STINT BUSINESS APP

Business User Privacy Notice

Stint Ltd, a company registered in England under number 11022621, with its registered office is at 32 West Heath Drive, London NW11 7QH, is the “data controller”. This means that Stint Ltd is responsible for deciding how it holds and uses personal information relating to users of the Stint Business App (“Business User” or “you”).

 

THIS NOTICE APPLIES TO CURRENT AND FORMER BUSINESS USERS. STINT LTD MAY UPDATE THIS NOTICE AT ANY TIME AND IF WE DO SO, WE WILL TELL YOU WITH A NOTICE IN STINT BUSINESS APP.

For definitions used in this privacy notice, see the Stint Business App Terms and Conditions.

 

DATA PROTECTION PRINCIPLES

 

Stint Ltd will comply with data protection law. This says that the personal information Stint Ltd hold about Business Users must be:

1. Used lawfully, fairly and in a transparent way.

2. Collected only for valid purposes and not used in any way that is incompatible with those purposes.

3. Relevant to the purposes and limited only to those purposes.

4. Accurate and kept up to date.

5. Kept only as long as necessary for the purposes.

6. Kept securely.

 

THE KIND OF INFORMATION STINT LTD HOLD ABOUT BUSINESS USERS  

 

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Stint Ltd may collect, store, and use the following categories/types of personal information about you:

 

  1. Registration information such name, title, addresses, telephone numbers, email address and social media details.
  1. If you contact Stint Ltd outside of Stint Business App, we may keep a record of that correspondence.
  1. Information and content of correspondence between you and Stint Ltd, and between you and Students, through any messaging functionality.
  1. Information and content of Stint Requests and Stint Records (including the Stints you have requested and/booked).
  1. Feedback information, including feedback and rating/score from you where a Student has carried out a Stint.
  1. Information about your use of the Stint Business App or our website (for example, IP address, browser, timestamp, location, country traffic data, location data, weblogs and other communication data and the resources that are accessed).
  2. Information for marketing purposes and analysis, including information on how you respond to email, phone, messaging, social media, text and post campaigns.
  3. Information for customer relationship management and complaints handing.

We do not ordinarily collect any special categories of personal data about Business Users (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences from Business Users.  The only exception to this is if you choose to make this information manifestly public by including it in your profile on the Stint Business App or share it as part of a Stint Request.

HOW IS PERSONAL INFORMATION ABOUT BUSINESS USERS COLLECTED?

 

Stint Ltd collect personal information about you through Stint Business App and registration process, either directly from you or sometimes from third parties, like your Business or Companies House or credit reference agencies.

 

Stint Ltd will collect additional personal information in the course of Stint-related activities throughout the period you are a registered user of Stint Business App.

 

HOW STINT LTD WILL USE INFORMATION ABOUT BUSINESS USERS

 

Stint Ltd will only use personal information about Business Users when the law allows us to. Most commonly, Stint Ltd will use personal information about Business Users in the following circumstances:

1. Where Stint Ltd need to perform the contract Stint Ltd have entered into with the Business (e.g. to provide the Stint Business App).

2. Where Stint Ltd need to comply with a legal obligation (e.g. keeping business records and reporting).

3. Where it is necessary for legitimate interests pursued by us or a third party and Business Users’ interests and fundamental rights do not override those interests (e.g. to ensure IT security, prevent fraud or undertake direct marketing).

Stint Ltd may also use personal information about Business Users in the following situations, which are likely to be rare:

1. Where Stint Ltd need to protect Business User’s vital interests (or someone else’s vital interests).

2. Where it is needed in the public interest.

Situations in which Stint Ltd will use the personal information of Business Users

 

Stint Ltd need all the categories of information in the list above primarily to allow us to perform our contract with your Business and to enable us to comply with legal obligations. In some cases Stint Ltd may use personal information of Business Users to pursue legitimate interests, provided Business Users’ interests and fundamental rights do not override those interests. The situations in which Stint Ltd may process your personal information are listed below.

 

  1. Making a decision about whether you qualify to be a user of Stint Business App.
  1. Administering the contract Stint Ltd have entered into with the Business as set out in Stint Business Terms.  This includes providing you with the services you expect us to, like responding to your Stint Requests. To do this, information about you is made available to Students via the Stint Student App.
  2. Transfer data to third parties (see below for information about who Stint Ltd transfers personal data to);
  1. Invoicing your Business for a Completed Stint.
  2. Tell you about changes and other events relating to Stint Ltd that could be of interest to your Business.
  3. Subject to complying with the data protection laws, direct marketing, for example via email, phone, messaging, social media, text and post.
  1. Business management and planning, including accounting, auditing and legal advice.
  1. Gathering evidence for possible grievance or disciplinary hearings in relation to Students.
  1. Making decisions about any your continued use of Stint Business App.
  1. Making arrangements for the termination of your use of the Stint Business App in accordance with the Stint Business Terms.
  1. Dealing with legal disputes, claims, or other legal or administrative or regulatory actions or investigations involving Students, or other employees, workers and contractors of Stint Ltd, or any Business or Business User (including in relation to health and safety or other compliance with law).
  1. Complying with health and safety obligations.
  1. To prevent fraud.
  1. To monitor your use of the Stint Business App and our information and communication systems, including to ensure compliance with our Acceptable Use Policy.
  1. To ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution.
  2. To further develop, test and improve any Stint Business App, or other existing or new systems/processes to better serve Students and Businesses; this mainly takes place in the context of new IT systems and processes, so that information about Students and/or Business Users may be used in the testing of those new IT systems and processes where dummy data cannot fully replicate the operation of that new IT system.
  3. To perform studies and statistical and analytical research, for example to compare the effectiveness of our matching of Students between different Businesses, sectors and geographies and look for factors that might influence any differences we identify.
  1. To conduct data analytics studies to review and better understand retention and attrition rates among Businesses.
  1. Where necessary, to comply with any legal obligation.
  2. Stint Ltd may also process information to:
  1. promote the security and protection of people, premises, systems and assets;
  2. monitor compliance with internal policies and procedures;
  3. administer communications and other systems used by our group of companies (including internal contact databases);  
  4. investigate or respond to incidents and complaints;
  5. comply with obligations and rights and cooperate with investigations carried out by the police, government or regulators; and 
  6. participate in any potential or actual purchase or sale, or joint venture, of all or part of a business or company, that any member of our group of companies wishes to participate in.

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of personal information.

 

What if Business Users fail to provide the personal information we need?

 

If you fail to provide certain information when requested, Stint Ltd may not be able to register you as a you for the Stint Business App or suggest/provide any Students to carry out any Stints, or Stint Ltd may be prevented from complying with our legal obligations.

Advertising, marketing and communications preferences

You may see our adverts in lots of different places, but it doesn’t always mean they’re using your personal data, because we also buy advertising space, including on websites and on social media. If you see one of our adverts on a website and in social media, it may not be directed specifically at you and may simply be there because we’ve bid for the space.

To understand what we think you want, need or would be interested in, we may use your identity, contact, technical, tracking, usage and profile data to form a picture of you. This is how we tell you about things we think you may be interested in.

To share our news, offers and services, we may use direct marketing by email, phone, messaging, social media, text and post. Your direct marketing preferences are made clear on the Stint Business App, and you can ask us about these any time.

As a business user we are permitted by law to send you unsolicited direct marketing about Stint Ltd and the services we offer to our business customers without requiring your prior consent. You can opt out of direct marketing at any time. The easiest way to do this is to click the unsubscribe link at the bottom of your email or contact privacy@stint.co.

We also work with partners to try and promote the reach of our adverts, using analytics and retargeting. To make sure the adverts you see on websites and social media are relevant, we use tracking data to see what you’ve looked at.

Tracking data, and in particular cookies, help us to do this by telling us which adverts will be most relevant to you and potential new business users on websites and social media. The cookies used for this purpose are often placed on our website by specialist organisations and include retargeting.

Cookies can also tell us if you’ve seen a specific advert, and how long it’s been since you have seen it. This is helpful, because it means we can control the effectiveness of our adverts and control the number of times people might be shown our adverts. Cookies also help us understand if you’ve opened direct marketing because we don’t want to send you things you won’t find interesting.

[You can see a list of the cookies we use here.]

Almost all the cookies that relate to advertising are part of third party online advertising networks. If you’d like to read about how you can control which adverts you see online, see opt-out programs established by the Digital Advertising Alliance (United States) and the European Interactive Digital Advertising Alliance. We do not control cookies which are set by advertising networks.

Change of purpose

 

Stint Ltd will only use personal information for the purposes for which Stint Ltd collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If Stint Ltd need to use personal information for an unrelated purpose, we will notify yous and explain the legal basis which allows us to do so.

 

Please note that Stint Ltd may process personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

 

DATA SHARING  

 

Stint Ltd may have to share Business Users’ data with third parties, including third-party service providers and other entities in our group of companies.

Stint Ltd require third parties to respect the security of data and to treat it in accordance with the law.

Stint Ltd may transfer personal information outside the EU.

If Stint Ltd do, Student can expect a similar degree of protection in respect of personal information.

 

Why might Stint Ltd share Business Users’ personal information with third parties?

 

Stint Ltd will share personal information with third parties where required by law, where it is necessary to administer the contract between Stint Ltd and your Business or where Stint Ltd have another legitimate interest in doing so.

It might seem obvious given what the Stint Business App does, but we want to be clear: to provide the Stint Business App to you, and to enable your Business to be matched with a Student and carry out any Booked Stints with the Business, we share your personal data with Students via the Stint Student App in relation to your Stint Requests. Students don’t have unrestricted access to all Business Users, but where a Student’s a potential match for your Stint Request, your profile information will be shared.

 

Which third-party service providers process Business Users’ personal information?

 

”Third parties” includes third-party service providers (including contractors and designated agents) and other entities within our group.

We share personal data with third parties as follows:

How secure is Business Users’ information with third-party service providers and other entities in our group?

 

All our third-party service providers and other entities in the group are required to take appropriate security measures to protect personal information in line with our policies. Stint Ltd do not allow our third-party service providers to use personal data for their own purposes. Stint Ltd only permit them to process  personal data for specified purposes and in accordance with our instructions.

 

When might Stint Ltd share Business Users’ personal information with other entities in the group?

 

Stint Ltd will share personal information with other entities in our group as part of our regular business operations and reporting activities on company performance, in the context of a business reorganisation or group restructuring exercise, for system maintenance support and hosting of data.

 

What about other third parties?

 

Stint Ltd may share personal information with other third parties, for example in the context of the possible sale or restructuring of the business. In this situation Stint Ltd will, as far as possible, share anonymised data with the other parties before the transaction completes. Once the transaction is completed, Stint Ltd will share personal data with the other parties if and to the extent required under the terms of the transaction.

 

Stint Ltd may also need to share  personal information with government, police, regulators or law enforcement agencies if, at our sole discretion, we consider that we are legally obliged or authorised to do so or it would be prudent to do so.

Transferring information outside the EU

 

Stint Ltd may transfer the personal information Stint Ltd collect about Business Users outside the EU. Where Stint Ltd does so it will ensure that it complies with the rules for international transfers under the General Data Protection Regulation (for example, the country is on the EU’s list of adequate countries, the third party is Privacy Shield certified, or there are EU Model Clauses in place).

DATA SECURITY  

Stint Ltd have put in place appropriate security measures to prevent  personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, Stint Ltd limit access to  personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process personal information on our instructions and they are subject to a duty of confidentiality.

 

Stint Ltd have put in place procedures to deal with any suspected data security breach and will notify Student and any applicable regulator of a suspected breach where Stint Ltd are legally required to do so.

 

DATA RETENTION  

 

How long do we use Student personal information for?

 

Stint Ltd will only retain  personal information for as long as necessary to fulfil the purposes Stint Ltd collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, Stint Ltd consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of  personal data, the purposes for which Stint Ltd process  personal data and whether Stint Ltd can achieve those purposes through other means, and the applicable legal requirements.

 

In some circumstances Stint Ltd may anonymise personal information so that it can no longer be associated with you, in which case Stint Ltd may use such information without further notice to you. Once a Business User is no longer a registered user Stint Ltd will retain and securely destroy personal information in accordance with applicable laws and regulations.

 

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION  

 

Your duty to inform us of changes

 

It is important that the personal information Stint Ltd hold about you is accurate and current. Please keep us informed if your personal information changes by updating your details in the Stint Business App.

 

Your rights in connection with personal information

 

Under certain circumstances, by law you have the right to:

 

  1. Request access to personal information (commonly known as a “data subject access request”). This enables You to receive a copy of the personal information Stint Ltd hold about you and to check that Stint Ltd are lawfully processing it.
  1. Request correction of the personal information that Stint Ltd hold about you. This enables you to have any incomplete or inaccurate information Stint Ltd hold about you corrected.
  1. Request erasure of personal information. This enables you to ask Stint Ltd to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove personal information where you have exercised the right to object to processing (see below).
  1. Object to processing of personal information where Stint Ltd are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where Stint Ltd are processing personal information for direct marketing purposes.
  1. Request the restriction of processing of personal information. This enables you to ask Stint Ltd to suspend the processing of personal information about you, for example if you want Stint Ltd to establish its accuracy or the reason for processing it.
  1. Request the transfer of personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of personal data, or request that Stint Ltd transfer a copy of personal information to another party, please contact privacy@stint.co.

 

No fee usually required

 

you will not have to pay a fee to access personal information (or to exercise any of the other rights). However, Stint Ltd may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, Stint Ltd may refuse to comply with the request in such circumstances.

 

What Stint Ltd may need from you

 

Stint Ltd may need to request specific information from you to help Stint Ltd confirm identity and ensure right to access the information (or to exercise any of other rights). This is an appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

 

RIGHT TO WITHDRAW CONSENT  

 

In the limited circumstances where you may have provided consent to the collection, processing and transfer of personal information for a specific purpose, you have the right to withdraw consent for that specific processing at any time. To withdraw consent, please contact privacy@stint.co or update preferences in the Stint Business App. Once Stint Ltd have received notification that you have withdrawn consent, Stint Ltd will no longer process information for the purpose or purposes you originally agreed to, unless Stint Ltd have another legitimate basis for doing so in law.

 

WHO TO CONTACT WITH ANY QUESTIONS

 

Stint Ltd have appointed a data privacy manager to oversee compliance with this privacy notice. If yous have any questions about this privacy notice or how Stint Ltd handle personal information, please contact privacy@stint.co. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

 

CHANGES TO THIS PRIVACY NOTICE  

Stint Ltd reserve the right to update this privacy notice at any time, and Stint Ltd will provide you with a new privacy notice when Stint Ltd make any substantial updates. Stint Ltd may also notify you in other ways from time to time about the processing of your personal information (e.g. via the Stint Business App).

STINT STUDENT APP

Student Privacy Notice

Stint Ltd, a company registered in England under number 11022621, with its registered office is at 32 West Heath Drive, London NW11 7QH, is the “data controller”. This means that Stint Ltd is responsible for deciding how it holds and uses personal information relating to users of the Stint Student App (“Student” or “you”).

 

THIS NOTICE APPLIES TO CURRENT AND FORMER STUDENT USERS. STINT LTD MAY UPDATE THIS NOTICE AT ANY TIME AND IF WE DO SO, WE WILL TELL YOU WITH A NOTICE IN STINT STUDENT APP.

 

For definitions used in this privacy notice, see the Stint Student App Terms and Conditions.

This notice does not form part of Stint Work Terms or any other contract to provide services.

 

DATA PROTECTION PRINCIPLES  

 

Stint Ltd will comply with data protection law. This says that the personal information Stint Ltd hold about Students must be:

1. Used lawfully, fairly and in a transparent way.

2. Collected only for valid purposes that Stint Ltd have clearly explained to Students and not used in any way that is incompatible with those purposes.

3. Relevant to the purposes Stint Ltd have told Students about and limited only to those purposes.

4. Accurate and kept up to date.

5. Kept only as long as necessary for the purposes Stint Ltd have told Students about.

6. Kept securely.

 

THE KIND OF INFORMATION STINT LTD HOLD ABOUT STUDENTS  

 

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

There are certain types of more sensitive personal data which require a higher level of protection, such as information about a person’s health or sexual orientation. Information about criminal convictions also warrants this higher level of protection.

 Stint Ltd will collect, store, and use the following categories/types of personal information about you:

 

  1. Personal contact details like name, title, addresses, telephone numbers, and personal/university email addresses (and if you log on to the Stint Student App via social media, your social media profile data).
  1. Onboarding information, including:
  2. copies of documents evidencing identity,
  3. copies of documents evidencing right to work,
  4. other information needed to register, including:
  5. university/course information,
  6. tax information,
  7. student loan status,
  8. any information asked for by our insurers,
  9. photograph,
  10. any additional voluntary information provided, such as the content of profile description.
  11. Date you registered for Stint Student App and date you became an authorised Student user of Stint Student App and ready to be matched with Businesses for potential Stints.
  12. Results of any HMRC employment status check.
  13. Marital status and dependants.
  1. Next of kin and emergency contact information.
  1. National Insurance number.
  1. Bank account details, payroll records and tax status information.
  2. Details of any disabilities and any accommodations that may need to be made by Business for you.
  1. Earnings and related information.
  2. If contact Stint Ltd outside of Stint Student App, we may keep a record of that correspondence.
  1. Information and content of correspondence between you and Stint Ltd, and between you and other Students or Business users, through any messaging functionality of a Stint App.
  1. Stint Records (including the Stints you have been suggested for and/or booked for, and whether you carried out the Stint, time records for the Stint, and what feedback there was from Business/Business user about the Stint).
  1. Feedback information, including feedback and your rating/score from a Businesses/Business user where you have carried out a Stint.
  2. Information on which Businesses you have been matched with for which Stints.
  1. Information about use of a Stint Student App or our website (for example, IP address, browser, timestamp, location, country traffic data, location data, weblogs and other communication data and the resources that are accessed).
  2. Information for marketing purposes and analysis, including information on how you respond to email, phone, messaging, social media, text, post other marketing campaigns.
  3. Disciplinary and grievance information.
  4. Date and reason you stopped being a registered user for Stint Student App.

Stint Ltd may also collect, store and use the following more sensitive types of personal information as necessary for your status as worker of Stint Ltd:

 

  1. Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions.
  1. Trade union membership.
  1. Information about your health, including any medical condition, health and sickness records.
  1. Genetic information and biometric data about you.
  1. Information about criminal convictions and offences by you.

HOW IS PERSONAL INFORMATION ABOUT STUDENTS COLLECTED?

 

Stint Ltd collect personal information about Students through Stint Student App and onboarding process, either directly from students or sometimes from third parties, like universities and background check providers. Stint Ltd may sometimes collect additional information from third parties including former employers, credit reference agencies or other background check agencies.

 

Stint Ltd will collect additional personal information in the course of Stint-related activities throughout the period of Student being a registered Student user of Stint Student App.

 

HOW STINT LTD WILL USE INFORMATION ABOUT STUDENTS

 

Stint Ltd will only use personal information about Students when the law allows us to. Most commonly, Stint Ltd will use personal information about Students in the following circumstances:

1. Where Stint Ltd need to perform the contract Stint Ltd have entered into with Student (e.g. to provide Stint Student App).

2. Where Stint Ltd need to comply with a legal obligation (e.g. undertaking right to work checks and reporting Student’s Stint earnings to HMRC as part of PAYE).

3. Where it is necessary for legitimate interests pursued by us or a third party and Student’s interests and fundamental rights do not override those interests (e.g. to match Student with a Business as Stint Student App user).

Stint Ltd may also use personal information about Student’s in the following situations, which are likely to be rare:

1. Where Stint Ltd need to protect Student’s vital interests (or someone else’s vital interests).

2. Where it is needed in the public interest.

Situations in which Stint Ltd will use the personal information of Students

 

Stint Ltd need all the categories of information in the list above primarily to allow us to perform our contract with Students and to enable us to comply with legal obligations. In some cases Stint Ltd may use personal information of Students to pursue legitimate interests, provided Students’ interests and fundamental rights do not override those interests. The situations in which Stint Ltd will process your personal information are listed below.

 

  1. Making a decision about whether you qualify to be a user of Stint Student App.
  1. Checking your identity.
  2. Checking you is legally entitled to work in the UK, which may include checking:
  3. that the documents are genuine, original and unchanged and belong to you,
  4. that the dates for your right to work in the UK have not expired,
  5. that the photos are the same across all documents and look like you,
  6. that the dates of birth are the same across all documents,
  7. that the applicant has permission to do the type of work involved in undertaking Stints via the Stint Student App (including any limit on the number of hours you can work),
  8. that there is evidence of your study and vacation times,
  9. (if necessary because two documents give different names) that you have supporting documents showing why they’re different, such as a marriage certificate or divorce decree.
  10. Bring Students looking for work together with Businesses looking for workers. To do this, information about you is made available to Businesses/Business Users via Business App.
  11. Administering the contract Stint Ltd have entered into with you as set out in the Stint Student App Terms and Conditions.  This includes providing you with the services you expect us to, like trying to match you with Business for Stints.
  12. Assessing/matching feedback and skills of Student for a particular Stint with the requirements from Business User via the Business App.
  13. Transfer data to third parties (see below for information about who Stint Ltd transfers personal data to);
  14. Record the time worked by Students on a Stint.
  1. Paying Student and deducting tax and NICs.
  2. Invoicing Business for Student’s Stint.
  3. Tell Students about changes and other events relating to Stint Ltd that could be of interest to Students.
  4. Subject to complying with the data protection laws, direct marketing, for example via e-mail, messaging or telephone.
  1. Business management and planning, including accounting, auditing and legal advice.
  1. Gathering evidence for possible grievance or disciplinary hearings.
  1. Making decisions about any your continued use of Stint Student App.
  1. Making arrangements for the termination of our working relationship with you.
  1. Dealing with legal disputes involving you, or other employees, workers and contractors of Stint Ltd or any Business or Business User of the Business App, including accidents at work or at Businesses where you may carry out a Stint.
  1. Ascertaining your fitness to carry out Stints.
  1. Complying with health and safety obligations.
  1. To prevent fraud.
  1. To monitor your use of the Stint Student App and out information and communication systems, including to ensure compliance with our Acceptable Use Policy.
  1. To ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution.
  2. To further develop, test and improve any Stint App, or other existing or new systems/processes to better serve Students and Businesses; this mainly takes place in the context of new IT systems and processes, so that information about Students and/or Business Users may be used in the testing of those new IT systems and processes where dummy data cannot fully replicate the operation of that new IT system.
  3. To perform studies and statistical and analytical research, for example to compare the effectiveness of our matching of Students between different Businesses, sectors and geographies and look for factors that might influence any differences we identify.
  1. To conduct data analytics studies to review and better understand retention and attrition rates among Students.
  1. Equal opportunities monitoring.
  2. Where necessary, to comply with any legal obligation.
  3. Stint Ltd may also process information to:
  1. promote the security and protection of people, premises, systems and assets;
  2. monitor compliance with internal policies and procedures;
  3. administer communications and other systems used by our group of companies (including internal contact databases);  
  4. investigate or respond to incidents and complaints;
  5. comply with obligations and rights and cooperate with investigations carried out by the police, government or regulators; and 
  6. participate in any potential or actual purchase or sale, or joint venture, of all or part of a business or company, that any member of our group of companies wishes to participate in.

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of personal information.

 

What if Student fails to provide the personal information we need?

 

If you fail to provide certain information when requested, Stint Ltd may not be able to register you for the Stint Student App or carry out any Stints, or Stint Ltd may be prevented from complying with our legal obligations (such as to carry out right to work checks).

 

Change of purpose

 

Stint Ltd will only use personal information for the purposes for which Stint Ltd collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If Stint Ltd need to use personal information for an unrelated purpose, we will notify Students and explain the legal basis which allows us to do so.

 

Please note that Stint Ltd may process personal information without Student’s knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

 

HOW STINT LTD USE PARTICULARLY SENSITIVE PERSONAL INFORMATION  

 

”Special categories” of particularly sensitive personal information, such as information about health, racial or ethnic origin, sexual orientation or trade union membership, require higher levels of protection. Stint Ltd need to have further justification for collecting, storing and using this type of personal information. Stint Ltd have in place an appropriate policy document and safeguards which Stint Ltd are required by law to maintain when processing such data. Stint Ltd may process special categories of personal information in the following circumstances:

1. In limited circumstances, with explicit written consent.

2. Where Stint Ltd need to carry out our legal obligations or exercise rights in connection with employment.

3. Where it is needed in the public interest, such as for equal opportunities monitoring.

Less commonly, Stint Ltd may process this type of information where it is needed in relation to legal claims or where it is needed to protect Student’s interests (or someone else’s interests) and Student is not capable of giving consent, or where Student has already made the information public.

Situations in which Stint Ltd will use sensitive personal information about Students

 

In general, Stint Ltd will not process particularly sensitive personal information about Student unless it is necessary for performing or exercising obligations or rights in connection with employment. On rare occasions, there may be other reasons for processing, such as it is in the public interest to do so. The situations in which Stint Ltd will process particularly sensitive personal information are listed below. Stint Ltd have indicated the purpose or purposes for which Stint Ltd are processing or will process more sensitive personal information.

 

  1. Stint Ltd will use information about physical or mental health, or disability status, to inform Businesses for whom Student carry out Stints to provide appropriate workplace adjustments and generally to exercise rights and perform obligations in connection with work on Stints.
  1. Stint Ltd will use information about race or national or ethnic origin, religious, philosophical or moral beliefs, or sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.

Do Stint Ltd need consent?

 

Stint Ltd do not need consent if Stint Ltd use special categories of personal information in accordance with our written policy to carry out our legal obligations or exercise specific rights in the field of employment law. In limited circumstances, Stint Ltd may approach Student for written consent to allow us to process certain particularly sensitive data. If Stint Ltd do so, Stint Ltd will provide Student with full details of the information that Stint Ltd would like and the reason Stint Ltd need it, so that Student can carefully consider whether Student wish to consent. Student should be aware that it is not a condition of becoming a registered user of the Stint Student App that Student agree to any request for consent from us.

 

INFORMATION ABOUT CRIMINAL CONVICTIONS  

 

Stint Ltd do not envisage that we will hold information about criminal convictions.

 

DECISIONS MADE BY COMPUTERS

 

Stint Ltd uses automated systems/processes and automated decision-making (like profiling) to provide students and businesses with the services they request from us.  It’s how the Stint Apps work.

For example, when a Business is looking for Student for a Stint, our algorithms match students with the Stint requirements using automated criteria which take into account when Student is available to work, the skillsets Student shows on their profile and the feedback we have received from Businesses with whom Student has previously done Stints.

This means that sometimes Student’s position in the rank may be higher than others, depending on how these factors match the needs Business has identified for the Stint.

If Student would like us to explain anything or have any queries about this, then just ask. Thank you.

DATA SHARING  

 

Stint Ltd may have to share Student’s data with third parties, including third-party service providers and other entities in our group of companies.

Stint Ltd require third parties to respect the security of data and to treat it in accordance with the law.

Stint Ltd may transfer personal information outside the EU.

If Stint Ltd do, Student can expect a similar degree of protection in respect of personal information.

 

Why might Stint Ltd share my personal information with third parties?

 

Stint Ltd will share personal information with third parties where required by law, where it is necessary to administer the working relationship with Student or where Stint Ltd have another legitimate interest in doing so.

It might seem obvious given what the Stint Student App does, but we want to be clear: to provide the Stint Student App to Student, and to enable Student to be matched and carry out any booked Stints with Businesses who have made requests via the Business App, we share personal data with Businesses/Business Users via the Business App in relation to their Stint request.  Businesses don’t have unrestricted access to all Students, but where Student’s a potential match for a Stint, profile information will be shared.

Personal data about you will also be shared to enable you to carry out the Stint including any needed for the Business to comply (e.g. your right to work information) with the law or made reasonable adjustments (e.g. your health information).

 

Which third-party service providers process Students personal information?

 

”Third parties” includes third-party service providers (including contractors and designated agents) and other entities within our group.

We share personal data with third parties as follows:

How secure is my information with third-party service providers and other entities in our group?

 

All our third-party service providers and other entities in the group are required to take appropriate security measures to protect personal information in line with our policies. Stint Ltd do not allow our third-party service providers to use personal data for their own purposes. Stint Ltd only permit them to process personal data for specified purposes and in accordance with our instructions.

 

When might Stint Ltd share my personal information with other entities in the group?

 

Stint Ltd will share personal information with other entities in our group as part of our regular reporting activities on company performance, in the context of a business reorganisation or group restructuring exercise, for system maintenance support and hosting of data.

 

What about other third parties?

 

Stint Ltd may share personal information with other third parties, for example in the context of the possible sale or restructuring of the business. In this situation Stint Ltd will, as far as possible, share anonymised data with the other parties before the transaction completes. Once the transaction is completed, Stint Ltd will share personal data with the other parties if and to the extent required under the terms of the transaction.

 

Stint Ltd may also need to share personal information with government, police, regulators or law enforcement agencies if, at our sole discretion, we consider that we are legally obliged or authorised to do so or it would be prudent to do so.

Transferring information outside the EU

 

Stint Ltd may transfer the personal information Stint Ltd collect about Business Users outside the EU. Where Stint Ltd does so it will ensure that it complies with the rules for international transfers under the General Data Protection Regulation (for example, the country is on the EU’s list of adequate countries, the third party is Privacy Shield certified, or there are EU Model Clauses in place).

DATA SECURITY  

Stint Ltd have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, Stint Ltd limit access to personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process personal information on our instructions and they are subject to a duty of confidentiality.

 

Stint Ltd have put in place procedures to deal with any suspected data security breach and will notify Student and any applicable regulator of a suspected breach where Stint Ltd are legally required to do so.

 

DATA RETENTION  

 

How long do we use Student personal information for?

 

Stint Ltd will only retain personal information for as long as necessary to fulfil the purposes Stint Ltd collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, Stint Ltd consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which Stint Ltd process personal data and whether Stint Ltd can achieve those purposes through other means, and the applicable legal requirements.

 

In some circumstances Stint Ltd may anonymise personal information so that it can no longer be associated with Student, in which case Stint Ltd may use such information without further notice to Student. Once Student is no longer a worker Stint Ltd will retain and securely destroy personal information in accordance with applicable laws and regulations.

 

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION  

 

Your duty to inform us of changes

 

It is important that the personal information Stint Ltd hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

 

Your rights in connection with personal information

 

Under certain circumstances, by law you have the right to:

 

  1. Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information Stint Ltd hold about you and to check that Stint Ltd are lawfully processing it.
  1. Request correction of the personal information that Stint Ltd hold about you. This enables you to have any incomplete or inaccurate information Stint Ltd hold about you corrected.
  1. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. you also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  1. Object to processing of your personal information where Stint Ltd are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. you also have the right to object where Stint Ltd are processing your personal information for direct marketing purposes.
  1. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  1. Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that Stint Ltd transfer a copy of your personal information to another party, please contact privacy@stint.co.

 

No fee usually required

 

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, Stint Ltd may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, Stint Ltd may refuse to comply with the request in such circumstances.

 

What Stint Ltd may need from Student

 

Stint Ltd may need to request specific information from You to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

 

RIGHT TO WITHDRAW CONSENT  

 

In the limited circumstances where You may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact privacy@stint.co. Once Stint Ltd have received notification that you have withdrawn your consent, Stint Ltd will no longer process your information for the purpose or purposes you originally agreed to, unless Stint Ltd have another legitimate basis for doing so in law.

 

WHO TO CONTACT WITH ANY QUESTIONS

 

Stint Ltd have appointed a data privacy manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how Stint Ltd handle your personal information, please contact privacy@stint.co. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

 

CHANGES TO THIS PRIVACY NOTICE  

Stint Ltd reserve the right to update this privacy notice at any time, and Stint Ltd will provide you with a new privacy notice when Stint Ltd make any substantial updates. Stint Ltd may also notify you in other ways from time to time about the processing of your personal information.

4129-1926-4022, v. 1