Terms & Conditions
These Terms apply to your use of this website and all associated services. They are the only terms which apply. Capitalised words not defined when you first see them are defined at the end. We are GetMyFirstJob Ltd, of Langstone Technology Park, PO19 1SA and Company Number 06685719.
By using this platform, you confirm you accept the Terms and Conditions set out below.
Our Services are for the access to this platform, and the associated Portal (The Talent Portal); specifically and exclusively for the promotion of Movement to Work “Work Placements” and access to the data of applicants. No other vacancies or opportunities may be advertised without prior approval in writing.
We promise to provide our Services using reasonable care and skill and that we will use reasonable endeavours to meet any agreed timetable, although time is not of the essence.
Where our Services are delivered through the Portal, we do not guarantee that the Portal will always function perfectly nor will we be responsible for any period of unavailability of the Portal at any time or accept any liability for any events, such as system failures or unlawful hacking, which may result in data loss. All online business is inherently insecure and we do not promise that any emails or other electronic communications you may make or receive via the Portal will be free from viruses or other malware. You agree to be responsible for ensuring you operate such cyber security policies and systems as you deem appropriate.
We promise that the Portal will comply with applicable law and you accept that we have the right to make any changes which are necessary as the law changes, or otherwise which do not materially affect the nature or quality of the Services.
You promise that all information you provide to us will be honest, accurate, relevant and complete. In particular, you promise that any work placements you advertise will be genuine and described accurately and fully. You are responsible for information you. We strongly recommend that you retain copies/back-up of everything you send us. You promise that you have carefully checked all information which you have sent us and that we may rely on it
If you are using our Portal, you promise to keep any access codes and other information relating to your account on the Portal secure and confidential and only disclose them to your employees who are authorised to use the Portal on your behalf. You accept full responsibility for anyone using your Portal access codes and will indemnify and hold us harmless from any loss, damage or liability caused by unauthorised use of the Portal using your access codes. This indemnity survives termination of the contract.
You will only use data in the Portal to contact Candidates about the Work Placements they have applied for. You will not use data from the Portal for general promotions or marketing of your brand, events or your website. You will not under any circumstances transfer data from the Portal into any third-party system (whether directly or indirectly, including an applicant tracking system, Excel spreadsheet, client relationship management system, phone, email, SMS or any other electronic or physical data processing system). Breach of this clause will be a breach of these Terms and, where Personal Data is involved, a Data Security Incident.
Our Portals and Online Services
All intellectual property rights in or arising out of or in connection with the Portal and other online services we offer shall be owned by us or our licensors (“Service IPR”). We give you a limited non-assignable non-sublicensable licence to use the Service IPR in order to use our Services in accordance with this contract.
We do not guarantee that any online Campaign will be uninterrupted or error-free and accept no liability for any events, such as system failures or unlawful hacking, which may result in data loss.
All online communications are inherently insecure and we do not promise that any emails or other electronic communications we make will be free from viruses or other malware. You agree to be responsible for ensuring you operate such cyber security policies and systems as you deem appropriate.
Under no circumstances will we be liable for any loss of profit or other economic loss or for any indirect, consequential or special damages, however they may be caused. However, nothing shall exclude our liability for fraud, for fraudulent misrepresentation or for death or personal injury due to our negligence.
Subject to the above, our total liability to you in respect to any matter arising out of or in relation to the contract or the performance of our Services shall not exceed the Fee set out in the Proposal.
This section shall survive termination of this contract.
Our expectations of you for handling personal information of Candidates
We are the Controller of any Personal Data provided to you for potential Engagement and you are our Processor.
As Processor you shall:
- only Process Personal Data in accordance with our written instructions (email included) to provide an Introduction (as detailed in the Data Protection Particulars) and as necessary to perform obligations under DP Law, except where otherwise required by law;
- only use Personal Data for the specific vacancies the Candidate has indicated an interest in or appears suitable for;
- not use any Personal Data to market your products and services (or those of third parties you work with) unless you have obtained the Candidate’s express consent;
- not copy any Personal Data you obtain access to through our Portal onto your own systems or to hard copy. We can provide you with reporting for an additional charge;
- not upload to the Portal derogatory comments or disparaging statements about a Candidate and/or any offensive or discriminatory language;
- restrict access to the Personal Data to those Representatives who need to access it for the purposes of the contract and ensure they are appropriately trained in DP Law;
- promptly comply with our request requiring you to delete, amend or transfer any Personal Data; and
- notify us as soon as reasonably possible if your Data Representative changes.
You will become a Controller in your own right when you make an offer of a placement or employment to a Candidate.
You warrant that you:
- have and will maintain throughout the term of the contract appropriate technical and organisational measures to Process Personal Data which shall ensure a level of security appropriate to the risk of Misuse, including (as appropriate) the measures referred to in Article 32(1) of the GDPR;
- will provide reasonable assistance to us where we are required by DP Law to carry out any privacy impact assessment (or similar) in relation to the Processing under this contract; and
- will not transfer or otherwise Process any Personal Data outside of the European Economic Area without our prior written consent.
When you need to get in contact with us?
You shall notify us without delay (and in any event within 24 hours) if you become:
- aware of any Data Security Incident; and/or
- the subject of monitoring or investigation by a regulatory body.
You shall notify us as soon as reasonably practicable after receiving a Data Request. You shall provide us with reasonable assistance to enable us to respond to the Data Request as required by DP Law. You shall not respond to any Data Request directly unless we ask you to do so (in writing, email sufficient). This obligation shall not apply where you are obligated by DP Law to respond to the Data Request and/or where you are prevented from meeting your obligations on important grounds of public interest.
What do you need to do if there is a problem involving personal information?
On the occurrence of a Data Security Incident you shall:
- promptly investigate and shall use reasonable endeavours to identify the root cause and prevent a reoccurrence;
- take appropriate measures to secure the Personal Data and reverse or mitigate the impact of the Data Security Incident on Data Subjects (at your cost);
- offer cooperation and assistance to us, including the provision, without delay, of the Data Security Particulars to enable us to fulfil our data breach reporting obligations in the timescales prescribed by DP Law; and
- not make any public statements, without our prior written consent (email included).
Records and audit:
You shall maintain complete and accurate DP Records in order to demonstrate compliance with DP Law and this contract.
You shall, if we ask, provide us with a copy of all Personal Data relating to your use of this Portal held by you and your Representatives in the format and on the media we reasonably specify and within the reasonable timescales we direct.
You shall at any time on written demand from us, or latest upon the expiry of the Data Retention Period, return or destroy (at our sole option) Personal Data you hold (or held by your Representatives). This obligation will not apply to the extent:
- you hold the Personal Data as Controller (having Engaged the Candidate in employment);
- you are required to retain the Personal Data by reason of law; or
- the Personal Data has been anonymised.
You must not otherwise destroy or dispose of Personal Data in your possession.
Your liability to us for misuse of personal data:
You agree to indemnify us and keep us indemnified from and against any loss which we suffer or incur as a result of a breach by you (or your Representatives) of your obligations under this contract and/or your obligations under DP Law, including without limitation:
- the costs of any investigation or corrective action required by a regulatory body or fines imposed;
- the costs of defending a claim made by a regulatory body or Data Subject;
- losses suffered, or incurred, by us, arising from a claim made by a third party against us relating to the Processing by you or your Representatives of Personal Data; and
- any other losses suffered or incurred by us relating to the Misuse of Personal Data by you or your Representatives.
Your total liability to us arising under the indemnity above shall in all circumstances be limited to £1 million for all claims or connected claims arising, however nothing in this clause shall limit or exclude your liability for: (i) death or personal injury resulting from negligence; (ii) fraud or fraudulent misrepresentation; and (iii) any liability that cannot be excluded by law. You agree to take out and maintain in place with a reputable firm insurance in respect of your obligations and liabilities under this contract providing cover consistent at least with best industry practice and in an amount of not less than £1 million for each and every claim or series of connected claims arising from this contract or if higher, the amount required by law.
Words such as “include”, “in particular” and similar expressions shall mean “without limitation” with regards to the examples which follow.
No failure or delay by a party to exercise any right or remedy provided under the contract or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.
Any provision of this contract which is invalid or unenforceable shall be deleted (so far as invalid or enforceable) without affecting the remaining provisions of this contract.
The rights and remedies provided in this contract are cumulative and not exclusive of any rights and remedies provided at law.
The parties do not intend that any term of this contract should be enforceable by virtue of the Contracts (Rights of Third Parties) Act 1999 by any person who is not a party to this contract.
No variation of this contract shall be effective unless it is in writing (email excluded) and signed by the parties (or their authorised representatives).
We shall not be in breach nor liable for delay or failure in performing any of our obligations if the delay or failure results from circumstances beyond our reasonable control.
This contract is personal to you and you may not assign your rights under it without our prior written consent (email included).
The contract, and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims), shall be governed by, and construed in accordance with English law and the parties irrevocably submit to the exclusive jurisdiction of the Courts of England and Wales to settle any dispute or claim arising out of, or in connection with, this contract or its subject matter or formation (including non-contractual disputes or claims).
This section shall survive termination of this contract.
Candidate means any person Introduced by us to you for an Engagement, including traineeships, Apprenticeships, work experience, entry level roles;
Controller, Data Subject, Personal Data, Processing, Processor shall have the meanings given to those terms in the GDPR. “Personal Data” shall refer only to the Personal Data of Candidates. ““Process” and “Processed” shall be construed accordingly;
Data Protection Particulars describes the Processing of Personal Data to be carried out under the terms of the contract as detailed below:
- type of Personal Data to be Processed: name, address, contact telephone numbers, email address, date of birth, gender, driving licence, qualifications, disability and ethnic origin. Information provided to support the Candidate’s application contained within: notes of a telephone interview, assessments undertaken that are relevant to the role and/or responses to additional recruitment questions;
- reason for Processing: to assess a Candidate for potential Engagement;
- categories of Data Subject: Candidates only; and
- duration of Processing: for as long as the contract is in force (including any Processing required under provisions that survive termination of the contract);
Data Representative: the individual named in the Proposal who acts as your Data Protection Officer (DPO) or, where a DPO is not required under DP Law, an individual who is specifically dedicated to dealing with data protection compliance and enquires.
Data Request: means a complaint, notice or communication which relates directly or indirectly to the Processing under this contract, including: (a) requests made or notices given by Data Subjects for their data to be accessed, amended, erased, ported to a third party and/or for Processing to be restricted; or (c) correspondence from a regulatory body.
Data Retention Period: two years from the date the Personal Data is first collected by us (as notified to you by us) unless you Engage a Candidate in which case your data retention period as Controller will apply;
Data Security Incident: means: (i) any unauthorised: access, disclosure, use, alteration, storage, Processing, transfer, deletion or reproduction of Personal Data; or (ii) any loss, damage, destruction or corruption of Personal Data;
Data Security Particulars: means the minimum information to be provided by you to us in the event of a Data Security including: (a) a description of the Data Security Incident; (b) the approximate number of Data Subjects impacted; (c) the categories and the approximate number of data records involved; (d) the name and contact information of your representative who is dealing with the Data Security Incident; and (e) a description of the measures you’ve taken, or propose to take, to mitigate adverse effects from the Data Security Incident;
DP Records: records of Processing activities you undertake on our behalf including a record of: (a) the technical and organisational measures in place; (b) the training programme for Representatives who access Personal Data; and (c) compliance policies;
DP Law means the GDPR, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and all applicable laws and regulations relating to the Processing of Personal Data and privacy, including where applicable, the guidance notes and codes of practice issued by a regulatory body or any replacement EU or UK data protection or related privacy legislation as updated from time to time;
Engagement means the engagement, employment or use of a Candidate by you or by any third party to whom the Candidate has been introduced by you, on a permanent or temporary basis, whether under a contract of service or for services; or any other engagement; and “Engage” shall have the same meaning;
Introduction means the passing to you of a CV or Personal Data which identifies the Candidate and which leads to an Engagement of the Candidate; and “Introduce” shall have the same meaning;
GDPR: Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data; and
Misuse: unauthorised or unlawful Processing or accidental disclosure, alteration, access, loss, destruction of, or damage to, Personal Data transmitted, stored or otherwise Processed.