Opticore IT are committed to protecting the privacy and safeguarding of the data we collect.  This privacy notice tells you what to expect when we collect personal information about you, whether through our website, as a current or prospective client, or as an individual applying for a role with us, either directly, through a referral, via a job board (e.g. LinkedIn) or via a third-party recruitment company.

We process data that you provide to us directly when you use the Contact Us page on our website.  This data is processed under our Legitimate Interests (Article 6(1)(f) of the UK GDPR) and is used to facilitate your enquiry.  The data is stored on our cloud-based document storage platform, and we retain this data for 3 years.

Data Types: Name, email address, company name, phone number and a free text field (please do not include personal data in this field)

We process data that you provide to us directly either when you use the Subscribe page on our website or you opt into our newsletter.  This data is processed with your Consent (Article 6(1)(a) of the UK GDPR) which you are prompted for when you subscribe, and is used to provide you news about Opticore IT.  The data is stored on our cloud-based document storage platform and our cloud-based mail list management mailing platform, and we retain this data for 3 years.

Data Types: Name, email address and company name

Most of the data that we process is provided to us directly by you when you apply for either a permanent or contract a role with us.  We also receive some personal information indirectly, from third-party recruitment companies when you apply for a role with us through them.

This data is processed under our Legitimate Interests (Article 6(1)(f) of the UK GDPR) to determine suitability for the role you applied for, or for other potential roles with us, and in the performance of a Contract (Article 6(1)(b) of the UK GDPR) or with a view to entering into one.  The data may be shared with our clients to determine suitability for a role.  The data is stored in our Applicant Tracking System, and in our cloud-based document storage platform.  We retain this data for 24 months.

Data Types: name, address, contact telephone numbers (landline and mobile), personal email addresses, education history, employment history, qualifications, and salary information

We process the basic business contact information for past, existing and prospective clients, which may initially be collected via emails, meetings (face-to-face, video conference or telephone), verbally or business cards.

This data is processed under our Legitimate Interests (Article 6(1)(f) of the UK GDPR) or fulfilling our requirements when entering into or in the performance of a Contract (Article 6(1)(b) of the UK GDPR) with a client.  The data is stored in our cloud-based email and document storage platforms.  We retain this data for 3 years.

Data Types: Name, email addresses, company name, address, phone numbers, signatures, business contact details, email conversations

We process basic contact information while fulfilling our accounting requirements, ranging from invoices, account details, timesheet approvals, statement of works, terms and conditions and bank details.

This data is processed primarily to enable us to perform our side of the Contract (Article 6(1)(b) of the UK GDPR) with our client and meet our Legal Obligations (Article 6(1)(c) of the UK GDPR) for financial reporting.  We use an internal solution to process this data and use a separate cloud-based document storage platform and store this data for 7 years.

Data Types: Name, email addresses, company name, address, phone numbers, business contact details, email conversations

Business Management Platform: Our business management platform is hosted by an industry-leading cloud provider and utilises encryption of data both in transit and at rest.  In addition to this, role-based access control and frequent access reviews ensure only those staff requiring access to personal data have access to it.

Document Management & Email Platforms: We utilise an industry-leading cloud services provider to deliver these services.  All data held at rest is encrypted as is all data sent between internal email recipients.  Personal data sent in emails to external recipients is encrypted manually.  Data in our Document Management & Email Platforms is further protected using tools such as multi-factor authentication, anti-malware and anti-phishing filters.  In addition to these controls, role-based access control and frequent access reviews ensure only those staff requiring access to personal data have access to it.

As an individual you have certain rights regarding our processing of your personal data, including

• The right of access – You have the right to ask us for copies of your personal information.
• The right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
• The right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
• The right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
• The right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
• The right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
• The right not to be subject to automated decision making – whilst you have this right, we do not conduct automated decision making.
• The right to lodge a complaint– You have the right to lodge a complaint with the Information Commissioner (ICO) as the relevant supervisory authority

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Email: casework@ico.org.uk

Telephone: 0303 123 1113

You are not required to pay any charge for exercising your rights. If you make a request to us, we have one month to respond to you.

If you wish to make a request, please contact us at dataprotection@opticoreit.com or write to us at

Data Protection
Opticore IT
St. Magnus House
3 Lower Thames Street
London EC3R 6HD

We do not make decisions based solely on automated processing, including profiling, during any of our processes.

We don’t routinely transfer staff personal data overseas but when this is necessary, we ensure that we have appropriate safeguards in place.

Any changes we make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice.

Address: St Magnus House, 3 Lower Thames Street, London, EC3R 6HD

Email: dataprotection@opticoreit.com