Privacy Policy

Strive Technical ("we", "us", or "our") is a specialist recruitment consultancy registered in England and Wales. We are committed to protecting and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all applicable data protection legislation.

This Privacy Policy explains how we collect, use, store, and share personal data when you use our website (www.strivetechnical.co.uk), engage with our recruitment services, or otherwise interact with us. It applies to candidates, clients, suppliers, website visitors, and any other individuals whose personal data we process.

Strive Technical is the data controller for the personal data described in this policy. If you have any questions about how we handle your data, please contact our Data Protection Officer using the details provided in Section 11.

We may collect and process the following categories of personal data:

2.1 Information You Provide Directly

• Identity data: full name, title, date of birth, gender, and nationality.
• Contact data: email address, telephone number, postal address, and social media profiles (e.g. LinkedIn).
• Professional data: curriculum vitae (CV), employment history, education and qualifications, professional memberships, skills, salary expectations, and references.
• Recruitment data: job applications, interview notes, assessment results, right-to-work documentation, and any information you provide during the recruitment process.
• Financial data: bank details and tax information (where required for payroll or contractor payments).
• Communications data: the content of emails, contact form submissions, and any other correspondence you send to us.

2.2 Information We Collect Automatically

• Technical data: IP address, browser type and version, operating system, device type, screen resolution, and time zone settings.
• Usage data: pages visited, links clicked, time spent on pages, referring website, and other browsing behaviour on our site.
• Cookie data: information collected through cookies and similar tracking technologies. Please see our Cookie Policy for further details.

2.3 Information from Third Parties

• Referees or previous employers providing references on your behalf.
• Job boards and professional networking sites where your profile is publicly available.
• Our clients who share candidate details with us for recruitment purposes.
• Background-check providers, credit-reference agencies, or disclosure and barring services where relevant to a role.

We process your personal data for the following purposes:

3.1 Recruitment Services

• Matching candidates with suitable job opportunities.
• Assessing suitability for roles through interviews, skills assessments, and reference checks.
• Submitting your CV and profile to prospective employers with your consent.
• Managing the end-to-end recruitment process including offer management and onboarding support.

3.2 Communication

• Responding to your enquiries and contact form submissions.
• Sending you relevant job alerts and market updates where you have opted in.
• Providing career advice, salary benchmarking, and industry insights.
• Sending service-related communications about your application status.

3.3 Legal Basis for Processing

We rely on the following legal bases under the UK GDPR:

• Consent (Article 6(1)(a)): where you have given clear consent for us to process your data for a specific purpose, such as receiving marketing communications or submitting your CV to a named client.
• Contractual necessity (Article 6(1)(b)): where processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract.
• Legitimate interests (Article 6(1)(f)): where processing is necessary for our legitimate business interests, such as providing recruitment services, improving our website, and maintaining business relationships, provided these interests do not override your fundamental rights and freedoms.
• Legal obligation (Article 6(1)(c)): where processing is necessary to comply with a legal obligation, such as tax, employment, or anti-money laundering legislation.

We do not sell your personal data. We may share your information with the following categories of recipients:

• Clients and prospective employers: we share candidate CVs, profiles, and relevant information with our clients for the purpose of fulfilling recruitment assignments. We will always seek your consent before submitting your details to a named employer.
• Service providers: trusted third-party service providers who assist us in operating our business, including IT hosting and infrastructure, applicant tracking systems, payroll providers, background-check agencies, and email marketing platforms. All service providers are bound by data processing agreements and are required to process data only on our instructions.
• Professional advisers: our lawyers, accountants, auditors, and insurers where necessary for the provision of professional advice or the administration of our business.
• Regulatory and legal bodies: where required by law, regulation, legal process, or enforceable governmental request, including HMRC, the Information Commissioner's Office (ICO), law enforcement agencies, or courts.
• Business transfers: in the event of a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change and ensure your data continues to be protected.

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements.

• Candidate data: we retain candidate CVs and related recruitment data for up to two years from your last meaningful interaction with us, unless you ask us to delete it sooner. After this period, we will either delete your data or contact you to ask whether you wish to remain on our database.
• Client data: we retain client contact and commercial data for the duration of our business relationship and for up to six years afterwards to comply with legal and regulatory obligations.
• Website data: analytics and cookie data is typically retained for up to 26 months, in line with standard analytics retention periods.
• Financial records: we retain financial and payroll data for a minimum of six years as required by HMRC.

When your data is no longer required, we will securely delete or anonymise it in accordance with our data retention schedule and internal procedures.

Under the UK GDPR, you have the following rights in relation to your personal data. These rights are not absolute and may be subject to certain conditions and exemptions:

• Right of access (Article 15): you have the right to request a copy of the personal data we hold about you (a "subject access request"). We will respond within one month of receiving your request.
• Right to rectification (Article 16): you have the right to request correction of any inaccurate or incomplete personal data we hold about you.
• Right to erasure (Article 17): you have the right to request deletion of your personal data where there is no compelling reason for us to continue processing it, sometimes known as the "right to be forgotten".
• Right to restriction of processing (Article 18): you have the right to request that we restrict the processing of your data in certain circumstances, for example while we verify the accuracy of data you have challenged.
• Right to data portability (Article 20): you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have it transmitted to another controller where technically feasible.
• Right to object (Article 21): you have the right to object to processing based on legitimate interests or for direct marketing purposes. Where you object to direct marketing, we will stop processing your data for that purpose immediately.
• Rights related to automated decision-making (Article 22): you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you. We do not currently use automated decision-making in our recruitment processes.
• Right to withdraw consent: where we rely on your consent to process your data, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, please contact our Data Protection Officer using the details in Section 11. We will respond to your request within one calendar month. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and assist with our marketing efforts. Cookies are small text files stored on your device when you visit our website.

For detailed information about the cookies we use, the purposes for which we use them, and how you can manage your cookie preferences, please refer to our Cookie Policy.

Your personal data is primarily stored and processed within the United Kingdom and the European Economic Area (EEA). However, some of our service providers may process data outside the UK/EEA. Where this occurs, we ensure that appropriate safeguards are in place to protect your data, including:

• Transfers to countries that the UK Government has determined provide an adequate level of data protection (adequacy decisions).
• Use of the UK International Data Transfer Agreement (IDTA) or the EU Standard Contractual Clauses (SCCs) with UK addendum, as appropriate.
• Binding corporate rules or other approved certification mechanisms where applicable.

You may request further information about the safeguards we have in place for international data transfers by contacting our Data Protection Officer.

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/SSL and at rest where appropriate.
• Access controls ensuring only authorised personnel can access personal data on a need-to-know basis.
• Regular security assessments and penetration testing of our systems.
• Staff training on data protection and information security best practices.
• Incident response procedures to detect, report, and investigate any personal data breaches.
• Secure disposal procedures for physical and electronic records.

While we strive to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security but are committed to continuously improving our security measures.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or industry standards. Any material changes will be posted on this page with an updated "Last updated" date. Where changes are significant, we may also notify you by email or through a prominent notice on our website.

We encourage you to review this policy periodically to stay informed about how we are protecting your data. Your continued use of our website and services after any changes constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact our Data Protection Officer:

If you are not satisfied with our response to any data protection concern, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):