Privacy Policy

Last updated: 12/01/2026

This Privacy Policy explains how Osprey Talent Solutions Ltd (“we”, “us”, or “our”) collects, uses, stores, and protects personal data when you use our website www.ospreytalent.co.uk (the “Website”).

We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable UK data protection laws.

1. Who We Are (Data Controller)

For the purposes of data protection law, Osprey Talent Solutions Ltd is the data controller.

Registered address: The Oaks, Beech Park, West Hill, Ottery St Mary, Devon EX11 1UQ

Email: charlotte@ospreytalent.co.uk

If you have any questions about this Privacy Policy or how we handle your data, you can contact us using the details above.

2. Personal Data We Collect

We may collect and process the following types of personal data:

  • Contact information, such as your name, email address, phone number, or other details you choose to provide when contacting us or submitting forms on the Website.
  • Communications, including messages or enquiries you send to us.
  • Technical data, such as IP address, browser type, operating system, and usage information (collected via cookies or similar technologies).

We do not intentionally collect special category data (such as health, biometric, or religious information).

3. How We Collect Personal Data

We collect personal data when:

  • You voluntarily provide it by completing a contact form, subscribing to updates, or otherwise communicating with us.
  • You use or interact with the Website (through cookies and similar technologies).

4. How We Use Your Personal Data

We use personal data for the following purposes:

  • To respond to enquiries and communicate with you.
  • To provide information or services you request.
  • To operate, maintain, and improve the Website.
  • To keep internal records and manage our relationship with you.
  • To comply with legal or regulatory obligations.

5. Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases to process personal data:

  • Consent – where you have given clear consent for us to process your personal data for a specific purpose.
  • Legitimate interests – where processing is necessary for our legitimate interests, provided those interests are not overridden by your rights.
  • Legal obligation – where processing is necessary to comply with a legal requirement.

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, in line with the UK GDPR storage limitation principle.

Our typical retention periods are:

  • General website enquiries and contact forms: retained for up to 12 months from the date of last contact.
  • Client contact details and engagement records: retained for up to 6 years after the end of the business relationship.
  • Candidate personal data (including CVs and recruitment-related correspondence): retained for up to 12 months from the last meaningful contact, unless you consent to a longer retention period or earlier deletion is required.
  • Unsuccessful candidate data for specific roles: retained for 12 months to allow us to respond to any recruitment-related queries or claims.
  • Legal, financial, and contractual records: retained for 6 years in accordance with legal and regulatory obligations.

Personal data will be securely deleted or anonymised once the relevant retention period expires.

7. Sharing Your Personal Data

We do not sell your personal data.

We may share personal data with:

  • Trusted service providers who support our Website or communications (such as hosting or email providers).
  • Professional advisers (such as legal or accounting advisers), where necessary.
  • Public authorities, where required by law.

All third parties are required to respect the security of your personal data and to treat it in accordance with the law.

8. International Data Transfers

If any personal data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses, in accordance with UK GDPR.

9. Data Security

We have implemented appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or alteration.

However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

10. Your Data Protection Rights

Under UK data protection law, you have the right to:

  • Access your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request erasure of your personal data (“right to be forgotten”).
  • Object to or restrict processing of your personal data.
  • Request data portability.
  • Withdraw consent at any time, where processing is based on consent.

To exercise any of these rights, please contact us using the details in Section 1.

11. Cookies

Our Website may use cookies and similar technologies to improve functionality and user experience.

For more information, please see our Cookie Policy.

12. Third-Party Links

The Website may contain links to third-party websites. We are not responsible for the privacy practices or content of those third-party sites.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date.

14. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

  • Website: https://www.ico.org.uk
  • Telephone: 0303 123 1113

We would appreciate the opportunity to address your concerns before you contact the ICO.

Scroll to Top