Privacy Policy

Last updated: 23 February 2026

1. Introduction

GetNHSJobs.com ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read this policy carefully. By using our services, you consent to the practices described herein.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when you:

  • Create an account: Email address and authentication credentials
  • Subscribe to a plan: Payment information (processed securely by Stripe)
  • Use our services: Job search preferences and filters
  • Contact us: Any information you include in your communications

2.2 Information Collected Automatically

When you use our service, we may automatically collect:

  • Device information (browser type, operating system)
  • IP address and general location data
  • Usage data (pages visited, features used, time spent)
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process your subscription and payments
  • Send you job alerts and notifications (based on your preferences)
  • Communicate with you about your account and our services
  • Respond to your inquiries and provide customer support
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues or fraudulent activity
  • Comply with legal obligations

4. Legal Basis for Processing (UK GDPR)

We process your personal data based on the following legal grounds:

  • Contract: Processing necessary to provide our services to you
  • Consent: Where you have given explicit consent (e.g., marketing communications)
  • Legitimate interests: To improve our services and ensure security
  • Legal obligation: To comply with applicable laws and regulations

5. Payment Processing

All payment transactions are processed through Stripe, a PCI-DSS compliant payment processor. We do not store your full credit card details on our servers. Stripe's use of your personal data is governed by their privacy policy, available at https://stripe.com/privacy.

We receive limited payment information from Stripe, including the last four digits of your card and billing address, to help prevent fraud and manage your subscription.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

  • Service providers: Third parties who perform services on our behalf (e.g., Stripe for payment processing, Supabase for authentication and database services)
  • Legal requirements: When required by law, court order, or government request
  • Business transfers: In connection with a merger, acquisition, or sale of assets
  • Protection of rights: To protect our rights, privacy, safety, or property

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. If you cancel your subscription or delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, accounting, or reporting purposes.

Payment records may be retained for up to 7 years to comply with financial regulations.

8. Your Rights

Under UK GDPR, you have the following rights:

  • Right of access: Request a copy of your personal data
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your data ("right to be forgotten")
  • Right to restrict processing: Request limitation of how we use your data
  • Right to data portability: Receive your data in a portable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at privacy@getnhsjobs.com. We will respond to your request within 30 days.

9. Cookies

We use cookies and similar tracking technologies to enhance your experience. Cookies are small text files stored on your device that help us:

  • Remember your login status and preferences
  • Understand how you use our service
  • Improve our website performance

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of our service.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (SSL/TLS)
  • Secure authentication systems
  • Regular security assessments
  • Access controls and monitoring

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

11. International Data Transfers

Your data may be transferred to and processed in countries outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO).

12. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. Your continued use of our service after such changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@getnhsjobs.com

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. Visit https://ico.org.uk for more information.