Robinson-Grace-logo1590 x 430.png

PRIVACY NOTICE – JOB APPLICANTS

This privacy notice advises job applicants of the organisation’s commitment to data protection responsibilities of privacy and confidentiality relating to the collection and processing of their personal information.

We collect and process your personal data as part of the recruitment process in relation to the role you are applying for. 

All Managers have responsibility for ensuring that applicants’ personal information is held and processed in the correct way. 

What is personal information?

Personal information is any information that relates to you and can be used directly or indirectly to identify you, such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (GDPR article 4).

Special categories of personal data means information about an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation and biometric/genetic data (GDPR article 9).

 

Legal Basis for Using Personal Data

We collect personal data only for specified, explicit and legitimate purposes, whether or not by automated means, such as collection, recording, storage, retrieval, use, disclosure, dissemination, erasure or destruction (GDPR article 4).

  • We process personal data lawfully, only where it is adequate, relevant and limited to what is necessary for the purposes of processing.

  • We keep accurate personal data, only for the period necessary for processing, and take all reasonable steps to ensure that inaccurate personal data is rectified or deleted without delay.

  • We adopt appropriate measures to make sure that personal data is secure, and protected against unauthorised or unlawful processing, accidental loss, destruction or damage.

  • We do this to ensure a candidate is suitable for the role and to make sure reasonable adjustments can be made for those applicants who have a disability.

  • Processing of personal data ensures that a fair recruitment process has taken place.

 

We will not process personal data of applicants for reasons other than the recruitment and selection process.  Where we process special categories of personal data or criminal records data to perform obligations, this is done for legal reasons. We will update personal data promptly if an applicant advises that his/her/their information has changed or is inaccurate.

 

In order to operate an effective recruitment process, we will collect and store personal information you submit as part of the application process.  By submitting your personal information, you are consenting to us using it in accordance with this policy.  You are under no obligation to provide your consent for the organisation to hold your data outside of the recruitment process. If you do not consent to the organisation holding, processing and sharing your personal data during the recruitment process, we may not be able to process your application.

In some cases, the organisation will need to process data to ensure that it is complying with its legal obligations. For example, we must check an applicant’s entitlement to work in the UK. 

Data do we hold on you

The personal data we hold regarding you can include, but is not limited to, information such as:

  • Your name and address.

  • Email address and telephone number.

  • Date of birth if it appears on your application. 

  • Equal opportunities monitoring information.

  • Your nationality and entitlement to work in the UK.

  • National insurance number if it appears on your application.

  • Information about your current salary and benefits.

  • Qualifications and skills.

  • Work experience and employment history.

  • Information you may have disclosed about your criminal record.

  • Disability status to enable us to make any reasonable adjustments throughout the recruitment process.

Any applicant wishing to see a copy of the information about them that we hold should contact the organisation.

 

Who has access to your personal data?

 

Your personal data may be shared internally with other members of staff involved in the recruitment process in order for them to perform their roles. We may also share your data with a client’s Hiring Manager who has specific responsibility for the recruitment of the vacancy/vacancies advertised. 

 

Throughout the recruitment process we maintain strict confidentiality and only process and retain personal data of unsuccessful applicants for up to 12 months before being deleted or destroyed.

 

How do we protect applicants’ personal data?

 

Our servers and storage systems are based within the EU or the European Economic Area (EEA) and we have ensured that appropriate safeguards are in place to protect your personal data.

 

We take the security of your personal data very seriously. Internal policies and controls are in place to try to ensure that data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties. 

 

Where we engage third parties to process personal data on our behalf, they do so based on written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data. For example, we ensure that we use encrypted devices, uses passwords, virus protection and has appropriate firewalls.

 

What rights do you have in relation to your information?

You will have the following rights in relation to your personal data:

  • The right of access to the personal data and supplementary information. This right is to enable you to be aware of and verify the lawfulness of the personal data we are processing.

  • The right to rectification. This right allows you to have personal data rectified if it is inaccurate or incomplete. 

  • The right to erasure. This is also known as the ‘right to be forgotten’. This is not an absolute right and applies in specific circumstances. 

  • The right to restrict processing. This right applies in circumstances where, for example, the data subject contests the accuracy of the data or challenges the public interest or legitimate interest basis. Further guidance can be obtained from the ICO’s website. 

  • The right to data portability. This allows individuals to obtain and reuse their personal data for their own purposes. 

  • The right to object. Individuals have the right to object to:

  • Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority

  • Direct marketing.

  • Processing for scientific/historical research and statistics. 

  • Rights in relation to automated decision making and profiling.

Further guidance and advice on the above rights can be obtained from the ICO’s website https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

 

This policy is subject to change and may differ each time you submit an application.

 

If you have a concern about the way we are collecting or using your personal data, we ask that you raise your concern with us in the first instance by contacting the Data Privacy Manager on admin@robinsongracehr.com  Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns to raise any issues you may have.