1. Grid and Distribution Professionals Limited
    1. Grid and Distribution Professionals Limited is a data controller within the meaning of the General Data Protection Regulation. Details about us and how to contact us appear below.
    2. We collect personal data from you when you contact us and provide us with your personal data, including through this website. We also receive personal data of others and handle it in accordance with the this Privacy Policy.
    3. We have legal obligations to you to inform you our use and processing of personal data.
    4. We set this information out below for you.
  2. How we process your Personal Data
    1. Personal data is information that identifies you to us, either directly or indirectly. It includes your contact details and any personal information about you that you provide us.
    2. When we process your personal data, we:
      1. do so lawfully, fairly and in a transparent manner;
      2. collect it for specified, explicit and legitimate purposes and not for further purposes incompatible with the purposes of initial collection;
      3. limit our collection to what is adequate and relevant to what is necessary in relation to the purposes for which they are processed;
      4. take reasonable steps to keep it accurate and up to date, having regard to the purposes for which they are processed;
      5. kept in a form where we can identify you for no longer than is necessary, for the purposes for which it is processed;
      6. process it in a manner that ensures appropriate security of the personal data. This includes protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. We use appropriate technical and organisational measures to do so.
  3. Personal Data Collected
    1. The types of personal data we may collect from you when you contact us or visit our website include:
      1. Contact Details Name; email address(es); address(es); telephone number(s); instant messaging address(es)
      2. General Personal Details Employer; date of birth; country of birth; marital status; professional qualifications; job role/position/title; job description
      3. Work Details Previous employers; date of birth; country of birth; nationality; professional qualifications; Job Role; job description; employment history; NI Number; photographs, and anything else you might send us which contains personal data
    2. We collect further personal data from you if are making a job enquiry and you wish to progress it.
    3. We may collect information about you from other sources, such when other people refer us to you, but only where these third parties either have your consent or are otherwise legally permitted or required to disclose your information to us. Examples include when others
      1. forward us your contact details
      2. send us your CV or resume, which might include photographs
      3. we are invited to contact you about a role or job position.
    4. When we receive information about you and you have not provided it to us, we will contact you to let you know that we have received it if we are able to, if we do not delete it upon receipt.
    5. Please help us keep your personal data up to date and let us know when it changes.
  4. Not providing Personal Data
    1. We need to know who we are communicating with. Should you choose not to provide us with your name, contact details or other details we may need, we will not be able to communicate with you.
    2. This means that if we do not have your name and contact information and:
      1. you have something to ask us, we will not be able to respond to you;
      2. you are enquiring about job roles we might have available, we will not be able to assess you for suitability;
      3. if you have a contract with us, we will not be able to perform the contract.
  5. Where do we obtain your personal data
    1. We primarily obtain personal data about you from you.
    2. We may also obtain information about you from publicly available sources, such as websites where you have made the information public, Companies House, background check agencies, our business partners, business directories, and tax authorities.
  6. How we use your personal data
    1. We process your personal data for the following purposes, where we have a legal basis to do so:
      1. Communication
        1. Deliver services to you or your employer
        2. Verify your identity
        3. Contact you where necessary
        4. Understand you requests and needs
        5. Seek and understand your views, opinions or comments
        6. Identify your needs and interests
        7. Notify you of changes to our services, events and staff, and other role holders
        8. Send you communications which have been requested
        9. Send you communications required by law
        10. Communicate with others about your requests and needs
        11. Communicate with others about your rights and entitlements
        12. Contact others whose details you provide us
      2. Potential Employment
        1. Make decisions about your recruitment or appointment
        2. Assess your skill sets and suitability for an assignment
        3. Ascertain your fitness to work and legal entitlement to work in the UK
        4. Management and resource planning
        5. Provide you with a good experience dealing with us
      3. Administration and Operations
        1. Deliver our services to our customers
        2. Enable us to meet our legal and statutory obligations
        3. Administer our contracts employees
        4. Maintain our own accounts and records
        5. Administer our complaints handling processes
        6. Store, process and administer records and documentation securely and efficiently
        7. Maintain, detect, investigate and resolve computer network, communications and information security issues
        8. Allow us to improve our website
    2. We may also send you technical notices, updates, security alerts and administrative messages where necessary.
    3. We use your personal data for the following reasons:
      1. You have given us your consent in writing for the purposes for which you provided your personal data
      2. We need to take steps to form a contract with you and perform a contract with you
      3. We need to comply with a legal obligation to which we are subject;
      4. [processing is necessary in order to protect the vital interests of the data subject or of another natural person;]
      5. Processing is necessary for the performance of a task carried out in the public interest
      6. e or someone else has a legitimate interest other than where your interests or fundamental rights and freedoms would be overridden.
    4. We believe we have legitimate interests to process your personal data to:
      1. meet our legal and statutory obligations to you and others
      2. prevent, detect and investigate fraud, corruption and misconduct by you and/or others
      3. conduct and operate our business in the digital age in a competitive environment, understand the needs, requirements and preferences of potential customers, and those that use our services
      4. comply with health and safety obligations and monitor our performance against equal opportunities legislation
      5. ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution
    5. We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
    6. We may process your personal information without your knowledge or consent in compliance with the above rules where this is required or permitted by law.
  7. Data Sharing
    1. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
    2. We limit access to your personal information to those employees, agents, contractors and other third parties who need to know. They will only process your personal information on our instructions and they are subject to duties of confidentiality.
    3. Where you are enquiring in respect of positions we may have available we may pass information to them to assess their interest in hiring you.
    4. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
    5. We may have cause to share your personal information with our service providers, such as:
      1. telecommunications providers, including telephone numbers, instant messaging providers, post and couriers;
      2. our accountants
      3. computer systems service providers, including IT security personnel
      4. regulatory authorities
    6. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
    7. Marketing
      1. We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:
    8. Offers from Us
      1. We may use your Contact Details to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which services and offers may be relevant for you (we call this marketing).
      2. You will receive marketing communications from us if you have requested information from us or purchased services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.
    9. Third Party Marketing
      1. We will get your express opt-in consent before we share your personal data with any company for marketing purposes.
    10. Opting Out
      1. You can ask us to stop sending you marketing messages at any time by [emailing us] [or] [by following the opt-out links on any marketing message sent to you or by contacting us at any time.]
  8. Automated Decision Making
    1. We do not use any automated decision making in respect of personal data, or profiling.
  9. Data Storage
    1. We do not store or transmit your data outside of the EEA.
  10. Data Security
    1. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
    2. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
    3. We store all information that you provide to us on secure servers.
    4. We train employees regarding our data privacy policies and procedures, and permit authorized employees to access information on a need to know basis, as required for their role. We use firewalls designed to protect against intruders and test for network vulnerabilities. However, no method of transmission over the internet or method of electronic storage is completely secure.
    5. Where you have a password, which enables you to use our services, you are responsible for keeping this password complex, secure, and confidential. If you would like to update or change your password, you may select the “Forgot your password?” link on the login page. You will be sent an email that allows you to reset your password.
  11. Retention of your Data
    1. We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
    2. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
    3. By law we have to keep basic information about our customers (including most Contact Details, Identity, financial and transaction data) for at least six years for tax purposes.
    4. [If we receive your CV or resume with your previous and current employment details and you are not employed by us, we retain that data for 12 months unless you ask us to stop processing it sooner.]
    5. When we have no ongoing legitimate business need to process your information, we will either delete or anonymise it.
    6. In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. We will retain and securely destroy your personal information in accordance with applicable laws and regulations.
  12. Rights of access, correction, erasure, and restriction
    1. You have a series of rights under the General Data Protection Regulation.
    2. Not all apply in all circumstances. Under certain circumstances, you have the right to:
      1. Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and check we are lawfully processing it.
      2. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
      3. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
      4. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
      5. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
      6. Request the transfer of your personal information to another party.
    3. If you would like to exercise any of these rights, please contact us using the details below. We will need to verify your identity before we are able to release any personal data to you.
  13. Withdrawal of Consent
    1. Where you may have provided your consent for us to process your personal data and/or transfer your personal data for a specific purpose, you can withdraw it at any time.
    2. To withdraw your consent, please contact us using the details below. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to on a consensual basis. This means that if we have another basis to process your data, we may continue to do so.
  14. Scope of this Policy
    1. This policy does not apply to our current employees, other than when they use our website or provide us with personal data belonging to other people.
    2. This Privacy Policy does not apply to information that you provide to third parties and others with whom you may share information about you. Disclosure of information to these third parties is subject to the relevant third party’s privacy policy. We are not responsible for the third-party privacy policy or content, even if we link to those services from our Platform or if we share information with these third parties.
  15. About Us
    1. GDP is a company formed in England and Wales with registered company number 0837 8565 and registered offices at Suite 4 B, 43 Berkeley Square, Mayfair, Westminster, London, W1J 5FJ.
    2. GDP is responsible for the personal data we hold and use as data controller.
    3. You are able to contact us about your privacy and our data protection practices at privacy@gdprofessionals.co.uk or by writing to us.
    4. We may need to change this privacy policy from time to time. You are able to identify the application date of the privacy statement by the date that appears below.
  16. Complaints
    1. If you are dissatisfied with the way we process your personal data, you have the right to complain to the Information Commissioner’s Office.
    2. They may be contacted at
    3. We would prefer to try and resolve any difficulties between us and make them right before you approach the ICO. Please consider contacting us in the first instance.