Privacy Policy

CodeBase Ltd (“us”, “we”, or “our”) operates the http://www.thisiscodebase.com, http://www.techscaler.co.uk and http://www.codeclan.com websites (the “Service”). We are a company registered in Scotland (company number SC437306) and registered as a Data Controller with the Information Commissioner (ICO registration number ZA623362).

This page informs you of our policies regarding the collection, use, and disclosure of Personal Data when you use our Service and the choices you have associated with that data. If you apply for a job with us, the “Applicants” section below will also apply to you.

This Privacy Policy is not intended to apply to anyone under the age of 16. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 16, we will take steps to remove that Personal Data from our servers.We use your data to provide and improve the Service. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from http://www.thisiscodebase.com.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. When this happens, we will post the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service where:

we are making substantial changes to the Privacy Policy; or
we are doing something with your Personal Data, which you might not expect based on what we have told you in this Privacy Policy.

We are committed to protecting your Personal Data and respecting your privacy.

Contact Us

If you have any questions about this Privacy Policy, please contact us. You will find our latest contact details at: https://www.thisiscodebase.com/contact.

Definitions

We use this Privacy Policy to set out our processes and the rights you have when interacting with the services we provide and advertise on our website (“Service(s)”). In the course of using our Services, we will collect information about you (“Personal Data”) and the way in which you use the Services (“Usage Data”). We will also store small pieces of data on your device which will allow us to record your preferences in relation to your Personal Data when using the Services (“Cookies”).

We will determine the purposes for which your Personal Data is collected and the way in which it is processed. Under data protection law, this means that we are a “Data Controller”. In order to provide you with the Services, we work with third party companies who will process your Personal Data on our behalf. These organisations are known as “Data Processors” under data protection law, and we often also refer to these third party companies as “Service Providers”.

As we collect your Personal Data, this means that you are a “Data Subject” under data protection law. We may also refer to you in this Privacy Policy as a “User” of the Services.

Service Providers

If we employ Service Providers, your Personal Data shall only be shared for specific and limited agreed purposes and such data processing shall be subject to a suitable data processing agreement which shall set out the permitted uses of the Personal Data, the technical and organisational data security requirements that must be implemented, the duration of the data processing, and procedures for return or deletion of Personal Data upon termination of the data processing.

Analytics

We may use third-party Service Providers to monitor and analyse the use of our Service.

‍Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.
‍
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/

Use of Data

CodeBase Ltd uses the collected data for various purposes:

To provide and maintain our Service
To notify you about changes to our Service
To allow you to participate in interactive features of our Service when you choose to do so
To provide customer support
To gather analysis or valuable information so that we can improve our Service
To monitor the usage of our Service
To detect, prevent and address technical issues
To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information
To connect you with a community of similar organisations to network, share ideas and (where requested) make introductions
For data uses in relation to Personal Data provided as part of a recruitment process, please see the “Applicants” section.

If you are applying for a job vacancy with us, this section of our Privacy Policy will also apply to you.

Applicants

The kind of Personal Data we hold about you

In connection with your application for work with us, we will collect, store, and use the following categories of Personal Data about you:

The Personal Data you have provided to us in your curriculum vitae and covering letter.
The Personal Data you have provided on our application form, including but limited to name, title, address, telephone number, personal email address, date of birth, gender identity, employment history and qualifications.
Any Personal Data you provide to us during an interview.
Diversity-related Personal Data, in order to comply with equal opportunities monitoring legislation.

We may also collect, store and use the following types of more sensitive Personal Data:

Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions;
Information about your health, including any medical condition, health and sickness records; and/or
Information about criminal convictions and offences.

How is your Personal Data collected?

We collect Personal Data about candidates from the following sources:

You, the candidate;
Your application form;
Radiant and Brighter – a Community Interest Company who from time to time may also act as a recruitment agency for us, from which we collect the types of Personal Data outlined under “The kind of Personal Data we hold about you” above;
Security Screening Services – a background check provider. We provide Security Screening Services with your contact details and they will get in touch with you directly to obtain your consent to collect your Personal Data. Security Screening Services may process the following:
Your name;
Your address and postcode;
A photo taken from your proof of right to work check;
A copy of your passport;
A list of your previous addresses;
Your employment references; and
Any other Personal Data which they have notified you of and which they have obtained your consent to process;
Security Screening Services may also instruct other agencies to carry out credit reference checks and disclosure and barring / criminal convictions checks on our behalf; and
Your named referees.

How we will use Personal Data about you

We will use the Personal Data we collect about you to:

Assess your skills, qualifications, and suitability for the role.
Carry out background and reference checks, where applicable.
Communicate with you about the recruitment process.
Keep records related to our hiring processes.
Comply with legal or regulatory requirements.

We also need to process your Personal Data to decide whether to enter into a contract of employment with you.

Upon receiving any CV and covering letter or application form, we will then process that Personal Data to decide whether you meet the basic requirements to be shortlisted for the role. If you do, we will decide whether your application is strong enough to invite you for an interview. If we decide to call you for an interview, we will use the Personal Data you provide to us at the interview to decide whether to offer you the role. If we decide to offer you the role, we will then take up references and/or carry out a background check before confirming your appointment.

If you fail to provide Personal Data

If you fail to provide Personal Data when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require a credit check or references for this role and you fail to provide us with relevant details, we will not be able to take your application further.

How we use particularly sensitive Personal Data

We will use your particularly sensitive Personal Data in the following ways:

We will use Personal Data about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made for an interview; and/or
We will use Personal Data about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.

Information about criminal convictions

We may process Personal Data about criminal convictions for certain roles in limited circumstances. Where this is the case, we will collect Personal Data about your criminal convictions history if we would like to offer you the role (conditional on checks and any other conditions, such as references, being satisfactory). We are entitled to carry out a criminal records check in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the role. In particular:

Many roles require a high degree of trust and integrity and so we may ask you to seek a basic disclosure of your criminal records history.
We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data. Should we need to process such data we shall provide you a copy of this policy document.

Automated decision-making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

Data retention – How long will you use my Personal Data for?

When you applied for this role, you will have been deemed to have provided consent to us processing your Personal Data for the purposes of the recruitment exercise.

We will retain your Personal Data for a period of 6 months after we have communicated to you our decision about whether to appoint you to a role. We retain your Personal Data for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your Personal Data in accordance with applicable laws and regulations.

If you are unsuccessful in your application and you would like us to retain your Personal Data on file, on the basis that a further opportunity may arise in future and we may wish to consider you for that, we will give you this option at the end of the recruitment process.

This section of our Privacy Policy applies to anyone who visits our website (both users and anyone applying for a job vacancy).

Information Collection And Use

We collect several different types of Personal Data for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data
While using our Service, we may ask you to provide us with Personal Data. Such Personal Data may include, but is not limited to:

Email address
First name and last name
Cookies and Usage Data

We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. You will find our latest contact details at: https://www.thisiscodebase.com/contact

Usage Data
We may also collect information how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking & Cookies Data
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you we need to process your Personal Data, we must identify a legal basis to do so. CodeBase Ltd may process your Personal Data because:

We need to perform a contract with you;
You have given us permission to do so;
The processing is in our legitimate interests and it’s not overridden by your rights;
To comply with the law; and/or
You have applied for a job vacancy with us (see “Applicants” section)

Some of these processing activities are mandatory. This means that we need to use your Personal Data to meet our contractual obligations to you, or to meet our own legal obligations.

We have determined, acting reasonably and by considering the circumstances, that we are able to rely on legitimate interests as the legal basis on which to process your Personal Data in certain circumstances. We have reached this decision by carrying out a balancing exercise to make sure our legitimate interest does not override your privacy rights as an individual. We consider that it is reasonable for us to process your Personal Data for the purposes of our legitimate interests as: (a) we process your Personal Data only so far as is necessary for such purpose; and (b) it can be reasonably expected for us to process your Personal Data in this way. Where we are unable to rely on legitimate interests as the legal basis on which to process your Personal Data, we will obtain your explicit consent.

We may use your Personal Data for more than one purpose, depending on the circumstances. There may be situations where we rely on two lawful bases as a matter of course to achieve the same or similar purposes.

Retention of Data

CodeBase Ltd will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy and in accordance with applicable law and regulations. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

CodeBase Ltd will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where data protection legislation may differ than those from your jurisdiction. For example, this could happen if any of our servers that store your Personal Data are located in a country outside of the UK or the EEA, or when one of our service providers is located in a country outside of the UK or the EEA, such as the United States of America. Different countries have different data protection and security laws and some of these do not offer the same level of protection as you enjoy under UK and EU data protection legislation.

We will have agreements with these third-party organisations which provide that they will not use your Personal Data for any purposes other than those we have agreed with them. We explicitly require that any third-party organisations that use your Personal Data on our behalf implement adequate safeguards to protect your Personal Data, in accordance with the UK or EU GDPR (as applicable) and any other applicable UK and EU data protection legislation. For example, we may put contracts in place (which are approved by the UK Information Commissioner and, where applicable, the European Commission and are known as “standard contractual clauses“) with those service providers, or alternatively will ensure they have signed up to, and comply with, any other approved mechanisms that may become available to us in the future. We will also carry out an appropriate risk assessment of the laws and practices of the destination country to identify any technical and organisational measures that need to be put in place to ensure that your Personal Data is fully protected when in that country.

Disclosure Of Data

Business Transaction

If CodeBase Ltd is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

Disclosure for Law Enforcement

Under certain circumstances, CodeBase Ltd may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal Requirements

CodeBase Ltd may disclose your Personal Data in the good faith belief that such action is necessary to:

To comply with a legal obligation
To protect and defend the rights or property of CodeBase Ltd
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability

Security Of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

“Do Not Track” Signals

We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

You have the following rights in relation to your Personal Data:

The right to access, update or to delete the Personal Data we have on you. In some cases, you can access, update or request deletion of your Personal Data directly within the “settings” section of your account settings. If you are unable to perform these actions yourself, please contact us to assist you. You will find our latest contact details at: https://www.thisiscodebase.com/contact
The right of rectification. You have the right to have your Personal Data rectified if that Personal Data is inaccurate or incomplete.
The right to object. You have the right to object to our processing of your Personal Data.
The right of restriction. You have the right to request that we restrict the processing of your Personal Data.
The right to data portability. You have the right to be provided with a copy of the Personal Data we have on you in a structured, machine-readable and commonly used format.
The right to withdraw consent. You also have the right to withdraw your consent at any time where CodeBase Ltd relied on your consent to process your Personal Data.

Please note that we may ask you to verify your identity before responding to such requests.

We will to our utmost to ensure the protection of your Personal Data. If you believe that your Personal Data is not being processed in line with this Privacy Policy, please contact us. You will find our latest contact details at: https://www.thisiscodebase.com/contact.

If you are not satisfied with the response we provide, you have the right to lodge a complaint with the Information Commissioner’s Office. Find out on their website how to report a concern at ico.org.uk/concerns.

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.