Hutton Consulting Services Limited (Hutton, Us, We) is a leading provider of executive search. Protection of your privacy is important to us and we are committed to protecting your personal data.
Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by [the General Data Protection Regulation 2016/679 (the “GDPR”)]. It does not include anonymised data.
Who are we?
How do we collect your personal data?
Hutton Consulting Services Limited will collect personal data through you directly, third party referrals, recommendations or references. This may include information received by a variety of mediums including email, text, phone conversations, face-to-face conversations, through our website or within your CV. The personal data collected, stored and processed by us on you will vary depending on our relationship but may include:
Personal contact details and demographic information (name, title, email addresses, postcode)
Past and present workplace and education details
Personal details (date of birth, marital status, gender)
Information on you which is in the public domain (LinkedIn etc)
Information about your visits to our website (Cookies)
How do we process your personal data?
Hutton Consulting Services Limited complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure, by ensuring that appropriate technical measures are in place to protect personal data and by using personal data in a way that people would reasonably expect.
We are following the basis of Legitimate Interest to use your personal data for the following purposes:
- To keep data about Candidates who have contacted us in the past or who we have identified as possible Candidates on our Database up to date. This data is only accessible by current employees of Hutton and third parties who require access to your personal data in order to do their job, and is password protected
- To share with prospective employers, including our Clients and Prospective Clients who main retain such data for future recruitment purposes, with your permission, for roles relevant to your experience
- To inform you about roles or events relevant to your experience
- To ask you for references and professional opinions
- To share with external vetting agencies, such as those who check criminal records or credit checks, with your permission
- To share with professional external consultants, such as those required for pre-employment screening services
- To allow us to accurately map the marketplace in which we specialise.
- To improve our products and services
- To customise our website according to your interests
What are we doing to ensure the security of your personal data?
We have effective endpoint, network and email protection that filters out spam, malware and dangerous file types.
We have implemented an Internal Data Protection Policy which guides employees on how to keep personal data secure and we have trained employees to be suspicious of emails, especially those that contain attachments, and to report any unusual emails or attachment behaviour to our IT team.
Where appropriate, we look to use measures such as pseudonymisation and encryption.
Sharing your personal data
Your personal data will be treated as strictly confidential and will be shared only with third parties following your permission, or when required by law. Third parties may include payment providers, IT service providers and auditors.
We do not share your data with third-parties for marketing purposes.
How long do we keep your personal data?
We will keep your personal data for no longer than reasonably necessary for the purposes for which the personal data is processed, including any legal requirements. When deciding on its retention period, we’ll take into account the type and nature of the personal data, alongside the purpose for which it was collected. We will regularly review our data retention policy.
Your rights and your personal data
Unless subject to an exemption [under the GDPR], you have the following rights with respect to your personal data: -
- The right to request a copy of your personal data which Hutton Consulting Services Limited holds about you;
- The right to request that the Hutton Consulting Services Limited corrects any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for Hutton Consulting Services Limited retain such data;
- The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable)
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data, (where applicable)
- The right to lodge a complaint with the Information Commissioners Office.
Transfer of Data Abroad
It may be necessary for us to send information on you to Clients outside of the European Union. Where this is needed, we will make transfers in full compliance of the Data Protection Act and GDPR ensuring that any third parties treat your personal data in conjunction with European data protection laws.
Hutton Consulting Services Limited is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies that we use
(a) to help us to analyse the use and performance of our website and services (cookies used for this purpose are: Google Analytics and
Cookies used by our service providers
You can manage cookie preferences here.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on our website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
To exercise all relevant rights, queries or complaints please contact the Data Protection Officer at:
Hutton Consulting Services Limited
33 Queen Street
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
Hutton Consulting Services Limited is registered with the Information Commissioners Office under registration reference: Z8828733
 At the time of going to press the new Data Protection Bill, which incorporates the GDPR into national law, has started its journey through parliament. The final form of this legislation is not yet known, we have therefore referred to the GDPR as the relevant legislation.