Privacy Policy — Human Capital Ventures

Last Updated: April 21, 2026
Effective Date: May 1, 2026

Introduction

Human Capital Ventures Limited (UK entity, registered in England and Wales) and Human Capital Ventures Inc (US entity, incorporated in the United States), collectively with any affiliated subsidiaries or associated companies (collectively “Human Capital Ventures,” “HCV,” “we,” “us,” or “our“), are committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website, services, and communications. This policy applies to:

– Recruitment and staffing candidates seeking employment
– Employees of HCV or our client companies
– Employers and client companies engaging our recruitment and staffing services
– Website visitors and persons inquiring about our services

Please read this policy carefully. If you do not agree with our practices, please do not use our services or provide us with your personal information.

Data Controller Identification

For UK Data Subjects

Data Controller: Human Capital Ventures Limited
Registered Address: Challenge House, Sherwood Drive, Milton Keynes, MK3 6DP, United Kingdom
Company Registration Number: 08722640 (UK Companies House)
Data Protection Officer: Philip Ringrow
Phone: 0333 300 3362
Contact Email: [email protected]

Legal Basis: UK Data Protection Act 2018, UK GDPR (as retained in UK law)

For US Data Subjects

Data Controller: Human Capital Ventures Inc
Registered Address: 755 W Big Beaver Road, Troy, Michigan 48359, United States
State of Incorporation: Michigan
Data Protection Officer: Philip Ringrow
Phone: 800 290 6057
Contact Email: [email protected]

Legal Basis: State privacy laws (including CCPA, CDPA, and equivalent state regulations), TCPA, and federal employment law

For EU Data Subjects (if applicable)

Data Controller: Human Capital Ventures Limited
Contact: [email protected]
Phone: 0333 300 3362

Legal Basis: EU GDPR (General Data Protection Regulation)

1. Information We Collect

We may collect and process the following categories of personal information:

A. Information You Provide Directly

– Contact information: Full name, email address, phone number(s), mailing address
– Professional information: Work and education history, skills, certifications, CV/resume, cover letter
– Government identifiers: Nationality, date of birth, national insurance number (UK), social security number (US), work visa/right to work documentation
– Financial information: Bank account details, tax identification numbers, payroll information (for employees and placed candidates)
– Identification documentation: Proof of identity, proof of residence, driving license copies (for background checks and compliance)
– Background check information: Employment references, credit checks, criminal record checks, sanctions screening, drug/alcohol testing results
– Communication records: Email correspondence, SMS messages, call recordings, chat transcripts (recorded for quality control, training, and record-keeping)
– Application and profile data: Information submitted through job applications, CV submissions, talent profile creation, or service inquiries
– Survey responses: Feedback, testimonials, or survey responses you voluntarily complete
– Emergency contact information: Names, phone numbers, relationship to you (for employee and placed candidate records)

B. Information Collected Automatically

– Website and device information:
– IP address, browser type, operating system, device type
– Pages visited, time spent on pages, clicks, scroll behavior
– Referral source, search queries
– Unique device identifiers

– Location data:
– Approximate location from IP address
– Precise location only if you grant explicit permission via mobile app or browser

– Cookies and similar technologies: As detailed in our Cookie Policy

– Server logs: Requests to our servers, error logs, security logs

C. Information from Third Parties

– Background check and screening vendors: Criminal records checks (via Accurate Background, Sterling, etc.), employment verification, credit reports, sanctions screening
– Public sources: LinkedIn profiles, company websites, professional databases, news articles, public records
– Referral sources: Information provided by recruiters, referral partners, or individuals who refer candidates
– Your references: Employment history and performance information from previous employers or personal references
– Clients and employers: Job descriptions, hiring criteria, feedback about placed candidates or contractors
– Data enrichment providers: Professional history, company information, contact details (obtained through lawful means)
– Credit reference agencies: Credit information (with your consent, for background checks)

D. Sensitive Information

We may collect the following categories of sensitive or special data only where lawfully permitted:

– Government-issued identification numbers (National Insurance number, SSN, passport number)
– Background check results (including criminal history, sanctions screening)
– Health information (disability accommodation needs, health and safety information, pre-employment medical checks)
– Demographic information (race, ethnicity, gender, age — collected only for diversity and equal opportunity monitoring in compliance with employment law)
– Religious or political information (if relevant to role requirements or accommodation needs)

We process sensitive information only with:
– Your explicit written consent, or
– Where required by law, or
– Where necessary for legal obligations or protection of vital interests

2. How We Use Your Information

We use collected information for the following purposes:

A. Recruitment and Staffing Services

– Candidate assessment: Evaluating suitability, qualifications, experience, and skills for current and future opportunities
– Job matching: Recommending relevant positions based on candidate profile and employer needs
– Recruitment administration: Managing applications, scheduling interviews, conducting reference checks, coordinating with candidates and employers
– Background screening: Conducting pre-employment background checks, employment verification, criminal record checks, credit checks, sanctions screening
– Placement and onboarding: Processing placements, managing contracts, coordinating start dates, managing payroll information
– Performance tracking: Recording feedback from employers about placed candidates (with appropriate consent)

B. Communication

– Job alerts and opportunities: Notifying candidates of relevant positions that match their profile and preferences
– Application updates: Informing you of the status of applications and recruitment progress
– Interview coordination: Scheduling interviews, sending reminders, sharing interview details
– Service updates: Notifying you of changes to our services, policies, or platform
– Customer support: Responding to inquiries, troubleshooting problems, providing assistance
– Administrative communications: Account confirmations, billing notifications, security alerts, contract updates

C. Marketing and Business Development

– Direct marketing: Promoting our staffing, recruitment, and VA services via email, phone, SMS, or mail
– Business enquiries: Responding to service inquiries from potential clients and candidates
– Research and analytics: Conducting market research, surveys, feedback collection to improve our services
– Website optimization: Analyzing user behavior, optimizing website performance, personalizing user experience
– Advertising and retargeting: Displaying relevant advertisements on our website and third-party platforms (where you have not opted out)

D. Legal and Compliance

– Legal obligations: Complying with employment law, immigration law, tax law, money laundering regulations, data protection law, and other legal requirements
– Fraud and crime prevention: Detecting, investigating, and preventing fraudulent activity, unauthorized access, and criminal behavior
– Rights protection: Protecting the rights, property, safety, and reputation of HCV, our clients, candidates, employees, and the public
– Disputes and litigation: Managing complaints, disputes, investigations, and legal proceedings
– Regulatory compliance: Responding to regulatory inquiries, audits, and oversight (from employment agencies, data protection authorities, tax authorities, etc.)
– Evidence and record-keeping: Maintaining records for audits, inspections, legal proceedings, and regulatory requirements

E. Employment Purposes (if you are an HCV employee)

– Employment management: Processing payroll, benefits, tax withholdings, pension contributions
– Performance management: Conducting performance reviews, managing training and development
– Internal administration: Managing access to systems, office facilities, equipment
– Internal communications: Sharing company announcements, updates, and information
– Health and safety: Managing workplace health and safety, emergency procedures, safety training

3. SMS and Text Message Communications (10DLC Compliance)

A. SMS Opt-In and Consent

By providing your mobile phone number to Human Capital Ventures, you consent to receive text message communications including:

– Job alerts and opportunity notifications
– Application status updates and interview scheduling
– Recruitment updates and deadline reminders
– Account notifications and security alerts
– Important service communications
– Marketing messages about services (where you have opted in)

This consent is given freely and voluntarily.

B. Message Frequency and Rates

– Frequency: The number of text messages varies based on your activity and preferences. Active job seekers may receive 2-5 messages per week during recruitment periods. Enrolled notifications may generate additional messages based on your preferences.

– Carrier charges: Standard SMS rates from your mobile carrier apply. Check your mobile plan for SMS allowances and costs.

– Data usage: Text messages may use data from your SMS allowance. If you have limited SMS, check with your carrier about plan upgrades.

– Geographic coverage: SMS delivery may vary by carrier and location. We cannot guarantee delivery in all areas.

C. Opt-Out Instructions

To stop receiving SMS messages:

1. Reply “STOP” to any text message you receive from us
2. Update your preferences in your account on our website (if applicable)
3. Email us at [email protected] with “SMS OPT-OUT” in the subject line
4. Call us at [Your UK/US Phone Number] to request removal from SMS lists

Opt-out confirmation: Upon requesting to opt out, you will receive a confirmation text message within 24 hours. You will no longer receive marketing or promotional SMS from us. However, we may still send transactional messages such as:
– Interview reminders and scheduling updates
– Job application status updates
– Account security alerts
– Emergency or critical business communications

Important: If you have opted out of SMS, we may still contact you via email or phone for essential recruitment or business purposes.

D. 10DLC (10-Digit Long Code) Registration and Compliance

Human Capital Ventures uses registered 10-Digit Long Code (10DLC) phone numbers to send text messages. This ensures:

– Carrier compliance: All messages comply with carrier rules and standards set by AT&T, Verizon, T-Mobile, and other major carriers
– Enhanced deliverability: 10DLC numbers have better delivery rates than short codes and standard numbers
– Anti-spam protection: Carrier filtering reduces spam and protects consumers
– Accountability: Our 10DLC registration creates an audit trail and accountability for messaging practices
– Consumer trust: 10DLC numbers provide verification that messages come from a legitimate business

Our 10DLC Registration Details:
– Operator: Human Capital Ventures Limited / Human Capital Ventures Inc
– Use Case: Recruitment notifications, job alerts, staffing communications, virtual assistant services
– Compliance: Full compliance with carrier guidelines and anti-spam regulations

E. TCPA Compliance (Telephone Consumer Protection Act)

The Telephone Consumer Protection Act (TCPA) is a U.S. law that regulates telemarketing calls, SMS, and auto-dialed messages.

By providing your phone number, you consent to:

– Receiving SMS messages from Human Capital Ventures about recruitment, staffing services, and job opportunities
– Receiving communications using automated dialing systems and pre-recorded messages (where applicable)
– Having HCV contact you at the phone number you provided, including mobile numbers

Your Rights under TCPA:

– Opt-out: You can opt out of SMS at any time (see “Opt-Out Instructions” above)
– Frequency: We will not send excessive messages (generally no more than 5 per week unless you are actively interviewing or have requested more frequent updates)
– No harassment: We will not send threatening, harassing, or abusive messages
– National Do-Not-Call Registry: While TCPA does not technically apply to text messages, we respect the spirit of the Do-Not-Call registry and honor opt-out requests

Report TCPA violations: If you believe you are being contacted in violation of TCPA, contact us immediately at [email protected].

F. CASL Compliance (Canada’s Anti-Spam Legislation)

If you are located in Canada, we comply with CASL (Canada’s Anti-Spam Legislation):

– Consent: We obtain express consent before sending marketing messages
– Identification: All messages clearly identify Human Capital Ventures
– Opt-out mechanism: You can unsubscribe from marketing messages at any time
– Compliance: We remove Canadian contact information from marketing lists within 10 business days of opt-out requests

G. SMS Data Protection and Sharing Restrictions

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.

All other categories of personal data exclude text messaging originator opt-in data and consent records. This information (your SMS opt-in status, consent records, and text messaging preferences) will not be shared with any third parties and is retained solely for compliance purposes and to honor your communications preferences.

This ensures your SMS communications and opt-in status remain private and are used exclusively for the purposes you authorized with Human Capital Ventures.

5. Who We Share Your Information With

We may disclose your personal information to the following parties:

A. Within the HCV Group

– Human Capital Ventures Limited (UK)
– Human Capital Ventures Inc (US)
– Any current or future subsidiaries, affiliates, or associated companies
– Parent companies and holding companies

Data sharing between UK and US entities: When information is transferred between our UK and US entities, we use Standard Contractual Clauses (SCCs) and other mechanisms to ensure adequate data protection under UK GDPR and similar laws.

B. Service Providers and Vendors

We may share information with third-party vendors who provide services on our behalf:

Background Screening & Verification:
– Accurate Background, Sterling Talent Solutions, First Advantage
– Employment verification services
– Credit reference agencies
– Sanctions screening providers (OMG, Refinitiv)

Communication & Software:
– Microsoft (Outlook, Azure, email)
– Reply.io (email marketing)
– Zoom (Zoom Phone, communications)
– Third-party email providers
– CRM and ATS (Applicant Tracking System) providers

Payment Processing & Payroll:
– Stripe, PayPal, Wise
– Payroll processors
– Tax service providers

Cloud Services & Hosting:
– Microsoft Azure
– Amazon Web Services
– OneDrive and cloud storage providers

Data Enrichment & Recruiting Tools:
– Apollo.io, ZoomInfo, Hunter.io, People Data Labs
– LinkedIn
– Resume parsing services

Analytics & Advertising:
– Google Analytics, Mixpanel
– Facebook, Google (for targeted advertising)

All vendors are required to:
– Sign Data Processing Agreements (DPAs)
– Comply with GDPR, UK GDPR, CCPA, and other applicable laws
– Maintain equivalent security standards
– Not use data for their own marketing purposes
– Cooperate with data subject requests

C. Employers and Client Companies

When you apply for a position or when we submit your information to an employer on your behalf, we share:

– Your resume and application materials
– Contact information (name, email, phone)
– Interview availability and scheduling preferences
– Work history, qualifications, and skills
– Interview feedback and assessment results
– Background check results (with your explicit consent)
– References and employment verification information
– Any other information necessary for the hiring process

You control this sharing: We only share information with employers when:
1. You have applied for a specific position with them, or
2. You have explicitly consented to us submitting your profile to them

D. Legal and Regulatory Authorities

We may disclose your information without your consent when:

– Required by law: Court orders, subpoenas, regulatory requests, government investigations
– Law enforcement: Police investigations, fraud investigations, criminal inquiries
– Regulatory compliance: Immigration authorities (for work visa verification), tax authorities, employment agencies, data protection authorities
– Public health and safety: Information necessary to protect public health or safety
– Business asset transfers: In the event of merger, acquisition, bankruptcy, or sale of assets (with notice to you where possible)

E. Legal Protection and Dispute Resolution

We may disclose information when necessary to:

– Enforce our contracts, terms of service, and policies
– Protect the rights, property, and safety of HCV, our employees, clients, candidates, and the public
– Detect, investigate, and prevent fraud, corruption, and crime
– Defend against legal claims or litigation
– Resolve disputes and complaints

F. Third Parties at Your Request

We may share your information with any third party you explicitly authorize or request (e.g., if you ask us to provide information to a prospective employer, referral partner, or professional advisor).

G. Anonymized and Aggregated Data

– We may publish anonymized, aggregated statistical data about recruitment trends, candidate demographics, market insights, and industry benchmarks
– This data cannot identify you and is used for market research and public reporting

6. International Data Transfers

Cross-Border Data Transfers

Human Capital Ventures operates in both the UK and the US. When you provide information to us, it may be:

– Transferred between our UK and US entities
– Processed by employees or contractors in different countries
– Stored on servers located outside your country of residence
– Accessed by authorized vendors in various locations

Legal Mechanisms for Transfer

We use the following mechanisms to ensure lawful and safe data transfers:

For UK/EU to US transfers:
– Standard Contractual Clauses (SCCs) – approved by UK ICO and EU Commission
– Adequacy decisions (where applicable)
– Explicit consent where legally required
– Transfer Impact Assessment under UK GDPR

For other international transfers:
– Standard Contractual Clauses
– Binding Corporate Rules (BCRs)
– Your explicit consent

Your Consent

By providing personal information to Human Capital Ventures, you consent to:
– Transfer of your information between our UK and US entities
– Processing in any country where we operate or where our vendors operate
– Storage on servers located outside your country of residence

You understand that data protection laws may differ in other countries and that your information may be subject to different legal protections.

7. Data Retention

How Long We Keep Your Information

| Data Type | Retention Period | Reason |
|———–|——————|——–|
| Active candidate profile | 2-3 years (while engaged with HCV) | Recruitment and opportunity matching |
| Inactive candidate profile | 24+ months of inactivity → archived/deleted | Storage efficiency; notice given before deletion |
| Job application records | 1-2 years | Recruitment records and compliance |
| Interview records & feedback | 1-2 years | Quality assurance and candidate feedback |
| Placed candidate records | Duration of employment + 7 years | Employment law, tax law, audit requirements |
| Background checks | Employment duration + 3-7 years | Compliance, legal requirements |
| Payroll & financial records | 7 years | Tax law, employment law (UK 6 years, US varies) |
| References & employment verification | 1-2 years | Recruitment purposes |
| Call recordings | 1-2 years | Quality control and training |
| Email & communication records | 1-2 years (marketing) / 7 years (employment/legal) | Quality assurance and legal protection |
| SMS & text communications | 1-2 years | TCPA compliance, record-keeping |
| SMS opt-in/opt-out records | 3 years (minimum TCPA requirement) | TCPA compliance and legal liability |
| Website cookies | As per Cookie Policy | Analytics, user experience, advertising |
| HR/employee records | Employment + 6-7 years | Employment law, tax law, audit |
| Complaint & dispute records | 6-7 years | Legal protection and evidence |

Deletion and Archiving

– Inactive candidates: If you have not engaged with HCV for 24+ months, we may archive or delete your profile
– Notification: We will notify you before deleting your profile and give you a grace period to request retention
– Right to deletion: You can request deletion of your data anytime (see “Your Rights” section)
– Legal holds: If your information is subject to legal proceedings or regulatory investigation, we will retain it until the matter is resolved

8. Data Security

How We Protect Your Information

Technical safeguards:
– Encryption: SSL/TLS encryption for all data transmitted over the internet to our website and platforms
– Database security: Password-protected databases with firewalls, intrusion detection, and access logging
– Multi-factor authentication: Required for employee and admin account access
– Regular backups: Encrypted backups stored securely and tested regularly
– Vulnerability scanning: Regular security scans and penetration testing

Organizational safeguards:
– Employee training: All staff handling personal data receive data protection and security training
– Background checks: Employees with data access undergo background checks
– Confidentiality agreements: All employees sign confidentiality and data protection agreements
– Least privilege access: Employees only access data necessary for their role
– Vendor oversight: Service providers are vetted, monitored, and required to maintain equivalent security

Physical safeguards:
– Secure facilities: Data is stored in secure, access-controlled facilities
– Office security: Workspaces are secured with locks, badges, and surveillance where appropriate

What You Can Do

– Strong passwords: Use a unique, complex password for your account (mix of uppercase, lowercase, numbers, symbols)
– Secure access: Never share your login credentials with anyone
– Report issues: Immediately report suspected data breaches or security issues to [email protected]
– Device security: Keep your device updated with security patches and antivirus software
– Shared devices: Always log out when using a shared computer; never check “Remember my password”

Security Limitations

We cannot guarantee absolute security. The internet and electronic communications are inherently not completely secure. Any transmission of data is at your own risk. While we implement reasonable security measures, we cannot promise that unauthorized access will never occur.

If we discover a data breach affecting your information, we will:
1. Assess the severity and risk to you
2. Notify you and relevant authorities within required timeframes (typically 72 hours under UK GDPR)
3. Provide guidance on protective steps you can take
4. Maintain a breach register for regulatory compliance

Report breaches to: [email protected] or call 0333 300 3362 (UK) / 800 290 6057 (US)

9. Your Rights and Choices

A. Right to Access (Subject Access Requests)

You have the right to request a copy of all personal information we hold about you.

– How to request: Email [email protected] with “SUBJECT ACCESS REQUEST” in the subject line, or submit a written request to our Data Protection Officer
– What to include: Your full name, contact details, and any reference numbers (application ID, candidate reference, etc.)
– Response time: UK: within 30 calendar days; US: within 45 days (California CCPA)
– Free for first request: No charge for your first request in a 12-month period; subsequent requests may incur a reasonable fee
– Format: We will provide the information in a clear, electronic format

B. Right to Correction and Update

You can correct or update your information anytime.

– Self-service: Update your profile directly through your account on our website
– Email request: Email [email protected] with details of what you want corrected
– We will: Confirm the correction and inform relevant parties (where legally necessary)

C. Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information in certain circumstances.

– When: We must delete your data if:
– It is no longer necessary for the purpose we collected it
– You withdraw consent (on which processing was based)
– You object to processing and we have no legal grounds to continue
– It was collected unlawfully
– It is required by law (e.g., GDPR)

– When we may refuse: We can retain data when:
– Necessary for our legal obligations (tax records, employment law, background checks)
– Necessary to establish, exercise, or defend legal claims
– There is a legal hold or ongoing investigation
– Required by law or regulatory authority

– How to request: Email [email protected] with “DELETE MY DATA” in the subject line
– Response time: Within 30 days; longer if legally necessary

D. Right to Restrict Processing

You can ask us to limit how we use your information.

Example: You can request that we:
– Stop sending marketing emails while retaining your profile for future recruitment opportunities
– Stop using your data for certain purposes while continuing to process it for others
– Limit processing of sensitive data while we investigate a concern

– How to request: Email [email protected] with “RESTRICT PROCESSING” in the subject line and specify what you want restricted
– Response: Within 30 days

E. Right to Object

You can object to certain types of processing.

– Marketing and direct marketing: You can object to promotional emails, SMS, phone calls, or other marketing
– Profiling: You can object to automated decision-making or profiling that produces legal effects
– Processing for other purposes: You can object to processing for purposes other than recruitment (e.g., marketing, analytics)

– How to object:
– Email: Click “unsubscribe” in marketing emails
– SMS: Reply “STOP” to any text message
– Written: Email [email protected] with “OBJECT TO PROCESSING” in the subject line
– Phone: Call [Your Phone Number]

F. Right to Data Portability

You can request your information in a portable, machine-readable format.

– What: We will provide your information in a common digital format (CSV, JSON, XML, etc.) that you can transfer to another service provider
– When: This right applies to information you provided to us or that was generated from your interaction with us
– How to request: Email [email protected] with “DATA PORTABILITY” in the subject line
– Response time: Within 30 days
– Cost: Free for reasonable requests

G. Right to Withdraw Consent

If we are processing your information based on your consent, you can withdraw that consent anytime.

This applies to:
– Marketing and promotional communications
– SMS and phone communications
– Background check processing (where consent is required)
– Use of cookies and tracking technologies
– Processing of sensitive data

– How to withdraw: Email [email protected] with “WITHDRAW CONSENT” and specify what you want to withdraw, or use the unsubscribe options in each communication

Note: Withdrawing consent does not affect the lawfulness of processing before you withdraw it.

H. Right to Lodge a Complaint

If you believe we are violating your data protection rights, you can lodge a complaint with the relevant authority.

For UK subjects (UK GDPR and DPA 2018):
– Contact: Information Commissioner’s Office (ICO)
– Website: www.ico.org.uk
– Email: [email protected]
– Phone: +44 303 123 1113

For EU subjects (EU GDPR):
– Contact: Your country’s data protection authority (e.g., CNIL in France, CIPA in Belgium)
– Website: Refer to your country’s data protection authority website

For US subjects (CCPA and state laws):
– California residents: California Attorney General, Consumer Privacy Bureau
– Contact: [email protected]

Important: You can lodge a complaint with a supervisory authority without prejudice to any other remedy. We also welcome direct contact to address your concerns.

I. Additional Rights Under Specific Laws

#### Under UK GDPR / UK DPA 2018:
– Right to access and request a copy of your data
– Right to erasure (“right to be forgotten”)
– Right to restrict processing
– Right to object to processing
– Right to data portability
– Rights related to automated decision-making and profiling
– Right to lodge a complaint with ICO

#### Under EU GDPR (if applicable):
– All rights under UK GDPR plus
– Additional protections under EU law

#### Under CCPA (California Residents):
– Right to know what information is collected
– Right to delete information collected
– Right to opt-out of the sale or sharing of personal information
– Right to non-discrimination for exercising your rights
– Right to correct inaccurate information
– Right to limit use and disclosure of sensitive personal information

#### Under CDPA and Other State Laws:
– Similar rights to CCPA where you reside

10. Cookies and Tracking Technologies

We use cookies and similar technologies to collect information about your browsing activity. For detailed information about:

– What cookies we use
– Why we use them
– How to manage your cookie preferences
– Third-party cookies

Please see our Cookie Policy at [hyperlink to Cookie Policy page].

Quick summary:
– We use cookies for website functionality, analytics, and marketing
– You can disable cookies in your browser settings
– Disabling cookies may limit your access to certain website features
– For targeted advertising opt-outs, visit the industry opt-out tools (Network Advertising Initiative, Digital Advertising Alliance)

11. Third-Party Links and Services

Our website may contain links to:
– Social media platforms (LinkedIn, Facebook, Twitter, etc.)
– Third-party job boards and career websites
– Partner websites and external services
– Vendor websites

Important: We are not responsible for:
– The privacy practices of these third parties
– The content on their websites
– How they collect, use, or share your information
– Compliance with data protection laws on their sites

Before providing information to any third party, review their privacy policy and terms of service. Your use of third-party services is governed by their terms and policies, not ours.

12. Children’s Privacy

Our services are not directed to children under the age of 16 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children.

If we discover that a child has provided us with personal information:
1. We will delete that information promptly
2. We will notify the parent or guardian
3. We will take steps to prevent further collection from that child

If you are a parent or guardian and believe a child has provided us with information, contact us immediately at [email protected].

13. Employment Relationship Information

If You Are an HCV Employee

This privacy policy supplements our Employee Data Policy and Employee Handbook. Additional information:

– We process your employment data under employment law, tax law, and health and safety law
– You have additional rights under employment law and data protection law
– Personal data collected for employment is processed separately from recruitment data
– You can contact our HR department at [email protected] for employment-specific privacy questions
– Your employment data is subject to reasonable monitoring for business purposes (email, system access, calls)

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to:
– Reflect changes in our business practices
– Comply with new legal requirements
– Improve clarity and transparency
– Address emerging technologies and privacy issues

Notice of Changes

– How we notify: We will post the updated policy on our website and notify you via email of material changes
– Effective date: Changes take effect on the date posted or on a future date we specify
– Your acceptance: Continued use of our services after the effective date of changes constitutes your acceptance of the updated policy
– Right to review: You can always access the current version on our website

Last update: Changes are tracked on this page with the updated “Last Updated” date.

15. Contact Us

General Questions

For questions, comments, or concerns about this Privacy Policy or our privacy practices:

Email: [email protected]
Phone: UK: 0333 300 3362 / US: 800 290 6057
Response time: We respond to all inquiries within 30 days

Data Protection Officer

For privacy-specific requests (subject access, data deletion, complaints):

Name: Philip Ringrow
Email: [email protected]
Phone: UK: 0333 300 3362 / US: 800 290 6057
Mailing Address:

Human Capital Ventures Limited
Challenge House, Sherwood Drive
Milton Keynes, MK3 6DP
United Kingdom

Human Capital Ventures Inc
755 W Big Beaver Road
Troy, Michigan 48359
United States

Data Subject Rights Requests

Submit formal requests for:
– Subject Access Request (right to access)
– Right to erasure
– Right to restrict processing
– Right to data portability
– Complaints about privacy practices

Submit to: [email protected] with the type of request in the subject line

Required information:
– Your full name
– Email address
– Phone number
– Reference number (if applicable)
– Clear description of your request
– Supporting documents (if applicable)

Response timeframe:
– UK/EU: 30 calendar days
– US (CCPA): 45 days
– Extensions: We may extend by 45-60 days if the request is complex or voluminous

16. Regulatory Compliance

Human Capital Ventures complies with the following laws and regulations:

UK and Europe:
– UK Data Protection Act 2018
– UK General Data Protection Regulation (UK GDPR, retained law)
– EU General Data Protection Regulation (GDPR) — for EU data subjects
– Telephone Preference Service (TPS)
– Privacy and Electronic Communications Regulations (PECR)
– Employment Rights Act 1996

United States:
– Gramm-Leach-Bliley Act (GLBA)
– Telephone Consumer Protection Act (TCPA)
– Fair Credit Reporting Act (FCRA) — for background checks
– California Consumer Privacy Act (CCPA)
– California Privacy Rights Act (CPRA)
– Colorado Data Privacy Act (CPA)
– Connecticut Data Privacy Act (CTDPA)
– Virginia Consumer Data Protection Act (VCDPA)
– Equivalent state privacy laws
– Equal Employment Opportunity Commission (EEOC) requirements
– Office of Foreign Assets Control (OFAC) sanctions requirements

Canada:
– Personal Information Protection and Electronic Documents Act (PIPEDA)
– Canada’s Anti-Spam Legislation (CASL)
– Provincial privacy laws (Ontario, Quebec, etc.)

General:
– Employment law in all jurisdictions where we operate
– Immigration and work authorization requirements
– Money laundering and sanctions compliance
– Background check and pre-employment screening regulations

17. Glossary of Terms

– Data controller: Organization that determines the purposes and means of personal data processing (HCV)
– Data processor: Organization that processes data on behalf of a controller
– Personal data: Any information that identifies or could identify an individual
– Sensitive data: Special categories of data (health, criminal records, ethnicity, etc.) requiring higher protection
– Processing: Any operation on personal data (collection, storage, use, sharing, deletion, etc.)
– GDPR: General Data Protection Regulation (UK and EU law)
– CCPA: California Consumer Privacy Act
– TCPA: Telephone Consumer Protection Act (US law regulating calls and SMS)
– 10DLC: 10-Digit Long Code (registered phone number for business SMS)
– SMS: Short Message Service (text message)
– Opt-in: Giving permission before we use your data for a specific purpose
– Opt-out: Requesting to stop receiving communications or using data
– Third-party: An organization other than HCV and the data subject
– Standard Contractual Clauses (SCCs): Approved legal mechanism for transferring data between countries

End of Privacy Policy

Implementation Notes for Phil

Placeholder Information to Add:

1. HCV Limited (UK):
– Registered Address: [Your UK office address]
– Registration Number: [UK Companies House number]
– DPO name and contact: [Your DPO details or designated person]

2. HCV Inc (US):
– Registered Address: [Your US office address]
– State of incorporation: [e.g., Delaware, New York]
– Privacy contact name/title: [Designated privacy contact]

3. General Contact:
– Email: [email protected] ✅ (confirm this is correct)
– Phone: [Your UK and US phone numbers]
– Website contact form: [Link if applicable]

4. EU Representative (if required):
– If you process EU data, you may need an appointed EU representative
– Include name, address, contact details

Next Steps:

Option 1 – Publish Immediately:
– Fill in the blanks above
– Upload directly to WordPress via API

Option 2 – Legal Review First:
– Have a data protection lawyer review (recommended for compliance)
– Include any jurisdiction-specific adjustments
– Then publish

Option 3 – Get Legal Input:
– Contact a data protection firm specializing in UK/US staffing business
– They can review for your specific circumstances
– Should take 1-2 weeks

Why This Version is Better for Your Business:

✅ Dual jurisdiction (UK Limited + US Inc)
✅ Staffing/recruitment focused (not Jobshare platform)
✅ 10DLC + TCPA compliance ready for Zoom Phone registration
✅ SMS opt-in/opt-out fully documented for carrier compliance
✅ Cross-border data transfer clarity (UK-US flows)
✅ Candidate, employer, and VA client perspectives covered
✅ Background check transparency (important for candidates)
✅ Retention schedules clear (7-year employment records)
✅ All modern privacy laws (UK GDPR, CCPA, CASL, TCPA)
✅ Clear DPO and rights request contacts

Ready to Proceed?

1. Fill in the placeholders (contact details, registration numbers, etc.)
2. I can upload directly to WordPress using the API credentials we set up
3. Or send for legal review first

Which would you prefer?