Hutton Consulting Services Limited

Hutton Consulting Services Limited (Hutton, Us, We) is a leading provider of executive search. Protection of your privacy is important to us and we are committed to protecting your personal data. 

This Privacy Policy outlines how we collect, store and process your personal data and relates to any individual receiving this policy which is not a current member of staff at Hutton. This includes third party suppliers to Hutton, clients, candidates, previous candidates and users of our website. 

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by [the General Data Protection Regulation 2016/679 (the “GDPR”)[1]]. It does not include anonymised data. 

Who are we? 

Hutton Consulting Services Limited is, in most cases, the controller of personal data processed as laid out in this Privacy Policy and in accordance with the GDPR. This means we decide how your personal data is processed and for what purposes. We will use your personal data to enable us to provide you with professional advice and services as a recruitment company; both that which you request and that which we think may be of interest to you. 

How do we collect your personal data?

Hutton Consulting Services Limited will collect personal data through you directly, third party referrals, recommendations or references. This may include information received by a variety of mediums including email, text, phone conversations, face-to-face conversations, through our website or within your CV. The personal data collected, stored and processed by us on you will vary depending on our relationship but may include: 

  • Personal contact details and demographic information (name, title, email addresses, postcode)
  • Past and present workplace and education details
  • Personal details (date of birth, marital status, gender)
  • Information on you which is in the public domain (LinkedIn etc)
  • Information about your visits to our website (Cookies)

How do we process your personal data?

Hutton Consulting Services Limited complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure, by ensuring that appropriate technical measures are in place to protect personal data and by using personal data in a way that people would reasonably expect. 

We are following the basis of Legitimate Interest to use your personal data for the following purposes: 

  • To keep data about Candidates who have contacted us in the past or who we have identified as possible Candidates on our Database up to date. This data is only accessible by current employees of Hutton and third parties who require access to your personal data in order to do their job, and is password protected
  • To share with prospective employers, including our Clients and Prospective Clients who main retain such data for future recruitment purposes, with your permission, for roles relevant to your experience
  • To inform you about roles or events relevant to your experience
  • To ask you for references and professional opinions
  • To share with external vetting agencies, such as those who check criminal records or credit checks, with your permission
  • To share with professional external consultants, such as those required for pre-employment screening services
  • To allow us to accurately map the marketplace in which we specialise.  
  • To improve our products and services
  • To customise our website according to your interests

What are we doing to ensure the security of your personal data? 

We have effective endpoint, network and email protection that filters out spam, malware and dangerous file types.

We have implemented an Internal Data Protection Policy which guides employees on how to keep personal data secure and we have trained employees to be suspicious of emails, especially those that contain attachments, and to report any unusual emails or attachment behaviour to our IT team.

Where appropriate, we look to use measures such as pseudonymisation and encryption.

Sharing your personal data

Your personal data will be treated as strictly confidential and will be shared only with third parties following your permission, or when required by law. Third parties may include payment providers, IT service providers and auditors. 

We do not share your data with third-parties for marketing purposes. 

How long do we keep your personal data?

We will keep your personal data for no longer than reasonably necessary for the purposes for which the personal data is processed, including any legal requirements. When deciding on its retention period, we’ll take into account the type and nature of the personal data, alongside the purpose for which it was collected.  We will regularly review our data retention policy. 

Your rights and your personal data  

Unless subject to an exemption [under the GDPR], you have the following rights with respect to your personal data: –

  • The right to request a copy of your personal data which Hutton Consulting Services Limited holds about you; 
  • The right to request that the Hutton Consulting Services Limited corrects any personal data if it is found to be inaccurate or out of date;  
  • The right to request your personal data is erased where it is no longer necessary for Hutton Consulting Services Limited retain such data;
  • The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable)
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data, (where applicable)
  • The right to lodge a complaint with the Information Commissioners Office.

Transfer of Data Abroad

It may be necessary for us to send information on you to Clients outside of the European Union. Where this is needed, we will make transfers in full compliance of the Data Protection Act and GDPR ensuring that any third parties treat your personal data in conjunction with European data protection laws. 

Website use

Hutton Consulting Services Limited is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

How we use cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. By continuing to use this site you agree to a file being added. This site uses cookies to anonymously analyse web traffic and to allow users to log into the member areas.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to visitors needs. We only use this information for statistical analysis.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Contact Details

To exercise all relevant rights, queries or complaints please contact the Data Protection Officer at: Hutton Consulting Services Limited

Mortimer House,
37-41 Mortimer Street,
London, W1T 3JH

dpo@huttonconsulting.com

The Privacy Policy was last updated on 04/01/2024

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.

Hutton Consulting Services Limited is registered with the Information Commissioners Office under registration reference: Z8828733


[1] At the time of going to press the new Data Protection Bill, which incorporates the GDPR into national law, has started its journey through parliament.  The final form of this legislation is not yet known, we have therefore referred to the GDPR as the relevant legislation.