Eduvocation Ltd (trading as MyNewTerm) (the 'Company', 'we', 'us' or 'our') has created this privacy policy in order to demonstrate our firm commitment to privacy.

Our privacy policy will inform you as to how we collect, store, use and share your personal data only as it might be needed for us to deliver to you our products, services, and websites (our ‘Services’) and tell you about your privacy rights and how the law protects you. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR).

The Company is a data controller for the purposes of the UK GDPR when we collect and use information about you for our own purposes or when you use the platform speculatively to browse vacancies without applying to a potential employer.

When you are using the MyNewTerm applicating tracking and recruitment platform whether as a candidate applying for jobs, referee, or an employer (‘Services’) we are acting as a data processor for the purposes of the UK GDPR.

The Company does not approve or endorse the employers which hold an account with us. You should note that employers who use our software to access the Services will be the data controller of your personal information for the purposes of UK GDPR. We are not responsible for the privacy practices of those establishments, and you are advised to check their privacy policies so you are satisfied they will use your personal data correctly.

Our details

• We are: Eduvocation Ltd (trading as MyNewTerm)
• Registered in England and Wales with company number: 9678975
• Address: MyNewTerm, Suite 10, Enterprise House, Wrest Park, Silsoe, Bedfordshire, MK45 4HR
• Information Commissioner's Office (ICO) Registration Number: A8348058
• You can contact our Data Protection Officer at: MyNewTerm, Suite 10, Enterprise House, Wrest Park, Silsoe, Bedfordshire, MK45 4HR or email hello@mynewterm.com.

Why we collect Personal Data

As a data controller we collect and hold Personal Data (as such term is defined in the UK GDPR) about you for various reasons.

Below we have set out the reasons why we collect and process Personal Data as a data controller, as well as the legal basis on which we carry out this processing:

• registering you as a new user of our Services: to enable us to perform our obligations to you under a contract including a candidate’s ability to use the platform speculatively or to apply for vacancies, a referee’s ability to submit references, and an employer’s ability to consider candidate applications.
• processing and delivering your order of any Service including managing payments, fees and charges and collecting amounts owed to us: to enable us to perform our obligations to you under a contract; necessary for our legitimate interests to collect a debt owed to us.
• managing our relationship with you: to enable us to perform our obligations to you under a contract; necessary for our legitimate interests to keep our records updated.
• assess the quality of our Services: to enable us to reflect on our own practices to help us improve and provide the highest quality service.
• to assist with the continuing development of recruitment and retention policies and practices: to enable us to better develop recruitment and retention policies and practices.
• to contact you: to enable us to contact you to send you news about our Services and offers that we think may be of interest to you. If you do not want to be kept informed in this way by email, please let us know. You can do this by following the options set out in the "Choice/opt-out" section below.
• to develop our understanding of the workforce and how employees are deployed: to help us create a fully informed, comprehensive picture of the make-up of the workforce and how each employee is utilised as a member of the workforce.
• to administer our Services including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data: to enable us to perform our obligations to you under a contract; necessary for our legitimate interests in running our business and in offering the Services.
• using data analytics: necessary for our legitimate interests in running our business and in offering the Services.

We also collect, use and handle ‘Aggregated Data’ such as statistical or usage data (for example usage of a website feature) for our own internal purposes and to improve our Services. Aggregated Data may be derived from personal data but all personally identifying characteristics have been stripped from the data. As such, it is not considered Personal Data as this data does not directly or indirectly reveal your identity.

We do not collect Personal Data relating to individuals under 18 as our services are not intended for children.

Where we are providing our Services we act as a data processor. This means that we collect and hold personal data on behalf of someone else which, in our case, is employers who advertise vacancies as part of our Services (each a ‘Recruiting Employer’).

We act upon the instructions of Recruiting Employers who are in control of the Personal Data that we process on their behalf. The types of data subject whose Personal Data we process includes job applicants, providers of references and Recruiting Employer staff members. We have set out below the types of Personal Data we may collect and how we collect it when providing our Services as a data processor (see “Where we act as a data processor” below); however, the responsibility for providing you with further information about how this Personal Data is used falls to the Recruiting Employer as the data controller.

Legal basis for processing

The lawful basis for us to collect/process Personal Data for our activities as a data controller is:

• that the processing is necessary for the purposes of our legitimate interests pursued by us, which includes the reasons set out above, such as contract management, except where your interests override ours.
• to comply with our legal obligations such as in cases where we are under a duty to provide information for legal or regulatory purposes.

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

We do not process any ‘special categories’ (as such term is defined in the UK GDPR) of Personal Data as a data controller and we would require your consent in order for us to do so..

Special categories of data mean Personal Data revealing:

• racial or ethnic origin;
• political opinions; religious or philosophical beliefs or trade union membership;
• genetic or biometric data that uniquely identifies you; or
• data concerning your health, sex life or sexual orientation;

Where we act as a data processor

Through the provision of our Services we enable the following types of Personal Data to be collected (please note this list does not include every type of Personal Data that a Recruiting Employer may wish to record and store as part of the Services). The responsibility for confirming the lawful basis for the collection of such information sits with the Recruiting Employer and where consent is the lawful basis for processing, you will have a free and genuine choice as to whether to share such Personal Data.

Employees of Recruiting Employers

• name and contact information, including email address and telephone number and company details and job title;
• information to check and verify identity such as date of birth;
• gender;
• location data;
• government identifiers such as passport details;
• details about travel itinerary and accommodation;
• personal or professional interests;

Individuals who are seeking employment at a Recruiting Employer

• name and contact details;
• date of birth;
• national insurance number;
• health and/or other medical information including ;disabilities, sex life or sexual orientation;
• information in connection with education (and the curriculum of the school);
• personal characteristics, such as:
  • gender;
  • nationality and ethnic group;
  • religion;
  • first-language;
  • any special educational needs;
  • any relevant protected characteristics.
• employees' employment history, qualifications and employment contractual information, such as:
  • qualifications information;
  • training & Continuing Professional Development (CPD) information;
  • professional bodies information;
  • right to work information;
  • criminal conviction information including results from Disclosure and Barring Service (DBS);
  • name of past and current employers and periods of employment and unemployment;
  • past and current employee position and/or role;
  • past and current employment start dates;
  • past and current salary / remuneration details (including national insurance and other financial details);
  • references from previous employers or academic or character references; and
  • any relevant protected characteristics.
• Reference information commenting on character and performance, safeguarding, capability or misconduct concerns

Individuals who are providing a reference for a Recruiting Employer

• name and contact details;

The above types of Personal Data will be shared with Recruiting Employers as part of our Services.

As a candidate you may close your account with MyNewTerm at any time and once this occurs all of your personal data held within the system will be deleted. However, once you have applied for a vacancy within the system, your Personal Data is automatically shared with the relevant Recruiting Employer and accordingly any requests concerning Personal Data as part of that application should be made to the Recruiting Employer.

Personal Data may be accessible by our technical members of staff only as necessary for us to provide the Services. We do not determine the means and use of the Personal Data that we process as part of providing the Services which is why we are acting as a data processor through the provision of our Services.

We do not carry out profiling and automated decision-making.

Who we share Personal Data with as a data controller

We will not share information with third parties without specific consent unless we are required to do so by law or our policies. We will disclose Personal Data to third parties:

• if we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation;
• in order to enforce any agreements with you;
• in order to perform contracts with third party suppliers for purposes listed in the ‘Why we collect Personal Data’ section above, and to protect the rights, property, or safety of the Company, the Recruiting Employers, their pupils or others. This includes exchanging information with other organisations for the purposes of child welfare. This may include Local Authorities, the Department for Education (the ‘DfE’), the Police and other organisations where necessary.

We may disclose your Personal Data to our external service providers acting as processors who provide IT and system administration services and also to our professional advisers including lawyers, bankers, auditors and insurers, as the case may be, who provide consultancy, banking, legal, insurance and accounting services, as the case may be.

We may also disclose your Personal Data to HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

We require all third parties to respect the security of your Personal Data and to treat it in accordance with all relevant laws. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.

We may also disclose your Personal Data to third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets but only provided that the new owners use your Personal Data in substantially the same way as set out in this Privacy Policy.

We will not share your personal data with any third parties for marketing purposes.

We use the following sub-processors to provide our services for the following purposes. Sometimes our sub-processors are based internationally. Where that is the case we ensure that there are sufficient safeguards in place to protect your personal data. These safeguards are listed below.

Category	Sub-Processor	Purpose	Location	International transfer safeguards
Infrastructure / Hosting	Evaris - Microsoft Azure	Cloud hosting, disaster recovery	UK	N/A
	Amazon Web Services (AWS)	Cloud hosting, storage, secure backup	EU	Adequacy regulations
	IONOS	Cloud hosting	UK/EU	Adequacy regulations
Customer Support & CRM	Google Workspace	Business operations, communication, document storage	Global	Adequacy regulations Recognised data protection framework Standard contractual clauses
	Tawk	Online live chat	Global	Standard contractual clauses UK International Data Transfer Addendum
	TextKernel	CV parsing and candidate data extraction	EU/Global	EU – adequacy regulations Global – standard contractual clauses
	Jira (Atlassian)	Issue tracking and internal ticketing	EU / US	EU – adequacy regulations Global – standard contractual clauses
Technical Support	Snowchicken Limited	Technical consulting services	UK	N/A
Email & Communication	SendGrid	Transactional emails	US	UK Extension to the EU-U.S. Data Privacy Framework International Data Transfer Addendum
	MailerLite	Marketing email campaigns	EU	Adequacy regulations
	KeyCDN	Content delivery network for email click tracking	UK	N/A
	Twilio	SMS messaging, multi-factor authentication	US	UK Extension to the EU-U.S. Data Privacy Framework International Data Transfer Addendum
	SMSWorks	SMS messaging	UK	N/A
Analytics & Monitoring	Sentry	Application error monitoring	US	UK Extension to the EU-U.S. Data Privacy Framework Standard contractual clauses International Data Transfer Addendum
Authentication / Identity	Yoti	Identify verification for candidates or users	UK / Global	Standard contractual clauses UK International Data Transfer Agreement
	SP Index	Online candidate searches for employers	UK / Global	Adequacy regulations UK Extension to the EU-U.S. Data Privacy Framework International data transfer agreement

Where we store Personal Data and how we keep it secure

Electronic copies of Personal Data are kept securely, and information will only be processed where we are satisfied that it is reasonably secure.

All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. You must not share your password with anyone.

When giving Personal Data to third parties (for example, software providers) it is possible that this Personal Data could be stored in a location outside of the UK. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this privacy policy. In particular, any transfer of your Personal Data made by us to a location outside of the UK that is not covered by the adequacy regulations will be protected through appropriate safeguards such as an International Data Transfer Agreement.

More particularly, this site has security measures in place to protect the loss, misuse, and alteration of the information under our control. All instances of unauthorised attempted access to our site are logged and investigated. Where necessary, we will inform law enforcement agencies or other relevant organisations regarding misconduct. We store your email addresses securely. Your details will not be passed to any organisation beyond the Company other than the employer(s) which you submit a job application in respect of, without your explicit permission.

Retention periods

We will only retain Personal Data for as long as is necessary to achieve the purposes for which they were originally collected. As a general rule, Personal Data will be kept in accordance with guidance from the Information & Records Management Society Ltd (IRMS). Further information on retention periods can be obtained by contacting us.

To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances you can ask us to delete your Personal Data (see "Your Data Rights" below).

Once the retention period concludes your Personal Data is securely and safely destroyed/deleted.

Cookies

The www.mynewterm.com website uses cookies, which are small text files that are placed on your computer by websites you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. They cannot be used to get information from your computer about you or read any personal material kept by you on your computer.

The cookie is used to make the link between you and the information you have provided to the website. The creation of a cookie on your computer does not give the website any access to other information such as your email address. For more information on our use of cookies, please see our cookie policy https://www.mynewterm.com/cookie-policy

Your Personal Data Rights

The UK GDPR and associated law gives you rights in relation to Personal Data.

These are:

• Right to be informed: you have the right to be informed about the collection and use of your Personal Data. This policy contains information in relation to the collection of your Personal Data, however, if we collect additional data for other purposes, we will inform you about this.
• Right of Access: if your Personal Data is held, you are entitled to access your Personal Data (unless an exception applies) by submitting a written request. We will aim to respond to that request within one month. If responding to your request will take longer than a month, or we consider that an exception applies, then we will let you know.
• Right of Rectification: you have the right to require us to rectify any inaccurate Personal Data we hold about you. You also have the right to have incomplete Personal Data we hold about you completed. If you have any concerns about the accuracy of Personal Data that we hold then please contact us.
• Right to Restriction: you have the right to restrict the manner in which we can process Personal Data where:
  • the accuracy of the Personal Data is being contested by you;
  • the processing of your Personal Data is unlawful, but you do not want the relevant Personal Data to be erased; or
  • we no longer need to process your Personal Data for the agreed purposes, but you want to preserve your Personal Data for the establishment, exercise or defence of legal claims.
  • employment start date;
  • any relevant protected characteristics.
  • remuneration details (including national insurance and other financial details).

Where any exercise by you of your right to restriction determines that our processing of particular Personal Data are to be restricted, we will then only process the relevant Personal Data in accordance with your consent and, in addition, for storage purposes and for the purpose of legal claims.

• Right to Erasure: you have the right to require we erase your Personal Data which we are processing where one of the following grounds applies:
  • the processing is no longer necessary in relation to the purposes for which your Personal Data were collected or otherwise processed;
  • our processing of your Personal Data is based on your consent, you have subsequently withdrawn that consent and there is no other legal ground we can use to process your Personal Data;
  • the Personal Data have been unlawfully processed; and
  • the erasure is required for compliance with a law to which we are subject.
• Right to Data Portability: you have the right to receive your Personal Data in a format that can be transferred. We will normally supply Personal Data in the form of e-mails or other mainstream software files. If you want to receive your Personal Data which you have provided to us in a structured, commonly used and machine-readable format, please contact us via the details in Section 1 of this Notice.
• Right to object: you have the right to object to the processing of your Personal Data where one of the following grounds apply:
  • the processing is based on legitimate interests or the performance of a task in the public interest;
  • the processing is for direct marketing; or
  • the processing is for the purposes of scientific/ historical research and statistics.

You can find out more about the way these rights work from the website of the Information Commissioner's Office (ICO).

Questions or concerns

If you have any questions or concerns relating to this policy and data protection, please contact us using any of the methods listed below.

Choice/opt-out
If you no longer wish to receive communications from us, you can:

• Send an email to hello@mynewterm.com identifying yourself and asking that we remove you from our mailing lists.
• Write to us at: MyNewTerm, Suite 10, Enterprise House, Wrest Park, Silsoe, Bedfordshire, MK45 4HR

To change or modify information previously provided, you can:

• Send an email to hello@mynewterm.com clearly identifying yourself and asking that we correct or update your Personal Data
• Write to us at: MyNewTerm, Suite 10, Enterprise House, Wrest Park, Silsoe, Bedfordshire, MK45 4HR

Requesting Your Personal Data

Where the Company holds Personal Data concerning you, you are entitled to access that Personal Data and the following information (unless an exception applies):

• a copy of the Personal Data we hold concerning you, provided by the Company;
• details of why we hold that Personal Data;
• details of the categories of that Personal Data;
• details of the envisaged period for which that Personal Data will be stored, if possible;
• information as to the source of Personal Data where that Personal Data was not collected from you personally.

Further information or making a complaint

If you are unhappy with the way we have processed your personal data you may write to us by using our Contact Us page on our website - https://mynewterm.com/contact-us-form

If you are unhappy with the way we have dealt with any of your concerns, you can make a complaint to the ICO, the supervisory authority for data protection issues in England and Wales. We would recommend that you complain to us in the first instance, but if you wish to contact the ICO on the details you can do so on the details below. The ICO is a wholly independent regulator established in order to enforce data protection law.

ICO Concerns website: www.ico.org.uk/concerns

ICO Helpline: 0303 123 1113

ICO Email: casework@ico.org.uk

ICO Postal Address:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Changes to this Privacy Policy

Any changes we make to our privacy policy in the future will be posted on our website and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes.

This privacy policy was last updated in January 2026

© MyNewTerm