Privacy Policy

Last updated 25th July 2018

This Privacy Policy explains how we use your personal information in relation to the Applied online recruitment platform ("Platform"). We really value your trust and your privacy is important to us, so we’ll keep your information secure and manage it in accordance with our legal responsibilities. By providing us with your personal information, you agree to it being used and disclosed in the manner set out in this Policy.

So you can understand what this all means in practice we’ve tried to present this policy in clear language without too much “legal jargon”.

We also want to make it easy for you to quickly find answers to the questions that are most important and relevant to you so we’ve split the policy into three sections:

  • Section 1: The bits relevant to people applying for a job (“Applicants”);
  • Section 2: The bits relevant to employers who are offering jobs (“Hiring Managers”); and
  • Section 3: The bits relevant to everyone.

We’ve also included some signposts down the side to guide you in the right direction. We hope this is helpful!

Applied is a trading name of Be Applied Ltd ("we", "us").

Of course, you don’t have to provide your personal information to us, but if you don’t you may not be able to fully benefit from all the services that we can offer through the Platform.

Where we refer to "data controller" or "data processor", we give those terms the meanings they have in the Data Protection Act 1998 (or any legislation which updates or replaces this legislation).

Our nominated representative for data protection matters is our Data Protection Officer, who you can contact at hello@beapplied.com

Section 1 - Applicants

What personal information do we collect?

Information we collect directly from you

Information to enable you to apply for jobs: We collect the personal information we need in order for you to apply for jobs on the Platform which are being advertised on behalf of Hiring Managers. This may include:

  • Full name;
  • Date of birth;
  • Contact details (email address, telephone number, postal address);
  • Employment history;
  • Education / qualifications;
  • Details of experiences and achievements;
  • Responses to questions we put to you to obtain equal opportunities data;
  • Responses to skill, work and competency questions; and
  • Responses to personality questions and aptitude tests.

The Hiring Manager may want to collect some or all of this information by asking you to upload a CV.

We will ask you to provide information relating to protected characteristics, such as your race or religion. Providing this information is entirely optional, and you do so freely. Unless you are successful in your application for the role and give your consent to sharing the information with the hiring company, this information is always anonymised and used solely for statistical and research purposes.

Registration Information: You will also be asked to set up a user account which will allow you to log into and out of the Platform. You need to register a username and password to gain secure access to your account.

Other data you intentionally share: We may collect personal data if you submit it to us in other contexts. For example, if you provide us with a testimonial.

Information we automatically collect about you

Like many website operators, each time you visit the Platform we may automatically collect the following information:

Technical information: including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.

Information about your visit: including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

Referral data: if you arrive on the Platform from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.

How do we use your personal information?

Generally, we use your personal information: (i) to process job applications which you make through the Platform. We do this as a data processor on behalf of the Hiring Managers who are the data controllers; (ii) for research purposes, to help test and improve the service we offer through the Platform, to help Hiring Managers make recruitment smart, fair and easy, and (iii) to let you know about other hiring opportunities you might be interested in. We do this as a data controller.

We will only use your information in accordance with this Policy, or where we are required or authorised by law to disclose your information to others, or have your permission to do so. Some more detailed information about the above activities is listed below.

1. Completing applications for a role

When you complete an application for a role on the Platform, we pass some of that information supplied to the Hiring Manager who has invited you to apply for that role. Some of the data will be passed to them only if you are successful in your application, or if they wish to interview you. We may pass them any of the information you provide to us (except for the equal opportunity data, which we will only pass them if you specifically OK withthis) and some of that data may be referred back to in future hiring rounds. 

The Hiring Manager will be responsible for reviewing and responding to the information supplied and otherwise deciding how to proceed with your application. You understand that this means we pass information supplied on to them and that you may receive further direct correspondence from them about the application.

You should refer to the relevant Hiring Manager’s privacy policy and applicable recruitment policies or related terms for specific information relating to the application process and details about how they intend to use personal details contained within your application. 

2. Research to help make recruitment smart, fair and easy!

When you sign up, we ask for your consent to use the information you provide to support our recruitment research programme. This improves the service we offer through the Platform.

We are a social purpose company, with a mission to support research into behavioural sciences, including talent analytics and sometimes your information will be used to support our wider research in these areas.

Whenever we publish or publicise findings based on your personal information, those findings will be anonymised so that you cannot be individually identified.

If you agree to support the research programme, we will store a copy of your personal information securely in accordance with this Policy, solely for the purposes of carrying out research. This will be conducted by our hand-selected team of trained scientists, academics and researchers, and sometimes by trusted and carefully selected third parties.

You may withdraw your consent at any time by contacting us using the details set out below.

3. To manage and improve our services to you and the features of the Platform

We internally perform statistical and other analysis on information we collect on the Platform (including usage data, device data, referral data and question and response data) to analyse and measure Applicants’ behaviour and to understand how Applicants use our services, and to monitor, troubleshoot and improve our services, including to help us evaluate or devise new features.

We may also use your information: (i) for internal purposes designed to keep our services secure and operational, such as for troubleshooting and testing purposes, and for service improvement and research and development purposes; (ii) for our internal purposes to create and provide new services, features or content. In relation to metadata, we may look at statistics like response rates, question and answer word counts, and publish interesting observations about these for informational or research purposes. When we do this, neither Applicants nor Hiring Managers will be identified or identifiable unless we have obtained their permission; or (iii) to send you notifications about roles similar to the ones you have applied for or we think you might be interested in, or if you are successful, to learn about your experience in the role. You can opt-out of these emails at any time by clicking on the link provided in the email.

4. To contact you about your account.

We occasionally send you communications of a transactional nature (e.g. service-related announcements, sending you an email including a link to the page containing an application you have started, changes to our services or policies, a welcome email when you first register). You can’t opt out of these communications as they are needed to provide our services to you.

5. To send you the Applied Newsletter or details of other interesting roles

If you’ve signed up to our Newsletter we’ll occasionally send you emails so you can stay tuned on the latest research developments in how to make recruitment smart, fair and easy! We may also send you updates by email on new roles we think might interest you, if you agree. You can opt-out of receiving the Newsletter or new role updates at any time by clicking on the link provided in the email. We use profiling and screening techniques to increase the chance that any roles we notify you of by email are relevant to you.

Who else do we provide your personal information to?

Hiring Managers: We need to share your personal information with the Hiring Managers who have advertised the job you have applied for. If the Hiring Managers direct us to, this might include sharing it with external systems they use as part of their hiring process (an example might be their employee on-boarding system, or their preferred video interview service provider).

We may also provide your information to:

  • Our service providers who process information on our behalf to help deliver the Platform, for example providers of video interview services (or the video provider specified by the hirer), our hosting services and email service providers; and
  • Research gurus: carefully selected third parties who assist us with our research, including trained scientists, academics and researchers. We take steps to ensure that third parties who have access to your personal information treat it with the same consideration that we do. For more information on where these organisations may be located see Section 3 below.
  • Legal enforcement bodies: We may from time to time be required to disclose information about you to law enforcement bodies, agencies or third parties under a legal requirement or court order. We act responsibly and take account of your interests when responding to any such requests. 
  • For protective purposes: We may need to share your data with others in order to protect our rights, users, systems, and services.

In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or shares.

You understand that we may disclose or share personal information with third parties as outlined above. If you are concerned about these arrangements, please feel free to contact us using the details listed at the bottom of this statement.

How long do we keep your personal information for?

We keep your personal information for as long as required to process your role applications, manage your user account, where relevant, to carry out our research and to manage and improve our services to you, and in accordance with legal, tax and accounting requirements.

Where your information is no longer required, we will ensure it is disposed of in a secure manner and, where required by applicable law we will notify you when such information has been disposed of.

Section 2 - Hiring managers

What personal information do we collect?

Information we collect directly from you

Information to provide services: We collect the personal information we need to offer you our services and manage our relationship with you, or the business you work for, as our customer.

This may include some or all of the following:

  • Full name;
  • Work contact details (email address, phone number, postal address); and
  • Job title / role.

Registration information: You will also be asked to set up a user account which will allow you to log into and out of the Platform. You need to register a username and password to gain secure access to your account.

Other data you intentionally share: We may collect personal data if you submit it to us in other contexts. For example, if you provide us with a testimonial.

Billing information: If you make a payment to Applied, we require you to provide your billing details, such as a name, address, email address and financial information corresponding to your selected method of payment (e.g. a credit card number and expiration date or a bank account number). If you provide a billing address, we will regard that as the location of the account holder.

Payments are processed in partnership with a third party provider, Stripe Payments UK Limited. Their privacy policy is available at https://stripe.com/gb/privacy. We do not collect or process your credit or debit card details. These are however collected and processed by Stripe. Both we and Stripe comply with applicable PCI standards.

Information we automatically collect about you

Like many website operators, each time you visit the Platform we may automatically collect the following information:

Technical information: including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

Information about your visit: including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

Referral data: If you arrive on the Platform from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.

How do we use your personal information?

Generally, we use your personal information to create your customer account, to communicate with you about the roles you advertise on the Platform, and to contact you regarding changes or updates to the services we provide.

We may also contact you to provide you with information about our products and services, and those of carefully selected third parties, in each case where we have your prior consent. You can opt-out of receiving these communications by contacting us directly, or by using the link provided in our emails.

We will only use your information in accordance with this Policy, or where we are required or authorised by law to disclose your information to others, or have your permission to do so. Some more detailed information about the above activities is listed below.

1. To manage and improve our services to you and the features of the Platform.

We internally perform statistical and other analysis on information we collect on the Platform (including usage data, device data, referral data and question and response data) to understand how Hiring Managers use our services, and to monitor, troubleshoot and improve our services, including to help us evaluate or devise new features.

We may also use your information: (i) for internal purposes designed to keep our services secure and operational, such as for troubleshooting and testing purposes, and for service improvement and research and development purposes; or (ii) for our internal purposes to create and provide new services, features or content. In relation to metadata, we may look at statistics like response rates, question and answer word counts, and publish interesting observations about these for informational or research purposes. When we do this, neither Applicants nor Hiring Managers will be identified or identifiable unless we have obtained their permission.; or (iii) to contact you regarding your experience using the platform and the performance of candidates that have been hired, as a means of improving our service to you. 

2. To contact you about your account. 

We occasionally send you communications of a transactional nature (e.g. service-related announcements, changes to our services or policies, a welcome email when you first register). You can’t opt out of these communications as they are needed to provide our services to you. 

3. To send you the Applied Newsletter, if you have signed up for it.

If you’ve signed up to our Newsletter we’ll occasionally send you emails so you can stay tuned on the latest research developments in how to make recruitment smart, fair and easy!

Who else do we provide your personal information to?

We may provide your information to:

Our service providers: who process information on our behalf to help deliver the Platform, for example hosting services and email service providers;

We take steps to ensure that third parties who have access to your personal information treat it with the same consideration that we do. For more information on where these organisations may be located see Section 3 below.

Legal enforcement bodies: We may from time to time be required to disclose information about you to law enforcement bodies, agencies or third parties under a legal requirement or court order. We act responsibly and take account of your interests when responding to any such requests.

For protective purposes: We may need to share your data with others in order to protect our rights, users, systems, and services.

In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or shares.

You understand that we may disclose or share personal information with third parties as outlined above. 

How long do we keep your personal information for?

We keep your personal information for as long as required to deliver our services to you, where relevant, to manage and improve our services to you, and in accordance with legal, tax and accounting requirements.

Where your information is no longer required, we will ensure it is disposed of in a secure manner and, where required by applicable law we will notify you when such information has been disposed of.

Section 3 - Everyone

Keeping your information secure

We are committed to handling your personal information and data with integrity and care and invest appropriate resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based platform can be 100% secure and so there is always a risk of unauthorised or unintended access to your personal data by third parties that is beyond our control.

Storage and transfer of your personal data

Your information may be transferred to, stored at or processed by, organisations located in other countries around the world. For example, to allow the processing of payment details you provide or the provision of support services to help us deliver the Platform.

As privacy laws in other countries may not be equivalent to those in your home country, we only make arrangements to transfer data overseas where we are satisfied that adequate levels of protection are in place to protect any information held in that country or that the service provider acts at all times in compliance with applicable privacy laws. Where required under applicable laws we will take measures to ensure that personal information handled in other countries will receive at least the same level of protection as it is given in your home country. The details of these transfers are as follows:

Amazon Web Services (AWS) hosts our applicant and hirer databases on its servers, some of which are in the USA, and are subject to the EU-US Privacy Shield. (More information here - https://aws.amazon.com/compliance/eu-us-privacy-shield-faq/). Mailchimp provides assistance in relation to our email newsletter and marketing activities. Mailchimp also has an EU-US Privacy Shield certification. (More information here - https://kb.mailchimp.com/accounts/management/about-mailchimp-the-eu-swiss-privacy-shield-and-the-gdpr).

Our corporate servers on which we hold account and billing data are hosted by Google servers, some of which may be in the United States. Google also has a Privacy Shield certification. (More information here - https://www.google.com/policies/privacy/frameworks/).

Inspectlet helps us to identify technical bugs and improve the user experience. (To read more about their GDPR protections, please click here - http://docs.inspectlet.com/hc/en-us/articles/360002994432-Privacy-Impact-Assessment-under-GDPR).

Zendesk is our customer support tool, enabling us to support you if you have questions you need help with. (Full details of their GDPR compliance, including their EU-US Privacy Shield certification, can be found here - https://www.zendesk.co.uk/company/customers-partners/eu-data-protection/).

Slack is a tool we use to communicate as a team and it also allows us to notify clients of key events in their hiring cycle. Slack has an EU-US Privacy Shield certification.  (see here for more details - https://slack.com/privacy-shield-notice)

Information about others

If you provide us with information about other individuals, for example details of a referee or colleague, you must check that they agree to you providing us with their details. Tip: Keep a record of their agreement and provide them with a copy of, or link to, this Policy to avoid any concern.

Other people’s websites

The Platform may contain links to and from websites operated by other people, including Hiring Managers. If you follow a link to any of these websites, please note that these websites have their own privacy policies. We don’t accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.

Updating your account and preferences

If you register a user account with us please do keep your details up to date and notify us of any changes to the personal information. You can do this through your account login or by emailing hello@beapplied.com.

Cookies

The Platform uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them, beyond how it is explained in sections above, feel free to contact us at hello@beapplied.com.

Your rights to your information

You have the following rights:

  • The right to request details of the information we have about you (this is subject to some limitations, for example where meeting your request involves disclosing someone else’s information). 
  • The right to withdraw your consent to the use of your information where we are relying on that consent (for example, you can opt out of receiving our Newsletter). We may still be entitled to process your information if we have another legitimate reason (other than consent) for doing so.
  • In some circumstances, you have the right to receive some of your information in a usable format. This right only applies to information which you have provided to us.
  • The right to ask that we update your information if it is inaccurate or incomplete.
  • The right to ask that we erase your information in certain circumstances. There may be circumstances where you ask us to erase your information, but we are legally entitled to retain it.
  • The right to request that we restrict the processing of your information in certain circumstances. In others, we will be legally entitled to refuse that request.
  • If you want to take any of the above actions please contact us via hello@beapplied.com or write to Privacy, Be Applied Ltd, 114 Whitechapel High Street, London, E1 7PT, UK and we will respond to your requests as soon as we reasonably can, but within any legally mandated timeframes.

In certain circumstances (for example where required or permitted by law) we might not be able to provide you with access to some of your personal information. If this is the case we’ll tell you the reasons why.

If your request for access to your information relates to the use of your personal information in the context of your job application (as opposed to our use of your information for research or to communicate with you), you should contact the relevant Hiring Manager directly.

What is the legal basis on which we rely to process personal information? 

For some uses, we may process personal information with consent (for example, when you decide to give us answers to optional questions to derive equal opportunities data, or agree to receive our newsletter). You have the right to withdraw your consent at any time by contacting us on the email address below.

On other occasions, we may process personal information when we need to do this to fulfil a contract (for example, for billing purposes) or where we are required to do this by law. If we didn’t process the data for those purposes, we’d be unable to provide you with the Applied service.

We also process your personal information when it is in our legitimate interests to do this and when we consider these interests are not overridden by your data protection rights. Those legitimate interests include using your information for research and analysis purposes, which we aim to do in a way that works to improve the recruitment process for both hirers and applicants.

Information Commissioner’s Office

You have the right to complain to the Information Commissioner's Office (ICO) if you believe we have not handled your request in an appropriate manner. For information on contacting the ICO please see their website (https://ico.org.uk/concerns/)

Updates

We keep this Policy under regular review and may update it from time to time but if we do this we will publish the changes on the Platform, and (if the change is an important one) we may email you to let you know. So please check this policy regularly for changes. If you do not accept the amended Policy, please stop using the Platform.

Any Questions – Contact us!

If you have any questions about this Policy, or would like to exercise your rights with respect to your personal information, please contact us via hello@beapplied.com or write to Privacy, Be Applied Ltd, 114 Whitechapel High Street, London E1 7PT, United Kingdom.

Terms & conditions

Last updated June 2018

1. APPLICATION OF TERMS

1.1 Be Applied Ltd ("Applied") has developed a customisable cloud computing platform ("Platform") which it makes available to a hiring manager (a “Customer”) via the internet for the purpose of developing a bespoke online application process (the "Services").

1.2 The Customer has placed an order ("Order") for the Services which has been accepted by Applied. The Order incorporates these terms and conditions and together is the "Agreement".

1.3 You indicate your agreement to this Agreement by clicking a button indicating your acceptance of this Agreement when placing your Order, by executing a document that incorporates this Agreement, or by using the Services.

1.4 If you will be using the Services on behalf of an organisation, you agree to the Agreement on behalf of that organisation and you represent that you have the authority to do so. In such case, “you” and “your” and “Customer” will refer to that organisation.

1.5 This Agreement supersedes any arrangements made or existing between the parties and constitutes the entire understanding between the parties. For the avoidance of doubt, any implied terms and warranties shall (to the extent permitted by law) be excluded from this Agreement.

2. PLATFORM AND SERVICES

2.1 Applied shall provide the Services in accordance with the terms of this Agreement. Applied shall make the Platform available to the Customer, who may then make it available to job applicants ("Authorised Users").

2.2 The Customer shall: (a) use the Platform solely for its own internal business purposes in accordance with the user arrangements specified in the Order; (b) not otherwise modify, enhance, copy, redistribute, disseminate, sell, licence, reverse engineer, decompile or reproduce the Platform. In particular (but without limitation) the Customer shall not use the Platform in connection with the operation of any bureau service or outsourced service offering to any third party without the prior written consent of Applied; and (c) not access all or any part of the Platform in order to build a product or service which competes with the Platform or the Services.

2.3 The Customer acknowledges that the Services may enable or assist it to access, correspond with or integrate its use of the Services with the services of third parties via third-party platforms (“Third Party Platforms”) (including, without limitation, staff on-boarding platforms) and that it does so solely at its own risk. The Customer acknowledges that in respect of any actions undertaken by means of a Third-Party Platform, the operator of such Third-Party Platform is appointed and instructed by the Customer, not by Applied. Applied makes no representation, warranty or commitment and shall have no liability or obligation whatsoever in relation to the use of, or correspondence with, any Third-Party Platform, or any transactions or processes undertaken by means of any Third-Party Platform.  Any process or transaction undertaken via any Third-Party Platform is between the Customer and the relevant Third-Party Platform, and not Applied.  Applied recommends that the Customer refers to the third party's website terms and conditions and privacy policy prior to using the relevant Third-Party Platform in connection with the Services.  Applied does not endorse or approve any Third-Party Platform.

3. CHARGES

3.1 The Customer shall pay to Applied the charges specified in the Order for the Services ("Charges"): (a) within 30 days from receipt of an invoice from Applied; or (b) in accordance with the payment terms and billing method specified in the Order or selected by the Customer through its account management page.

3.2 Where a Customer places an Order on a subscription basis (a “Subscription”) a Customer will be billed in advance on a recurring, periodic basis (each a "Subscription Period”). The length of a Subscription Period will depend on what subscription plan is selected when placing an Order. A Customer’s Subscription will automatically renew at the end of each Subscription Period unless a Customer cancels auto-renewal through its online account management page, or by contacting Applied’s support team. A Subscription may be cancelled at any time, but will continue until the end of the Subscription Period.

3.3 Failure to comply with these payment terms shall entitle Applied to: (a) charge interest on the outstanding amount at the rate of 2% above the Barclays Bank rate from time to time per month (or the highest rate allowed by the applicable law, whichever is the lower) from the due date until the outstanding invoiced price or outstanding part thereof is paid; and/or (b) suspend access to the Platform.

3.4 Charges are exclusive of all current and future taxes and fees, all of which the Customer will be responsible for and will pay in full.

3.5 All Charges are non-refundable, except as provided in this Agreement or when required by law.

4. INTELLECTUAL PROPERTY RIGHTS

4.1 "Intellectual Property Rights" means all patents, copyright, design rights, domain names, registered designs, trade and service marks (registered and unregistered), rights in know-how, rights in relation to databases, trade secrets, rights in confidential information and all other intellectual property rights throughout the world including:  (a) all registrations and pending registrations relating to any such rights and the benefit of any pending applications for any such registrations; and  (b) all reversions, extensions and renewals of any such rights.

4.2 The Customer acknowledges that all of the Intellectual Property Rights subsisting in the Platform are and shall remain the sole property of Applied or its third party licensors. The Customer has no rights to, or in, patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of the Platform.

4.3 The Customer grants to Applied an irrevocable, royalty-free, worldwide licence in any Intellectual Property Rights arising from or created, produced or developed in the course of using the Platform (including, but not limited to, the wording of questions in the online application form and Customer logos, brand names and insignia).

5. WARRANTY

5.1 The Platform is provided AS IS and may not necessarily meet the Customer's present or future requirements, or be fault or error free. Applied does not guarantee that the Platform, or any content on it, will always be available or be uninterrupted. The Customer is responsible for making all arrangements necessary for the Customer to have access to the Platform. The Customer is also responsible for ensuring that all persons who access the Platform through the Customer's internet connection are aware of these terms of use and other applicable terms and conditions, and that they comply with them.

5.2 Applied does not guarantee that the Platform will be secure or free from bugs or viruses. The Customer is responsible for configuring the Customer information technology, computer programmes and platform in order to access our site. The Customer should use the Customer’s own virus protection software.

5.3 The Customer must not misuse the Platform by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. The Customer must not attempt to gain unauthorised access to the Platform, the server on which the Platform is stored or any server, computer or database connected to the Platform. The Customer must not attack the Platform via a denial-of-service attack or a distributed denial-of service attack.

5.4 Applied warrants that it will provide access to the Platform with reasonable skill and care. This warranty shall be subject to the Customer complying with its obligations in clause 2.3.

6. USER DATA

6.1 In this clause 6, "Personal Data", "Data Controller" and "Data Processor" shall have the meanings ascribed to them in Data Protection Legislation. “Data Protection Legislation” means (until 25 May 2018) the Data Protection Act 1998 and (from 25 May 2018) the General Data Protection Regulation, and/or any corresponding or equivalent national laws or regulations or in any legislation which substantially amends, supersedes or replaces it.

6.2 “User Data” means the data inputted by the Customer, and Authorised Users for the purpose of using the Platform or facilitating the Customer's use of the Platform. The Customer and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the User Data and compliance with Data Protection Legislation, including informing Authorised Users of, and where required, securing necessary consents to, processing of their Personal Data as anticipated in this Agreement.

6.3 Applied will process any Personal Data comprised within the User Data on the Customer's behalf as a Data Processor, in accordance with Applied’s Data Processing Terms set out below which are included as part of this Agreement. 

6.4 In the event of any loss or damage to User Data, the Customer's sole and exclusive remedy shall be for Applied to use reasonable commercial endeavours to restore the lost or damaged User Data from the latest back-up of such User Data maintained by Applied. Applied shall not be responsible for any loss, destruction, alteration or disclosure of User Data caused by any third party

6.5 The Customer permits Applied to keep a copy of the User Data for use by Applied and any of its group companies (meaning its subsidiaries or holding companies from time to time and any subsidiary of any holding company from time to time) ("Copy Data"). Applied shall be the Data Controller of the Copy Data. Applied may use the Copy Data for purposes of research, inclusion in and improvement of the Applied service, and notifying Authorised Users of roles they may wish to apply for.

6.6 Applied shall be entitled to use the Copy Data to anonymise and aggregate it with other data. Because it will not identify any living individual, such anonymised and aggregated data shall not be Personal Data for the purposes of Data Protection Legislation. 

6.7 To the extent that the Customer requests that Applied enables any Third-Party Platform to interface with User Data by means of the Services, Applied and the Customer acknowledge that the provider of such Third-Party Platform is a data processor appointed by the Customer and not by Applied. The Customer, not Applied, shall be entirely responsible for the compliance with Data Protection Legislation of any transfer of User Data to any such third party, and any act or omission of such third party in respect of the User Data.

6.8 The Services comprise retention of User Data in respect of Authorised Users for a period of 12 months following the termination or expiry of this Agreement.

7. CONFIDENTIALITY

7.1 In this clause 7, "Confidential Information" means all information disclosed (whether in writing, orally or by another means and whether directly or indirectly) by Applied to Customer whether before or after the date of this Agreement including, but not limited to, information relating to the Platform or Services, or a user identification code or password for the Platform, or any of Applied's other operations, processes, plans or intentions, product information, pricing, know-how, design rights, trade secrets, market opportunities and business affairs unless Applied has already placed such information in the public domain.

7.2 Customer shall not use, copy, adapt, alter, disclose or part with possession of any Confidential Information except as necessary for the sole purpose of receiving the Services and otherwise exercising its rights and performing its obligations under this Agreement. In particular but without limitation, Customer shall only use Confidential Information for its own internal business purposes and shall not disclose or make any such Confidential Information available for any reason to any other person, firm, company or organisation.

7.3 Customer shall ensure that its officers, employees and sub-contractors who have, or may have, access to Confidential Information are made aware of and comply with the obligations of confidentiality in this clause 7.

7.4 These obligations of confidentiality in 7.1 to 7.3 above shall continue after termination of this Agreement.

8. APPLIED’S LIABILITY

8.1 Subject to clauses 8.2 and 8.3, Applied’s total liability for loss or damage arising in connection the Platform and its obligations under this Agreement shall be limited to the aggregate Charges paid by Customer in the six months preceding the date of the relevant breach.

8.2 Subject to clause 8.3, Applied expressly excludes liability for indirect and consequential loss or damage, including but not limited to loss or damage to data or to other equipment or property (whether or not the same may be in Applied's care, custody or control) or for loss of profit, business, revenue, goodwill or anticipated savings.

8.3 Applied does not exclude liability for death or personal injury to the extent that the same arises directly from the negligence of Applied or its employees.

9. INDEMNITY

9.1 The Customer shall defend, indemnify and hold harmless Applied and any of its group companies, affiliates, officers, employees, agents, suppliers and licensors against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with the Customer's use of the Platform or the Services or this Agreement.

9.2 The Customer shall be responsible for use of the Platform in accordance with legislation and laws affecting the Customer and shall indemnify Applied and any of its group companies, affiliates, officers, employees, agents, suppliers and licensors against all liabilities, claims and expenses arising as a result of any breach of this clause 9.

10. TERM

This Agreement shall commence on the date set out in the Order and shall continue for the duration specified in the Order or where a Customer has placed an Order on a Subscription basis, it shall continue until terminated in accordance with clause 3.2.

11. TERMINATION

11.1 Applied may terminate this Agreement by giving the Customer 60 days' written notice.

11.2 Either party may terminate this Agreement immediately by notice in writing to the other party ("Breaching Party") if any of the following events occurs: (a) the Breaching Party commits any material breach of any term of this Contract which breach is irremediable or (if such breach is remediable) fails to remedy that breach within a period of 14 days after being notified to do so; (b) the Breaching Party ceases, or threatens to cease, to carry on business; or (c) the Breaching Party takes any step or action in connection with its entering administration, provisional liquidation or any composition or arrangement with its creditors (other than in relation to a solvent restructuring), being wound up (whether voluntarily or by order of the court, unless for the purpose of a solvent restructuring), having a receiver appointed to any of its assets or ceasing to carry on business or, if the step or action is taken in another jurisdiction, in connection with any analogous procedure in the relevant jurisdiction;

11.3 Applied may terminate this Agreement immediately:(a) if there is a change of control (as defined in section 1124 of the Corporation Tax Act 2010) in Customer; or  (b) the Customer fails to pay any amount due under this Agreement on the due date for payment and remains in default not less than 10 days after being notified to make such payment.

11.4 Applied may also suspend providing the Services to the Customer if we are investigating suspected misconduct by the Customer.

11.5 Immediately following termination of this Agreement Customer shall cease using the Platform and, if Applied so requires, delete from all computer hardware and storage media and otherwise destroy copies of all documentation, Platform data and other material including Confidential Information that Applied has made available to Customer save for the User Data for which the Customer shall be entitled to access. Customer shall warrant that it has done these acts within thirty (30) days of termination or the date on which Applied requires Customer to delete or destroy such items (as applicable). Customer shall also pay to Applied any Charges that are outstanding.

11.6 Termination shall not affect any of the terms of this Agreement expressed to survive or operate in the event of the termination and shall not prejudice the rights of either party in respect of any breach or in respect of any monies payable for any period prior to termination.

12. FORCE MAJEURE

Applied shall be under no liability to Customer in respect of anything which, apart from this provision, may constitute a breach of this Agreement arising by reason of circumstances beyond the control of Applied.

13. WAIVER

Failure or neglect by Applied to enforce at any time any part of this Agreement shall not be construed nor shall be deemed to be a waiver of Applied’s' rights hereunder nor in any way affect the validity of the whole or any part of this Agreement nor prejudice Applied’s rights to take subsequent action.

14. SEVERABILITY

In the event that any or any part of this Agreement shall be determined by any competent authority to be invalid, unlawful or unenforceable to any extent such term, condition or provision shall to that extent be severed from the remaining terms and conditions which shall continue to be valid and enforceable to the fullest extent permitted by law.

15. ASSIGNMENT

This Agreement shall not be assigned by Customer without the prior written consent of Applied. Applied reserves the right to assign any or all of its rights under this Agreement.

16. THIRD PARTY RIGHTS

A person who is not a party to this Agreement has no rights under the Contracts (Rights of Third Parties) Act 1999 or equivalent legislation outside England and Wales to enforce any term of this Agreement.

17. LAW

The parties hereby agree that the Agreement and any disputes arising out of or in connection with the Agreement shall be construed in accordance with the laws of England and Wales. Customer accepts the exclusive jurisdiction of the courts of England and Wales.

DATA PROCESSING TERMS

Definitions

In these Data Processing Terms:

Applicable Law

means as applicable and binding on the Customer, Applied and/or the Services: any law, statute, regulation, by-law or subordinate legislation in force from time to time to which a party is subject and/or in any jurisdiction that the Services are provided to or in respect of; the common law and laws of equity as applicable to the parties from time to time; any binding court order, judgment or decree; or any applicable direction, policy, rule or order that is binding on a party and that is made or given by any regulatory body having jurisdiction over a party or any of that party’s assets, resources or business;

Appropriate Safeguards

means such legally enforceable mechanism(s) for transfers of Personal Data as may be permitted under Data Protection Laws from time to time;

Data Controller

has the meaning given to that term (or to the term ‘controller’) in Data Protection Laws;

Data Processor

has the meaning given to that term (or to the term ‘processor’) in Data Protection Laws;

Data Protection Laws

means as applicable and binding on the Customer, Applied and/or the Services:

  1. in the United Kingdom:
  2. the Data Protection Act 1998 and any laws or regulations implementing Directive 95/46/EC (Data Protection Directive); and/or
  3. the GDPR, and/or any corresponding or equivalent national laws or regulations;
  4. in member states of the European Union: the Data Protection Directive or the GDPR, once applicable, and all relevant member state laws or regulations giving effect to or corresponding with any of them; and
  5. any Applicable Laws replacing, amending, extending, re-enacting or consolidating any of the above Data Protection Laws from time to time;

Data Subject

has the meaning given to that term in Data Protection Laws;

Data Subject Request

means a request made by a Data Subject to exercise any rights of Data Subjects under Data Protection Laws;

GDPR

means the General Data Protection Regulation (EU) 2016/679;

GDPR Date

means from when the GDPR applies on 25 May 2018;

International Organisation

means an organisation and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries;

International Recipient

has the meaning given to that term in paragraph 6.1;

Personal Data

has the meaning given to that term in Data Protection Laws;

Personal Data Breach

means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Protected Data;

processing

has the meanings given to that term in Data Protection Laws (and related terms such as process have corresponding meanings);

Processing Instructions

has the meaning given to that term in paragraph 2.1.1;

Protected Data

means Personal Data received from or on behalf of the Customer to the extent that it is processed by Applied on Customer’s behalf in connection with the performance of Applied’s obligations under the Agreement, excluding Copy Data (as defined under the Agreement);

Services

means the Services as defined under the Agreement.

Sub-processor

means another Data Processor engaged by Applied for carrying out processing activities in respect of the Protected Data on behalf of the Customer; and

Supervisory Authority

means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Protection Laws.

Specific interpretive provision(s)

In these Data Processing Terms:

(a) references to any Applicable Laws (including to the Data Protection Laws and each of them) and to terms defined in such Applicable Laws shall be replaced with or incorporate (as the case may be) references to any Applicable Laws replacing, amending, extending, re-enacting or consolidating such Applicable Law (including the GDPR and any new Data Protection Laws from time to time) and the equivalent terms defined in such Applicable Laws, once in force and applicable;

(b) a reference to a law includes all subordinate legislation made under that law; and

(c) references to “paragraph numbers” are to paragraphs of these Data Processing Terms.

Data processing provisions

1 - Data Processor and Data Controller

1.1 The parties agree that, for the Protected Data, the Customer shall be the Data Controller and Applied shall be the Data Processor. The Customer acknowledges that Applied also processes a copy of the User Data (as defined in the Agreement) as Copy Data (as defined in the Agreement) in the capacity of data controller. These Data Processing Terms does not apply to Copy Data.

1.2 Applied shall process Protected Data in compliance with: 

1.2.1 the obligations of Data Processors under Data Protection Laws in respect of the performance of its obligations under the Agreement; and

1.2.2 the terms of the Agreement. 

1.3 The Customer shall comply with: 

1.3.1 all Data Protection Laws in connection with the processing of Protected Data, the Services and the exercise and performance of its respective rights and obligations under the Agreement, including maintaining all relevant regulatory registrations and notifications as required under Data Protection Laws; and 

1.3.2 the terms of the Agreement. 

1.4 The Customer warrants, represents and undertakes, that all instructions given by it to Applied in respect of Personal Data shall at all times be in accordance with Data Protection Laws; and 

1.5 The Customer shall not withhold, delay or condition its agreement to any change to the Agreement, the Platform or the Services requested by Applied in order to promote compliance with Data Protection Laws by the Services, the Platform, Applied and any Sub-Processor.

Data Processor

has the meaning given to that term (or to the term ‘processor’) in Data Protection Laws;

Data Protection Laws

means as applicable and binding on the Customer, Applied and/or the Services:

  1. in the United Kingdom:
  2. the Data Protection Act 1998 and any laws or regulations implementing Directive 95/46/EC (Data Protection Directive); and/or
  3. the GDPR, and/or any corresponding or equivalent national laws or regulations;
  4. in member states of the European Union: the Data Protection Directive or the GDPR, once applicable, and all relevant member state laws or regulations giving effect to or corresponding with any of them; and
  5. any Applicable Laws replacing, amending, extending, re-enacting or consolidating any of the above Data Protection Laws from time to time;

Data Subject

has the meaning given to that term in Data Protection Laws;

Data Subject Request

means a request made by a Data Subject to exercise any rights of Data Subjects under Data Protection Laws;

GDPR

means the General Data Protection Regulation (EU) 2016/679;

GDPR Date

means from when the GDPR applies on 25 May 2018;

International Organisation

means an organisation and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries;

International Recipient

has the meaning given to that term in paragraph 6.1;

Personal Data

has the meaning given to that term in Data Protection Laws;

Personal Data Breach

means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Protected Data;

processing

has the meanings given to that term in Data Protection Laws (and related terms such as process have corresponding meanings);

Processing Instructions

has the meaning given to that term in paragraph 2.1.1;

Protected Data

means Personal Data received from or on behalf of the Customer to the extent that it is processed by Applied on Customer’s behalf in connection with the performance of Applied’s obligations under the Agreement, excluding Copy Data (as defined under the Agreement);

Services

means the Services as defined under the Agreement.

Sub-processor

means another Data Processor engaged by Applied for carrying out processing activities in respect of the Protected Data on behalf of the Customer; and

Supervisory Authority

means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Protection Laws.

Specific interpretive provision(s)

In these Data Processing Terms:

(a) references to any Applicable Laws (including to the Data Protection Laws and each of them) and to terms defined in such Applicable Laws shall be replaced with or incorporate (as the case may be) references to any Applicable Laws replacing, amending, extending, re-enacting or consolidating such Applicable Law (including the GDPR and any new Data Protection Laws from time to time) and the equivalent terms defined in such Applicable Laws, once in force and applicable;

(b) a reference to a law includes all subordinate legislation made under that law; and

(c) references to “paragraph numbers” are to paragraphs of these Data Processing Terms.

Data processing provisions

  1. Data Processor and Data Controller
  2. The parties agree that, for the Protected Data, the Customer shall be the Data Controller and Applied shall be the Data Processor. The Customer acknowledges that Applied also processes a copy of the User Data (as defined in the Agreement) as Copy Data (as defined in the Agreement) in the capacity of data controller. These Data Processing Terms does not apply to Copy Data.
  3. Applied shall process Protected Data in compliance with:
  4. the obligations of Data Processors under Data Protection Laws in respect of the performance of its obligations under the Agreement; and
  5. the terms of the Agreement.
  6. The Customer shall comply with:
  7. all Data Protection Laws in connection with the processing of Protected Data, the Services and the exercise and performance of its respective rights and obligations under the Agreement, including maintaining all relevant regulatory registrations and notifications as required under Data Protection Laws; and
  8. the terms of the Agreement.
  9. The Customer warrants, represents and undertakes, that all instructions given by it to Applied in respect of Personal Data shall at all times be in accordance with Data Protection Laws; and
  10. The Customer shall not withhold, delay or condition its agreement to any change to the Agreement, the Platform or the Services requested by Applied in order to promote compliance with Data Protection Laws by the Services, the Platform, Applied and any Sub-Processor.
  11. Instructions and details of processing
  12. Insofar as Applied processes Protected Data on behalf of the Customer, Applied:
  13. unless required to do otherwise by Applicable Law, shall (and shall take steps to ensure each person acting under its authority shall) process the Protected Data only on and in accordance with the Customer’s documented instructions as set out in this paragraph 2 and 0the Data Processing Details below, as updated from time to time in accordance by agreement between the parties (Processing Instructions);
  14. if Applicable Law requires it to process Protected Data other than in accordance with the Processing Instructions, shall notify the Customer of any such requirement before processing the Protected Data (unless Applicable Law prohibits such information on important grounds of public interest); and
  15. shall inform the Customer if Applied becomes aware of a Processing Instruction that, in Applied’s opinion, infringes Data Protection Laws, provided that this shall be without prejudice to paragraphs 1.3 and 1.4.
  16. The processing of Protected Data to be carried out by Applied under the Agreement shall comprise the processing set out in  the Data Processing Details below, as may be updated from time to time by agreement between the parties.
  17. Technical and organisational measures
  18. Applied shall implement and maintain, at its cost and expense, the technical and organisational measures:
  19. in relation to the processing of Protected Data by Applied, as set out in 0 (Technical and organisational security measures); and
  20. from the GDPR Date, taking into account the nature of the processing, to assist the Customer insofar as is possible in the fulfilment of the Customer’s obligations to respond to Data Subject Requests relating to Protected Data.
  21. Any additional technical and organisational measures shall be at the Customer’s cost and expense.
  22. Using staff and other processors
  23. The Customer provides general written authorisation to Applied to engage Sub-Processors to perform the Services, including Amazon Web Services; Google; and Mailchimp. The Customer shall be given the opportunity to object to any new Sub-Processor and state its grounds for doing so. The Customer acknowledges that Sub-Processors are essential in order for Applied to provide the Services and that objecting to the use of a Sub-Processor may prevent Applied from continuing to provide the Services to the Customer. In the event that Applied is unable to adequately address those objections, either party may terminate the Agreement upon notice without liability to the other. For the avoidance of doubt, in such circumstances Applied shall not be obliged to refund any Subscription Fees paid by the Customer. 
  24. Applied shall: 
  25. appoint each Sub-Processor under a written contract substantially on the standard terms of business of that Sub-Processor, or containing materially the same obligations as under these Data Processing Terms, that is enforceable by Applied;
  26. remain fully liable for all the acts and omissions of each Sub-Processor which constitutes a breach of these terms as if they were its own.
  27. Applied shall ensure that all persons authorised by it to process Protected Data are subject to an obligation to keep the Protected Data confidential (except where disclosure is required in accordance with Applicable Law.
  28. Assistance with the Customer’s compliance and Data Subject rights
  29. Applied shall refer all Data Subject Requests it receives to the Customer, provided that if the number of Data Subject Requests exceeds 5 per calendar month, the Customer shall pay Applied’s charges calculated on a time and materials basis at Applied’s then current rates for recording and referring the Data Subject Requests in accordance with this paragraph 5.1.
  30. From the GDPR Date, Applied shall provide such reasonable assistance as the Customer reasonably requires (taking into account the nature of processing and the information available to Applied) to the Customer in ensuring compliance with the Customer’s obligations under Data Protection Laws with respect to:
  31. security of processing;
  32. data protection impact assessments (as such term is defined in Data Protection Laws);
  33. prior consultation with a Supervisory Authority regarding high risk processing; and
  34. notifications to the Supervisory Authority and/or communications to Data Subjects by the Customer in response to any Personal Data Breach,

provided the Customer shall pay Applied’s charges for providing the assistance in this paragraph 5.2, such charges to be calculated on a time and materials basis at Applied’s then-current rates for professional services.

  1. International data transfers
  2. The Customer agrees that Applied may transfer Protected Data to countries outside the United Kingdom or to any International Organisation(s) (an International Recipient), provided all transfers by Applied of Protected Data to an International Recipient shall (to the extent required under Data Protection Laws) be effected by way of Appropriate Safeguards and in accordance with Data Protection Laws. The provisions of the Agreement shall constitute the Customer’s instructions with respect to transfers in accordance with paragraph 2.1.
  3. Records, information and audit
  4. Applied shall maintain, in accordance with Data Protection Laws binding on Applied, written records of all categories of processing activities carried out on behalf of the Customer.
  5. Applied shall, in accordance with Data Protection Laws, contribute and allow for audits either by (at its option): (i) making available to the Customer upon reasonable request interviews with Applied personnel and documents,  which the Customer must treat confidentially under the confidentiality provisions of the Agreement or under a non-disclosure agreement concluded between the Parties; or (ii) responding to a written security questionnaire submitted to it by the Customer provided that the Customer will not exercise this right more than once per year and will hold Applied’s responses in confidence under the confidentiality provisions of the Agreement.
  6. Breach notification
  7. In respect of any Personal Data Breach involving Protected Data, Applied shall, without undue delay:
  8. notify the Customer of the Personal Data Breach; and
  9. provide the Customer with details of the Personal Data Breach.
  10. Deletion or return of Protected Data and copies
  11. Applied shall, at the Customer’s written request, either delete or return all the Protected Data to the Customer in such form as the Customer reasonably requests within a reasonable time after the earlier of:
  12. the end of the provision of the relevant Services related to processing; or
  13. once processing by Applied of any Protected Data is no longer required for the purpose of Applied’s performance of its relevant obligations under the Agreement,

and delete existing copies (unless storage of any data is required by Applicable Law and, if so, Applied shall inform the Customer of any such requirement).

DATA PROCESSING DETAILS

Subject-matter of processing:

Any personal data comprised within applications for roles processed by means of the Services.

2 Duration of the processing:

For the duration of the provision of the Services (including any retention of Personal Data comprised in the Services).

3 Nature and purpose of the processing:

To provide the Applied recruitment platform service to the Customer.

4 Type of Personal Data:

First name, last name, email address, telephone number, responses to questions or tasks prescribed by the Customer; if requested by Customer, curriculum vitae.

5 Categories of Data Subjects:

Applicants for roles processed by means of the Services.

6 Technical and Organisational Security measures applied to the Protected Data:

As set out in our security practices document which is available on request, simply contact us at hello@beapplied.com

Security Policy

Last updated June 2018

As a data controller, people trust us to keep their personal data safe. It is our top priority to ensure that your data is safe

While you're using our site

All information passed between your web browsers and our systems is encrypted using 128-bit SSL certificates. No information is ever passed unencrypted. Nothing you pass to our servers can be examined, used or modified by any third parties attempting to gain access to sensitive information.

Keeping your info private afterwards

All sensitive data is secured using AES-256, which is one of the most secure methods in common use. All data is stored in one of the most secure datacentres available.

No tools are left in this van overnight

While we do take payment from companies for providing this service, we make sure no payment card details or Direct Debit data touch our servers. Everything is transmitted instantly to our best-in-class fully-audited payment providers.

We're jolly serious

Applied is operated by a small team of diligent & dedicated people who care about doing things properly. Every team member takes your privacy and security extremely seriously.