Privacy Policy

Spectrum Search Limited (“Spectrum”, “we”, “us”) is a recruitment business. For the processing described in this notice, Spectrum acts as a data controller.

• Company number: 11458701
• Registered office: Second Floor, Kirkland House, 11–15 Peterborough Road, Harrow, Middlesex, United Kingdom, HA1 2AX
• Email: info@spectrum-search.com
• Data protection contact: info@spectrum-search.com — please write “Data Protection” in the subject line.

This notice explains how we use your personal data when you:

• send us your CV or profile, apply for roles, or speak with our consultants;
• are introduced to us by a referee, former employer, colleague, job board, social network or other source; or
• are contacted by us about job opportunities.

It does not cover website cookies or analytics — see our Cookie Policy.

We may collect and use:

• Identity and contact data: name, email, phone, current role or title, location (city or region and, where relevant to a role or process, postcode and/or address — e.g., to assess commuting or relocation requirements, verify right-to-work documentation details where applicable, or for offer and onboarding logistics).
• CV and career data: employment history, skills, experience summaries, compensation expectations, notice period, work eligibility (where relevant).
• Recruitment process data: interview notes and feedback, role preferences, availability, communications history.
• Publicly available data: e.g., LinkedIn profile or professional website where relevant to recruitment.
• Technical and audit data: access logs and security logs in our systems.
• Special category data: CVs sometimes contain sensitive information (e.g., health or disability, ethnicity, religion). We do not seek to collect this and ask you not to include it unless necessary. If it is included, we take steps to minimise its use and restrict access.

If we do not collect your data directly from you, we may obtain it from:

• you directly (CV submission, calls, emails, applications);
• professional networks (e.g., LinkedIn) and other publicly available sources;
• referrals from colleagues or clients;
• job boards and recruitment platforms; and
• our clients during recruitment processes (e.g., interview feedback).

Where we obtain personal data from another source, we provide privacy information within a reasonable period and at the latest within one month, unless an exemption applies.

We use your data to:

• Provide recruitment services: identify suitable roles, assess suitability, manage applications and interviews, communicate with you.
• Introduce you to hiring organisations (clients) only when you have confirmed you wish to be considered and/or given permission for a specific opportunity (see Sharing your data below).
• Operate and improve our recruitment systems: record-keeping, reporting, analytics, quality assurance, training, dispute handling.
• Comply with legal obligations and protect our business (fraud prevention, security, enforcing terms).
• Send job alerts and updates where you opt in or where permitted by law (see Job alerts and marketing preferences below).

We rely on the following lawful bases under UK GDPR depending on the activity:

• Legitimate interests: to run our recruitment business, match candidates to roles, contact candidates about relevant opportunities, and maintain records. Where we rely on legitimate interests, we consider and document the balance between our interests and your rights.
• Contract or steps prior to contract: where processing is needed to take steps at your request in relation to a role or engagement.
• Legal obligation: where we must process data to comply with UK law.
• Consent: for certain communications such as bulk job alerts by email or SMS (see Job alerts and marketing preferences below) and where required for specific processing.
• Special category data: if we must process special category data, we will only do so where a valid UK GDPR condition applies and we will limit access.

We may share relevant parts of your data with:

• Hiring organisations (our clients) for the purpose of considering you for roles. We will not share your CV or identifiable details without your agreement or permission for that opportunity — unless you have explicitly asked us to do so, or another lawful basis applies and we have informed you.
• Service providers who help us operate our business (e.g., email, IT, CRM and ATS providers), under appropriate contracts and security controls.
• Use of Taluna (Luven Labs Limited). Spectrum uses a technology platform called Taluna, operated by Luven Labs Limited (“Luven”), to support recruitment matching. Spectrum may disclose certain candidate data to Luven so Taluna can help generate matches and create minimised candidate profiles for review. Luven acts as an independent controller when it contacts candidates about Luven-sourced opportunities (you will be told when this is the case). Before any identifiable information is shared with a hiring organisation through Taluna, you will be contacted and asked for permission for that specific disclosure.

We may contact you about roles via email, phone or professional networks (e.g., LinkedIn). If we send bulk job alerts by email or SMS, we will:

• ask for your opt-in consent where required; and
• include an easy unsubscribe method in each message.

You can opt out of job alerts at any time. PECR rules apply to electronic mail marketing; we design our bulk alerts to meet those requirements.

Your data may be processed using suppliers and systems that store or permit access from outside the UK (including the EU and US). Where we make a “restricted transfer”, we use appropriate safeguards such as the UK IDTA or UK Addendum, and carry out a transfer risk assessment as required.

We keep your data only as long as needed for recruitment and related purposes, and to meet legal and regulatory requirements.

Typical retention: we retain candidate records for 24 months after our last meaningful contact with you, unless:

• you ask us to delete it sooner;
• we need to keep a suppression record to honour your opt-out or objection; or
• we must keep certain records for legal reasons.

You have rights under UK GDPR, including:

• access, rectification, erasure, restriction;
• data portability (in certain cases);
• objection to processing based on legitimate interests; and
• withdrawal of consent (where we rely on consent).

If you object to us processing your data for recruitment matching or outreach, we will assess your objection and stop processing unless we have compelling legitimate grounds.

To exercise your rights, email info@spectrum-search.com with “Data Protection Request” in the subject line.

If you are unhappy, please contact us first so we can help. You also have the right to complain to the Information Commissioner’s Office (ICO).

We may update this notice from time to time and will post the current version on our website.