Privacy Policy

This privacy policy explains how Darter Ltd collects, uses, stores and protects personal data when people use our website, contact us, apply for a role with us, or otherwise interact with us.

Darter Ltd is committed to handling personal data lawfully, fairly and responsibly. We only collect personal data where we have a proper reason to do so, and we only use it for clear and legitimate purposes.

1. Who we are

Darter Ltd is a company registered in England and Wales.

  • Company name: Darter Ltd

  • Company number: 12090480

  • Registered office: 86-90 Paul Street, London, EC2A 4NE

  • Privacy contact:privacy@darter.co.uk

For the purposes of UK data protection law, Darter Ltd will usually be the controller of personal data collected through this website, through our recruitment process, and through general business contact with us. This means we decide why and how that personal data is used.

In some client delivery contexts, we may act as a processor or sub-processor on behalf of a client. Where that applies, the handling of client data will be governed by the relevant client contract, statement of work, data processing terms or other agreed contractual arrangements.

2. Personal data we collect

The personal data we collect depends on how you interact with us.

Through our website, we currently collect personal data through two routes:

  • Contact form: name and email address.

  • Job application form: name, email address and CV.

We may also collect limited personal data through normal business interactions, such as emails, meetings, proposals, contracts, supplier discussions, client delivery activity, referrals and recruitment conversations.

This may include:

  • name, job title, employer and contact details;

  • records of enquiries, correspondence, meetings and contractual discussions;

  • website and technical data, such as IP address, browser type, device information and cookie information;

  • recruitment information, as set out in the candidate privacy notice below;

  • information needed to manage client, supplier, security, legal or contractual obligations.

We do not intentionally collect more personal data than we need.

3. How we collect personal data

We may collect personal data:

  • directly from you, including when you complete a website form, email us, call us, apply for a role or attend an interview;

  • through our website, which may use cookies, server logs and similar technologies;

  • through business interactions, including meetings, referrals, introductions, proposals and contracts;

  • from third parties, including clients, suppliers, recruitment agencies, head-hunters, referees, professional networking platforms and publicly available sources where appropriate.

4. How we use personal data

We use personal data to:

  • respond to enquiries;

  • operate, maintain and secure our website;

  • manage client, supplier and partner relationships;

  • prepare proposals, contracts and commercial documentation;

  • deliver consultancy services;

  • manage meetings and correspondence;

  • recruit, assess and select candidates;

  • carry out pre-employment checks where relevant;

  • comply with legal, regulatory, tax, accounting, contractual and security obligations;

  • protect our business, clients, people, systems and data;

  • manage disputes, complaints, claims or investigations.

We will not use personal data in ways that are incompatible with the purpose for which it was collected, unless permitted or required by law.

5. Lawful bases for using personal data

We rely on one or more lawful bases under UK data protection law, depending on the circumstances:

  • Contract, where processing is necessary to enter into or perform a contract.

  • Legitimate interests, where processing is necessary for our business interests and those interests are not overridden by your rights.

  • Legal obligation, where processing is necessary to comply with the law.

  • Consent, where we ask for consent for a specific purpose, such as optional cookies or optional equality monitoring data.

Our legitimate interests may include running and developing our business, responding to enquiries, managing client and supplier relationships, recruiting new colleagues, protecting our systems, and maintaining appropriate records.

6. Special category and criminal offence data

Special category data includes information about health, disability, race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life, sexual orientation, genetic data and biometric data used for identification.

We do not seek to collect special category data through our website unless there is a clear and lawful reason to do so.

In recruitment, we may process limited special category data where necessary, for example to make reasonable adjustments, monitor equality and diversity where lawful, or comply with employment law obligations. Where we collect equality, diversity or inclusion information, we will only do so where necessary, on an optional basis, anonymously where possible, and separately from recruitment decision-making.

We may process criminal offence data only where lawful and necessary, including where required as part of BPSS or Security Clearance checks for relevant roles.

7. Sharing personal data

We may share personal data where necessary and lawful with:

  • Darter employees, directors, contractors and advisers who need access for a proper business purpose;

  • clients, suppliers, partners and subcontractors where needed for business or delivery purposes;

  • recruitment agencies, head-hunters, referees and previous employers where appropriate;

  • providers of our approved business systems, including IT, cloud, hosting, website, form, document management, security and communications services;

  • insurers, accountants, lawyers, auditors, banks and other professional advisers;

  • government bodies, regulators, law enforcement agencies, courts or other authorities where required.

We do not sell personal data.

8. Where personal data is stored and processed

Darter stores personal data in approved business systems and aims to use UK-based storage and processing for Darter-controlled business records where available and appropriate.

We do not intentionally transfer personal data outside the UK unless this is necessary for a lawful business purpose, required by a supplier or service provider, required by a client or legal process, or otherwise permitted by law.

Where personal data is transferred outside the UK, we will take steps required by law to protect it. This may include using adequacy regulations, approved contractual safeguards, supplier due diligence and other appropriate protections.

9. Data security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

These measures may include access controls, authentication, device management, encryption where appropriate, security monitoring, supplier controls, staff guidance, backup arrangements and restrictions on access based on business need.

Candidate CVs and recruitment records are stored in Darter’s approved business systems, including secure document management locations where relevant.

10. Data retention

We keep personal data only for as long as needed for the purposes for which it was collected, including legal, regulatory, tax, accounting, contractual, operational and security requirements.

Where personal data is no longer needed, we will delete it, anonymise it or securely archive it.

Specific retention information for candidate data is set out below.

11. Your rights

Depending on the circumstances, you may have the right to:

  • request access to your personal data;

  • request correction of inaccurate or incomplete personal data;

  • request deletion of your personal data;

  • request restriction of processing;

  • object to processing based on legitimate interests;

  • request transfer of your personal data where applicable;

  • withdraw consent where processing is based on consent;

  • complain to the Information Commissioner’s Office.

To exercise your rights, contact privacy@darter.co.uk.

You also have the right to complain to the Information Commissioner’s Office, the UK supervisory authority for data protection. More information is available on the https://ico.org.uk.

12. Cookies and website technology

Our website may use cookies and similar technologies to operate, secure and measure use of the website.

Cookies may include:

  • strictly necessary cookies, which are required for the website to operate;

  • analytics or performance cookies, which help understand website use;

  • functionality cookies, which remember choices you make.

Where required by law, we will ask for consent before setting optional cookies. You can manage cookies through your browser settings and any cookie controls provided on our website.

13. Adults only

Our website and recruitment process are intended for people aged 18 or over. We do not knowingly collect personal data from children through the website or recruitment process.

14. Third-party links

Our website may contain links to third-party websites, services or content. We are not responsible for the privacy practices of those third parties.

15. Changes to this policy

We may update this privacy policy from time to time. The latest version will be published on our website.

Candidate and Recruitment Privacy Notice

1. Purpose of this notice

This candidate and recruitment privacy notice explains how Darter Ltd collects, uses, stores and shares personal data about candidates and prospective candidates.

It applies where you apply for a role with Darter, are considered for a role, are introduced to us by a recruiter or contact, are contacted by us about a possible role, or attend an interview or recruitment discussion.

2. Candidate data we collect

We currently recruit through LinkedIn and Microsoft Forms. Candidate CVs and related recruitment records are stored in Darter’s approved business systems, including secure document management locations where relevant.

We may collect and use:

  • name, email address, phone number and professional profile links;

  • CV, application form responses and covering information;

  • employment history, education, qualifications and professional experience;

  • interview notes, assessment information, feedback and decision records;

  • referral and source information;

  • reference information after a conditional offer has been made;

  • right to work, BPSS and SC information where required;

  • optional equality, diversity and inclusion information, collected anonymously where possible and separately from recruitment decision-making;

  • health or adjustment information where needed to make reasonable adjustments;

  • publicly available professional information, such as LinkedIn profiles, professional biographies, published work or public portfolios.

3. How we collect candidate data

We may collect candidate data:

  • directly from you;

  • from your CV, application form, covering information or interview;

  • from LinkedIn and other professional networking platforms;

  • from recruiters, head-hunters or other recruitment partners;

  • from Darter employees, directors, contractors or professional contacts who refer or recommend you;

  • from referees after a conditional offer has been made;

  • from right to work, BPSS or security clearance processes where required for a role.

4. Why we use candidate data

We use candidate data to:

  • receive, assess and manage applications;

  • communicate with you about your application;

  • assess your skills, experience, qualifications, motivation and suitability;

  • organise interviews and recruitment discussions;

  • compare candidates fairly and consistently;

  • make recruitment decisions;

  • check references after a conditional offer has been made;

  • verify right to work after an offer has been made;

  • undertake BPSS and Security Clearance checks where relevant after a provisional or conditional offer has been made;

  • consider reasonable adjustments;

  • manage offers, contracts and onboarding;

  • keep appropriate recruitment records;

  • comply with legal, regulatory and client obligations;

  • protect Darter in the event of disputes, complaints or claims.

5. Lawful bases for candidate processing

We may rely on:

  • Legitimate interests, including assessing candidates, managing recruitment, maintaining recruitment records and hiring people with the right skills and experience.

  • Contract, where processing is necessary to take steps before entering into an employment, worker, contractor or consultancy agreement.

  • Legal obligation, where processing is necessary to comply with employment, immigration, security or other legal requirements.

  • Consent, where required for a specific optional activity, such as optional equality monitoring data where consent is the appropriate basis.

  • Special category conditions, where we process special category data for employment law obligations, equality monitoring, reasonable adjustments or other lawful reasons.

We do not normally rely on consent for core recruitment decisions.

6. Recruitment checks

Some Darter roles involve work with Defence, national security, government, secure environments or sensitive client contexts.

After a provisional or conditional offer has been made, we may carry out or initiate:

  • identity checks;

  • right to work checks;

  • employment history checks;

  • qualification or certification checks;

  • reference checks;

  • BPSS checks;

  • Security Clearance checks where required for the role or client work.

7. Public profile checks

We may review publicly available professional information, such as LinkedIn profiles, professional biographies, published work, professional portfolios or public company information, where relevant to the role.

We will not carry out intrusive checks into your private life.

8. AI and automated decision-making

We do not currently use AI tools to make or support recruitment decisions.

We do not make recruitment decisions based solely on automated processing that produces legal or similarly significant effects for candidates.

If we introduce AI-enabled recruitment tools in future, we will review the data protection risks first and update this notice where necessary.

9. Who candidate data is shared with

We may share candidate data with:

  • Darter employees, directors, contractors and interviewers involved in recruitment;

  • recruitment agencies, head-hunters or talent partners;

  • referees and previous employers after a conditional offer has been made;

  • right to work, BPSS or security clearance providers where relevant;

  • clients or government bodies where needed for a role, clearance, onboarding or client-mandated requirement;

  • providers of our approved business systems, including IT, cloud, email, form and document management services;

  • legal, HR, payroll, accounting, insurance and professional advisers;

  • regulators, courts or government authorities where required.

10. Candidate data retention

If your application is successful, relevant recruitment information will become part of your personnel or contractor record and will be retained in line with our employment, contractor and HR retention approach.

If your application is unsuccessful, we will normally retain recruitment records for 12 months after the recruitment process ends, unless a longer period is needed for legal, regulatory, client, security, dispute or legitimate business reasons.

We do not use a general candidate talent pool for longer-term future recruitment unless this is explained separately.

You can ask us to delete your candidate record by contacting privacy@darter.co.uk. We may retain limited information where needed for legal, audit, security or record-keeping purposes.

11. Candidate rights and contact

Candidates have rights under UK data protection law. These may include the right to access, correct, delete, restrict or object to the use of personal data, and the right to withdraw consent where consent is used.

To exercise your rights, contact:

Darter Ltd
86-90 Paul Street
London
EC2A 4NE

Email:privacy@darter.co.uk

You also have the right to complain to the Information Commissioner’s Office. More information is available on the https://ico.org.uk.

Last updated: 12 May 2026