Trojan and GDPR

Trojan Management Search takes your data and your privacy seriously.

New EU legislation means a change to the rules about what information companies can hold and what they must be able to do to hold it.

We fully support these measures and we want you to understand what they mean for your association with Trojan.

We also want to make one thing clear from the outset: Trojan retains your information for the sole purpose of alerting you to relevant opportunities in your market sector.

To allow us to do this, we need to receive your approval via email.

Before you give it, however, we recommend you take the time to read this page.

If you are happy to continue working with Trojan, please email datacontroller@trojan-global.com with the sentence “I agree, Trojan may hold my personal details” in the subject line.

By responding in the positive you agree to our terms and conditions regarding the holding of your data and this in essence forms a contract between yourself and Trojan Management Search Ltd.

GDPR, ePRIVACY and Trojan

This contract is between you, the data subject (Candidate), and Trojan Management Search Ltd.

The contract is at the request of the data subject (Candidate).

This policy covers Trojan Management Search Ltd and all associated companies at present and in the future.

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a new regulation that replaces the Data Protection Regulation (Directive 95/46/EC).

The Regulation aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which commercial organisations can legally operate.

Even though the UK has expressed its intention to leave the EU in March 2019, the GDPR will be applicable in the UK from 25th May 2018.

Furthermore, the Information Commissioner’s Office (ICO) has recently laid out its intention to continue with a similar level of regulation post March 2019.

The following policy describes how the GDPR and the current ePrivacy Directive (soon to be updated) applies to the way Trojan Management Search Ltd uses your personal data.

Trojan Management Search specialises in recruitment by retained executive search and professional networking across a range of industries and services sectors.

Our expectation is that consenting individuals wish to be kept informed of current and future recruitment opportunities with our clients.

Note, this correspondence does not come in the form of a newsletter. We contact select candidates individually and only when we are confident that he or she is suitable for a senior position within the workforce of our clients.

If this does not match your expectation, please write to us stating that you want your details to be removed from our system.

Agreeing to the retention of your personal data by Trojan Management Search Ltd indicates that you have read and understood the terms and conditions of the policy.

Who Controls my Personal Data?

The Data Controller is Trojan Management Search Ltd.

Trojan Management Search Ltd is registered in the UK (Company Number 03387444).

The registered office address is: Second Floor, Kestrel House Falconry Court, Bakers Lane, Epping, Essex, England, CM16 5BD.

The Data Controller’s representative is the Director of Data Protection.

You can contact them at datacontroller@trojan-global.com.

You can call them on 0203 540 868.

Trojan Management Search Limited is registered as a Data Controller with the Information Commissioner’s Office (Certificate Number z8208541).

What is the Purpose and Legal Basis of the Processing?

At Trojan, we will rely on your ‘consent’ to process personal data. This is defined by the new General Data Protection Regulation (GDPR) standard of ‘consent’ as its legal basis for processing personal data.

GDPR defines consent as ‘any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her’.

By consenting, you understand what Trojan does and accept this as a valid legal basis for processing your personal data.

Your data will not be shared with any third parties without your prior knowledge.

Your personal data will not be shared with any third parties unconnected with Trojan without your explicit permission.

What Data will the Controller Collect and Process?

The personal data we retain includes:

  • Name
  • Job title
  • Company name
  • Company address
  • Personal and business mobile numbers
  • Personal and business email addresses

If you have actively communicated to us your areas of sector expertise or specialism, private address, qualifications and family situation, this information will also be retained.

Personal data may include a link to a professional profile available in the public domain on platforms such as LinkedIn.

Where applicable, it may also include an interview report and any CV that you provided.

Who will have Access to the Data?

The recipients of your personal data are limited to Trojan Management Search Ltd and clients with opportunities that you have expressed a desire to explore.

We use data processors like Twitter, LinkedIn, Facebook and Google to help us complete our contracts. We may use your personal data on these platforms for research purposes.

We will not, however, share or publish your information to any of them.

Will the Data Leave the UK?

Trojan Management Search Ltd has advised all parties that data may not be transferred outside of the UK without prior submission of satisfactory proof of their safeguarding methods and proof of a certified privacy shield.

How Long will the Data be Retained?

The retention period for personal data is two years.

However, we have chosen to retain data for five years because it is the average duration of a UK management tenure.

Trojan will be required to deactivate personal data after the relevant retention period, or when in receipt of a data subject’s request to do so, whichever is the earlier.

The data subject has the right to change his or her mind and withdraw consent at any point during the retention period.

What are my Rights?

Trojan confirms the following rights to each data subject:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling