post-gdpr privacy ?· privacy notice (for prospective employees, workers and contactors) important...

Download Post-GDPR privacy ?· PRIVACY NOTICE (for prospective employees, workers and contactors) Important information…

Post on 14-Aug-2018

212 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • PRIVACY NOTICE

    (for prospective employees, workers and contactors)

    Important information about how we use your personal data

    We at Elysium Healthcare Limited (Elysium) take our data privacy responsibilities very

    seriously and we are committed to protecting the privacy and security of your personal

    information.

    This privacy notice describes how we will collect and use personal information about

    candidates and applicants for positions with us. This is done in accordance with data

    protection law, which means General Data Protection Regulation.

    Elysium is the data controller. We are responsible for deciding how we hold and use

    personal information about you. We are required under data protection law to tell you about

    what information we process about you.

    When we talk about personal information we mean information from which you can be

    identified. It does not include data where the identity has been removed (anonymous data).

    There are some categories of data that are more sensitive and these require a higher level of

    protection.

    This notice applies to prospective employees, workers and contactors. We may amend it at

    any time.

    Data protection principles

    We will comply with data protection law. This says that personal informant we hold about

    you must be:

    used lawfully, fairly and in a transparent way;

    collected for valid reasons that we have explained to you and not used in any way that is incompatible with that;

    relevant to the purposes we have told you about and limited only to those processes;

    accurate and kept up to date;

    kept only as long as necessary for the purposes we have told you about; and

    kept securely.

    The kind of information we hold about you

    We may collect, store, and use personal information about you in connection with your job

    application or recruitment to Elysium. This may include:

    Recruitment information, such a CVs, application forms, cover letters or information provided and documented during the interview process

    Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses

    Copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process

    Documentary proof of qualifications, professional registrations and relevant training courses

    We may also collect, store and use the following "special categories" of more sensitive

    personal information:

  • Prospective staff Privacy Notice (GDPR) (v1)

    2

    Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions

    Trade union membership

    Information about your health, including any medical conditions, disabilities and your health and sickness records

    Genetic information and biometric data

    Information about criminal convictions, offences and court orders

    How is your personal information collected?

    We typically collect personal information about prospective employees, workers and

    contactors through the application and recruitment process, either directly from candidates

    or sometimes from an employment agency or background check provider. We may sometimes

    collect additional information from third parties including former employers, credit reference

    agencies or other background check agencies.

    How we will use information about you

    We will only use your personal information when the law allows us to. Most commonly, we

    will use your personal information in the following circumstances:

    Where we need to perform the contract we have entered into with you or because you have asked us to take specific steps before entering into a contract.

    Where we need to comply with a legal obligation.

    Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

    We may also use your personal information in the following situations, which are likely to be

    rare:

    Where we need to protect your interests (or someone else's interests).

    Where it is needed in the public interest.

    Situations in which we will use your personal information

    We need the categories of information in the list above primarily to allow us to perform our

    contract with you or take specific steps before entering into a contract and to enable us to

    comply with legal obligations. In some cases we may use your personal information to pursue

    legitimate interests of our own or those of third parties, provided your interests and

    fundamental rights do not override those interests. The situations in which we will process

    your personal information are listed below.

    Making a decision about your recruitment or appointment.

    Determining the terms on which you may work for us, including salary and compensation, and benefits.

    Checking you are legally entitled to work in the UK.

    Equal opportunities monitoring.

    Some of the above grounds for processing will overlap and there may be several grounds

    which justify our use of your personal information.

    If you fail to provide personal information

  • Prospective staff Privacy Notice (GDPR) (v1)

    3

    If you fail to provide certain information when requested, we may not be able to take specific

    steps before entering into a contract (such as considering your application or making an offer),

    or we may be prevented from complying with our legal obligations.

    Change of purpose

    We will only use your personal information for the purposes for which we collected it, unless

    we reasonably consider that we need to use it for another reason and that reason is

    compatible with the original purpose. If we need to use your personal information for an

    unrelated purpose, we will notify you and we will explain the legal basis which allows us to do

    so.

    Please note that we may process your personal information without your knowledge or

    consent, in compliance with the above rules, where this is required or permitted by law.

    How we use particularly sensitive personal information

    "Special categories" of particularly sensitive personal information require higher levels of

    protection. We need to have further justification for collecting, storing and using this type of

    personal information. We may process special categories of personal information in the

    following circumstances:

    In limited circumstances, with your explicit written consent.

    Where we need to carry out our legal obligations and in line with our data protection policy.

    Where it is needed in the public interest, such as for equal opportunities monitoring, and in line with our data protection policy.

    Where it is needed to assess your working capacity on health grounds, subject to appropriate confidentiality safeguards.

    Less commonly, we may process this type of information where it is needed in relation to

    legal claims or where it is needed to protect your interests (or someone else's interests) and

    you are not capable of giving your consent, or where you have already made the information

    public.

    We will use your particularly sensitive personal information in the following ways:

    We will use information about your physical or mental health, or disability status, to ensure your health and safety in the workplace and to assess your fitness to work,

    and to provide appropriate workplace adjustments.

    We will use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure

    meaningful equal opportunity monitoring and reporting.

    We will use trade union membership information to pay trade union premiums, register the status of a protected employee and to comply with employment law

    obligations.

    Do we need your consent?

    We do not need your consent if we use special categories of your personal information in

    accordance with our written policy to carry out our legal obligations or exercise specific rights

    in the field of employment law. In limited circumstances, we may approach you for your

    written consent to allow us to process certain particularly sensitive data. If we do so, we will

    provide you with full details of the information that we would like and the reason we need it,

    so that you can carefully consider whether you wish to consent.

    Information about criminal convictions

  • Prospective staff Privacy Notice (GDPR) (v1)

    4

    We may only use information relating to criminal convictions where the law allows us to do

    so.

    We envisage that we will hold information about criminal convictions. Where appropriate, we

    will collect information about criminal convictions as part of the recruitment process or when

    we complete DBS checks for our regulatory compliance or we may be notified of such

    information directly by you. This will usually be where such processing is necessary to carry

    out our obligations and provided we do so in line with our data protection policy.

    Less commonly, we may use information relating to criminal convictions where it is necessary

    in relation to legal claims, where it is necessary to protect your interests (or someone else's

    interests) and you are not capable of giving your cons

Recommended

View more >