Personal data means any information relating to an identified or identifiable natural person. Akeso processes personal data for several reasons, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each reason will differ.
Akeso & Company
11 Cursitor Street
The Privacy Notice Matrix at the end of this policy gives details of what types of data we may store about you.
How we may collect your data
We will collect personal data directly from individuals in several ways, when we are establishing a business relationship, performing professional services through a contract, or processing applications for employment. These can include:
- Job applications
- Recruitment services (such as agencies and former employers)
- Business cards
- Bought-in marketing lists
- Meeting attendance
- Framework agreements
We may also obtain personal data indirectly from our business clients. This will be in the event that our business clients engage us to perform professional services and personal data that they control will be shared as part of that engagement. For example, we may need to review workforce data that will inevitably contain personal data. Our services may also include processing personal data under our clients’ control of our hosted cloud applications, which may be governed by different privacy terms and policies.
The information we hold about you
The Personal data we commonly collect to conduct our business activities include:
- contact details (e.g. name, job title, contact number, email address, postal address);
- professional details (e.g., career history, education, professional memberships);
- details of contact we have had with you in relation to the provision, or the proposed provision, of our services;
- details of any services you have received from us;
- our correspondence and communications with you;
- information about any complaints and enquiries you make to us;
- information from research, surveys, and marketing activities;
- or information we receive from other sources, such as publicly available information, the information provided by your employer or our
Special categories of personal data
We usually do not collect special categories of personal data about individuals. In the event that we do process special categories of personal data, it is with the explicit consent of the individual unless it is obtained indirectly for legitimate purposes. Examples of special categories of personal data we may obtain include:
- Information provided to us by clients in the course of a professional engagement.
- Dietary restrictions or access requirements when registering for in-person events that reveal religious beliefs and/or physical health information.
- Personal identification documents that may reveal race or ethnic origin.
Personal data relating to criminal convictions
We may obtain personal data about employees that reveal information about criminal convictions.
How we use personal data
In order to process personal data, we must have a lawful basis for doing so. We may depend on the following lawful bases when collecting and using personal data to perform our business activities and provide our services:
- Legal obligations and public interests: We may process personal data to meet certain regulatory and public interest obligations or mandates
- Legitimate interests: We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. Examples include:
- Direct marketing – to deliver insights and knowledge we believe is welcomed by our clients, subscribers and those who have interacted with us
- Provision of employee benefits such as eye care vouchers – to raise staff morale and satisfaction
- Consent – we may rely on your freely given consent
- Contract – we may process personal data in order to perform contractual obligations
- Why do we need personal data?
We will always endeavor to explain our rationale for collecting personal data and maintain transparency throughout. Reasons can include:
- Providing professional advice and delivering reports related to our professional services
- Promoting our professional services to existing and prospective business clients
- Travel arrangement assistance
- Seeking qualified candidates
- Fulfilling employment or contractual obligations
Data sharing with third parties
Sometimes we may share personal data with trusted third parties to help us deliver effective and quality services.
These recipients are either contractually bound to safeguard the data we entrust them or will sign an agreement to ensure this is the case.
Recipients that we engage with can include:
- Parties that support us as we provide services (e.g. IT system support, providers of telecommunication systems, document production services and cloud-based software services)
- Sub-contractors and partner organisations involved in delivering our professional services
- Professional advisers such as lawyers and insurers
- Recruitment service providers
- Law enforcement and regulatory agencies
Cookies on this website
By navigating to our website, you agree that we can place these cookies on your computer or internet-enabled device.
You may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website (https://www.aboutcookies.org/) which offers guidance for all modern browsers.
What are your data protection rights?
Your rights are outlined below. To submit a request, please email email@example.com
The right of access to personal data
- You have the right to access your personal data held by us.
The right of rectification
- You have the right to request the correction of personal data held by us to the extent that it is inaccurate or incomplete.
The right to data portability
- You have the right (in certain circumstances) to obtain personal data in a format to allow you to transfer it to another organisation.
The right to withdraw consent
- You have the right to withdraw consent at any time, and the process to withdraw consent will be as easy as the process to give consent.
The right to object
- You have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling).
- This right also applies to direct marketing and processing for purposes of scientific/historical research and statistics.
How long do we retain personal data?
We retain personal data to:
- Provide our services
- Stay in contact with you
- Comply with applicable laws, regulations and professional obligations that we are subject to
Unless a different time frame applies as a result of business need or specific legal, regulatory or contractual obligations, where we retain personal data in accordance with these uses, we retain personal data for seven years.
We will dispose of personal data in a secure manner when we no longer require it.
Job applicants, current and former Akeso employees
Personal details you provide in your application for a job opening at Akeso, including the Consultancy Graduate Scheme, will be used by us to process your application in accordance with the GDPR and other applicable laws.
We may also share your data with approved organisations for fraud prevention purposes or with other third-party suppliers working on our behalf, such as employment verification service providers.
In all instances, we take steps to ensure that an adequate level of protection is given to your personal data. Any information provided will only be stored for the necessary amount of time required, after which it will be safely destroyed. By submitting your application you are agreeing to your data being processed in accordance with these terms.
Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed, it will then be destroyed or deleted.
Once a person has taken up employment with Akeso, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment has ended, we will retain the file in accordance with the requirements of our retention schedule and then delete or anonymise it.
Visitors to our websites
When someone visits https://www.akeso.com:
- We collect standard internet log information and details of visitor behaviour patterns.
- We do this to find out things such as the number of visitors to the various parts of the sites.
- We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website.
- We will not associate any data gathered from these sites with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, for example during the Consultancy Graduate Scheme application process, we will be upfront about this.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy.
Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.