Privacy Policy

JSS Search Limited (“we”, “us”, “our”) is committed to protecting the privacy and security of personal data.

This Privacy Policy explains how we collect, use, store and share personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

JSS Search Limited is a recruitment and search consultancy operating in the United Kingdom.

Data Controller: JSS Search Limited

Registered address: 3 More London – Riverside, London, SE1 2RE

Email: nichola.peagam@jss-search.com

We do not currently have a statutory requirement to appoint a Data Protection Officer. Responsibility for data protection compliance sits with senior management.

Personal data we may collect includes:

Candidates and contractors

• Name, address, email address, telephone number
• Date of birth and right-to-work information
• Curriculum vitae, employment history, education, qualifications and skills
• Compensation details and role preferences
• Interview notes and assessment information
• References and background check results (where applicable)
• Identification documents (where legally required)
• Limited special category data (for example, diversity monitoring or reasonable adjustments),
  where permitted by law

Clients and business contacts

• Name, job title, employer
• Business contact details
• Contractual and billing information

Website users

• Technical data such as IP address, browser type and usage information (via cookies)

How we collect personal data

• Directly from you (for example, via CV submission, email, phone, website forms)
• From third parties such as referees, background screening providers, former employers
  or publicly available sources (e.g. LinkedIn)
• From clients where you are engaged through a third-party assignment

Lawful bases for processing

• Legitimate interests – to provide recruitment services, match candidates with opportunities,
  manage client relationships and grow our business
• Contract – where processing is necessary to perform or enter into a contract with you
• Legal obligation – to comply with employment, immigration, tax or regulatory requirements
• Consent – where required, for example for certain marketing communications or special category data

Where we rely on legitimate interests, we have balanced our interests against your rights and freedoms.

How we use your personal data

• Provide recruitment and executive search services
• Assess suitability for roles and assignments
• Introduce candidates to prospective employers or clients
• Manage recruitment processes and contractual relationships
• Carry out pre-employment, reference and background checks (where appropriate)
• Communicate with you about opportunities, services and business matters
• Comply with legal and regulatory obligations
• Improve our services and internal processes

Sharing your personal data

We may share personal data with:

• Clients and prospective employers (with your knowledge and/or consent)
• Service providers such as IT systems, CRM platforms, payroll or background screening providers
• Professional advisers (legal, financial, compliance)
• Regulatory bodies, courts or law enforcement, where required by law

We do not sell personal data.

International data transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place,
such as adequacy regulations or approved standard contractual clauses.

Data security

We have implemented appropriate technical and organisational measures to protect personal data
against unauthorised access, loss, misuse or disclosure.

Data retention

We retain personal data only for as long as necessary:

• Candidate data: typically up to 12 months after last meaningful contact,
  unless you ask us to retain it longer or there is a legal reason to do so
• Client and business contact data: for the duration of the relationship and
  thereafter in line with legal and accounting requirements
• Employee and contractor data: in accordance with employment and tax legislation

Data may be retained longer where required to establish, exercise or defend legal claims.

Your data protection rights

• Access your personal data
• Rectify inaccurate or incomplete data
• Request erasure of your data
• Restrict processing
• Object to processing (including direct marketing)
• Data portability (in certain circumstances)
• Withdraw consent at any time, where consent is relied upon

Requests can be made using the contact details above. We will respond within one month.

Complaints

If you have concerns about how we use your personal data, please contact us first.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

We may update this Privacy Policy from time to time. The latest version will always be available
on our website.

Last updated: January 2026