Privacy Policy

This Privacy Policy was last updated on June 5, 2026. It is written under UK GDPR and the Data Protection Act 2018 as the primary framework
(Intermarine UK is a UK entity), and EU GDPR is also covered for EEA and Swiss applicants.

1. Who We Are

Intermarine UK (“we”, “us”, “our”) is a recruitment agency operating the website https://intermarinecareers.com (the “Website”). We help
candidates find work and connect them with prospective employers.

For the purposes of UK and EU data protection law, we are the data controller of the personal information described in this policy.

Address: Office 10, JR House D6, Main Avenue, Treforest Industrial Estate, Pontypridd, CF37 5UR, United Kingdom

Company registration number: [REG NUMBER, if applicable]

Privacy contact: [email protected] (or post to the address above, marked “Data Protection”)

Data Protection Officer: [NAME / “Not applicable — we are not required to appoint one”, whichever is true]

2. The Information We Collect

2.1 Information You Give Us When You Apply

When you submit a CV or apply for a job through the Website, we collect the following.

Identity and contact details: first name, last name, email address and phone number.

Eligibility details: country of residence and nationality.

Your CV or résumé, including everything contained in it. The text of your CV is automatically parsed (read and extracted) so it can be stored against your candidate record.

Certification documents you choose to upload (up to 5 files).

Job preferences: the trade you work in and the regions or locations you are willing to work in.

Consents: your acceptance of our Terms and Conditions, this Privacy Notice, and the Key Information Documents, recorded at the time you apply.

You are not obliged to provide this information, but we cannot process a job application without your name, email, country of residence, nationality
and CV.

Note on special category data: A CV or certification may contain sensitive (“special category”) information you choose to include — for example
details that reveal health, religion, or similar. Please do not include special category data unless it is necessary. Where you do, we process it on the basis of your explicit consent and only to assess your suitability for roles.

2.2 Information We Collect Automatically

When you visit the Website we (and our analytics providers) may collect usage and device data via cookies and similar technologies — for example
pages viewed, approximate location, browser or device type, and how you arrived at the Website. This is collected through Google Analytics 4 and Google
Tag Manager (see Section 7, and our separate Cookie Policy).

We also use a hidden “honeypot” field on our forms to detect automated spam submissions; this does not collect personal information about genuine
applicants.

3. How We Use Your Information and Our Legal Bases

We create and maintain your candidate record in our recruitment system to assess your suitability and put you forward for roles. Our legal basis is
the performance of a contract or steps prior to a contract, and our legitimate interests in operating a recruitment service.

We match you to vacancies and submit you to prospective employers as part of our core recruitment service. Our legal basis is legitimate interests,
and consent where required.

We contact you about your application and suitable opportunities to provide the service you asked for. Our legal basis is legitimate interests or
consent.

We store and parse your CV and certifications to evaluate your experience and qualifications. Our legal basis is legitimate interests, and explicit
consent for any special category data.

We may send you marketing or job alerts to keep you informed of relevant roles. Our legal basis is consent.

We analyse Website usage to improve our website and services. Our legal basis is consent, given via the cookie banner.

We detect and prevent fraud and spam and keep the Website secure to protect our service. Our legal basis is legitimate interests or legal
obligation.

Where we rely on consent, you can withdraw it at any time (see Section 8).

4. Who We Share Your Information With

We share your personal information with prospective employers and clients when we put you forward for a role. We share the details relevant to that
application.

We share your information with Bullhorn, our recruitment applicant-tracking system (ATS) and CRM provider. Your candidate record, CV and
certifications are stored in, and your CV is parsed by, Bullhorn’s platform. Bullhorn acts as our data processor.

We share usage data with Google for website analytics (Google Analytics 4 and Google Tag Manager).

We share data with WP Engine, our website hosting provider, which stores the Website and its data on our behalf.

[OTHER TOOLS — e.g. Mailchimp/CRM/live chat, or delete this line]

We may share your information with authorities or third parties where we are required to by law, or to establish, exercise or defend legal
claims.

We do not sell your personal information.

5. International Transfers

Our service providers, including Bullhorn and Google, may process your data outside the UK and EEA (for example in the United States). Where personal data is transferred outside the UK or EEA, we rely on appropriate safeguards such as the UK International Data Transfer Agreement or Addendum and the
EU Standard Contractual Clauses, and/or transfers to countries with an adequacy decision. You can request more detail using the contact details in
Section 1.

6. How Long We Keep Your Information

We keep your candidate information for as long as our relationship is active — that is, until you ask us to delete it or withdraw your consent — so
that we can continue to consider you for suitable roles. After that, we delete or anonymise it, except where we need to keep limited records to comply
with legal obligations or to resolve disputes.

CV and certification files uploaded through the Website are held only transiently while your application is processed into our recruitment system,
then deleted from the website server.

Incomplete applications that are abandoned are automatically purged within 24 hours.

Internal website processing records are removed within 30 days of a successful submission.

7. Cookies and Analytics

The Website uses cookies and similar technologies. We manage cookie consent through a consent management platform (Complianz), which lets you accept
or reject non-essential cookies and change your choice at any time.

Strictly necessary and functional cookies are required for the Website to function and to remember your preferences (for example WordPress session
and security). These do not require consent.

Statistics and analytics cookies — Google Analytics 4 and Google Tag Manager — are used to understand how visitors use the Website. These are only
set after you consent via the cookie banner.

You can manage or withdraw your cookie consent at any time through the cookie settings on the Website, and you can control cookies through your
browser settings. Full detail is set out in our separate Cookie Policy. For more on Google’s practices, see Google’s Privacy Policy.

8. Your Rights

Under UK and EU GDPR you have the right to access a copy of the personal data we hold about you.

You have the right to rectify inaccurate or incomplete data.

You have the right to erase your data (the “right to be forgotten”).

You have the right to restrict or object to our processing.

You have the right to data portability — to receive your data in a portable format.

You have the right to withdraw consent at any time, where we rely on consent.

You have the right to lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at [email protected]. We will respond within one month.

If you are unhappy with how we handle your data you can complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk, or, in the EEA or Switzerland, your local data protection authority.

9. Security

We take appropriate technical and organisational measures to protect your information, including access controls, restricted upload directories, and the prompt deletion of files from our web server once processed. No method of transmission over the internet is completely secure, but we work to protect your data and have procedures to deal with any suspected breach.

10. Children

The Website and our services are not directed at children, and we do not knowingly collect personal data from anyone under 16.

11. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top shows when it was last revised. Significant changes will be
communicated where appropriate.

12. Contact Us

For questions about this policy or your personal data, please contact us.

Email: [email protected]

Post: Intermarine UK, Office 10, JR House D6, Main Avenue, Treforest Industrial Estate, Pontypridd, CF37 5UR, United Kingdom