain your consent?
Where our use of your personal information requires your consent, you can provide such consent:

  • at the time we collect your personal information following the instructions provided; or
  • by informing us by e-mail or post using the contact details set out in this Privacy Notice.

Storage and Sharing of Personal Information and International Data Exports
We store some personal data in data centres in the United Kingdom.

In order to provide you with the services, we may need to share your personal data with third party service providers. This may involve transferring your data outside the UK and the European Economic Area (EEA). Whenever we transfer your personal data outside the EEA, we ensure that a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

Where we use service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe (including “model clauses”).

Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield framework which requires them to provide similar protection to personal data shared between Europe and the US.

Please contact us if you want further information on the specific mechanism used by us when transferring your data out of the EEA.

How long do we keep your personal information for?
We keep your personal information (if you become an employee or member of staff) for a period of 6 years from the date that your employment/term of office  terminates and  (if you are a job applicant who does not become an employee or member of staff)  for a period of 1 year from the date our interaction with you ceases or in both cases, such longer period as is required by law or regulation.

If your information is only useful for a short period e.g. for specific marketing campaigns, we will delete it shortly afterwards.

Confidentiality and security of your personal information
We are committed to keeping the personal information you provide to us secure and we will take reasonable precautions to protect your personal information from loss, misuse or alteration. Our security measures include the use of a hardware firewall to prevent unauthorised access. We may share your personal information with our third-party agents and contractors for the purposes of enabling them to provide data analysis, customer support, storage and other services to us (for example, our accountants, professional advisors, IT and communications providers) and any entity we may appoint from time to time to evaluate the effectiveness of the Website. These third parties will be subject to appropriate confidentiality arrangements and they will only use your personal information as described in this Privacy Notice. We will also share information with others:

  • to the extent required by law, for example if we are under a duty to disclose your personal information in order to comply with any legal obligation (including, without limitation, in order to comply with tax reporting requirements and disclosures to regulators), or to establish, exercise or defend its legal rights;
  • if we restructure our business or we sell or buy any business or assets, in which case we may need to disclose your personal information to the prospective buyer for due diligence purposes; and
  • if we or substantially all of our company assets are acquired by a third party, in which case the personal information held by us about you will be disclosed to the third-party buyer.

Although we exercise adequate care and security there remains a risk that information transmitted over the Internet and stored by computer may be intercepted or accessed by an unauthorised third party.

Changes to this Privacy Notice
To ensure that you are always aware of how we use your personal information we will update this Privacy Notice from time to time to reflect any changes to our use of your personal information. We may also make changes as required to comply with changes in applicable law or regulatory requirements. We will (if we have your contact details) notify you by e-mail of any significant changes. However, we encourage you to review this Privacy Notice periodically to understand how we use your personal information.