Fusion App Privacy Policy

Introduction

This application is intended to bring together workers and job roles at nexos in a more efficient manner. To ensure that workers are able to find roles and apply for them easily and to enable nexos to fill these roles in a timely manner.

The company takes the privacy of personal data seriously and is:

  • Registered with the Information Commissioners Office (Registration Reference ZB438092)
  • Working to the UK Data Protection Act 2018

The nexos corporate values are as listed below:

  • Resolute on safety and quality – we will not accept people stepping outside of our defined safety and quality standards
  • Encourage humility – balancing individuals’ needs with the needs of the wider organisation and recognising that both character and capability are equally important in creating successful teams
  • Create opportunities for our people – our business is our people, we are committed to creating opportunities by identifying and developing talent and potential at all levels of the organisation
  • Inspire creativity and hunger- accountability will be driven down through all levels of the business, encouraging the entire organisation to think outside the box, generate new ideas and more cost-efficient solutions.
  • Demonstrate integrity and respect – we will continually strive to demonstrate care, honesty and fairness in all of our dealings, with all of our stakeholders.


Identity of the App Owner & Contact Details

This application has been developed by Global E&C Ltd t/a nexos, which is headquartered at:

27, Albyn Place

Aberdeen AB10 1DB

Primary Contact Email: contactus@nexos.solutions


What data is collected (types of data)? Why (purposes of processing)?

The data collected includes:

  • Personal details, including but not limited to:
    • Your Name
    • Address
    • Email address
    • Date of birth
    • Nationality and right to work in the UK (where relevant)
    • National Insurance Number
    • Driving licence details
    • Any relevant Qualifications/certificates
    • Vantage details
    • LinkedIn profile url
    • PPE (personal protective equipment) sizes
  • Company details – if you are Personal Services Contractor (PSC) you will be required to provide details of your company, including but not limited to:
    • Company name and registrated number
    • Registered address of the company
    • Company email address
    • Insurance certificates
    • Any relevant Qualifications/certificates relating to individuals working for the Ltd Company

Certain types of personal information are considered to be “special categories of information” due to their more sensitive nature. Sometimes we will ask for or obtain special categories of information because it is relevant to the potential employment of a candidate.

  • This data will be collected to enable nexos to match people/companies with the appropriate skills and qualifications to available positions and start the ‘on-boarding’ process. The disclosure of information shall not form any offer by, or representation or warranty on the part of, to enter into any further agreement with nexos.


Our Lawful Basis of Processing

The lawful basis for processing are set out in Article 6 of the UK GDPR. The following are the bases that apply to this application:

  • Contract: where the processing is necessary for entering into a contract with an individual, or because the individual has asked nexos to take specific steps before entering into a contract.
  • Legal obligation: where the processing is necessary for nexos to comply with the law.
  • Legitimate interests: where the processing is necessary for nexos' legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

We may also use your personal information in the following situations:

  • Where we need to protect your interests (or someone else’s interests).
  • Where it is needed in the public interest or for official purposes.
  • Where required by law or any governmental or regulatory authority (including, without limitation, any relevant securities exchange), or by any court or other authority of competent jurisdiction.
  • Complying with Health and Safety obligations:
  • To prevent fraud.
  • To monitor your use of our information and communication systems to ensure compliance with our IT policies.
  • To ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution.
  • Equal opportunities monitoring.

Change of Purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.


Fusion Deletion Policy

We only collect aggregate, non-personally identifiable metrics about how visitors interact with and
navigate our website/app.

Date Deletion Policy

You can delete your account via the Fusion App:

  1. Login to Fusion App.
  2. Navigate to the Profile tab.
  3. Go to Security
  4. Click “Delete Account”

This will delete any Fusion App related data, but if you have entered a relationship with us (for
example, if you have applied for a job or have worked for us) then data retention policies apply.
If you are unable to access the Fusion app, please contact us on contactus@nexos.solutions to request
the deletion of your data.


Data Retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

If we have a relationship with you, we hold your personal information for a maximum of 7 years from the date our relationship ends with you, the only exception to this is some Health and Safety records which we are required to keep for a minimum of 40 years.

All personal information held will be securely and effectively destroyed or permanently erased from IT systems when no longer necessary to be held. In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.


Information about the disclosure of personal data (data recipients)

We may have to share your data with third parties, including third-party service providers and other entities. We require third parties to respect the security of your data and to treat it in accordance with the law. We may transfer your personal information outside the EU. If we do, you can expect a similar degree of protection in respect of your personal information.

Why might you share my personal information with third parties?

We will share your personal information with third parties where required by law or any governmental or regulatory authority (including, without limitation, any relevant securities exchange), or by any court or other authority of competent jurisdiction, or where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.

Which third-party service providers process my personal information?

“Third parties” includes third-party service providers (including contractors and designated agents) and other entities. The following activities are carried out by third-party service providers:

  • Payroll.
  • Pension administration.
  • Benefits provision and administration.
  • IT services.
  • Travel and logistics bookings.
  • Regulatory authorities
  • Government agencies (as required by law).

The data collected is solely for the use of nexos in order to allow them to fill roles that are available within the company. This information will not be sold to any third parties.


How we Protect your Information

All our third-party service providers and other entities are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

Transferring information outside the UK

nexos conducts business with a list of international clients and may therefore be required to transfer personal data across borders as a requirement of the recruitment process. We may also be required to transfer data across borders in the event of an emergency situation overseas. At all times, nexos shall ensure that the transfer of personal data over an international border is through binding corporate rules.


Accessing your Personal Data

Under GDPR, individuals (data subjects) have a right to know what data is held about them and a right to access their personal data. Data subjects must submit a request to access this information. Please note nexos may request evidence of your identity (a copy of passport and/or driver’s license).

Once the request has been validated and verified the Company will act upon the request and respond. Please note that you can only request your own personal data under a subject access request unless you are proven to be authorised to act on behalf of the data subject.


Users Rights Regarding their Personal Data

The Company will always seek to process your personal data in accordance with its obligations and your rights.

You will not be subject to decisions based solely on automated data processing without your prior consent.

In certain circumstances, you have the right to seek the erasure or correction of your personal data, to object to particular aspects of how your data is processed, and otherwise to seek the restriction of the processing of your personal data. You also have the right to request the transfer of your personal data to another party in a commonly used format. If you have any questions about these rights, please contact the Data Protection Officer using the email address dataofficer@nexos.solutions.

You have a separate right of access to your personal data processed by the Company. You may be asked for information to confirm your identity and/or to assist the Company to locate the data you are seeking as part of the Company's response to your request. If you wish to exercise your right of access you should set out your request in writing to the Data Protection Officer using the email address set out above.

Finally, you have the right to raise any concerns about how your personal data is being processed with the Information Commissioner's Office (ICO) by going to the ICO's website: https://ico.org.uk/concerns/ or contacting the ICO on 0303 123 1113 or casework@ico.org.uk.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.


Information about profiling

We might choose to report trends based on usage of the application; however this will be an internal use of the data and not linked to individuals.