Privacy Policy

  1. Introduction

At GRW Recruitment (We), we are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. This Privacy Policy applies to the GRW Recruitment website, subscribers, applicants, job placements/temporary workers and employees. Please read this policy carefully to understand how we collect, use and store your personal data. This Privacy Policy is incorporated into the GRW Terms & Conditions of Supply & Service and by using our services you agree that you have read, understand and are bound by the terms and conditions set.

For the purpose of the GDPR 2016 (May 2018) please contact the Data Protection Officer (DPO) if you have any questions.

  1. Who we are

GRW Recruitment (GRW) is a recruitment and training provider that is based in Sunderland, UK. We look to support the public on finding suitable employment either through a permanent placement, a temporary contract or a training programme.

The DPO for GRW is Graham Rose.

  1. Data collected and sources

In most cases, GRW will collect certain data that is needed to support our service to its successful outcome. The data that will be collected are:

  • Name
  • Address
  • Telephone Number
  • Email Address
  • Date of Birth
  • CV (full working history and qualifications)
  • Medical issues
  • Unspent criminal convictions

On some occasions, GRW may need to process additional information which can be deemed as more sensitive. This would be in the instance of a GRW employee or temporary worker for a client. This data is:

  • Bank Details
  • NI number
  • Photo ID
  • References

GRW collect data from subjects interested in using our service. The data gathered is from:

  • Job sites (third parties)
  • Telephone interviews
  • Face to face interviews
  • Training enrolment
  • Website/Newsletter subscriptions
  • GRW Employee induction
  • Recommendation scheme
  1. Data use

As GRW provide a service, it is important that we have the correct data to carry out the service to its successful completion. If GRW doesn’t have your consent or your correct data it will result in the data subject not being able to use the GRW service.

We use your data:

  • To offer/arrange suitable employment or training opportunities based on your information provided.
  • To maintain company accounts and internal GRW systems
  • To gain research and carry out surveys
  • To meet legal obligations (Right to Work)
  • To contact you in an emergency
  • To arrange opportunities with third-party companies, such as employers
  • To provide you with updates/alerts, such as interviews and feedback
  • To improve our website and other communications with you

We do not sell or share your data with third parties for marketing purposes

  1. Legal processing

Within the GDPR policy, there are certain legal processing conditions that GRW adheres to. Any visitor to the GRW website who accepts ‘cookies’ will have deemed to have given consent for GRW to process their data as a legitimate interest. For any data subject that comes into physical contact with GRW, they will give consent through a Data Consent Form, this document outlines the key points and data uses of this policy in a clear manner and requires the data subjects signature as consent. The consent given either way is easily withdrawn by contacting the DPO.

In the case of a GRW Employee signing an employment contract, processing is necessary in order to fulfil the performance of the employment contract.

In some cases, GRW has a legal obligation to process your data and share it. This could be in a fraud case, a court order or other crimes.

  1. Sharing data

Any data that is shared as a result of the process will only be done so with the consent of the data subject. Within the recruitment process, it is necessary to share your information with a potential employer so the recruitment process is efficient.

Any personal data that is shared as a result of the process with be shared electronically between GRW and the relevant third party. Personal information will be securely transferred in a password-protected document that can only be opened by a member of the third party with access to the password.

Only necessary information is shared with the third party and GRW ensure that any third party operated with have a strong stance on personal data and an existing privacy policy in place.

  1. Storing and processing data

All data is securely stored and processed at the GRW office based in the UK.

  1. Security

GRW use different methods to keep data secure and utilise various technologies and procedures to protect personal information. These measures allow us to:

  • Protect data against accidental loss
  • Prevent unauthorised access, use, destruction or disclosure
  • Ensure business continuity and disaster recovery
  • Restrict access to personal information
  • Conduct privacy assessments in accordance with law and GRW business policies
  • Train staff and contractors on data security
  • Manage third party risks, through use of contracts and security reviews.

All personal data that GRW hold are stored electronically with password protection. In the instance of completed GRW documents, these are stored in a locked filing cabinet with any sensitive financial information destroyed.

  1. Length of storage

GRW will only hold any information on a data subject as a necessity. GRW will hold information for a maximum period of 12 months from when the data consent was given unless:

  • The subject is employed by GRW;
  • The subject requests GRW they would like us to continue to hold their details for future opportunities;
  • Legally we are required to hold onto the information.

The 12-month period will allow GRW to offer an efficient service to the data subject and keep necessary information on record for any further opportunities.

  1. Your rights

As a data subject of GRW, you have a legal right under the GDPR to always be in control of your data that is shared with us. You have the right to:

  • Request a copy of your personal data held, free of charge;
  • Correct and/or delete any data;
  • Withdraw the consent that you have previously given;
  • Request information on how your personal data is processed;
  • Request a restriction to be applied to your data in certain circumstances;
  • Lodge a complaint with the Information Commissioner’s Office.

If you have any of these requests then get in touch with DPO who will deal with your request. The DPO aims to deal with all requests within 7 days of the initial request. In certain circumstances, your rights may be limited.  This could be if your request may expose personal data about another data subject, of if GRW has been requested to delete data that we are required to hold by law.

  1. Cookies & Other websites

In common with many other website operators, we use standard technology called ‘cookies’ on our website. Cookies are small pieces of information that are stored by your browser on your computers hard drive and they are used to record how you navigate this website on each visit. By accepting cookies, you are accepting both the GRW Privacy Policy and GRW Cookie Policy.

Upon visiting you will be asked to consent to cookies for this information to be recorded.

For full information on our cookie policy visit:

When you visit the GRW website you may notice that it has external links to social media websites. Once you follow this link, GRW Recruitment holds no responsibility for its Privacy or Cookie Policy. Please refer to the website in questions own specific policies for further information.

  1. Changes

If any changes are made to this policy in the future then the latest update will be made available on our website.

  1. Contacting us

Please contact the Data Protection Officer (DPO) if you:

  • Have any questions about anything in this document
  • Think that your personal data has been misused or mishandled

Graham Rose

Hope Street Xchange

1-3 Hind Street



0191 337 1553

You can also make a complaint to the Information Commissioner, who is an independent regulator.