PRIVACY POLICY

---

Data Protection Commitment
Steadman & Chase Ltd prioritizes the privacy of our clients, candidates, and website visitors. This Privacy Policy details our approach to collecting, processing, and protecting personal data, ensuring compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, upon expansion to Singapore, the Personal Data Protection Act 2012 (PDPA).

Data Collection Scope
We collect personal data to deliver headhunting services in AI, Cloud, System Engineering, Systematic Trading, and Cybersecurity:

• Client Data: Contact details (name, email, phone) and recruitment requirements.
• Candidate Data: Professional details (CVs, job history, skills, e.g., Kubernetes, Okta expertise).
• Website Data: Usage metrics (IP address, browser type) via cookies for analytics.

Processing Purposes
We process data to:

• Facilitate talent placement, including sharing candidate profiles with clients (with consent).
• Respond to inquiries and maintain stakeholder communication.
• Enhance website functionality through analytics, ensuring a seamless user experience.
• Meet legal obligations, such as tax and compliance record-keeping.

Legal Basis
Our data processing is grounded in:

• Consent: For sharing candidate data or sending marketing communications.
• Contractual Necessity: To fulfill recruitment agreements.
• Legitimate Interests: For analytics and service improvement, balanced against your rights.
• Legal Obligation: To comply with UK and Singapore regulations.

Data Sharing and International Transfers
We do not sell personal data. Data may be shared with:

• Clients, with candidate consent, for placement purposes.
• Third-party providers (e.g., Bullhorn CRM) under strict data processing agreements.
• Regulatory authorities, if legally required.
  As we operate in the UK and plan to expand to Singapore, data may be transferred internationally. We use safeguards like Standard Contractual Clauses to ensure compliance with UK GDPR and PDPA.

Security Measures
We employ advanced security protocols, including encryption, secure servers, and access controls, to protect your data. Regular audits and staff training ensure adherence to data protection standards, though no online system is entirely risk-free.

Data Subject Rights
Under UK GDPR, you have the right to:

• Access, rectify, or erase your data.
• Restrict or object to processing.
• Request data portability.
  Contact us to exercise these rights; we will respond within 30 days.

Retention Policy

• Candidate data: Retained for 2 years post-last interaction, or 5 years post-placement.
• Client data: Retained for 5 years post-engagement.
• Website data: Retained for 1 year for analytics.
  Data is securely deleted after retention periods unless legally required.

Cookies
We use cookies for analytics and user experience enhancement, compliant with UK GDPR. Manage preferences via our cookie consent popup or browser settings.

Contact Us
For privacy enquiries, contact: legal@steadmanchase.com

Last Updated: 19th March 2025