Privacy Notice – Recruitment
Integris Solutions Limited is committed to protecting the privacy and security of personal data. This Privacy Notice describes how we collect and process personal data as part of the company’s recruitment processes, in accordance with the General Data Protection Regulation (GDPR).
This notice applies to all job applicants and candidates.
You are under no statutory or contractual obligation to provide data to Integris Solutions Limited during the recruitment process. However, if you do not provide the information, we may not be able to process your application.
Collection of Personal Data
To facilitate the recruitment process we may collect the following information about you:
- your name, address and contact details, including email address and telephone number
- your qualifications, skills, experience, employment history and references
- Remuneration information
- Health and medical details
- Information about your entitlement to work in the UK e.g. passport details, Residency and Nationality
Information may be collected in a variety of ways. For example, data might be contained in a CV, acquired from job boards or social media or obtained from your passport or other identity documents, or collected through the interview process.
We may also collect personal data about you from third parties, such as employment references, right to work and Disclosure and Barring Service (DBS) checks. We will seek information from third parties only once a job offer has been made and consent has been given by you.
Why personal data is collected and processed
We need to process data to take steps at your request to consider your application for employment with us and to potentially enter into a contract with you.
In some cases, we need to process data to ensure we are complying with legal obligations. For example, it is mandatory to check a successful applicant’s eligibility to work in the UK before employment starts.
Integris Solutions Limited has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.
We may process special categories of data, such as information about your health, including any medical condition, health and sickness records and whether or not applicants are disabled in order to make reasonable adjustments for candidates who have a disability. We may also process special categories of data such as information about ethnic origin, sexual orientation, religion or belief, this is for equal opportunities monitoring purposes. We process such information to carry out its obligations and exercise specific rights in relation to employment.
If your application is unsuccessful, we may keep your personal data on file in case there are future employment opportunities for which you may be suited. We will ask for your consent before keeping your data for this purpose and you are free to withdraw your consent at any time.
Who has access to your data?
Your information may be shared internally for the purposes of the recruitment process. This includes members of HR, recruiting managers and IT staff if access to the data is necessary for the performance of their roles.
We will not share your data with third parties, unless your application for employment is successful and we make you an offer of employment. We will then share your data with former employers to obtain references for you, employment background check providers etc.
How is data protected?
We take the security of your data seriously. We have internal policies and a series of technical and administrative controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.
All employees are required to undertake annual data protection and confidentiality training and our privacy and security guidelines are effectively communicated and safeguards monitored.
Data will be stored in HR recruitment and management systems and on other IT systems (including email). All data is stored on servers within the UK and is fully compliant with EU data protection laws, and we will not share it with anyone else.
For how long is data retained?
If your application for employment is unsuccessful, we will hold your data on file for six months after the end of the relevant recruitment process.
If you give your consent for your personal data to be retained, we will hold your data on file for a further twelve months for consideration for future employment opportunities.
All personal data will be deleted or securely destroyed at the appropriate time, or earlier if consent is withdrawn and we will not keep your personal data for longer than is required or permitted by law.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your Human Resources file (electronic and paper based) and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.
Rights of access, correction, erasure, and restriction
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact our Data Protection Officer.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Right to withdraw consent
In the circumstance where you have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact our Data Protection Officer. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Data Protection Officer
Our Data Protection Officer (DPO) is Caroline Todd
If you have any questions, require further information or would like to exercise your rights, please contact us by email at firstname.lastname@example.org , by telephone on 01424 753 416, or by post at 20 – 22 Wenlock Road, London, N1 7GU.
If you have any cause for complaint about our use of your personal data, please contact us and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.
Changes to this privacy notice
We reserve the right to update this privacy notice at any time, and will communicate a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.