Privacy Policy


We are Acolyte Resource Group Limited, a company incorporated in England and Wales with registered number 07183288, whose registered office is at 27 Surrey Street, Arundel BN18 9DT (“Acolyte”).

We provide recruitment and insight services through our web-accessible application (“Application”). We are the controller of our clients’ and candidates’ data to the extent it pertains to natural persons. Our clients are also controllers of the candidate data we share with them for the purpose of finding the best fit person for their vacancy.

This policy (together with our terms of business where applicable and any other documents referred to in them) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. It applies to our clients, our candidates, our website visitors and to other individuals whose data we may process, except for our employees (“users” or “you”).

We have commissioned a Data Processing Impact Assessment, and we are confident that we process personal data in a fair, legitimate and transparent way.

We may change this policy from time to time, so please check our website occasionally for any updates. If we make material changes in the way we use your personal information, we may notify you by posting a notice on our website or sending you an email at the email address provided at the time of registration.


User privacy and data protection are human rights and we are committed to ensuring your privacy is protected and secure.

  • We have a duty of care to our users in how we use and process their data.
  • We do not engage in spamming.
  • We will never sell, lease or otherwise distribute or make public your personal information unless we have a lawful basis, such as where you give us your permission or there is a legal obligation to do so.
  • The data you provide to us will only be used in accordance with this privacy policy.



Our website, along with our business and internal computer systems are designed to comply with all applicable data protection and privacy legislation in force from time to time in Europe, UK and any country where candidates are based, including but not limited to, the GDPR, the UK GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended.


The categories of personal data we collect and the purposes we use it for are detailed below.


Should you choose to contact us using the contact form on our Contact page or using an email link, we will gather the following data:

  • Name
  • Contact number
  • Email address
  • Company
  • Any other information you wish to share with us


Should you speak with us by telephone, then we may record the call for training and monitoring purposes.

The data that you supply may be used for:

  • Fulfil our contractual obligations or any other request made by you
  • Internal record keeping
  • To help us improve our products and services


If you provide your data, we may:

  • Periodically send promotional emails about new products, special offers or other information we think you may find interesting using the email address you provided
  • From time to time, use your information to contact you for market research purposes using email, telephone or postal mail




We process the following data from candidates who respond to recruitment campaigns which we undertake for clients:

  • Full name
  • LinkedIn profile
  • CV / Employment profile data, including:
  • Current job title
  • Current employer
  • Current location
  • Key skills
  • Previous positions
  • Education
  • Professional achievements
  • Salary & remuneration
  • Notice period
  • Candidate responses and sentiment to client opportunities

This data is processed in order to assess the appropriateness of the candidate for the job and communicate with the candidate during the process. This data is available on the platform and is accessible by our clients.

In addition, we collect the following data in relation to candidates, and this data is presented to clients on an aggregated basis only, in order to provide data on the diversity of the talent market. This data is processed both in accordance with this privacy policy and in accordance with our <<Special Categories Data Policy>>.

  • Age & date of birth
  • Gender
  • Ethnicity
  • Sexual orientation
  • Disability

When you first visit this website we ask for your consent to use cookies. Our website uses cookies and similar technologies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our website. You can choose not to accept cookies but please be aware that some of the services you request may not be available. If you delete your cookies or clear your cache, you may be asked to give your consent


again. This is because a cookie is usually used to remember the choice you made the first time.

If you wish to revoke consent for the use of cookies from this website, you can either delete the cookies in your browser’s memory or clear your cache.

If you wish to prevent cookies being set before you visit this website or most other websites, you can set your browser to block cookies.  Most browsers allow you to do this in their settings.

If you would like to know more about cookies, please visit the ICO website.


Like most websites, this site uses Google Analytics (GA) to track user interaction.  We use this data for statistical analysis purposes only, to determine the number of people using our site, better understand how they find and use our web pages and to see their journey through the website.

GA records data such as your IP address, geographical location, device, internet browser and operating system. The website uses various other cookies as well, and we consider Google and other cookie developers to be third party data processors (see section 7 below). A full list of cookies is available in our privacy policy


We process our clients’ data for the performance of the contract that we have entered into for the provision of our services, and/or in order to take steps to enter into the contract.

We process candidate data based on our legitimate interest. We have undertaken the relevant <<Legitimate Interest Assessment>> to demonstrate that our compelling legitimate interest overrides the interests or the fundamental rights and freedoms of the affected data subjects.

We also rely on our legitimate interests to process website analytics for the purposes of analysing website traffic, enhancing website performance, and for cybersecurity and/or error tracking purposes.

Disability, sexual orientation, age, gender and ethnicity data are processed for diversity and inclusion purposes. We only process disability and sexual orientation data when the candidates voluntarily disclose it to us as they move through the


recruitment process. Age and gender data are processed relying on legitimate interest and ethnicity data are processed relying on substantial public interest. None of this data is used to make recruitment decisions with respect to a particular candidate, and it is only ever disclosed on an aggregated basis. We hold and process this data in accordance with our<<Special Categories of Data Policy>>.

We may ask for your consent in other cases where we process your data. Such consent can be revoked at any time by contacting us at

We may also process your data as required to comply with a legal or regulatory obligation.


Our website may contain links to other websites of interest.  If you use these links to leave our site, we have no control over that other website and are not responsible for the protection and privacy of any information you provide while visiting other websites.  Our privacy policy only pertains to the Acolyte Resource Group website.


We do not rent or sell your personal information to anyone without your explicit consent, but, subject to the need to perform the contract with you based on the contract you enter with us and our legitimate interests, we may share your personal information in the ways described below:

  • Our clients. We share candidate data with our clients as we move through the recruitment process in order to select the most suitable candidate for the vacancy. Within the Application, each client has access to fields of personal data for each candidate which are appropriate for the assessment of their suitability for the role they are applying for, and only where the candidate has expressed interest in the role. We also share personal data gathered through organisational research, as part of the intelligence services we offer to clients;
  • Our third-party service providers who perform functions on our behalf in connection with the operation of our business such as IT service providers, including cloud storage, analytics and communications providers, and system administrators or third parties who host and manage data;
  • Analytics, CRM and other software that assist us in the communication with you and the improvement and optimisation of our website;
  • Any other third parties for the purpose of enabling the services contracted to us by clients:


  • Third parties if we are required to do so by law, or if we believe that such action is necessary to: (a) fulfil a government, or regulatory authority request; (b) conform with the requirements of the law or legal process; (c) protect or defend our legal rights or property, our websites or clients;
  • Any other third parties with your express consent.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.


The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), where the laws on processing personal data may be less stringent than in your country. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, by ensuring at least one of the following safeguards is implemented:

  • Transferring your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
  • Entering into specific contractual terms with the overseas data processor which have been approved by the European Commission and which give personal data the same protection as within the EEA.

For further information on the safeguards used, please contact us at


We retain personal information for as long as required for the purposes for which it is processed or as otherwise required by applicable law, and do so in accordance with our <<Data Retention & Archiving Policy>>.





Under the EU General Data Protection Regulation (GDPR)and the UK GDPR, you are entitled to certain rights in relation to our handling of your personal data, such as the rights of access, rectification and erasure, as well as the right to make a complaint about the way we handle your data.   Please contact the Information Commissioner (or equivalent in your country) for further information.

Should you wish to exercise any of your rights, please contact us at


For further information about our Privacy Policy or our processing of data about you, please contact our Data Protection Officer. Our DPO contact details are detailed below:

Attn:  Data Protection Officer
Aphaia Ltd

The Brew
Eagle House
163 City Road, London,
DPO Telephone: +44 20 3917 4158

Email address: