Data Protection Privacy Notice for Recruitment
This notice explains what personal data (information) we will hold about you, how we collect it, and how we will use and may share information about you during the application process.
This notice is specifically for data protection processed for recruitment. We are required to notify you of this information, under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you.
Who collects the information?
Homefield College (‘Company’) is a ‘data controller’ and gathers and uses certain information about you.
Data Protection Principles
We will comply with the data protection principles when gathering and using personal information, as set out in our data protection policy.
About the Information We Collect & Hold
What information do we collect?
We may collect the following information up to and including the shortlisting stage of the recruitment process:
- Your name and contact details (ie address, home and mobile phone numbers, email address);
- Details of your qualifications, experience, employment history (including job titles, salary and working hours) and interests;
- Your racial or ethnic origin, sex and sexual orientation, religious or similar beliefs;
- Information regarding your criminal record;
- Details of your referees;
- Information about your health, including any medical condition, health and sickness records for the purposes of establishing if any adjustments need to be made to the recruitment process
We may collect the following information after the shortlisting stage, and before making a final decision to recruit:
- Information about your previous academic and/or employment history, including details of any conduct, grievance or performance issues, appraisals, time and attendance, from references obtained about you from previous employers and/or education providers ∆;
- Information regarding your academic and professional qualifications ∆;
- Information regarding your criminal record, in criminal records certificates (CRCs) and enhanced criminal records certificates (ECRCs) ∆;
- Your nationality and immigration status and information from related documents, such as your passport or other identification and immigration information ∆;
- A copy of your driving licence ∆
- Information about your health, including any medical condition, health and sickness records for the purposes of assessing the ability to carry out intrinsic elements of the role
You are required (by law or in order to enter into your contract of employment) to provide the categories of information marked ‘∆’ above to us to enable us to verify your right to work and suitability for the position.
How We Collect the Information
We may collect this information from you, your referees (details of whom you will have provided), your education provider, the relevant professional body, the Disclosure and Barring Service (DBS), the Home Office.
Why We Collect the Information and How We Use It
We will typically collect and use this information for the following purposes (other purposes that may also apply are explained in our data protection policy):
- to take steps to enter into a contract;
- for compliance with a legal obligation (e.g., our obligation to check that you are eligible to work in the United Kingdom);
- for the performance of a task carried out in the public interest;
- for the purposes of our legitimate interests, but only if these are not overridden by your interests, rights or freedoms;
- because it is necessary for carrying out obligations or exercising rights in employment law; and
- for reasons of substantial public interest (preventing or detecting unlawful acts).
We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it.
How We May Share the Information
We may also need to share some of the above categories of personal information with other parties, such as HR consultants and professional advisers. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
We may also be required to share some personal information with our regulators or as required to comply with the law.
Sensitive Personal Information and Criminal Records Information
Further details on how we handle sensitive personal information and information relating to criminal convictions and offences are set out in our DBS – Secure Storage, Handling, Use, Retention, Renewal and Disposal of Disclosure available on the HR area on Sharepoint.
Where Information May Be Held
Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above.
How Long We Keep Your Information
We keep the personal information that we obtain about you during the recruitment process for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on whether your application is successful and you become employed by us, the nature of the information concerned and the purposes for which it is processed.
We will keep recruitment information (including interview notes) for no longer than is reasonable, taking into account the limitation periods for potential claims such as race or sex discrimination (as extended to take account of early conciliation), after which they will be destroyed. If there is a clear business reason for keeping recruitment records for longer than the recruitment period, we may do so but will first consider whether the records can be pseudonymised, and the longer period for which they will be kept.
If your application is successful, we will keep only the recruitment information that is necessary in relation to your employment.
Further details on our approach to information retention and destruction are available in our Data Protection Policy and Data Sharing policy which are available on request.
Object to us Processing Your Information
Where our processing of your information is based solely on our legitimate interests (or those of a third party), you have the right to object to that processing if you give us specific reasons why you are objecting, which are based on your particular situation. If you object, we can no longer process your information unless we can demonstrate legitimate grounds for the processing, which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
Please contact our Data Protection Officer (DPO) Isela Bonequi, via email at firstname.lastname@example.org if you wish to object in this way.
Correct and Access Your Information
Please contact our Data Protection Officer (DPO) Isela Bonequi, via email on email@example.com if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice.
Ask for Data to be Erased
You also have the right to ask our Data Protection Officer for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Please contact our Data Protection Officer (DPO) Isela Bonequi, via email on firstname.lastname@example.org, to request further information about the right to be forgotten.
Keeping Your Personal Information Secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to Complain
We hope that our Data Protection Officer can resolve any query or concern you raise about our use of your information.
If not, contact the Information Commissioner or telephone 0303 123 1113 for further information about your rights and how to make a formal complaint.