Limited Privacy Statement
CV Future Limited (“CVL”) is a controller within the meaning
of the Data Protection Act 2018 and the UK General
Data Protection Regulation. Further details about
us and how to contact us appear below.
This notice describes how we collect,
store, transfer and use personal
data. It tells you about your privacy rights and
how the law protects you.
This Privacy Statement applies
to personal data from you when you contact us and
provide us with your personal data when you use:
our websites including at selltocorporates.com;
make enquiries for your
apply to a job with us;
the professional services we supply.
Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our
We have legal obligations
to you to inform you of:
the personal data which we
collect from you
how we use it
the purposes for which we
process your personal data
the legal basis for processing
your personal data
who we share your personal data
where we store and send your
personal data, and protections
the periods for which we retain
your personal data
your rights under the General
Data Protection Regulation
the right to lodge a complaint with a supervisory authority.
How we process your Personal Data
Personal data is information
that identifies you, either directly or indirectly. This includes your contact details
and any information about you that you provide
When we process your personal
do so lawfully, fairly and in a transparent manner
collect it for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible
with those purposes
limit our collection to what is adequate and relevant to what is necessary in relation to the purposes for which
they are processed
take reasonable steps to keep it accurate and up to date having
regard to the purposes for which they are processed
kept in a form where we can identify
you for no longer than is necessary, for the purposes for
which it is processed
process it in a manner that
ensures appropriate security of the personal data, which includes protection
against unauthorised or unlawful processing and against accidental loss, destruction or damage. We use appropriate technical or
organisational measures to do so.
Personal Data Collected
The types of personal
data we may collect from you when you visit
our website, contact us is
limited to the information you provide us.
When you use our services the following technical data may be collected, depending on the activities of users:
Contact Details Name, email address(es), address(es), telephone number(s), fax numbers, instant messaging address(es), social media identifiers, nationality, photographs, marital status Vocational Details Employer, location(s) of workplace, contact address(es) for work purposes, professional qualifications, job role / position / title / rank, job description, photographs General Professional Details Professional qualifications; job role / position / title; job description; photographs; current and historical employment and consultancies; duration of appointments Academic Details Educational institutions and places of learning attended; courses attended, completed; academic and levels of achievement obtained User Account Data login name, password recovery questions, password recovery answers, aliases, user preferences while using our services; languages spoken and/or written System Usage Data Type of device (handheld, desktop) used to access online services; pages visited including time and date of access, web browser signature, referrer URLs; data displayed or clicked, UI elements interacted with; search terms used; offers made to you; actions taken; storage usage Messaging Data Types of messages sent: alert, forgotten password messages, time and date of messages, message sender addresses, message recipient addresses, subject of message; content of messages Location Data Approximate geographical location of data subjects; physical location of data subjects; expected dates and times at physical locations Transaction Data Items purchased, amounts paid; items returned and/or refunded; amounts of refunds; bank account identifiers, debit and credit card numbers
Special Categories of Personal Data
The special categories of
personal data are personal data revealing racial or ethnic origin, political
opinions, religious or philosophical beliefs,
or trade union membership,
and the processing of genetic data, biometric data for the purpose of uniquely
identifying a natural person, data concerning health or data concerning a
natural person’s sex life or sexual orientation.
We do not deliberately collect
any special categories of personal data from you.
We would prefer that you do
not send it to us or make it known to us.
Should we choose to do so, we may delete the entire communication and ask you to
send it again absent the special categories of personal data. If for some
reason we are not able to do so, we do not store it in any structured way and
process it only:
where we have your explicit consent
for employment purposes,
including for job applications;
where the processing relates to
personal data which you made public; and
processing is necessary for the establishment, exercise or defence
of legal claims or whenever
courts are acting in their judicial capacity.
Use of our services by children
We do not sell products or provide services
for purchase by children, nor do we market to children.
Not providing Personal Data
We need to know who we are communicating with. Should you choose not to provide us with your name, contact
details or other details we may need, we will not be able to communicate with
This means that if you:
have something to ask us, we
will not be able to respond to you;
are enquiring about job roles we might have available, we will not be able to
assess you for suitability;
have a contract with us, we will not be able to perform
the contract, and we may need to terminate it.
Keeping Personal Data up to Date
Please help us keep your
personal data up to date and let us know when it changes.
At any time, you may contact
us in writing to request
that we provide
you with the personal data we hold about you.
To obtain a copy of any information that is not provided on our website
you should contact us to make
Sources of Personal Data
We primarily obtain personal
data about you from you.
We may also obtain information about you from publicly available
sources, such as websites where you have made the
information public, Companies House, background check agencies, our business
partners, and business directories, tax authorities, and other third parties.
We may also confirm information
you provide to us directly using data from other sources. We also add to the information we hold about
you, sometimes to remove the need for you to provide it to us and
sometimes in order to be able to assess the quality of the services we supply
you or you offer. The additional information we collect may be categorised as
information that confirms your identity;
business information, including your business trading
name and address,
your company number (if incorporated), and your VAT number (if
information which confirms your
reviews and feedback about your business
on other websites
through which you sell your services; and
unsolicited complaints by our clientele.
How we use your personal data
We process your personal
data for the following purposes, where we have a legal basis to do so:
to provide our services to you;
receive payment for our services;
pay others for services they
supplied to you;
improve our services;
assist others deliver their
services to you.
Payment information: Payment information
is never taken by us or transferred to us either through our website
or otherwise. Our employees and staff never
have access to it. At the point of payment, you are transferred to a secure page on the website
of Thrivecart or some other reputable payment service provider. That
page may be branded to look like a page on our website, but it is not
controlled by us.
We strive to provide you with
choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal
data control mechanisms:
you are able to opt out at any time;
depersonalise advertising on
our site which is presented to you.
We may use your Contact
Details, Vocational Details, General Professional Details and Academic Data to
form a view on what we think you may want or need, or what may be of interest
to you. This is how we decide
which products, services
and offers may be relevant
You will receive marketing communications from us if you have requested information from us or purchased products or services from us
or if you provided us with your details when you entered a competition or
registered for a promotion and, in each case, you have not opted out of
receiving that marketing.
We will get your express opt-in
consent before we share your personal data with any company for marketing purposes.
Referrals and Affiliates: This is
information given to us by you in your capacity as an affiliate of us or as a
referral partner. It allows us to recognise visitors that you have referred to us, and to credit
to you commission due for such referrals. It also includes information that allows us to
transfer commission to you. The information is not used for any other purpose.
We undertake to preserve the confidentiality of the information and of the terms of our
relationship. We expect any affiliate
or partner to agree to reciprocate this policy.
Re-marketing: Re-marketing involves
placing a ‘tracking technology’ such as a cookie, a web beacon (also known as
an ‘action tag’ or a ‘single-pixel GIF’) to track which pages you visit and to
serve you relevant adverts for our services when you visit some other website.
The benefit of re-marketing technology is that we can provide you with more useful and relevant adverts,
and not show you ones repeatedly
that you may have already seen. We may use a third-party advertising service to
provide us with re-marketing services from time to time. If you have consented
use of such tracking technologies, you
may see advertisements for our products and services on other websites. We do
not provide your personal data to advertisers or to third-party re-marketing service providers. However,
if you are already a member of a
website whose affiliated business provides
such services, that affiliated business
may learn of your preferences in relation to your use of our website.
You can ask us to stop sending
you marketing messages at any time by emailing us and/or logging into our website checking
or unchecking relevant
boxes to adjust
your marketing preferences or by following the opt-out links on any
marketing message sent to you or by contacting us at any time.
Where you opt out of receiving
these marketing messages, this will not apply to personal data provided to us as a result
of a product/service purchase, warranty registration, product/service
experience or other transactions.
Legal Basis Further Uses
We use your personal
data for the following reasons:
You have given us your consent
in writing for the purposes
for which you provided your personal data;
We need to take steps to form a contract with you and perform a contract with you;
We need to comply with
a legal obligation other than with you;
We or someone else has a legitimate interest
other than where
your interests or fundamental rights and freedoms would
We believe we have
legitimate interests to process your personal data to:
improve our services;
record-keeping for the proper
and necessary administration of our business;
responding to unsolicited communications from you to which we believe you would expect a response;
insuring against or obtaining
professional advice that is required
to manage legal, business
and/or organisational risk;
protecting your interests where
we believe we have a duty to do so;
meet our legal and statutory
obligations to you and others;
prevent, detect and investigate fraud, corruption and misconduct by you and/or others;
conduct and operate our
business in the digital age in an online environment;
understand the needs, requirements
and preferences of potential customers, and
that use our services;
conduct marketing activities, including sending email correspondence and video presentations;
comply with health and safety obligations and monitor our performance against equal opportunities legislation;
ensure network and information
security, including preventing unauthorised access to our computer
and electronic communications systems and preventing malicious software
We will only use your personal
information for the purposes for which we collected it, unless we reasonably consider that we
need to use it for another reason and that reason is compatible with the
original purpose. If we need to use your personal information for an unrelated
purpose, we will notify you and we will explain the legal basis which allows us
to do so.
Please note that we may process
your personal information without your knowledge or consent, in compliance with the above
rules, where this is required
or permitted by law.
We have put in place
appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We limit access to your personal
information to those employees, agents,
contractors and other third parties who need to know. They will only
process your personal information on our instructions. They are subject to a
duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach
and will notify you and any applicable regulator of a suspected breach
where we are legally required to do so.
We may have cause to share your personal
information with our service providers, such as:
telecommunications providers, including telephone, instant
messaging, post and couriers;
computer systems service
providers, including IT security personnel;
We only permit them to process
your personal data for specified purposes and in accordance with our instructions, where we have a legitimate interest in doing
Automated Decision Making
Automated decision-making takes place when an electronic system uses personal information to make a decision
without human intervention.
We do not automate
decision making in a way that affects
your legal rights
or any other basis.
We do not store
or transmit your data outside
of the UK, other than where you are
resident outside the UK.
Other than storing your data in
UK, we also store data in:
|Country||Basis for Transfer|
We will transfer the personal
information we collect about you to these countries (in the sense
that the system
servers are located
in the countries named above)
in order to perform our
contract with you. There is an adequacy decision by the European Commission in
respect of the named countries. This means that the country to which we
transfer your data is deemed to provide an adequate level of protection for
your personal information.
We have put in place
appropriate security measures to prevent your personal information from being
accidentally lost, used or accessed in an unauthorised way, altered or
disclosed. As stated above at paragraph 12, we limit access to your personal
information to those employees, agents, contractors and other third parties who have a business
need to know. They will only process
your personal information on our instructions and they
are subject to a duty of confidentiality.
We store all information
that you provide to us on secure servers.
We train employees regarding
our data privacy policies and procedures, and permit authorised employees and
staff to access information on a need to know basis, as required for their
role. We use firewalls designed to protect against intruders, test for network
vulnerabilities and use encryption for data at rest and data in transmission.
However, no method of transmission over the internet
or method of electronic storage is completely secure.
Where you have a password which
enables you to use our services, you are
responsible for keeping this password complex, secure, and confidential.
Retention of your Data
We will only retain your
personal information for as long as necessary to fulfil the
purposes for which
it was collected, including for the purposes
of satisfying any legal,
accounting, or reporting requirements.
To determine the appropriate
retention period for personal data, we consider the amount, nature,
and sensitivity of the personal
data, the potential risk of harm from
unauthorised use or disclosure of your personal data, the purposes for which we
process your personal data and whether we can achieve those purposes through
other means, and the applicable legal requirements.
By law we have to keep basic
information about our customers (including your contact, identity, financial and transaction data) for six years after they cease being
customers for tax purposes.
We keep your personal data
only for as long as required by us:
to provide you with the
services you have requested;
to comply with other law, including
for the period demanded by our tax authorities; and/or
to support a claim or defence
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in
which case we may use such information without further notice to you. We will
retain and securely destroy your personal information in accordance with
applicable laws and regulations. Once you are no longer an employee, worker or
contractor of the company we will retain and securely destroy your personal
information in accordance with our data retention policy.
Rights of access, correction, erasure, and restriction
You have a series
of rights under the UK General Data Protection Regulation.
Not all apply in all
circumstances. Under certain circumstances, you have the right to:
Request access to your personal
information (commonly known as a “data subject access request”). This
enables you to receive a copy of the personal information we hold about
you and to check that we are lawfully processing it;
Request correction of the personal
information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about
Request erasure of your
personal information. This enables you to ask us to delete or remove personal
information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you
have exercised your right to object to processing (see below);
Object to processing of your
personal information where we are relying on a
legitimate interest (or those of a third party) and there is
something about your particular situation which
makes you want to object
to processing on this ground. You also have the right to object
where we are processing your personal information for direct marketing
Request the restriction of processing of your personal
information. This enables you to ask us to suspend the
processing of personal information about you, for example if you want us to
establish its accuracy or the reason for processing it; and
Request the transfer of your
personal information to another party.
If you would like to exercise
any of these rights, please contact us using the details below. We will need to verify your identity
before we are able to release any personal
data to you. This is important to safeguard your information.
Please be aware that we are
not obliged by law to provide you with all personal data we hold about you, and that if we do provide
you with information, the law allows us to charge for such provision if doing so
incurs costs for us. After receiving your request, we will tell you when we
expect to provide you with the information, and whether we require any fee for
providing it to you.
If you wish us to remove
personally identifiable information from our website,
you should contact us to make your request.
We remind you that we are not obliged
by law to delete your personal data or to stop
processing it simply because you do not consent to us doing so. While having
your consent is an important consideration as to whether to process it, if
there is another legitimate basis on which we may process it, we may do so on
If you are dissatisfied with the way we process
your personal data,
you have the right
to complain to the Information Commissioner’s Office.
The Information Commissioner may be contacted
T: 0303 123 1113;
We would prefer to try and resolve any difficulties between
us and make them right before you approach the ICO. Please
consider contacting us in the first instance.
Withdrawal of Consent
Where you may have provided
your consent for us to process your personal data and/or transfer your personal
data for a specific purpose,
you can withdraw
it at any time.
To withdraw your consent,
please contact us using the details below. Once we have received notification
that you have withdrawn your consent, we will no longer process your information for the purpose
or purposes you originally agreed
to, unless we have
another legitimate basis for doing so in law. Please see above.
Changes to this Privacy Statement
We may need to change this
Privacy Statement from time to time. You are able to identify when this Privacy
Statement was changed
by the date which appears
at the bottom of it.
Amendments are updated on this page,
to the email address stated
in your account and/or through a notice on our
home page. Your continued use of this site and the resources enabled
by our services signifies your consent to such processing and of the conditions
set out in the Privacy Statement.
CV Future Limited, a company
formed in accordance with the laws of England and Wales with registered company
number 09297831 with registered offices situated at 14 Juno House John Thornycroft Road,
Southampton, Hampshire, SO19 9SW in the
CV Future Limited is
responsible for the personal data we hold and use.
We have appointed a data
protection officer who is responsible for ensuring that our Privacy Statement
is followed. If you have any questions about how we process your personal data,
including any requests
to exercise your legal rights,
please contact our data protection officer at email@example.com.