The following information sets out the way in which Zeren will collect and use information about you in a way that is consistent with our responsibilities and your rights under relevant privacy law. Please read it carefully so that you understand how we will use your information.
Renovata and Company
Effective Date: August 2023
Renovata and Company is an international executive search and talent solutions business that is made up of different legal entities, including those set out in the table below. This policy is intended to explain to you how companies in the Renovata and Company group collect and use your personal data including via our websites (as listed below) or by email, marketing communications, social media, and other methods (to the extent applicable).
|The “Renovata Entities” which are made up of|
|The “Zeren Entities” which are made up of|
|The “Renovata Affiliate Entities” which are made up of|
The companies within the Renovata and Company group from time to time shall be referred to collectively as the “Renovata Group”. Where we mention “we”, “us” or “our”, we are referring to the relevant company in the Renovata Group that is responsible for processing your personal data.
The websites operated by the Renovata Group include:
At the Renovata Group, we are committed to protecting your data and privacy.
We have provided this policy to ensure that you are fully aware of how and why we collect personal data about you when you are engaging with either our candidate placement recruitment services or our private equity advisory services. We will also provide you with information about why and when we may share your personal data and with whom.
You should ensure that you have read and understood this policy before providing your personal data to us. Whenever you submit information via one of our websites or otherwise to us, whether online or offline, you consent to the collection, use and disclosure of that information in accordance with this policy.
The data we collect about you
For your information, personal data (also known as personal information), means any information about an identifiable person which can be directly or indirectly assessed.
We may collect, use, store and transfer different types of personal data about you. These can be separated into the following different categories, however, please note that not all of these categories will be applicable to you:
- Identity Data includes first name, maiden name, last name, title, gender and age. If you are a registered company, this will include your company name and company number (where applicable).
- Contact Data includes your current address, email address and phone number. Where you are a candidate, this will be as listed on your curriculum vitae (“CV”)/résumé or relevant application form; where you are not a candidate, this will be as provided to us or extracted from your public profile, as set out below.
- Image Data includes your photograph if you have opted to include this in your CV/résumé and/or your LinkedIn profile. Image Data is only collected in respect of candidates.
- Education Data includes details about your current and/or previous education history. Education Data is only collected in respect of candidates.
- Employment Data includes details about your current and previous employment roles, your expected salary, and the specific sector that you work in. Employment Data is only collected in respect of candidates.
- Technical Data includes internet protocol (IP) address, browser type and version, universally unique identifiers, time zone setting and location, browser plug-in types and versions, operation system and platform, and other technology on the devices you use to access our website.
- Usage Data includes information about how you use our website and services.
- Marketing Data includes your preference in receiving marketing from us and our third parties and your communication preferences.
- Diversity Data includes details of your gender, sexual orientation, race or ethnicity or religious or philosophical beliefs if you choose to engage with our diversity questionnaire. Diversity Data is generally only collected in respect of candidates and only where reasonably required. Our use of Diversity Data is occasional only.
Other than Diversity Data (which is collected by us only occasionally and when reasonably required) we do not collect any Special Category Personal Data about you (this includes details about your sex life, political opinions, trade union membership and genetic and biometric data). Nor do we collect any information about criminal convictions and offences, unless expressly disclosed.
How do we collect your personal data?
We only collect personal data (including information concerning your health)by lawful and fair means. We use different methods to collect data from and about you, depending on how and which of our services that you interact with. We do this through the following:
- Direct interactions. You may give us certain personal data by providing us with a copy of your CV or résumé, completing any questionnaire we provide to you or by choosing to interact with us via phone, email, our website(s) or in any other way.
- Automated technologies or interactions. As you interact with our website(s), we will automatically collect personal data relating to your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. Please see our cookies policy here. Do Not Track Notice: Because there are not yet common, industry-accepted “do not track” standards and systems, our websites do not respond to Do Not Track signals.
- Third-party or publicly available sources. We may receive and collect personal data about you from various third parties from time to time. We may collect personal data available on your LinkedIn profile. Your personal data will not be extracted from LinkedIn to our own database where your personal LinkedIn preferences are set to ‘private’ (or equivalent). We may also collect publicly available personal data about you through the use of the PitchBook platform, which we use to collect information relevant to our services.
We do not intend for the above list to be exhaustive but rather provide you with some examples of the types of third parties from which we may receive data. This list may therefore be updated from time to time.
What personal data do we collect, how do we use this and what is our lawful basis for such use?
The table below sets out the personal data we collect from you, how we use it and our lawful basis for doing so.
|Purpose/Activity||Type of Data||Lawful basis for processing including basis of legitimate interest|
|To register your interest as a prospective candidate for our candidate placement services which will include:|
· Adding you to our candidate database (this may be based on information obtained via LinkedIn or other public sources of information you provide directly to us);
· Where requested by you, contacting you throughout the registration process;
· Making you aware of any suitable up-and-coming job prospects;
· If you are a decision maker in a company, contacting you regarding investment opportunities we think may be of interest to you.
(f) Diversity (where reasonably required)
|Necessary for our legitimate interests of maximising our database of potential candidates to ensure we provide the best possible service to our clients and therefore are able to expand our business.|
In respect of Diversity Data, your explicit consent.
|Providing your profile to our clients (potential employers) once you confirm you’re happy for us to do so.|| |
(f) Diversity (where reasonably required)
|Necessary for our legitimate interests of properly servicing our clients and your legitimate interests of finding an appropriate role.|
|To manage our relationship with you which will include:|
· notifying you about changes to our terms or policies; and
· asking you to leave a review for feedback or take a survey.
|Necessary to comply with a legal obligation.|
Necessary for our legitimate interests to understand and analyse what our clients think about us and how they use our service so that we can further grow our business.
|To administer and protect our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).|
|Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise).|
Necessary to comply with a legal obligation.
|To use data analytics to improve our website, services, marketing, customer relationships and experiences.||(a) Technical|
|Necessary for our legitimate interests to define types of candidates, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.|
|To provide updates to you about open job opportunities which may suit your expertise. This may include marketing campaigns.||(a) Identity|
(c) Education Data
(d) Employment Data
Where such communications are marketing communications made by email, phone or SMS or other electronic message, with your consent.
In all other cases, necessary for our legitimate interests to engage our prospective candidates and employers so that we can develop our business.
|Where you are an employer client, to contact you about potential candidates, upcoming job vacancies and generally to provide our services to you.||(a) Identity|
(b) Contact Data
|Necessary for the performance of a contract.|
We may also use all types of personal data across the Renovata Group as necessary for the establishment, exercise and defence of legal claims.
Intended Audience of Websites; COPPA Compliance
The Children’s Online Privacy Protection Act (“COPPA”) does not apply to us because our websites are not directed to children under the age of 13. For purposes of clarity, our websites do not request or knowingly collect personal data from individuals under the age of 13. If you are not 13 or older, you should not visit or use our websites. If we learn that personally identifiable information of persons under 13 years of age has been collected on our websites without verified parental consent, then we will take appropriate steps to delete the information.
Where we store your personal data
Your personal data will be stored in one or more of our candidate databases (which are hosted by third-party service providers). We may also store your personal data in our cloud storage systems.
Sharing/disclosing your personal data
We may share your personal data with the parties below for the purposes set out in the table above. The way we share your personal data will depend on your type of engagement with the Renovata Group Entities.
- We may share your personal data internally within the Renovata Group as necessary to provide our services and because we use shared databases within the Renovata Group, this enables us to use the data we hold in the most efficient way, given the services provided by the different companies in the Renovata Group are complementary to one another.
- Externally to third parties outside of the Renovata Group such as:
- Our service providers (who will only process personal data in accordance with our instructions unless you are notified otherwise);
- Our professional advisers including, lawyers, bankers, auditors and insurers based in any of the countries that the Renovata Group operates within, provide consultancy, banking, legal and accounting services;
- Regulators (such as the ICO), government agencies, accreditation bodies and other legal or enforcement bodies based in any of the countries that the Renovata Group operates within, to the extent required by law, rule, regulation or industry practice;
- Any of our third-party researchers or consultants who we may employ from time to time for the legitimate aim of progressing our business needs; and
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Contact Preferences; Opt-In and Opt-Out
We would like to keep in touch with you in ways that you find to be beneficial. You can ask us to stop sending you marketing or job notification messages at any time by following the opt-out links on any marketing message sent to you. Keep in mind that these particular preferences do not mean that we might not contact you for other reasons, such as those related to a matter you initiated on your account, a legally required notice and so on.
Due to the structure of the Renovata Group, depending on the entity that you interact with, your personal data may be shared with other countries outside of your country of residence, as follows:
Transfers made by our third-party service providers:
When we record your personal data on our candidate database, this may involve a transfer of your personal data to another country, if the server upon which our candidate database is hosted is based in another country or countries.
If a Renovata Entity or a Renovata Affiliate Entity is processing or collecting your personal data, any personal data we log in our candidate database is hosted by our third party service provider in the United States.
If a Zeren Entity is processing or collecting your personal data, any personal data we log into our candidate database may be transferred to a country outside of the UK and EU.
In both the above cases, our third-party service providers have implemented adequate safeguards to ensure the protection of your privacy and fundamental rights and freedoms. Further information about the specific safeguards that have been implemented is available on request.
Transfers made within the Renovata Group:
Given the international nature of our business, when we share personal data within the Renovata Group, this may mean your personal data is being accessed in another country. We will only do this where your data has been stored on one of our candidate databases. This may mean that a member of the Renovata Group based in the United States has access to your personal data.
Transfers of personal data between entities based in the UK and the EEA are based on the UK and EEA adequacy decisions issued by the relevant data protection authorities.
Transfers of personal data between entities based in the UK and the EEA; and entities based in the United States are based on entry to standard clauses approved by the relevant regulators. Further details regarding the safeguards we have in place to protect your personal data when it is transferred outside of the UK or EEA are available upon request.
How do we protect your personal data?
We protect your personal data in the following ways:
- We will not request information which is excessive for our purposes.
- We try, with your assistance, to keep any information we hold about you up to date and accurate.
- We delete any information we hold about you that is no longer relevant in accordance with our retention policy.
- We anonymise information where we do not require personally identifiable information for the purposes for which it is used.
- Where reasonably possible, we store any Diversity Data we collect in a pseudonymised form (which means, by way of example, that data relating to your ethnicity is recorded in a coded way which is not accessible by third parties without access to further information that is not readily available to them). We do not collect Diversity Data unless reasonably necessary.
- We follow strict security procedures in the storage and disclosure of information that you have given to us to prevent unauthorised access.
- We have appropriate written agreements in place with those advertisers with which we may share any application form submitted by you.
- We have in place technical and organisational security measures to ensure the protection of your personal data, these include:
- Annual employee training which includes, data protection and cyber security training
- Being certified under the NCSC Cyber Essentials Self-Certification scheme; and
- Use of Microsoft Intune which provides (amongst other technical security protections) two-factor authentication, encryption of data, private and secure VPN systems and malware detection systems.
If you would like further information on the technical and security measures that we implement to protect your personal data, please contact our Data Protection Officer at: email@example.com
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Retention of personal data
We will retain the personal data provided to us in connection with the engagement of our services for the following periods:
- If you have engaged with our candidate placement or talent solutions services and have uploaded or provided a copy of your CV/Resume, the information contained therein, together with any other personal data we have collected about you (as set out above) will be stored on our relevant case management system for no longer than is necessary to pursue our legitimate interests (as set out above). In any event, your data will be deleted no more than 10 years following your last contact with us.
- If your personal data is obtained from your LinkedIn account, we will store the relevant data for no longer than is necessary to pursue our legitimate interest (as set out above) and in any event, it will be deleted no more than 10 years following its initial collection.
- If you are a client of the Renovata Group, we will hold your personal data for at least six years following the termination or expiry of our contract with you or your business/employer (as applicable).
- We retain Technical Data and Usage Data for up to 12 months following collection.
You have various rights in respect of your personal data
You have various rights in respect of your personal data, as follows:
- a right of access to a copy of the personal data we hold about you;
- a right to object to processing that is likely to cause or is causing damage or distress to you;
- the right to object to our processing of your personal data for direct marketing purposes;
- a right to object to decisions being taken by solely automated means;
- a right in certain circumstances to have information transferred to you or a third party;
- a right in certain circumstances for the personal data we hold about you to be erased; and
- a right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed.
If you wish to exercise any of these rights, please contact us by writing to us at Renovata and Company, 41-44 Great Queen Square, London, United Kingdom WC2B 5AD or by email at firstname.lastname@example.org. Alternatively, you can call us on 020 7440 4000.
Your right to make a complaint in respect of our use of your personal data
You have the right to complain in respect of our use of your personal data. If you are a UK resident, your complaint would normally be addressed to the Information Commissioner’s Office (‘ICO’). Please contact us before you escalate your complaint.
You can contact us in respect of your personal data
- If you are based in the UK: Renovata Partners Limited, 41-44 Great Queen Square, London, United Kingdom WC2B 5AD or by email to email@example.com.
- If you are based outside of the UK: Renovata Partners GmBH, c/o Linn Goppold Treuhand GmbH
Leopoldstr. 175, 80804 München, Germany or by email to firstname.lastname@example.org.
UK and EU representatives
If you are a UK resident but wish to contact a member of the Renovata Group that is not established in the UK, please address your question to our UK data protection representative, Renovata Partners Limited, using the details above.
If you are an EU resident but wish to contact a member of the Renovata Group that is not established in the EU, please address your question to our EU data protection representative, Renovata Partners GmBH using the details above.