top of page

Privacy Notice

​

Rockpool Recruitment Ltd
Last updated: February 2026

​

Rockpool Recruitment Ltd is committed to protecting your personal data and being transparent about how we use it.

​

This notice explains how we collect, use and protect personal data when you use our recruitment services, engage with us as a client or supplier, or visit our website.

 

 

1. Who We Are​

Rockpool Recruitment Ltd
Company number: 11509294
Registered address: 10 Castle Gardens, Dorking, Surrey, RH4 1NY
Email: info@rockpoolrecruitment.co.uk

​

For the purposes of UK data protection law, we act as a data controller when providing recruitment and work-finding services.

​

 

2. Who This Notice Applies To​

This notice applies to:

  • Candidates and prospective candidates

  • Referees provided by candidates

  • Client contacts and hiring managers

  • Supplier and partner contacts

  • Visitors to our website

 

 

3. What Personal Data We Collect

Candidates

We may collect:

  • Contact details (name, address, email, phone number)

  • CVs, employment history and qualifications

  • Salary expectations and notice period

  • Interview notes and client feedback

  • Right to work documentation

  • References (with your knowledge)

  • Public professional information (e.g. LinkedIn)

  • Communications with us

​

In limited circumstances, we may process health or diversity information where you choose to provide it or where required by law.

​

Clients and Business Contacts

We may collect:

  • Name, job title and business contact details

  • Correspondence and meeting notes

  • Contract and billing information

 

Website Visitors

When you use our website, we may collect:

  • IP address

  • Browser and device information

  • Pages visited and navigation data

  • Cookie information

 

 

4. How We Collect Your Data

We collect data:

  • Directly from you when you send us your CV or contact us

  • From job boards and professional networking platforms

  • From referrals (with your knowledge)

  • From clients during recruitment processes

  • Through our website forms and cookies

 

 

5. How We Use Your Data

We use personal data to:

  • Provide recruitment and work-finding services

  • Match candidates to suitable roles

  • Present candidate details to clients (with your knowledge)

  • Arrange interviews and manage recruitment processes

  • Comply with legal and regulatory requirements

  • Manage client and supplier relationships

  • Improve our website and services
     

 

6. Our Lawful Bases for Processing

​We process personal data under one or more of the following lawful bases:

  • Legitimate interests – to operate our recruitment business and match candidates with roles

  • Contract – where processing is necessary to fulfil an agreement

  • Legal obligation – where required by employment or regulatory law

  • Consent – where required (for example, equality monitoring data)

You may object to processing based on legitimate interests at any time.

​

 

7. Who We Share Data With

​We may share personal data with:

  • Prospective employers (with your knowledge and agreement)

  • Professional advisers (legal, insurance, accounting)

  • Technology providers supporting our systems (e.g. recruitment CRM, secure cloud systems)

  • Regulatory bodies where required by law

​

When we share candidate data with a client for recruitment purposes, both Rockpool and the client act as independent data controllers.

We do not sell personal data.

​

 

8. International Transfers

​The travel industry is international, and we may share candidate information with clients located outside the United Kingdom, including in the United States.

Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place. These may include:

​

  • The UK International Data Transfer Agreement (IDTA)

  • The UK Addendum to the EU Standard Contractual Clauses

  • Transfers to countries recognised as providing adequate protection
     

Where we share candidate data with a US-based client for recruitment purposes, transfers are limited to what is necessary and are subject to appropriate safeguards.

​

 

9. How We Protect Your Data

​We use appropriate technical and organisational security measures, including:

  • Secure Microsoft 365 cloud systems

  • Recruitment CRM with role-based access controls

  • Password protection and multi-factor authentication

  • Staff confidentiality obligations

  • Secure deletion processes

 

 

10. How Long We Keep Your Data

​Candidate data is typically retained for up to 2 years from your most recent meaningful interaction with us, unless you request earlier deletion.

​

Certain records may be retained longer where required by law.

​

Client and supplier data is retained for the duration of our relationship and for a reasonable period afterwards.

 

 

11. Your Rights

​Under UK data protection law, you have the right to:

  • Access your personal data

  • Correct inaccurate information

  • Request deletion (in certain circumstances)

  • Restrict processing

  • Object to processing

  • Withdraw consent (where consent applies)​
     

To exercise your rights, please contact:
info@rockpoolrecruitment.co.uk

​

​

12. Complaints

​If you are unhappy with how we handle your data, please contact us first.

​

You also have the right to complain to the Information Commissioner’s Office (ICO):

www.ico.org.uk
Telephone: 0303 123 1113

 

 

13. Cookies

​Our website uses cookies to:

  • Ensure proper functionality

  • Improve performance

  • Provide analytics (where consented)
    ​

You can manage cookie preferences via your browser settings and our cookie banner.

 

 

14. Changes to This Notice

​We may update this Privacy Notice from time to time. The latest version will always be available on our website.

Travel Recruitment Agency
bottom of page