Operational Resilience
Occupational Health Services
Contact us
Security guard

Privacy Policy

Protecting & respecting your privacy

The Anvil Group (International) Ltd (“We”) are committed to protecting and respecting your privacy.
This policy (together with our terms of use http://www.anvilgroup.com/privacy-policy/ and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting http://www.anvilgroup.com/privacy-policy/ you are accepting and consenting to the practices described in this policy.

For the purpose of the Data Protection Act 2018 (the Act), General Data Protection Regulation (GDPR) the data controller is The Anvil Group (International) Ltd of Vicarage House, 58-60 Kensington Church Street, London W8 4DB.

Information we collect from you:

We will collect and process the following data about you:

Information you give us.

This is information about you that you give us by filling in forms on our site anvilgroup.com (our site) or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our site, subscribe to our service, login to one of our products, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey, and when you report a problem with our site. The information you voluntarily give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph, travel details and passport.

Information we collect about you.

With regard to each of your visits to our site we will automatically collect the following information:

  • technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for’ page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.

Information we receive from other sources.

This is information we receive about you if you use any of the other websites we operate or the other services we provide. [In this case we will have informed you when we collected that data if we intend to share those data internally and combine it with data collected on this site. We will also have told you for what purpose we will share and combine your data]. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

  • Subscribers of our Riskmatics® technology solution will also automatically supply, full name, email address and travel details.

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

Uses made of the information

We use information held about you in the following ways:

Information you give to us.

We will use this information:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
  • to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
  • to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the [order form OR registration form]);
  • to notify you about changes to our service;
  • to ensure that content from our site is presented in the most effective manner for you and for your computer.

Information we collect about you.

We will use this information:

  • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep our site safe and secure;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
  • to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.

Information we receive from other sources.

We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Disclosure of your information

You agree that we have the right to share your personal information with:

  • Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
  • Selected third parties including:
    • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
    • analytics and search engine providers that assist us in the improvement and optimisation of our site;
    • credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
  • We will disclose your personal information to third parties:
  • In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
  • If The Anvil Group (International) Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use http://www.anvilgroup.com/privacy-policy/and other agreements; or to protect the rights, property, or safety of The Anvil Group (International) Ltd, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.]

Where we will store your personal data

The data that we collect from you will be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It will also be processed by staff operating outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. The Anvil Group (International) Ltd will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at enquiries@anvilgroup.com.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to information

Reviewing, Correcting and Removing Your Personal Information

You have the following data protection rights:

  • You can request access, correction, updates or deletion of your personal information.
  • You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
  • If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your personal information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the US and Canada) are available here.)

To exercise any of these rights, please contact us at enquiries@anvilgroup.com or by mail to The Anvil Group (International) Ltd, Vicarage House, 58-60 Kensington Church Street, London, W8 4DB, United Kingdom. Attention: Privacy. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.

To Unsubscribe From Our Communications

You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, updating your communication preferences, or by sending us email us at enquiries@anvilgroup.com or by mail to The Anvil Group (International) Ltd, Vicarage House, 58-60 Kensington Church Street, London, W8 4DB, United Kingdom. Attention: Privacy. Customers cannot opt out of receiving transactional emails related to their account with us or the Riskmatics® Subscription Service.

Changes to our Privacy Policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be emailed to enquiries@anvilgroup.com or mailed to The Anvil Group (International) Ltd, Vicarage House, 58-60 Kensington Church Street, London, W8 4DB, United Kingdom. Attention: Privacy.

 

Privacy Shield Policy

This Privacy Shield Policy (“Policy”) describes how The Anvil Group (International) Ltd and its subsidiaries and affiliates in the United States (“US”) (“Company,” “we,” or “us”) collect, use, and disclose certain personally identifiable information that we receive in the US from the European Union (“EU Personal Data”). This Policy applies to the following US affiliated entities: The Anvil Group, LLC. This Policy supplements our Website Privacy Policy located at http://www.anvilgroup.com/privacy-policy/, and unless specifically defined in this Policy, the terms in this Policy have the same meaning as the Website Privacy Policy.

The Anvil Group (International) Ltd recognizes that the EU has established strict protections regarding the handling of EU Personal Data, including requirements to provide adequate protection for EU Personal Data transferred outside of the EU. To provide adequate protection for certain EU Personal Data about [consumers/corporate customers/clients/suppliers/business partners/job applicants/employees] received in the US, The Anvil Group (International) Ltd has elected to self-certify to the EU-US Privacy Shield Framework administered by the US Department of Commerce (“Privacy Shield”). The Anvil Group (International) Ltd adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability.

For purposes of enforcing compliance with the Privacy Shield, The Anvil Group (International) Ltd is subject to the investigatory and enforcement authority of the [US Federal Trade Commission. For more information about the Privacy Shield, see the US Department of Commerce’s Privacy Shield website located at: https://www.privacyshield.gov. To review The Anvil Group (International) Ltd’s representation on the Privacy Shield list, see the US Department of Commerce’s Privacy Shield self-certification list located at: https://www.privacyshield.gov/list.

In compliance with the Privacy Shield Principles, The Anvil Group (International) Ltd/The Anvil Group, LLC commits to resolve complaints about our collection or use of your personal information.  EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact The Anvil Group (International) Ltd/The Anvil Group, LLC at: enquiries@anvilgroup.com

The Anvil Group (International) Ltd/The Anvil Group, LLC has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU.

Personal data collection and use

Our Website Privacy Policy described above and located at http://www.anvilgroup.com/privacy-policy/ describes the categories of EU Personal Data that we may receive in the US as well as the purposes for which we use that EU Personal Data/We may receive the following categories of EU Personal Data in the US: as data comprising of name, email address, passport and phone number. We process EU Personal Data for the following purposes: traveller tracking and security. The Anvil Group (International) Ltd will only process EU Personal Data in ways that are compatible with the purpose that The Anvil Group (International) Ltd collected it for, or for purposes the individual later authorizes. Before we use your EU Personal Data for a purpose that is materially different than the purpose we collected it for or that you later authorized, we will provide you with the opportunity to opt out. The Anvil Group (International) Ltd maintains reasonable procedures to help ensure that EU Personal Data is reliable for its intended use, accurate, complete, and current.

When we collect sensitive EU Personal Data, we will obtain your opt-in consent where the Privacy Shield requires, including if we disclose your sensitive EU Personal Data to third parties, or before we use your sensitive EU Personal Data for a different purpose than we collected it for or than you later authorized. Unless such data is received via Passenger Named Recorded (PNR) which is governed by the agreement made between the EU and the USA (to legitimise and regulate the transfer of PNR from EU Airlines to the US Department of Homeland Security) is regarded as providing adequate protection for the rights of the data subjects whose personal data (in the form of PNR) is transferred. Arrangements also exist between the European Commission, Canada and Australia.

Data transfers to third parties

Third-Party Agents or Service Providers

We may transfer EU Personal Data to our third-party agents or service providers who perform functions on our behalf [as described in our Website Privacy Policy/including: message processing such as emails and text messaging SMS. Where required by the Privacy Shield, we enter into written agreements with those third-party agents and service providers requiring them to provide the same level of protection the Privacy Shield requires and limiting their use of the data to the specified services provided on our behalf. We take reasonable and appropriate steps to ensure that third-party agents and service providers process EU Personal Data in accordance with our Privacy Shield obligations and to stop and remediate any unauthorized processing. Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers who perform services on our behalf for their handling of EU Personal Data that we transfer to them.

Third-Party Data Controllers

In some cases we may transfer EU Personal Data to unaffiliated third-party data controllers. These third parties do not act as agents or service providers and are not performing functions on our behalf. We may transfer your EU Personal Data to third-party data controllers for the purposes described in our Website Privacy Policy. We will only provide your EU Personal Data to third-party data controllers where you have not opted-out of such disclosures, or in the case of sensitive EU Personal Data, where you have opted-in if the Privacy Shield requires consent. We enter into written contracts with any unaffiliated third-party data controllers requiring them to provide the same level of protection for EU Personal Data the Privacy Shield requires. We also limit their use of your EU Personal Data so that it is consistent with any consent you have provided and with the notices you have received.] [If we transfer your EU Personal Data to one of our affiliated entities within our corporate group, we will take steps to ensure that your EU Personal Data is protected with the same level of protection the Privacy Shield requires.]

Disclosures for National Security or Law Enforcement

Under certain circumstances, we may be required to disclose your EU Personal Data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

Security

The Anvil Group (International) Ltd maintains reasonable and appropriate security measures to protect EU Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the Privacy Shield.

Access Rights

You may have the right to access the EU Personal Data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access. If you would like to request access to, correction, amendment, or deletion of your EU Personal Data, you can submit a written request to the contact information provided below. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information.

Questions or Complaints

You can direct any questions or complaints about the use or disclosure of your EU Personal Data to us at The Anvil Group Limited with any questions or concerns. We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your EU Personal Data within 45 days of receiving your complaint. For any unresolved complaints, we have agreed to cooperate with the EU data protection authorities. If you are unsatisfied with the resolution of your complaint, you may contact the EU data protection authorities for further information and assistance.

Binding Arbitration

You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your compliant directly with The Anvil Group (International) Ltd and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you. For more information on binding arbitration, see US Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration).

Contact Us

If you have any questions about this Policy or would like to request access to your EU Personal Data, please contact us as follows: The Anvil Group (International) Ltd, Vicarage House, 59-60 Kensington Church Street, London W8 4DB.

Changes To This Policy

We reserve the right to amend this Policy from time to time consistent with the Privacy Shield’s requirements.
Effective Date: 5 December 2016
Last modified: 19 February 2021

 

Mobile Applications Privacy Policy

Scope of policy

This policy set out terms of use incorporated together and applies to your use of:
Anvil mobile application software, including TripHub and SOS and Locate (App) are available on our sites OR hosted on iTunes, Google Play Store (App Site), once you have downloaded a copy of the App onto your mobile telephone or handheld device.

Any of the services accessible through the App (Services) that are available on the App Site or other Sites of ours (Services Sites), unless the licence states that a separate privacy policy applies to a particular Service, in which case that privacy policy only applies.

This policy sets out the basis on which any personal data We collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how We will treat it.

For the purpose of the Data Protection Act 1998, the data controller is the organisation who holds the agreement with The Anvil Group International Ltd.

Information we may collect from you

We may collect and process the following data about you:

Information you give us:

You may give us information about you by filling in forms on the App Site and the Services Sites (together Our Sites), or by corresponding with us (for example, by e-mail or chat). This includes information you provide when you register to use the App Site, download or register an App, subscribe to any of our Services, search for an App or Service, which will provide you with travel related information and when you report a problem with an App, our Services, or any of our Sites. The information you give us may include your name, e-mail address and phone number, the Device’s phone number, username and other registration information.

Information we collect about you and your device:

Each time you visit one of our Sites or use one of our Apps We may automatically collect the following information: technical information, including the type of mobile device you use, a unique device identifier (for example, your Device’s ID number, the MAC address of the Device’s wireless network interface, or the mobile phone number used by the Device), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting; information stored on your Device, including contact information, check ins, SOS and location information from GPS devices;

details of your use of any of our Apps or your visits to any of Our Sites including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access Log Information).

Location information:

We will also use GPS technology and triangulation to determine your current location. Some of our location-enabled Services require your personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by switching off the appropriate services. If you contact us, We may keep a record of that correspondence.

Unique application numbers:

When you install or uninstall a Service containing a unique application number or when such a Service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.

 

Cookies

We use cookies to distinguish you from other users of the App, App Site, Appstore or Service Site. This helps us to provide you with a good experience when you use the App or browse any of the Sites and also allows us to improve the App and Our Sites. For detailed information on the cookies We use and the purposes for which We use them, see our cookie policy above.

Uses made of the information

We use information held about you in the following ways:

Submitted Information: Data is held in an encrypted format on the device and is transmitted using a secure connection to an encrypted database.

Device information: To provide a method of authentication and tracking of devices.

Location information: Tracking the location of individuals so that they can be assisted in the event of an emergency.

We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.

We do not disclose information about identifiable individuals, but We may provide anonymous aggregate information about our users.

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.

We may disclose your personal information to third parties:

  • In the event that We sell or buy any business or assets, in which case We may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If The Anvil Group International Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If We are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
  • In order to:
  • enforce or apply the End User License Agreement EULA, Our Terms of Use and conditions of supply and other agreements or to investigate potential breaches; or
  • protect the rights, property or safety of The Anvil Group International Ltd our customers, or others.

Where we store your personal data

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers and will be encrypted using Secured Sockets Layer technology where We have given you (or where you have chosen) a password that enables you to access certain parts of Our Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your personal data, We cannot guarantee the security of your data transmitted to Our Sites; any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.

We may collect and store personal data on your Device using application data caches and browser web storage (including HTML 5) and other technology.

Your rights

Access to information

The Data Protection Act 1998 gives you the right to access information held about you. Your right of access can be exercised in accordance with that Act. Any access request may be subject to a fee to meet our costs in providing you with details of the information We hold about you.

Changes to Privacy Policy

Any changes We may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by SMS OR by e-mail OR when you next start the App or log onto one of the Services Sites. The new terms may be displayed on-screen and you may require to read and accept them to continue your use of the App or the Services.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to enquiries@anvilgroup.com.

 

Terms of supply specific to USA consumers

Anvil offers various text message programs to their subscribers which are delivered via the short code 50561 for US numbers. This data is for personal safety and information alerting purposes. In the main the subscribers will be corporates who elect that their employees receive Anvil data via SMS.

Recipients of SMS information should raise any queries with their employers if the SMS information is unwarranted.

Anvil is committed to building user trust and confidence by promoting and complying with the use of business practices that help protect the privacy of the customer and their data. For more information you can view a copy of our privacy policy online: http://www.anvilgroup.com/privacy-policy/

Charges may apply through your mobile carrier, you approve any such charges from your mobile carrier. Charges for text messages may appear on your mobile phone bill or be deducted from your prepaid balance. Concerns should be raised through your employer for any such charges. If your employer is not a client of Anvil’s or you are not employed, please email customerservice@anvilgroup.com and we will ensure your number is removed from our systems.

United States Participating Carriers Include

ACS/Alaska, Alltel, AT&T, Bluegrass Cellular, Boost, Cellcom, Cellone Nation, Cellular One of East Central Illinois, Cellular South, Centennial, Chariton Valley Cellular, Cox Communications, Cricket, EKN/Appalachian Wireless, Element Mobile, GCI, Golden State Cellular, Illinois Valley Cellular, Immix/Keystone Wireless, Inland Cellular, iWireless, MetroPCS®, Nex-Tech Wireless, nTelos, Plateau Wireless, South Canaan, Sprint, T-Mobile®, Thumb Cellular, United Wireless, US Cellular®, Verizon Wireless, Viaero Wireless, Virgin, WCC Additional carriers may be added. T-Mobile® is not liable for delayed or undelivered messages.

 

Candidate Privacy Notice

Data controller: The Anvil Group (International) Ltd of Vicarage House, 58-60 Kensington Church Street, London W8 4DB. (‘the Employer’)

As part of any recruitment process, the Employer collects and processes personal data relating to job applicants. The Employer is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

What information does the Employer collect?

The Employer collects a range of information about you. This includes:

  • your name, address and contact details, including email address and telephone number;
  • details of your qualifications, skills, experience and employment history;
  • information about your current level of remuneration, including benefit entitlements;
  • whether or not you have a disability for which the Employer needs to make reasonable adjustments during the recruitment process; and
  • information about your entitlement to work in the UK.

The Employer may collect this information in a variety of ways. For example, data might be contained in application forms, CVs or resumes, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment, including online tests.

The Employer may also collect personal data about you from third parties, such as references supplied by former employers The Employer will seek information from third parties only once a job offer to you has been made and will inform you that it is doing so.  Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).

Why does the Employer process personal data?

The Employer needs to process data to take steps at your request prior to entering into a contract with you. It may also need to process your data to enter into a contract with you.

In some cases, the Employer needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant’s eligibility to work in the UK before employment starts.

The Employer has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the Employer to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. The Employer may also need to process data from job applicants to respond to and defend against legal claims.

The Employer may process special categories of data, such as information about ethnic origin, sexual orientation or religion or belief, to monitor recruitment statistics. It may also collect information about whether or not applicants are disabled to make reasonable adjustments for candidates who have a disability. The Employer processes such information to carry out its obligations and exercise specific rights in relation to employment.

In line with GDPR requirements, we will no longer retain the CVs of unsuccessful candidates. Therefore, should you see a similar position advertised by Anvil in the future, we encourage you to apply again with an updated CV.

Who has access to data?

Your information may be shared internally for the purposes of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.  The Employer will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. The Employer will then share your data with former employers to obtain references for you. The Employer will not transfer your data outside of the EU without your specific consent to do so.

How does the Employer protect data?

The Employer takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties. 

For how long does the Employer keep data?

The Employer will only keep your data for as long as they need it for, which, in relation to unsuccessful candidates, is six months to a year. If your application is not successful and they have not sought consent or you have not provided consent upon their request to keep your data for the purpose of future suitable job vacancies, the Employer will keep your data for six months once the recruitment exercise ends.

If the Employer has sought your consent to keep your data on file for future job vacancies, and you have provided consent, they will keep your data for nine months once the recruitment exercise ends. At the end of this period, we will delete or destroy your data, unless you have already withdrawn your consent to our processing of your data in which case it will be deleted or destroyed upon your withdrawal of consent.

Where you have provided consent to the Employer’s use of your data, you also have the right to withdraw that consent at any time. This means that they will stop processing your data and there will be no consequences of withdrawing consent. If your application is successful, your data will be kept and transferred to the systems the Employer administers for employees. You will then be provided with a separate privacy notice for employees.

Your rights

As a data subject, you have a number of rights. You can:

  • access and obtain a copy of your data on request;
  • require the Employer to change incorrect or incomplete data;
  • require the Employer to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
  • object to the processing of your data where the Employer is relying on its legitimate interests as the legal ground for processing.

If you would like to exercise any of these rights, please contact the HR Department via email. (HRChristchurch@anvilgroup.com)

If you believe that the Employer has not complied with your data protection rights, you can complain to the Information Commissioner.

What if you do not provide personal data?

You are under no statutory or contractual obligation to provide data to the Employer during the recruitment process. However, if you do not provide the information, the Employer may not be able to process your application properly or at all. 

Automated decision-making

Recruitment processes are not based solely on automated decision-making.

By continuing to browse this website you agree to the use of cookies under the terms of our privacy policy.

Thanks

We'll add you to our mailing list for situation reports, special reports and other news and events. You can unsubscribe at any time.

Let Anvil keep you informed

Get FREE situation updates and special reports from our risk analysts by subscribing to our mailing list.

By joining our mailing list, you consent to receiving emails from Anvil Group. Marketing emails include global situation updates, special alerts and reports, invitations to attend events and product promotions.

You can unsubscribe from emails at any time. See our privacy policy.