[] Privacy Policy

Updated: January 10, 2024

Your privacy is important to us. This privacy statement explains:

– What personal data is collected by the owner of this website or provided by you, through our interactions with you and your use of our web site (ep-advisory.com), apps and software.
– How your personal data will be used, where it is held, how long it will be kept and your rights.

Please read this privacy policy carefully.

Definitions and interpretation

In this privacy, the following definitions are used:

Data controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

Data processor, in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.

“You”, “your” or “data subject” means:

- Visitors to our website

- Subscribers to any service we offer through our site

- Prospective or existing clients corresponding with us by phone, e-mail or otherwise

Data controller, “we”, “us” and “our” means:

EP Advisory Group Limited and its data processors;

Personal data means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people. The definition incorporates, where applicable, the definitions provided in the Data Protection Act 1998, General Data Protection Regulation and Data Protection Bill 2017-2019.

Sensitive personal data

The GDPR refers to sensitive personal data as “special category data”. Please see “Special category data”.

Special category data

Means personal data consisting of information as to the racial or ethnic origin of the data subject, his political opinions, his religious beliefs or other beliefs of a similar nature, whether he is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992), his physical or mental health or condition, his sexual life. The special category specifically includes genetic data, and biometric data where processed to uniquely identify an individual.

Criminal offence data

Personal data relating to criminal convictions and offences.

Who we are (Identity of the data controller)

For the purpose of the Data Protection Act 1998, General Data Protection Regulation and Data Protection Bill 2017-2019 the data controller is EP Advisory Group Limited with company registration number 11258912 and the registered address at Level 18, 40 Bank Street, London E14 5NR United Kingdom.

Personal data we may collect

We may collect and process the following data and personal information about you:

Personal Data you provide us voluntarily

We collect the information provided by you to operate effectively and provide you the best experiences with our Website, products and services. You provide some of this information voluntarily by filling in the contact forms on our web site or by corresponding with us by phone, e-mail or otherwise. This includes information you provide if you subscribe to any promotion we offer through our site, send us a query or feedback, sign up for information on events, upload a document with your enquiry, participate in discussion boards or other social media functions on our site, promotion or survey, provide your postcode or location to help us to find our nearest branch to your location, or when you report a problem with our Website.
Your contact details and other documents you provide us with might include your:

If you are a career consulting client:

Your first name, surname, residential address, email address, telephone number, employment and educational history, language proficiencies and other work-related skills, date of birth, gender, citizenship and work authorisation status, references as well as their contact information, resume, cover letters or any documents you may choose to upload to our website in order for us to provide you with the appropriate service or give career consulting advice.

If you are an organisation looking for a candidate, you might provide the following business information:

Your office location, salary range, the experience and the key skills you need, information related to your company's operation, your corporate culture, bonus and benefits structure.

Sensitive information and special category data

With your application you occasionally might provide us some sensitive information or special category data related to your Disability status, racial or ethnic origin (please check the paragraph Definitions and interpretation). Submission of this type of information is strictly voluntary. By the nature of our business we do not process large scale special category data on a regular basis and will consider such input an occasional submission. We will obtain your consent to process special category data if you wish to share it with us on our later communication regarding your application. If this is not possible we will destroy such data and erase any copy in our possession.

Criminal offence data

By the nature of our business and the purposes of processing the data, the services hereunder are not intended for processing of criminal offence data (please check the paragraph Definitions and interpretation). If you provide any information or documents containing this type of data, you are hereby notified that any input of such information will be solely at your risk and responsibility, we will destroy such data if we receive it accidentally.

Purposes of the processing

By registering your interest in our services or signing up to our newsletter you voluntarily provide your personal data to be used for career consulting and HR purposes, in particular for career orientation, CV & LinkedIn optimisation, cover letter writing, interview training, job search strategy formulation, HR advisory services, job design, including beyond those for which you specifically paid for.

Children

We do not provide any services to children below 16 and do not knowingly collect personal information from children below 16.

Information you provide about others

In providing personal data about other individuals (such as someone in whose name you are registering an account or subscribing to our marketing promotions), you represent that you have notified them of (i) the purposes for which information will be used (ii) the recipients of their personal data and (iii) how they can access and correct the information. You further represent that You have obtained all necessary consents from them.

Information which may be made available to us, or collected automatically with the use of cookies or analytic tools

We might get some information from our visitors by recording how they interact with our Website with the use of cookies, analytics tools or obtain data from third parties.

Technical information, including personally identifiable information:

- Might include your device and connectivity information such as IP (Internet Protocol) address, unique device identifiers (such as the IMEI for phones)
- Location data

Non-personally identifiable information:

- Might include your configuration data such as browser type, version and language setting, time zone setting, browser plug-in types and versions
Details of how you used our Website, such as your search queries. Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page:
- Log information, such as error reports, download errors, any problems you experience using our web site and any phone number used to call our customer service number.

We do not combine information collected automatically through cookies and analytics tools with other personally identifiable information you may have provided to us when you registered for our Products or submitted a form through our Website.

THIRD PARTIES: We do not obtain any information from third parties.

Cookie policy

A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies allow a website to recognise a user’s device.

We might use cookies to recognise you when you visit our site or use our Services, remember your preferences, and give you a personalised experience:

Authentication cookies. If you're signed in to our Services, these cookies will help us show you the right information and personalise your experience.
Session cookies - These cookies store the ID of a user’s session. The cookie is set when a user signs in and is used to restore the session without entering the personal data.
Security cookies - We use cookies for our security features, and to help us detect malicious activity.
Preferences, features and services. These cookies help us to customise your preferences, such as which language you prefer and what your communications preferences are or to fill out forms on our faster.
Performance, Analytics and Research. Cookies help us to analyse our web site performance. We use cookies to improve our products, features, and services, including to create logs and record when you access our site.
Third-party cookies. We might use them for website analytics and advertising purposes, i.e. cookies which are set and can be accessed by servers respectively domains of our third-party providers.

What can you do if you don't want cookies to be set or want them to be removed

Most browsers accept cookies automatically, however some people prefer not to allow cookies. You may change the security settings of your web browser in order to stop your device receiving and storing cookies, to allow receiving and storing cookies from selected websites you trust, or to be notified before receiving cookies. You may also delete cookies stored in your browser at any time. Information stored in such cookies will be removed from your device. However, that these settings may have negative effects on the web sites usability.

Browser manufacturers usually provide help pages relating to cookie management in their products. Please see below for more information:
- Google: https://support.google.com/chrome/answer/95647?hl=en-GB
- Internet Explorer: https://support.microsoft.com/en-us/help/260971/description-of-cookies
- Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
- Safari (Desktop): https://support.apple.com/kb/PH5042?locale=en_US
Safari (Mobile): https://support.apple.com/en-us/HT201265
Android Browser: https://support.google.com/nexus/answer/54068?visit_id=1-636585517588941681-639659396&hl=en&rd=1
Opera: https://www.opera.com/help
Opera Mobile: https://www.opera.com/help/mobile/android#privacy

For other browsers, please consult the documentation that your browser manufacturer provides.
You may opt-out of third party cookies from Google Analytics on its website.
You can opt out of interest-based targeting provided by participating ad servers through the Digital Advertising Alliance (http://youradchoices.com). In addition, on your iPhone, iPad or Android, you can change your device settings to control whether you see online interest-based ads.

Social media features and widgets

Our Website might include certain Social Media features and widgets, such as the “Facebook Share”, “Facebook Pixel” “Instagram Follow”, “Twitter Follow”, “Google +1 Follow”, “YouTube”, “Telegram”, “LinkedIn” features, buttons or other interactive mini-programs (“Social Media Features”). These Social Media Features may collect information such as your IP address or which page you are visiting on our Website, and may set a cookie to enable them to function properly. Social Media Features are either hosted by a third party or hosted directly on our Website. Please be aware that if you choose to interact or share any Personal Information via such widgets, you are in fact providing it to these third parties and not to us. Your interactions with these third parties are managed by these Social Media policies and not ours. For example, you will not be able to use the “Facebook Like” button if you are not logged in to your Facebook account. Once you use the button this will be associated with your Facebook history, but we will not process this information.

Storage of information

We take Client confidentiality and security very seriously. We are committed to protecting the Personal Data you share with us. We use a combination of industry-standard security technologies, procedures, and organisational measures to help protect your Personal Data from unauthorised access, use or disclosure.

The data processing consisting in hosting provider services (storage and maintenance of databases containing your personal data, protected by password) is performed on our behalf and under written confidentiality agreements by Digital Ocean, our authorised data processor. The data may be transferred to, and stored at, a destination outside the European Economic Area ('EEA'). Digital Ocean adheres to GDPR requirements, ensuring the protection of your data rights.

The written agreements with Digital Ocean guarantee that the requirements of the GDPR will be met and the rights of data subjects are protected. Digital Ocean will only act on our documented instructions, have direct responsibilities under the GDPR, and may be subject to fines or other sanctions if they don’t comply.

Once our contract with Digital Ocean concludes, they will return data to us or transmit to another processor appointed by us and erase any copy in their possession. However, Digital Ocean may retain data to comply with legal responsibilities to address possible administrative or jurisdictional responsibilities.

Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data:

We do not involve any third party data processors and all your personal data will be maintained and processed internally, on our own secure computer storage facilities and/or in paper-based files. We use a combination of industry-standard security technologies, procedures, and organisational measures to help protect your Personal Data from unauthorised access, use or disclosure. We also use Notion for client tracking and collaboration, ensuring transparency and efficient service delivery. Our website is built on WordPress, offering secure and user-friendly online interaction. We use Stripe for secure payment processing; refer to their privacy policy here: Stripe Privacy Policy (https://stripe.com/gb/privacy). Stripe, as our payment gateway, does not act as a data processor for website transactions, and we do not collect your credit card details.

Your data and artificial intelligence

At EP Advisory, we utilize cutting-edge technologies like ChatGPT from OpenAI and the Make automation tool (formerly known as Integromat) to enhance our career consulting services.

Your Interaction with ChatGPT/OpenAI: We employ ChatGPT to develop cover letters and assist in creating your CVs, and for job-search-related research. This use of AI technology ensures personalized and effective services.

Handling and Storing Your Data: The personal data we process, primarily your CV, is securely stored on Tally forms, Notion, Google Drive, and OneDrive, upholding high standards of data protection and confidentiality.

Consent and Disclosure: Your consent to our privacy policy, which includes using these AI tools for processing your data, is obtained before you access our services. This policy ensures full transparency in how your data is managed.

Protecting Your Data: We are committed to the security of your data. The rigorous data protection measures in our privacy policy extend to the data processed by ChatGPT and Make (formerly Integromat).

Your Rights: Consistent with our privacy policy, you have the right to access, correct, delete, or restrict the processing of your personal data. Our policy provides clear guidelines on exercising these rights.

GDPR Compliance: Our application of AI tools like ChatGPT and Make (formerly Integromat) complies fully with the General Data Protection Regulation, ensuring lawful, fair, and transparent data processing.

Retention period

We will hold your personal data during the business relationship between you and us, whether you are a user of our website, a client or candidate. If you are an applicant, we will hold your personal data during the application process. We may retain submitted Applicants Information even after the applied position is no longer available. This is done so we could re-consider Applicants for other positions and opportunities. If you are our client or a successful applicant, we still might hold your information for as long as is necessary to comply with our statutory and contractual obligations and in accordance with our legitimate interests as data controller (Please see paragraph “Lawful basis and the purposes of the processing (Uses made of your personal information)”). We will use reasonable endeavours to ensure your data is maintained and up-to-date. As a data subject you have rights related to maintenance, storage and processing of your personal data. Please see paragraph “Your rights”.
Unless otherwise specified, where you have indicated to us that you are happy for us to send you the information about goods and services we offer and we feel may interest you or similar to those that you have already purchased or enquired about do so, we assume you are happy for us to keep your collected personal data. We may retain your Personal Information (contact details) for as long as your User Account is active or as otherwise needed to provide you with information our Services. As the data subject you have rights related to processing of your personal data and the option of withdrawing your consent to receive promotions at any time. Please see paragraph “Your rights”.

Lawful basis
and the uses

We process all personal data lawfully, fairly and in a transparent manner. We use the data we collect for the following basic purposes, described in more detail below:

1. To take steps at the request of the data subject prior to entering into a business relationship (oral or written contract):

1.1 By contacting us by means specified in paragraph “Personal Data you provide us voluntarily”, we assume that processing is necessary for the performance of a business relationship (oral or written contract) or in order to take steps prior to entering into a business relationship (oral or written contract), and therefore the lawful basis is Contract and our Legitimate interests.

1.2 We will use the provided information to operate effectively and do our best to respond to your enquiry. Once you enter into a business relationship (oral or written contract) with us we will invoice our services and offer you post-sales service and loyalty if required.

1.3 If you are a career consulting or HR advisory client, we will use your data to provide you with career advice, optimise your CV & LinkedIn profile, write Cover Letter, train you for the interview, assist you with the job search strategy, provide you HR advisory services, perform job design, support you in screening and selection of the suitable candidates, including beyond those for which you specially paid for.

2. Special category data.

2.1 You might provide special category data with your application. Submission of this type of information is strictly voluntary. By submitting special category data you agree to its processing and disclosure to our clients. The lawful basis is consent and the condition for processing is Consent.

3. If you are a client, we will hold your data to fulfil our contract and legal obligations.

3.1 We might hold your information for as long as is necessary to comply with our legal obligations and in accordance with our legitimate interests as a data controller after the contractual relationship between you and us elapses. The lawful basis for such retention is legal obligation. As the data subject you have rights related to maintenance, storage and processing of your personal data. Please see paragraph “Your rights”.

4. To send you communications, including promotional communications and advertising with your explicit consent or allow you to participate in interactive features of our service, when you choose to do so. The lawful basis for such processing is Consent.

4.1 If you wish not to receive such promotional e-mails, you may withdraw your consent at any time by contacting us as described in paragraph “Your rights” or follow the “unsubscribe” or instructions contained in the promotional communications you receive.

5. Website improvement.

We might use your automatically collected data such as IP address and browser data for our Website improvement, such as:

5.1 To administer our site and for internal operations, including data security, troubleshooting, testing, statistical and survey purposes;

5.2 To ensure that content from our site is presented in the most effective manner for you and for your device. The lawful basis for such processing is Legitimate interests.

Disclosure of information to third parties

We do not rent, sell, or share personal information about you with other people or non-affiliated companies without your consent except to provide products or services you've requested, when we have your permission, or under the following circumstances:

1. We provide the information to trusted partners who provide us services under confidentiality agreements, specified in Paragraph “Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data. These companies do not have any independent right to share this information.

2. If you are a job candidate, we will send your personal information under your explicit consent to our clients in order to apply for jobs. We will provide you the full details of our client and obtain your informed consent to disclose your personal data prior to disclosing it.

3. If you are a client, we will share your business details with the job applicants We may disclose your information to third parties when we reasonably believe we are obligated to do so by law, and in order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person.

4. In the event we are acquired by or merged with a third party entity or undergo another change of control, we reserve the right to transfer information, including any PII and non-PII, to a successor entity. In this event, we will notify you by electronic means and obtain your consent before information about you is transferred and becomes subject to a different privacy policy.

International transfers

You can find detailed information related to data location in paragraphs 'Where Do We Store Your Information?' and 'Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data'

Law Enforcement, Legal Requests and Duties:

We may disclose or otherwise allow others access to your Personal Information pursuant to a legal request, such as a subpoena, legal proceedings, search warrant or court order, or in compliance with applicable laws, if we have a good faith belief that the law requires us to do so, with or without notice to you. Your details may also be disclosed to the police and law enforcement agencies for the purpose of fraud detection, crime prevention and national security.

Your rights

You have the following rights in accordance with the Data Protection Act 1998, General Data Protection Regulation and Data Protection Bill 2017-2019:

The right to be informed. In this privacy statement we supply you detailed information related to your personal data storage, maintenance and processing.

The right to access information held about you

The right to rectify your personal data if it is inaccurate, incomplete or out-of-date

The right to erasure (delete or remove) your personal data

The right to restrict (block) processing. When processing is restricted, we will store your personal data, but not further process it.

The right to data portability which allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.

Rights related to automated decision making including profiling. We are not making any decisions which might produce a legal effect on you based on automated processing.

The right to withdraw your consent (object) to direct marketing. You can exercise your rights by contacting us at info@ep-advisory.com.

The right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint with a supervisory authority (Information Commissioner´s Office in the United Kingdom) if you have a concern about our information rights practices.