Recruitment Privacy Notice

In line with GDPR, this document outlines important information regarding the personal data of yours that the Company will collect, store, use and transfer.

If you have any queries or concerns relating to the information in this document, you should raise this in the first instance with your Line Manager or the Company’s appointed Data Protection Officer.

 

RECRUITMENT PRIVACY NOTICE

Data Protection

 

Your Information and What You Need to Know

 

This leaflet explains why information is collected about you and the ways in which it is used. Listening Ear (Merseyside) is registered as a data controller under DPA 18.

 

The aim of this leaflet is to provide you with an overview of how we use and handle your information.

 

The Data Collected:

 

Data type
1. Name
2. Address
3. Phone number
4. Date of birth
5. Gender
6. National Insurance number
7. Bank account details
8. Passport or other ID
9. Driving licence
10. Car insurance
11. Next of kin and contact details for them
12. Medical conditions and disabilities
13. Education and Training History
14. Employment History
15. Agreements
16. Criminal Record Check
17. Reference Check
18. Training Record
19. Contract
20. General Correspondence
21. Pay Packets
22. Disciplinary and Grievance Records
23. Photos or videos – e.g. for an identity badge (required) or for marketing purposes (which we would only do with your consent)

 

Why we collect information about you?

 

As your employer, the Company needs to keep and process information about you for normal employment purposes. The information we hold and process will be used for our management and administrative use only. We will keep and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately, during the recruitment process, whilst you are working for us, at the time when your employment ends and after you have left. This includes using information to enable us to comply with the employment contract, to comply with any legal requirements, pursue the legitimate interests of the Company and protect our legal position in the event of legal proceedings. If you do not provide this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision.

 

As a company pursuing a range of supportive services for children, young people and adults experiencing mental health issues, we may sometimes need to process your data to pursue our legitimate business interests, for example to prevent fraud, for administrative purposes or reporting potential crimes. We will never process your data where these interests are overridden by your own interests.

 

Much of the information we hold will have been provided by you, but some may come from other internal sources, such as your manager, or in some cases, external sources, such as referees.

 

The sort of information we hold includes your application form and references, your contract of employment and any amendments to it; correspondence with or about you, for example letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary; information needed for payroll, benefits and expenses purposes; contact and emergency contact details; records of holiday, sickness and other absence; information needed for equal opportunities monitoring policy; and records relating to your career history, such as training records, appraisals, other performance measures and, where appropriate, disciplinary and grievance records.

 

Some data is deemed Sensitive Data, and we can only process this with your consent. If the consent is not forthcoming or withdrawn, we may not be able to employ you with no liability on our part. Sensitive Data includes information about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data biometric data, sex life or sexual orientation, and medical information. Medical information will not be shared without your consent unless there is a risk to life or other legal obligation.

 

You will, of course, inevitably be referred to in many company documents and records that are produced by you and your colleagues in the course of carrying out your duties and the business of the company. You should refer to the GDPR Policy which is available in the Company Handbook.

 

Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes. This information will be used in order to comply with our health and safety and occupational health obligations – to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate. We will also need this data to administer and manage statutory and company sick pay.

 

Where we process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation, we will always obtain your explicit consent to those activities unless this is not required by law or the information is required to protect your health in an emergency. Where we are processing data based on your consent, you have the right to withdraw that consent at any time.

 

In addition, we monitor computer [and telephone/mobile telephone] use, as detailed in our Computer/telephone/electronic communications/expenses policy, available in the Company Handbook. We also keep records of your hours of work by way of our clocking on and off system, as detailed in the Company Handbook.

 

What is the legal basis for our collection of personal data?

We will only process your data for lawful purposes to which you have consented. The legal bases used are:

  1. Consent
  2. Contract
  3. Legal Obligation
  4. Vital Interests
  5. Public Interests
  6. Legitimate Interests

 

How long is your data kept?

 

The criteria used for determining how long your personal data will be stored for is based on the retention periods determined by Statutory Legislation and/or the non-statutory retention periods recommended by the CIPD.

 

If in the future we intend to process your personal data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information.

 

We do not use automated decision making (including profiling).

 

Transferring your data

 

We use a HR management system owned and managed by a Third Party, https://citrushr.com/.

 

We use a client management system owned and managed by a Third Party, https://lamplight.online/.

 

The other principal partner organisations with whom your information may be shared with your consent are:

 

Third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you, for instance we may need to pass on certain information to NOW Pensions.

 

How we keep your records confidential?

 

Everyone working for Listening Ear (Merseyside) has a legal duty to keep information about you confidential.

 

We take confidentiality seriously. We will not disclose your information to third parties without your permission unless the law requires information to be passed on (e.g. we receive a court order). Anyone who receives information from us is also under a legal duty to keep it confidential.

 

There are five exceptions when Listening Ear is required to break confidentiality. You will be asked to sign an employment contract that says you understand this and allow us to do it. These are:

  1. Where Listening Ear has your express consent
  2. Where Listening Ear is legally obliged to provide the information e.g. as a result of a court order.
  3. Where you have discussed your knowledge of or involvement in an illegal activity.
  4. Where Listening Ear believes that you are at risk of harm to self, harm from others or harming others or that a 3rd party is in serious danger.
  5. To support multi-agency wrap-around support for you, we may need to share some information about you so that we can all work together for your benefit. However, we will only ever use or pass on your information if others involved in your care have a genuine need for it and with your consent.

 

How can you get access to your personal records?

 

The Data Protection Act 2018 (DPA 18) and the General Data Protection Regulation (collectively referred to as the ‘Data Protection Requirements’) allows you to find out what information about you is held on computer and in certain manual records. This is known as ‘right of subject access’ and it applies to your Listening Ear records.

You are entitled to view or receive a copy of your records or to request that we:

  • correct information held about you that is inaccurate
  • cease the processing of your personal data
  • delete your personal data if your request is not overridden by our legal rights
  • provide your personal data in a portable format

 

You should be aware that your right to see some details in your records may be limited in your own interest or for other reasons acceptable in law.

 

To exercise any of these rights, please complete and send us the Subject Access and Correction Request Form. We may ask for evidence of identity, and we may exercise the right to charge if we consider your request to be unreasonable e.g. repeated requests for the same information.

 

How to complain

 

If you are unhappy with how we have handled your personal data, you can make a complaint in writing to us at the address below. We will respond to this in line with our Comments, Compliments and Complaints Policy. You can request a copy of this by email.

 

If you have any complaints, please send them to our data protection representative in the first instance. If you are not satisfied with the response you should contact The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9

5AF Phone: 03 031 231 113, email casework@ico.org.uk and website www.ico.org.uk.

 

Further Information

 

If you would like to know more about how we use your information and your rights under the DPA 18, please contact our Data Protection Officer at the address below.

 

The Company’s registered address is: St Nicholas Centre, 70 Church Road, Liverpool, L26 6LB

Email: enquiries@listening-ear.co.uk

Phone: 0151 488 6648

Our ICO registration number is Z1029639