Privacy Policy

7. Private policy | website | UK

This Privacy Policy, sets out the basis on which personal data that you provide to us in the course of visiting our website (or that we collect from or about you) will be processed by Heads! International Limited (company no. 13164917) (referred to as Heads!, we, us and our in this Privacy Policy). We are committed to ensuring that your privacy is protected, so please read this Privacy Policy carefully to understand how your personal data will be processed by us.

If you are an existing, potential or previous candidate in respect of whom we have acquired personal data in connection with any candidate related services offered by us, please refer to our Executive Search Privacy Policy:

1. Privacy notices in the context of Executive Search

  Download PDF  

2. Privacy Policy for this website

The information set out in this Privacy Policy is provided in compliance with our obligations under the Data Protection Act 2018 and the UK General Data Protection Regulation 2016/679 (GDPR).

1. Data controller details

We are the data controller in relation to the processing of the personal information that you provide to us. Our contact details are as follows:

1. 1. Address: 42 Berkeley Square, Mayfair, London W1J 5AW.
   2. Telephone: +44 773 7773 120.
   3. Website: headsinternational.com
2. What is personal data 
   1. For the purposes of this Privacy Policy, personal data or personal information means any information relating to a living individual who can be identified from that information (or from that information and other information in our possession). Personal data may be factual (e.g. name, address, date of birth) or it can be an opinion about that person, their action or behaviours.
   2. There are special categories of more sensitive personal information which require a higher level of protection. These include information about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, physical or mental health or condition or sexual life.
3. How do we collect your information
   1. Generally, the information we hold about you comes from the way that you engage with us, for example by:
      1. engaging with us via our website;
      2. entering information within our contact form; and
      3. contacting us offline, for example by telephone, email or by post.
   2. Other personal data is collected automatically by our IT systems when you visit the website. This data is primarily technical data such as the browser and operating system you are using or when you accessed the page and is collected automatically as soon as you enter our website.
4. Purpose and legal basis for data processing

What do we use your data for?

1. 1. The personal data is collected to ensure the proper functioning of the website, to analyse how visitors use the site (see further below) and for insight purposes e.g. to monitor market trends and demographics and to improve the user experience within our website; and to ensure that content from our website is presented in the most effective manner for you and for your computer.

What is the legal basis for processing personal data?

4. 2. The legal basis for processing personal data as described above is Art. 6 (1) (f) of the GDPR. Processing this data is necessary to provide the website and serves to uphold the legitimate interest of our company.
   3. Insofar as you have completed the contact form, the legal basis is Art. 6(1) (b) GDPR. The reason for this is that your personal data are necessary to fulfill a contract. This also applies to processing operations required for measures preliminary to a contract.
   4. Where processing of personal data is required to meet a legal obligation to which our company is subject, the legal basis is Art. 6(1) (a) GDPR.

SSL or TLS encryption

4. 5. This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognise an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
   6. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

Objections to promotional e-mails

4. 7. We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements for the purpose of sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
5. Cookies and technical log data

Analytics and third-party tools

1. 1. When visiting our website, statistical analyses may be made in respect of your surfing behavior. This is carried our primarily using cookies and web-analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data.
   2. You can object to this analysis or prevent it by not using certain tools. Further information can be found below in this regard.

What are cookies

5. 3. A cookie is a small, often encrypted text file that is stored on your device. Cookies contain information that is transferred to your computer’s hard drive. Cookies allow a web application to tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. Cookies help make our website more user-friendly, efficient, and secure. They do not harm your computer and do not contain any viruses.
   4. Some of our web pages use cookies. Our cookies do not store private information, such as your address or phone number. They simply store encrypted information.
   5. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of our website.

1. 1. We may use the following types of cookies:
      1. Strictly necessary cookies: these are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
      2. Analytical or performance cookies: these types of cookies allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
      3. Functionality cookies: these are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
      4. Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.
   2. Generally, the strictly necessary cookies and some performance and functionality cookies expire when you close the Website: these are known as ‘session cookies’. The functionality cookies and some targeting and performance cookies will last for a longer period of time: these are known as ‘persistent cookies’.
   3. Most of the cookies we use are so-called “session cookies.” Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognise your browser when you next visit the site.
   4. You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser.  Disabling cookies may limit the functionality of this website.
   5. Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the storage of cookies to ensure an optimised service provided free of technical errors. If other cookies (such as those used to analyse your surfing behavior) are also stored, they will be treated separately in this privacy policy.

Server log files

5. 6. The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
      1. Browser type and version
      2. Operating system used
      3. Referrer URL
      4. Host name of accessing computer
      5. Time of server request
      6. IP address
   7. This data is not combined with other data sources.
   8. The legal basis for data processing is Art. 6(1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

Analytics and advertising Google Analytics

5. 9. This website uses functions of Google Analytics, a web analytics service provided by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
   10. Google Analytics uses so-called cookies, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is generally transmitted to a server in the United States by Google and stored there.
   11. Google Analytics cookies are stored on the basis of Art. 6(1) (f)GDPR. The website operator has a legitimate interest in analysing user behaviour to optimise both its website and its advertising.

IP anonymisation

5. 12. We have activated the IP anonymisation function within this website. This means that your IP address will be truncated by Google within the UK and the EU or in other states that are party to the Agreement on the European Economic Area before being transmitted to the United States. In exceptional cases only, the full IP address will transmitted to a Google server in the United States and abbreviated there. Google will use this information on behalf of the website operator to analyse your use of the website, compile reports on website activities and provide additional services to the website operator in connection with use of the website and Internet usage. The IP address that is transmitted by Google Analytics will not be combined with other data held by Google.

Browser plug-ins

5. 13. You can prevent these cookies from being stored by enabling the relevant setting in your browser software. Please note, however, that this may prevent you from using all the functions available on this website. In addition, you can prevent the information about your use of the website that is generated by the cookie (including your IP address) being passed on to Google and from being processed by Google by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=de (https://tools.google.com/dlpage/gaoptout?hl=de).

Objection to data collection

5. 14. You can prevent your data from being tracked by Google Analytics by clicking on the following link. An opt-out cookie is placed, which will prevent your data from being collected during future visits to this website: Disable Google Analytics.
   15. More information on how user data is handled by Google Analytics is available in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de (https://support.google.com/analytics/answer/6004245?hl=de).

Contract data processing

5. 16. We have signed an agreement with Google to process contract data and fully implement the strict provisions of the UK data protection authorities relating to the use of Google Analytics.

Plug-ins and tools – WPML

5. 1. Our website uses the language plugin WPML from OnTheGoSystems Limited, 22/F 3 Lockhart Road, Wanchai, Hong Kong, to provide a German and an English language version of the website. WPML cookies – these are used by the WPML plugin to identify the preferred user’s language as our site is multilingual. WPML stores only those cookies that are important for it to function properly. You can find detailed information about the browser cookies stored by WPML at https://wpml.org/documentation/support/browser- cookies-stored-wpml (https://wpml.org/documentation/support/browser-cookies-stored- wpml).
6. Transmission to third parties
   1. Please note that personal information we are holding about you may be shared with and processed by:
      1. any group company within our organisation for management and administration purposes, including for the purpose of assisting with placements or execution of our contract with our clients;
      2. our service providers and agents (including their subcontractors) or third parties which process information on our behalf (e.g. internet service and payment providers, search engine, advertising and marketing providers) so that they may help us to provide you with services and information you have requested. If we use such third-party subcontractors, we will take appropriate legal precautions (for example, by entering into a data processing contract where appropriate);
      3. regulators, fraud prevention agencies or other third parties for the purposes of monitoring and/or enforcing our compliance with any legal and regulatory obligations, including statutory or regulatory reporting, or the detection or prevention of unlawful acts;
      4. any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order);
      5. other parties and/or their professional advisers involved in a matter where required as part of the conduct of the services;
      6. our own professional advisers and auditors for the purpose of seeking professional advice or to meet our audit responsibilities; and
      7. any other  organisation to whom we may transfer our agreement with you or if we sell or buy (or negotiate to sell or buy) our business or any of our assets (provided that adequate protections and safeguards are in place).
7. International transfers
   1. The personal data that we collect from you may be transferred to and stored at a destination within the EU by a member of the Heads! group for administration and management purposes, where our data hosting servers may be located.
   2. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and we will not transfer personal data relating to you to any third party outside the UK unless one of the following scenarios under the GDPR applies:
      1. the country or recipient is covered by an adequacy decision under GDPR Article 45;
      2. appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 (for example using the Information Commissioner’s Office’s (ICO) approved Standard Model Clauses for transfers of personal data outside the UK); or
      3. one of the derogations for specific situations under GDPR Article 49 is applicable to the transfer. These include (in summary):
         1. the transfer is necessary to perform, or to form, a contract to which we are a party:
            1. with you; or
            2. with a third party where the contract is in your interests;
         2. the transfer is necessary for the establishment, exercise or defence of legal claims;
         3. you have provided your explicit consent to the transfer; or
         4. the transfer is of a limited nature, and is necessary for the purpose of our compelling legitimate interests.
8. Deletion and retention period
   1. As soon as the data used to display the website is no longer required, it is deleted.
   2. The collection of data to provide a website and the storage of data in log files is essential for the operation of the website. Users do not have any option for objecting to this. The data may also be stored in individual cases where this is specified by law. Data may also be blocked or deleted once a legally defined storage period has expired, unless there is a need to continue storing the data for the conclusion or fulfillment of a contract.
9. Your rights in respect of your personal data
   1. You have certain rights under existing data protection laws, including the right to (upon written request) access a copy of your personal data that we are processing. In accordance with the Data Protection Act 2018 and the GDPR:
      1. you will have the following rights:
         1. right to access: the right to request certain information about, access to and copies of the personal information about you that we are holding (please note that you are entitled to request one copy of the personal information that we hold about you at no cost, but for any further copies, we reserve the right to charge a reasonable fee based on administration costs); and
         2. right to rectification: the right to have your personal information rectified if it is inaccurate or incomplete; and
      2. in certain circumstances, you will also have the following rights:
         1. right to erasure/“right to be forgotten”: the right to withdraw your consent to our processing of the data (if the legal basis for processing is based on your consent) and the right to request that we delete or erase your personal information from our systems (however, this will not apply if we are required to hold on to the information for compliance with any legal obligation or if we require the information to establish or defend any legal claim);
         2. right to restriction of use of your information: the right to stop us from using your personal information or limit the way in which we can use it;
         3. right to data portability: the right to request that we return any information you have provided in a structured, commonly used and machine-readable format, or that we send it directly to another company, where technically feasible; and
         4. right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or for marketing purposes.
   2. If you have subscribed to marketing communications from us, you have the right, at any time, to instruct us by email not to process your personal data for marketing purposes.
   3. Many data processing operations are only possible with your express consent. Please note that you may contact us at any time to withdraw consent you have already provided. Please note that this will not affect the processing of personal data obtained prior to the withdrawal of your consent, however, if you withdraw your consent to the use of your personal information for purposes set out in our Privacy Policy, we may not be able to provide you with access to all or certain parts of our site.
   4. If there has been a breach of data protection legislation or if you consider our use of your personal data to be unlawful, you may lodge a complaint with the UK’s supervisory authority, the ICO. Please see further information on their website: www.ico.org.uk

      .

10. Automatic decision making

We do not make decisions based solely on automated data processing, including profiling.

11. Security 
    1. We keep your information protected by taking appropriate technical and organisational measures to guard against unauthorised or unlawful processing, accidental loss, destruction or damage. For example, we will store all the personal information you provide within our secure servers.
    2. However, while we will do our best to protect your personal information, we cannot guarantee the security of your information which is transmitted via an internet or similar connection.
    3. It is important that all details of any username, password and/or other identification information created to access or interact with our servers are kept confidential by you and should not be disclosed to or shared with anyone.
12. Amendments to and versions of this Privacy Policy 

We may amend this Privacy Policy from time to time, for example to keep it up to date, to implement minor technical adjustments and improvements or to comply with legal requirements. We will always update this Privacy Policy on our site, so please try to read it when you visit the site