Arete Experience Privacy Policy - GDPR.

The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and is designed to harmonise data privacy laws across Europe. As such, GDPR aims to protect and empower all EU citizens’ data privacy and to reshape the way organisations across the region approach data privacy.

What does this policy cover?

We are committed to respecting your right to privacy. As such, this policy: 

  • sets out the types of Personal Data that we collect about you;

  • explains how and why we collect and use your Personal Data;

  • explains how long we keep your Personal Data for;

  • explains when, why and with whom we will share your Personal Data;

  • sets out the legal basis we have for using your Personal Data;

  • explains the effect of refusing to provide the Personal Data requested;

  • explains the different rights and choices you have when it comes to your Personal Data; and

  • explains how we may contact you and how you can contact us.

It is important to note that we may amend this Privacy Policy from time to time. Please visit this page if you want to stay up to date as we will post any changes here. 


Who are you?

We collect Personal Data from the following types of people (aka “Data Subjects”) to carry out our business. As such, you are likely to be one of the following: 

  • A candidate – either existing or prospective;

  • A client – either existing or prospective;

  • A user of our website;

  • A supplier to our organisation; 


What is Personal Data?

Personal Data refers to any data that can identify you as a living individual. This can comprise of generic information which relates to a person who can be identified directly or indirectly (e.g. email and contact details, information held about that individual such as job role, comments and references). 

Our general rule is that we only collect, control and use limited amounts of personal data and we only collect and use personal data to the extent necessary for us to provide the services that we have agreed to provide you. 


What legal basis do we have for using your information?

If you are a candidate, a client, a user of the Arete Experience Ltd. website, a supplier or contractor or interim worker, the legal basis on which we rely for processing your information will be our legitimate interests. 


For candidates

As a candidate, it may be necessary to process more Personal Data which includes sensitive information such as your health records that is either provided by you or others about you. In that case, we will always ask for your consent before processing such information. In the majority of cases though, we will be using your personal data to:

  • use your personal information in order to design your very own personal webpage, where you share your content with our consent

  • publish your articles and posts in community 'Forum' and our blog webpage with your consent

  • creating contact channels for your potential clients

  • personalise your experience and our offering with appropriate content, whether via our website or otherwise

  • match your skills, experience and education with a potential employer

  • contact and inform you through the email or phone regarding Arete Experience Ltd. activities from which you can opt-out anytime you want

  • provide or offer you newsletters, industry updates or event notifications


For clients and suppliers

We retain records of our dealings and transactions with you and where applicable, we use such records for the purposes of:

  • establishing compliance of contractual obligations; 

  • addressing any query or dispute that may arise (including establishing, exercising or defending any legal claims);

  • protecting our reputation;

  • maintaining a backup of our systems, with the purpose of being able to restore them to a particular point in the event of a system failure or security breach;

  • evaluating quality and compliance (including compliance with this Privacy Policy);

  • to provide you with networking opportunities and industry information.

From where do we source this Personal Data?

The following include the different sources from which we may collect your Personal Data: Directly from you. For example:

  • the information you provide to us while searching for a new opportunity 

  • the information provided to us during the different stages of the process. 

From an agent/third party acting on your behalf. 

For example:

  • a Contractor’s Limited Company

Through publicly available sources. 

For example: 

  • LinkedIn 

  • Job Boards

  • CV databases

  • Online search and public information

  • Our Consultation Form


By reference or word of mouth. 

For example:

  • you may be recommended by a friend, a former employer, a former colleague or even a present employer.


For how long do we retain your Personal Data?

We hold your data for a maximum of 2 years. After this period, if no meaningful contact has been made, we will delete your data from our systems. Examples of “meaningful contact” include (but is not necessarily limited to):

  • When we obtain your details; meaningful contact is defined as any verbal or written communication between us and yourself;

  • If there is two-way communication via verbal or written communication or through any of our marketing communications, we will also consider this to be meaningful contact. 


Your data can also be removed at any time by request.  


Is your personal data sent outside of the EEA?

Your personal data may be shared, stored and processed outside the European Economic Area (EEA). We will however only transfer your data outside the EEA to countries which the European Commission believes offer an adequate level of protection to you or where appropriate safeguards have been put in place to preserve the privacy of your data. 


What are your rights?

By law, you have a number of rights when it comes to your Personal Data. Further information and advice about your rights can be obtained from the Information Commissioner’s Office. 


What rights do you have in relation to the data we hold on you?

The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Policy.

The right of access. You have the right to obtain access to your information (if we are processing it), and certain other information (similar to that provided in this Privacy Policy). If you would like to make a request for information, please contact us by email. This is so you are aware and can check that we are using your information in accordance with the GDPR.


The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete. We will respond to such a request within 1 month.

The right to erasure. This is also known as ‘the right to be forgotten’ and in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.

The right to restrict processing. You have the right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but cannot use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.

The right to data portability. You have the right to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to use your data for your very own website, this enables you to move, copy or transfer your information easily between our IT system and theirs safely and securely, without affecting its usability.

The right to object to processing. You have the right to object to certain types of processing, including processing for direct marketing (e.g. if you no longer want to be contacted with potential opportunities).

The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your personal data with the ICO

The right to withdraw consent. If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes. We will never share your personal data with the third party without your consent, except if and only if, we were required to do so by law. 


We will continue to contact you regarding health & fitness related services which we believe will be of interest to you.

The basis for these communications will be our legitimate interest and/or “soft opt-in” consent.

In the interests of clarity, a “soft opt-in” applies where you have previously either actively engaged with us:

  • by submitting a CV or

  • by having a meaningful contact or

  • exchanging the contact details


We are permitted to market relevant products and services to you unless you inform us of your wish to opt-out (which you are entitled to do at any stage).

Please note that should we receive any requests from you to erase data or stop processing your information, we may retain a record of such requests as well as the actions taken by us. This will serve as both evidence of our compliance to your request as well as enable us to take steps to curtail any future processing of your data should it be received again from a third-party source. 

Please consider your request responsibly before submitting it. We will respond as soon as is practicable. This will be within one month of the date when your request is received; however, in the event that the request is likely to take longer for any reason, we will inform you of the likely timeframe at the time. 

Our Evaluators


All our evaluators sign the Legal Disclaimer which explains how they should treat information collected and grounds on which will be fined. They never share any information about their visits, brands, results or facilities to any third parties and all information is kept entirely confidential.

We may use your information to:

  • Register you as a mystery shopper

  • We only access the information clients and mystery shoppers voluntarily in order to match them with the most suitable assignments.

  • Pay you for mystery shopping work

  • To carry out our obligations arising from any contracts entered into by you and us;

  • Seek your views or comments on the services we provide;

  • Notify you of changes to our services;

  • Send you communications which you have requested and that may be of interest to you. These may include campaigns, appeals, fundraising, promotions;

  • Process a job application.

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our obligations. We will hold all your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.


If you are unhappy about any aspect of the way in which your Personal Data is processed by us, in the first instance please contact us using an email. This does not affect your right to make a complaint to the Information Commissioner’s Office

Version 1.0 Updated 8/2/20 Arete Experience Ltd. All Rights Reserved