Privacy Notice: Recruitment
During the course of our recruitment activities, the Trust collects, stores and processes personal information about our prospective staff. It does this only when the requirements for fair and lawful processing are met. This privacy notice provides a summary of how we uphold this by describing:
- the categories of personal data we collect
- the purposes for which it is processed
- the persons and organisations it might be shared with.
As part of the application process, we collect the following personal information:
- date of birth
- National Insurance number
- contact details, including email address, home address, and telephone numbers
- education and training
- employment records (including professional membership, references and proof of eligibility to work in the UK)
- personal demographics (including gender, race, ethnicity, sexual orientation, religion, disability and marital status)
- information relating to health and safety
- sickness records
- details relating to occupational health (see Ascenti and Optima privacy notices)
- training records
- disciplinary records
- bank account details
- pension details
- driving licence details, including endorsements and accident history
- criminal records (including alleged offences), criminal proceedings, outcomes and sentences
- Trade Union membership
- emergency contact details.
Some information is provided by you, the candidate, during the recruitment process through your application form or through a recruitment agency via your CV.
Information is processed in a variety of paper and electronic formats and is used to:
- Create and maintain your staff record (processing is necessary because we have asked you to take specific steps before entering into a contract).
- Communicate with you throughout your employment with YAS (processing is necessary under the contract you have with us or because we have asked you to take specific steps before entering into a contract).
- Monitor equal opportunity statistics and help us understand staff demographics (we request your explicit consent to process this data).
- Check criminal records every three years to help make safer working environments for roles that are eligible in line with the Rehabilitation of Offenders Act 1974 (we request your explicit consent to process this data). Processing shall be carried out only under the control of official authority or when the processing is authorised by Union or Member State Law providing for appropriate safeguards for the rights and freedoms of data subjects.
- Check facts about your qualifications (where necessary for the purposes of carrying out obligations in the field of employment, social security and social protection if authorised by law).
We will not routinely disclose any information about you without your permission. However, there are circumstances where the law says we must or can share information about you. Any disclosures of personal data are always made using the minimum personal data necessary for the specific purpose and with the appropriate security controls in place.
There are a number of reasons why we may need to share your information. It can be because of:
- our duty to comply with legislation
- a requirement to comply with a court order.
It may also be in order to fulfil our obligations as an employer, for example:
- meeting health and safety obligations
- security checks
- the provision of employee services, such as occupational health, pensions administration and staff training.
We may obtain and share personal data with a wide variety of bodies, including:
- Her Majesty's Revenue and Customs (HMRC)
- Disclosure and Barring Service
- Home Office
- Child Support Agency
- central government, government agencies and departments
- local authorities and other public bodies
- Ombudsman and other regulatory authorities
- courts and prisons
- financial institutes such as banks and building societies for approved mortgage references
- credit reference agencies
- utility providers
- educational, training and academic bodies
- law enforcement agencies
- emergency services
- Department for Work and Pensions (DWP);
- The Assets Recovery Agency
- relatives or guardians of an employee where there is a legal duty to do so.
We will retain information only for as long as required by law. Records are maintained in line with the Trust’s Records Management Policy and retention periods are based on guidance provided in the Records Management Code of Practice for Health and Social Care (NHS Digital, 2016).