Square One Resources Limited (“Square One”) is committed to protecting and respecting your privacy.

This policy sets out the basis on which your personal data will be processed by us.  Please read the following carefully to understand our views and practices regarding your personal data and how it will be treated by us.

For the purpose of the General Data Protection Regulations (the “Regulations”) the data controller is: Square One Resources Limited (company registration number 03110911) of Square One Resources, Mindspace, 9 Appold Street, EC2A 2AP.

Square One are not required by the GDPR to have a Data Protection Officer, however, for any queries relating to your data, please direct your queries to Square One’s Data Protection team. The team are contactable through the dedicated email address: (or if you are an employee – just walk over or give us a call!).



The core data privacy principles below are the foundation of this policy:

Lawfulness, fairness and transparency

Square One shall process personal information fairly, and in accordance with this policy and applicable laws.

Data Accuracy

Square One will take all reasonable steps to ensure that personal information is accurate and complete and will rectify or erase any incorrect personal information without delay.

Purpose Limitation

Square One will ensure that personal information collected is for specified, explicit and legitimate purposes and only to the extent necessary to fulfil those purposes.

Data Retention

Square One will only keep personal data for as long as is necessary to fulfil the purposes for which it was collected or to comply with applicable law/for tax purposes/for Government or regulatory requirements.

Data Security

All personal information collected will be processed in a secure manner.


IP Addresses and Cookies

We may collect information about your computer including where available your IP address, operating system and browser type for system administration. This is data about our users’ browsing actions and patterns and does not identify any individual.

For the same reason we may obtain information about your general Internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service and analyses our traffic. They enable us:

  • to estimate our audience size and usage pattern;
  • to store information about your preferences and so allow us to customise our site according to your individual interests;
  • to speed up your searches;
  • to recognise you when you return to our site.

These cookies allow us to distinguish you from other users of our website, which helps us to provide you with a good experience when you browse our website and also allows us to improve our site. The cookies we use are "analytical" cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the site when they are using it. We do not share the information the cookies collect with any third parties.

A breakdown of the list of cookies that our website uses is as follows:

  • Google analytics - used for tracking and monitoring the behaviour of users on the website to understand user experience and how users interact with the website.
  • Google tag manager - a container used to house all additional tracking scripts added to the site to understand user behaviour and to help with page speed.
  • Cookie to remember pagination when on the jobs/blogs - remembers a user’s pagination when visiting job or blog listing pages, so your place and search terms are retained.

You may refuse to accept cookies by activating the setting on your browser, which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our web site.



This policy is intended to be relevant to those individuals that are looking to be/are/were employees of Square One. If this is not you, please refer to the relevant policy.

If this is the relevant policy for you, Square One will be acting as the employer and we will need to take those reasonable and legal steps to ensure that we comply with our obligations in that capacity. Our basis for “processing” your data will either be with your consent or in accordance with our legal obligations or legitimate business interests as your employer. These obligations will differ depending on what stage we are at with regard to your employment, but for reference, some categories have been set out below:



  • In order to consider you for a position at Square One, we will need certain pieces of information from you at different stages of the process.
  • At the initial stage (submission), information that we may process will include your contact details, CV and other information relating to your suitability for the particular role. This will have been provided to us with your consent. Without your consent to be submitted for a role with Square One, we will not accept any of your data from third parties (or you).
  • If suitable, then we will be trying to get you in for an interview as soon as possible!
  • If successful, we will need to send you a contract of employment and we may require further information from you, such as your address, email address and passport details.
  • If you no longer wish to be considered for a role with Square One at any stage during these initial stages, you have the right to withdraw your consent and you can advise us how you want to handle any data we may hold (for example, if you simply decided that now wasn’t the right time to join, then we could keep your details for as long as you request, and contact you again in the future).
  • Should you be unsuccessful this time with your application and you have not withdrawn your consent to us holding your data, we will retain your details for a period of approximately 5 years in the event that another suitable role becomes available.



  • Firstly, congratulations and welcome to the family!
  • You will have received a contract of employment together with a number of other standard documents that all employees are provided with.
  • We will now require additional information from you either to comply with legal obligations on us as an employer or where it is reasonable for us to process such information in light of the employer-employee relationship. Some examples of such information are:
    • A copy of your passport in line with local requirements.
    • Your bank details and national insurance number.
    • HR related records (appraisals, file notes) – for performance tracking to support your journey up the ranks!
    • Medical records – in the event of an accident at work.
    • Emergency contact details.
  • Due to the fact that we may engage with other parties for certain aspects of your employment (such as pensions, insurance, etc.), we may need to forward relevant data to those parties. For the avoidance of doubt, we will only transfer data if it is reasonable and relevant to do so.
  • Some information may be provided with your consent, but we will highlight these sections to you, which may include:
    • Next of kin details.
    • Diversity questionnaires.
    • Dietary requirements (for the Christmas party for example!!)



  • Where the employment relationship is terminated for whatever reason, most of your data will be deleted within a reasonable period of time, which in the ordinary course will be 12 months from such termination.
  • Some data will be retained for longer, such as payment history, in order to comply with HMRC guidelines. At the time of drafting, guidelines would suggest that such data should be retained for 7 years.
  • Some data may also be retained for a longer period of time in order to further legitimate business interests (for example, correspondence between you and a client or third parties). At the time of drafting, our policy is to retain such data for 6 years, unless there are extreme reasons for a longer period.
  • Should there be additional grounds (for example, if there is an ongoing discussion with a client about a placement that you had made and the client is querying the services that the contractor provided) for a longer period of retention, then we will advise you of the same where this is reasonably practicable.


We will not transfer your data outside of the EEA, unless this is required by a third party, for example pension company or gym (as applicable). If this is the case, your prior consent will be obtained before any such transfer of your data. Where this does become necessary, we will inform you first. For the avoidance of doubt, we will only transfer your data outside of the EEA where we have made sure that appropriate safeguards are in place, including relevant contractual assurances being provided by the recipient in line with the Regulations. If required, we can provide you with copies of such assurances from the recipient.


Existence of data subjects rights

Under the Regulations, there are additional rights afforded to data subjects (i.e. you). For example, you may have the right:

  • To be informed (which this Policy seeks to address);
  • Of access to your data that we process and a copy thereof;
  • To request rectification if data we hold is inaccurate;
  • To be forgotten (subject to conditions);
  • To request that the processing of data is restricted (subject to conditions);
  • To request data be provided to you in a particular format (subject to conditions);
  • To object to the processing of data (subject to conditions).


Automated decision making.

We are particular with our selection process. We take all reasonable steps to ensure that we have the right person join the team and will not rely on an “automated process” to determine who that is. We have a dedicated talent acquisition team that will review applications/CV’s/hand-written letters rather than a search engine.


Right to lodge a complaint

Please be assured that we will do all we can to ensure that your data is treated carefully, in accordance with this Policy and the Regulations. Should you feel that we have not done so at any stage, please let us know so that we can make the necessary adjustments or clarification. At first instance, if you send an email to, we will aim to deal with your concerns as a matter of urgency. Should you feel that we have still not dealt with your concerns, or if you feel that it is serious enough, you have the right to make a complaint to the Information Commissioner. For further details, please see