Privacy Notice For Caroline Davidson Literary Agency (Job Applicants)
Under the General Data Protection Regulation (GDPR) which comes into force 25 May 2018 we are data controllers and data processors of your information. We are called controllers because we make decisions about how your data is used, and we also process your data when we carry out basic activities like storing, deleting and changing the information we hold.
We take your privacy and our responsibility to protect your information very seriously. Read our Privacy Notice to understand:
Who we are
Our policy on children accessing our website
Information we may collect about you
How we use information about you and recipients of your information
Who we might share your information with
How we look after your information and how long we keep it for
International transfers of your information
Your rights to the information we hold about you
Changes to this privacy notice and your duty to inform us of changes in your personal information
WHO WE ARE
Caroline Davidson Literary Agency (CDLA) is a literary agency. You can contact us as follows:
OUR POLICY ON CHILDREN ACCESSING OUR WEBSITE
Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13. If you are under the age of 13, please do not access our website at any time or in any manner.
INFORMATION WE MAY COLLECT ABOUT YOU
Information that you provide to us
We will collect information that you provide to us when you:
submit an application to a job vacancy.
Your information includes anything which identifies you, including your contributions to a blog or other user-generated content. Please be aware these contributions may include personal information that is more implicit then explicit.
If you provide us with more sensitive information this is known as Special Category “Sensitive” information. This may include details about your racial or ethnic origin, political opinions, religious, philosophical or similar beliefs, trade union membership, genetics, biometrics, health, sexual life, sexual orientation or about criminal offences or proceedings. This type of information is not actively collected by CDLA, but if it is provided to us it will be treated with respect. This information will only be used with your explicit consent; however, there may be occasions when we have a legal obligation to share this information without your prior consent.
The information you provide to us is dependent on the circumstances.
as part of the application process we ask you to provide a CV or résumé. This will include:
identity and contact data such as your name, address, email address and phone number(s);
additional information which adds background and supports your submission. This information could include your academic and work history, qualifications, travelling, skills, projects and research that you are involved in; and
if you are employed at CDLA, you will need to supply us with your bank details
Information we collect about you:
we will collect any information contained in any correspondence between us. For example, if you contact us by email, post or telephone, we may keep a record of that correspondence;
Information we receive from third parties
In certain circumstances, we will receive information about you from third parties. For example:
if you are a job applicant we may contact your recruiter, current and former employers and/or referees, who may be based inside or outside the EU, to provide information about you and your application.
We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from them.
HOW WE USE INFORMATION ABOUT YOU AND RECIPIENTS OF YOUR INFORMATION
We use your information lawfully. We do not sell your information to third parties. However we may share your information as set out in the section, Who We Might Share Your Information With.
We use your information for the following purposes to:
process any job applications you submit to us, whether directly or via an agent or recruiter including sharing this with our third party recruitment agency (on the basis of our legitimate interests to recruit new freelancers and contractors.
As outlined above sometimes we will use your information on the basis of our legitimate business interests (legitimate interests). This means our legitimate interests in conducting and managing our business and our relationship with you. We may use your information for the purposes listed below on the basis of our legitimate interests to:
respond to your queries and correspondence;
process any job application you submit to the agency to work for us. This may involve a third-party recruitment agency; and
operate a safe and lawful business or where we have a legal obligation.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).
If you have any concerns about our processing, you have rights and choices which include the right to object on the basis of our legitimate interests. You also have the right to withdraw your consent for our use of your information in reliance of your consent. Please refer to the section Your Rights to the Information We Hold About You. This section can be found below.
WHO WE MIGHT SHARE YOUR INFORMATION WITH
Your information may be processed by us or by the staff of a third party we work with to deliver our business. Processing can mean any activity that involves the use of information about someone that can identify them. All uses, for example, obtaining, recording, storing, organising, retrieving, deleting and destroying are types of data processing. We take measures to ensure that third parties processing your information on our behalf are acting lawfully in accordance with our instructions and are subject to appropriate confidentiality requirements.
In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties such as:
our financial services and payment service providers;
any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets; and
any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or where such disclosure may be permitted or required by law of the UK and other countries, or where we have a legal obligation to do so.
We require third parties to maintain appropriate security to protect your information from unauthorised access or processing. These third parties may be based inside or outside the EU.
This website may include links to third-party websites, plug-ins and applications. Clicking on those or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
We look for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
ensuring the physical security of our office and archive; and
limiting access to your personal information to those in our business who need to use it in the course of their work.
We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,
we archive our paper correspondence regularly and destroy unnecessary information;
deleted emails are deleted regularly; and
we destroy CVs and related information from job applicants who have not been shortlisted for interview once the recruitment process is complete.
INTERNATIONAL TRANSFERS OF YOUR INFORMATION
Our business is located in the UK.
We will transfer your personal data outside the European Economic Area (EEA) where necessary for us to perform our contract with (if we represent you) such as by way of sharing your personal data with licensees or purchasers of your Work or sub- and co-agents (as applicable and including prospective parties).
Whenever we transfer your personal data out of the EEA (other than a necessary to perform our contract with you), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries ;
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, European Commission: Model contracts for the transfer of personal data to third countries; and
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
A list of the countries outside of the EEA to which we may transfer your personal information is available here.
YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU
You have certain rights in respect of the information that we hold about you, including:
the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Notice;
the right to request access to the information that we hold about you;
in certain circumstances, the right to receive a copy of any information we hold about you;
the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
the right to withdraw your consent for our use of your information in reliance of your consent (refer to the section subtitled How We Use Information About You And Recipients Of Your Information to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Notice;
the right to object to our using your information on the basis of our legitimate interests (refer the section subtitled How We Use Information About You And Recipients Of Your Information to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;
in certain circumstances, the right to ask us to limit or stop processing information about you, or erase information we hold about you; and
the right to lodge a complaint about us to the UK Information Commissioner’s Office, as well as with the relevant authority in your country of work or residence.
Please note that we may need to retain certain information for our own record-keeping purposes.
How to exercise your rights and help CDLA in the way that you do
You may contact us via the details at the top of this Privacy Notice if you wish to action any of these additional rights and we will comply with your requests unless we have a lawful reason not to do so. CDLA’s contact details can be found at the beginning of this Privacy Notice, and they are also on our website and in our email signatures.
The best way to make a request is to send them in a detailed and clear letter.
What we need from you to process your requests
We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
It might be best to make one request at a time because our response to your initial query may provide sufficient information to answer all your queries.
CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your profile account information or contacting us via the contact details at the top of this Privacy Notice.
This Privacy Notice was adapted from the template provided by the Association of Authors’ Agents, issued 16 May 2018, and Hachette’s Privacy Notice of 23 April 2018 which can be found on their website.
This Privacy Notice was updated on 24 May 2018.