Privacy Policy












Who we are

Brightside Group, incorporates the HR and Recruitment functions under one banner for Brightside Insurance Services Ltd, Kitsune Associates Ltd and Injury QED. Our registered office is located at Brightside Park, Severn Bridge, Aust, Bristol, BS35 4BL.


Brightside is committed to respecting your privacy and protecting the personal information you share with us. You can be assured any information you provide to us will be used strictly in accordance with the terms laid out in this policy and complies with Data Protection laws. 

This privacy policy explains how we collect and use your details, the laws and regulations applicable, the systems and services we use and how we detect and prevent crime such as fraudulent applications and claims.

We will do our best to ensure your details are accurate and kept up-to-date and we would ask you to assist us in doing so by letting us know of any changes to your personal information. Keeping us up to date with changes to your information is also a requirement of our contract.

You should show this policy to anyone whose personal information you provide to us. You must ensure any such information you supply relating to anyone else is accurate and you have obtained their consent to the use of their data for the purposes set out above.

Data Protection Laws

Data protection laws means the Data Protection Act 1998, as amended from time to time and EU General Data Protection Regulation (GDPR), and any subsequent, similar or equivalent legislation relating to the protection of personal, including sensitive data.

For our entry in the Information Commissioner's register of data controllers, please go here. Our registration number is Z5268008.

Please note under the Rehabilitation of Offenders Act 1974 you’re not required to disclose to us any convictions regarded as spent. Take a look here   for more information. 

Our commitment to you 

We will treat all your personal information as private and confidential. Other than under the terms of this privacy policy we will not share any of your information with anyone else. We are required to disclose information in the following cases by law. These are:

  • Where we are legally forced to
  • Where there is a duty to the public to disclose information
  • Where you have given permission to disclose information
  • Where we have to protect our interest, including but not restricted to legal advice in the event of litigation.          

Collecting information 

All personal information is treated confidentially and is safely stored, with security systems preventing unauthorised access.

In order to assess your suitability for the role, or relevant roles within Brightside, to arrange and administer an employment contract, to provide you with benefits and rewards, and reduce fraud, we collect and share information from a variety of sources and methods as detailed within this policy. We may also contact you by telephone, text or email.

It's important you provide complete, accurate and up to date information throughout your employment. You can do this by discussing changes with your line manager.

When applying for a role at Brightside we require you to provide complete, accurate and up to date information. If you don’t, Brightside may reject your application. 

We collect information about you when:

  • You visit our websites 
  • You apply on our internal website
  • You apply on third party websites
  • You contact us by email or telephone
  • During the recruitment process, such as interviews, induction forms and emails. 


    We limit the collection of personal information to what we need to know to maintain the accuracy of our records, verify the identity and assess the financial standing of our employees and applicants, deal with complaints, and to fulfil any legal and regulatory requirements. 

    We may collect, use, store and transfer different personal information about you which we have grouped together below:

  • Identity Data includes [first name, last name, username or similar identifier, marital status, title, national insurance number, passport, date of birth and gender, birth certificate, Car Registration Number, home office application registration card, work permit, passport endorsement, home office endorsement, home office residency permit, national passport, EEA Identity card, P45, P60, immigration status].
  • Contact Data includes [address, email address and telephone numbers].
  • Financial Data includes [bank name, bank account number, sort code, student loan, employment history for tax purposes, county court judgements, IVA’s, Bankruptcy or listing with HM Treasury].
  • Technical Data includes [internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Brightside Group website, further information is provided within our Cookie Section]. 
  • Emergency Contact includes [Emergency contact; name, relationship, address, contact telephone number].
  • Usage Data includes [information about how you use our website].
  • Interview Data includes [Interview notes]. 
  • Education includes [Place of study, qualification level, subject, grade, date].
  • Employment history includes [Name of employer, position held, date, reason for leaving, salary. Duties].  
  • References includes [Name of referee, job title of referee, relationship, company address, telephone number, email address].


    We may also collect data which the Data Protection Act defines as sensitive, such as;

  • Medical includes [Disability, health condition, mobility needs, allergies, smoking history, alcohol history, travel history, weight, eyesight, ongoing treatment, medication, sick leave history, GP name, GP address, GP contact number]
  • Convictions includes [Detail of unspent conviction, the date committed, pending criminal/civil convictions]


We will not use data regarded as sensitive data except for the specific purpose of arranging and administering a job application, a contract of employment and to provide reasonable adjustments to support our colleagues in work. You may object to Brightside processing your information, however, Brightside will not be able to process your application, or comply with your request to object where Brightside have compelling legitimate grounds, or the processing is for the establishment, exercise or defence of legal claims.


Brightside do not accept applications from Children under the age of 16. Applications from children will not be processed and the data provided will be destroyed.

Brightside do accept applications for Apprenticeships from Children under the age of 16. However, if you would like to apply for an apprenticeship and you are under the age of 16 at the date of your application, written permission from your parent/legal guardian is required, confirming Brightside can retain your personal information for the purpose explained in this Privacy Policy, and abiding by safeguarding regulations. Without permission, your application will be rejected, and any personal information received will be destroyed. 

Where data relating to children is provided, consent from the legal guardian will also be requested to use, store and share their personal information. The Children’s information provided by you, will only be used for the specific purpose of arranging our rewards and benefits schemes as detailed within this Privacy Policy. 


We use cookies to be able to distinguish you from other users of our sites. We use a number of different cookies to make the websites work and remember the choices you make. 

Cookies are small, often encrypted text files placed on your computer by our websites or sometimes by emails. They are used by our web developers and digital team to provide us with useful information so you can use our site more efficiently and save you time by not having to re-enter your details each time you visit. They also make sure you receive the most relevant information from us.

Persistent cookies - These cookies stay on your computer until they are removed manually or automatically.

Session cookies - These cookies remain on your computer until you close your browser, when they are automatically deleted.

Essential cookies – These are technical cookies required for the operation of our sites. Without essential cookies our web site can't operate properly. Essential cookies include, for example, cookies enabling you to log into secure areas.

Performance cookies – These allow us to recognise and count the number of visitors to our web site and to see how visitors move around our pages. This helps us to improve the way our web site works by enabling us to tailor our site to the way visitors use them. The information we collect from performance cookies is aggregated which means we cannot identify you from it.

Due to their core role of enhancing/enabling usability or site processes, disabling cookies may prevent you from getting the most out of our sites. You can refuse cookies by activating the relevant setting on your browser. However, if you do so you may not be able to access all or parts of our sites. If you carry on using our sites and do not change your browser settings we will assume you consent to us using cookies as described above.

Sharing your information

As an employer we will collect and process your personal information and share it with our rewards and benefits providers. To provide you with a wide range of products and services, we work closely with several third parties. 

When we use these providers for rewards and benefits, we will endeavour to have their agreement to collect and process your data on terms equivalent to those in this privacy policy and to use the information we provide only for the purpose(s) we provide it to them for. 

Examples of who we need to share your data with are listed below. Please note your entitlement to rewards and benefits are specified within your employment contract, and are dependent on your role and grade: 

  • Health Cash Plans
  • Life Assurance
  • Pension Scheme
  • Employee Benefits Providers and Administrators
  • Private Medical Cover
  • Fleet Management Companies


If the rewards and benefits Brightside offer require us to transfer your personal data to a company outside of the European Economic Area (EEA), we will impose contractual obligations to protect your personal data to the same standard required in the European Economic Area. We will also endeavour to choose companies subscribing to 'international frameworks' intended to enable secure data sharing between countries.

A full list of service providers we work with can be found below;

  • Healthshield
  • Jelf
  • Aviva
  • Widerwallet
  • Scottish Widows
  • The Peoples Pension
  • Legal & General 

Credit searching and references 

Where it is a regulatory or contractual requirement to ensure fit and properness to carry out a role, we will need to carry out detailed credit, criminal and previous employer checks. These may be outsourced to a third party provider. 

Information security 

How we protect your personal information from misuse and abuse is of great importance to us. We regularly review our technical and physical security procedures to protect your personal data from unauthorised access.

The Brightside website uses secure socket layer (SSL) encryption technology to encrypt sensitive information such as your financial information. When you request a quote from us, we will process the data on a secure server.

Payment Security

To ensure you receive your pay monthly and on time, your bank account details will be stored, safely in accordance with industry standards. If your bank details are incorrect, or change, please inform HR. 

Links to other websites 

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note we do not have any control over other websites. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. Please be advised we do not represent either the third party or you, if you enter into a transaction on the third party site.

How long do we keep your information?

Any information we hold about you, whether on our computer system or on paper files, will be treated as private and confidential. We only keep your information as long as we need to. Please see the below table for further clarity. 

When How Long
Employee of Brightside Group 6 years after the end of your employment
Application Rejected 6 months after your application
Contractor/Consultant 6 years after the end of contract


How to access your information 

Under the Data Protection laws you have the right to access personal information held about you by Brightside. 

If you would like a copy of the personal information we hold about you, or if you have any questions or queries in respect of confidentiality, data protection, or need to change or delete information, please contact Brightside. 

You should also contact us if you have concerns about the information we hold on you or how we have handled it.

To contact Brightside about any of the above you can call us on 01454 634 121: or write to, SAR, Brightside Park, Severn Bridge, Aust, Bristol, BS35 4BL. We will take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.

If you still have any concerns about how we have handled your information or for more information on the Data Protection Act you can visit the Information Commissioner's Office website -the-public/ or call them on 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number. 

You can also email: (please include your telephone number) or write to the Information Commissioner's Office at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.


Access to our website ('Site') and our rights in it: 

We are the owner of all copyright, design rights, database rights and all other intellectual property rights in the content of this Site unless otherwise stated.

You are permitted to access and use this site for personal, non-commercial use only. You may not access or use this site for any commercial purposes or otherwise exploit, extract, publish, distribute, or reproduce any part of this site for any commercial purpose.

We will take very seriously any access to or interference with this site with intent to deny, corrupt or damage or otherwise interfere with service from the Site or for other commercial purposes. We will monitor any such use and will take whatever action necessary to protect against such activities. By using this site, you agree damages may not be an adequate remedy for any breach of these terms or infringement of any of our rights by you and you accordingly agree we are entitled to any and all of the following remedies: injunction; specific performance; orders to deliver up infringing copies or materials and any other legal or equitable relief for any threatened or actual breach and/or infringement. You further agree no proof of special damages is necessary for us to obtain any such remedies.

Governing Law

This Privacy Policy is governed by the laws of England and Wales and subject to the exclusive jurisdiction of the English Courts.