Personal data is information that relates to an individual who can be identified from that information, whether or not in conjunction with any other information. Common examples of personal data processed by us in our day to day business include names, addresses, telephone numbers and other contact details, payroll data, attendance data, performance management data, and CCTV images.
In our capacity of a data controller (meaning that we determine how and why your personal data is processed) we are responsible for the processing of personal data of you as an applicant (referred to as “you/r” unless the context provides for a different interpretation) carried out in connection with your application to work with us.
Processing your personal data
How and why do we process your personal data?
Our routines for processing personal data have been construed with the purpose of minimizing the amount of personal data being processed at any time.
The personal data we collect from you or through our systems help us managing your application, but also to comply with our legal obligations or for the conduct of our business. The personal data we collect, the basis of processing and the purposes of processing are detailed below. Sometimes, these activities are carried out by third parties, including other members of our group of companies.
Basis of processing
Purpose of Processing
Where do we obtain your personal data from?
Most of the personal data we process is obtained from you when you apply to join us, but we also obtain personal data about you in employment applications and vetting, performance appraisals or general correspondence, or by using a third-party source such as Facebook or LinkedIn. For other data types, we may obtain it as a result of you being on our premises or using our systems (for example, CCTV footage or IT usage information).
In some circumstances, we may request your explicit consent to process (specific types of) personal data. In these circumstances, you can withdraw your consent at any time by following the instructions provided when you gave consent or at the contact details under Questions and queries below.
Will my personal data be shared with others or transferred to countries outside the EEA?
We will only share your personal data in certain circumstances and where lawful to do so. We may share your personal data with the following third parties and for the following purposes.
We may also transfer your personal data we process to a country outside the European Economic Area (”EEA”), for example, when one of our service providers use staff or equipment based outside the EEA or when one of our group companies is based outside of the EEA. We have put in place adequate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercise of your rights, e.g. we establish an adequate level of data protection through EU Standard Contractual Clauses based on the EU commission’s model clauses. If you would like to see a copy of any relevant provisions, please contact us as set out in Questions and queries below.
How is my personal data secured?
We operate state of IT security systems to protect the confidentiality, integrity, and availability of your personal data. We have in particular taken appropriate security measures against unlawful or unauthorized processing of personal data, and against the accidental loss of, or damage to, personal data. Access is only granted on a need-to-know basis to those people whose roles require them to process your personal data.
How long will we store your personal data?
Your personal data will only be stored for as long as it is necessary to fulfil the purposes for which it was collected (see above) and in order to comply with applicable laws and regulations. This may mean that some information is held for longer than other information. After 12 months an email will automatically be sent to the candidate informing that their personal information will be retained unless they actively opt-out.
What are my rights under applicable data protection laws?
You have various rights which you can enforce, including the right to be informed in accordance with this Information. Please find below descriptions of your rights.
Right of access
Right of data portability
Rights in relation to inaccurate personal or incomplete data
Right to object to or restrict our data processing
Right to have personal data erased
Right to withdrawal
Questions and queries
Career site by Teamtailor