Privacy Policy
Effective Date: June 16, 2025
Hunter Harris's website (hunter-harris.com) is owned by Hunter Harris Consulting Ltd., a company registered in England and Wales under Company Registration Number [Your Company Number], operating under the trading name Hunter Harris. We act as a data controller for certain personal data we collect directly, and as a data processor when handling personal data on behalf of our clients.
We have adopted this Privacy Policy, which outlines how we process the information collected by Hunter Harris, and provides the reasons why we must collect certain personal data about you. Therefore, you must read this Privacy Policy before using Hunter Harris's website or engaging with our services.
We take the privacy and security of your personal data seriously and undertake to guarantee its confidentiality and security in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.
1. Personal Information We Collect
When you visit the Hunter Harris website, we automatically collect certain Device Information. This includes details about your web browser, IP address, time zone, and some of the cookies installed on your device. As you browse our site, we also gather information about the individual web pages you view, what websites or search terms referred you to our site, and how you interact with our site. This automatically collected information is referred to as “Device Information.”
Additionally, we collect Personal Data you provide to us directly or that we obtain from third-party sources, which includes (but is not limited to):
Identity Data: Name, date of birth, gender, nationality.
Contact Data: Email address, phone numbers, postal address, LinkedIn profile URL, other professional social media links.
Professional Data: CV/Resume, employment history (including company names, job titles, dates of employment), education, qualifications, skills, professional memberships, salary information (current and desired), compensation expectations, career aspirations.
Application Data: Information provided during job applications, interview notes, assessment results, references.
Marketing Data: Your preferences in receiving marketing communications from us.
Special Category Data: On rare occasions and only when strictly necessary for a specific role or legal compliance (e.g., for disability accommodations, diversity monitoring, or specific visa requirements), we may collect special categories of personal data (e.g., health information, racial or ethnic origin, religious beliefs). We only do this with your explicit consent or where legally permissible.
2. How and Why We Process Your Data (Lawful Basis)
Our top priority is data security, and as such, we process your data only as much as it is absolutely necessary for our business operations and to provide our recruitment services. We rely on various lawful bases under GDPR to process your personal data:
For Recruitment Services (Legitimate Interest / Contractual Necessity): We use your personal data to:
Match your skills, experience, and career aspirations with suitable job opportunities at our Client companies.
Present your profile to potential employers (our Clients).
Arrange interviews and manage the recruitment process.
Provide career advice and market insights.
Maintain our Candidate database for future relevant opportunities.
Our legitimate interest in processing this data is to provide effective and highly specialized recruitment services to both Candidates and Clients, which directly benefits both parties by facilitating employment opportunities. Where you accept an offer we have presented, our processing may become contractually necessary to fulfill that agreement.
To Communicate with You (Legitimate Interest): To respond to your inquiries, send you job alerts, and communicate about your applications or services. This is necessary for our legitimate interest in providing effective communication.
For Business Development & Client Engagement (Legitimate Interest): To identify potential Clients, understand their hiring needs, and offer our services, connecting our Candidates with a wider range of opportunities.
For Internal Operations & Compliance (Legal Obligation / Legitimate Interest): For record-keeping, compliance with legal obligations (e.g., HMRC, Companies House, employment legislation), internal reporting, statistical analysis, and to improve our services and internal processes. Our legitimate interest is to operate our business efficiently and compliantly.
For Marketing (Consent / Legitimate Interest): To send you updates, market insights, and information about our services that may be of interest. Where required, we will obtain your explicit consent. Otherwise, we rely on legitimate interest for B2B marketing or where there's a pre-existing professional relationship. You can opt-out at any time.
Processing Special Category Data (Explicit Consent / Substantial Public Interest): Where we process sensitive data, we do so only with your explicit consent or where there is a substantial public interest ground (e.g., equal opportunities monitoring) and legally permitted, and in line with our internal data protection policies.
Device Information is collected automatically and used only to identify potential cases of abuse, establish statistical information regarding website usage, and for website optimization. This statistical information is not otherwise aggregated in such a way that it would identify any particular user of the system.
You can visit the website without telling us who you are or revealing any information by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the website’s features, or you wish to receive our newsletter or provide other details by filling a form, you may provide personal data to us, such as your email, first name, last name, city of residence, organization, and telephone number. You can choose not to provide us with your personal data, but then you may not be able to take advantage of some of the website’s features. For example, you won’t be able to receive our Newsletter or contact us directly from the website. Users who are uncertain about what information is mandatory are welcome to contact us via michael@hunter-harris.com.
3. Who Do We Share Your Personal Data With?
We may share your personal data with:
Our Clients: Potential employers (US-based and European-based) for the sole purpose of recruitment and assessing your suitability for job opportunities, and only with your prior knowledge or consent (where appropriate to the lawful basis).
Our Service Providers: Third-party vendors and sub-processors who provide services to us, such as CRM systems, IT support, email marketing platforms, video conferencing tools, cloud storage providers, and analytics providers. We have Data Processing Agreements (DPAs) in place with these providers to ensure they comply with our data protection obligations.
Professional Advisors: Lawyers, accountants, auditors, and insurers for legal, financial, or professional advice.
Law Enforcement/Regulators: When legally required or permitted, or to comply with regulatory obligations (e.g., Information Commissioner's Office (ICO) in the UK, HMRC, or equivalent US authorities), such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
4. International Data Transfers
Hunter Harris operates globally, serving clients in both US and European tech markets. Therefore, we may transfer your personal data outside the UK (and outside the European Economic Area where applicable), including to the United States and other countries.
When we transfer data outside the UK to countries not deemed to provide an adequate level of protection by the UK government, we ensure appropriate safeguards are in place to protect your data, such as:
Standard Contractual Clauses (SCCs): These are ICO or European Commission approved contractual clauses adapted for UK transfers, which impose strict data protection obligations on the recipient of the data.
EU-US Data Privacy Framework: For transfers to US entities that are certified under the EU-US Data Privacy Framework (and the UK Extension to the EU-US Data Privacy Framework), which provides a mechanism for legal data transfers to certified organizations in the US.
By using our services, you acknowledge and agree to the potential transfer of your personal data to countries outside the UK in accordance with this Privacy Policy and the safeguards described herein.
5. Your Rights
If you are a European resident (meaning you are physically located in the UK or EU at the time of data processing), you have the following rights related to your personal data under UK GDPR:
The right to be informed: About how and why your data is processed.
The right of access: To request a copy of the personal data we hold about you.
The right to rectification: To request correction of inaccurate or incomplete data.
The right to erasure ('right to be forgotten'): To request deletion of your personal data in certain circumstances.
The right to restrict processing: To request that we limit the way we use your data in certain circumstances.
The right to data portability: To receive your personal data in a structured, commonly used, and machine-readable format.
The right to object: To object to the processing of your data, particularly where we rely on legitimate interest.
Rights in relation to automated decision-making and profiling: To object to decisions based solely on automated processing without human intervention that significantly affects you. (Note: Hunter Harris's processes typically involve human intervention).
If you would like to exercise any of these rights, please contact us through the contact information provided below.
Additionally, if you are a European resident, we note that we are processing your information in order to fulfill contracts we might have with you (for example, if you accept a job offer arranged through us), or otherwise to pursue our legitimate business interests listed above. Please note that your information might be transferred outside of Europe, including to the United States, as detailed in Section 4.
6. Information Security
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We keep reasonable administrative, technical, and physical safeguards to protect against unauthorized access, use, modification, and personal data disclosure in its control and custody. These measures include (but are not limited to) data encryption, access controls, regular security assessments, and staff training. However, no data transmission over the Internet or wireless network can be guaranteed to be 100% secure.
7. Links to Other Websites
Our website may contain links to other websites that are not owned or controlled by us. Please be aware that we are not responsible for such other websites or third parties' privacy practices. We encourage you to be aware when you leave our website and read the privacy statements of each website that may collect personal information.
8. Legal Disclosure
We will disclose any information we collect, use or receive if required or permitted by law, such as to comply with a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. The latest version will always be posted on our website, and the "Effective Date" at the top will be updated. We encourage you to review this policy periodically.
10. Complaints
If you are a European resident and have concerns about our data practices, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
11. Contact Information
If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may send an email to michael@hunter-harris.com.