Privacy Notice for Job Applicants

1. 1. OVERVIEW

1.1 This privacy policy makes it clear how we process and protect your personal data. This includes any information that you submit to our online recruitment software and any information gathered on this website. 1.2 By using this site you are agreeing to your data will be held, stored and processed according to the policy detailed below. We comply with the GDPR and as such your data is securely stored and only accessed by relevant and authorised personnel. 1.3 The purpose of the data collection and the type of data requested is decided by the Data Controller. In this instance the Data Controller is Hartford Care . 1.4 The Data Controller uses a Data Processor in order to collect, store and securely transfer your data. In this instance your Data Processor is Talos 360 Basecamp, 4 Webster Court, Carina Park, Warrington, WA5 8WD. The Data Protection Officer for Talos 360 can be contacted at: dpo@talos360.co.uk  

2. 2. DATA SECURITY

2.1 The technology that we use has been designed with your security in mind. Our Data Processor’s servers are based in the UK and EU, and they deploy both technological and operational security measures along with internal policies specifically implemented to protect your data.  

3. 3. LEGAL BASIS

3.1 From the latest data protection regulations (GDPR) our legal basis for processing your data will be in the legitimate interest in using the information that you supply to us in order to process your job application and to provide you with information which may be of use. 3.2 The purpose of our data collection is to assess your suitability for the specific job role that you have applied for. We may also use this information to contact you about other similar job opportunities and may also statistically analyse your data. 3.3 We may also need to request and process your data if it is necessary for the performance of a contract or if we have a legal basis for doing so. This may include the data that you need to supply to us in order to satisfy the offer of a term of employment. 3.4 If we require your explicit consent to process any data as specified by GDPR then we will inform you of this consent requirement, and request your explicit “opt-in”, at the point of data entry.  

4. 4. WHAT DATA DO WE COLLECT?

4.1 The personally identifiable information that we identify, store and process on this site is that which is voluntarily provided to us. This includes (but not limited to):

• • Your CV

• • Cover letters

• • Personal information supplied such as your name, email address & phone number

• • Any details you enter into any application form

• • Any answers to questions that correspond with your recruitment preferences

• • Any supporting information that you provide to expand your candidate profile

 

5. 5. YOUR DATA ACCESS RIGHTS

5.1 When it comes to your personal data you have the right to:

• • Rectify inaccurate or outdated information

• • Request to move your data (data portability)

• • Object to data processing

• • Withdraw your data consent at any time

• • Be forgotten

• • Ask for a copy of your data via a Subject Access Request (SAR)

• • Lodge a complaint with the UK’s Information Commissioner’s Office (ICO) or other relevant supervisory authority

5.2 If you think that there are any inaccuracies in your data then let us know and we will amend your records. We also provide reasonable access to our visitors for reviewing the data that you have provided to this website. In this instance please contact sar@talos360.co.uk with your request. 5.3 If you’d like to remove the data that you have supplied to us then you can do so by here and we’ll delete your records for you. 5.4 If you’re not happy with the manner in which your data has been processed you can submit a case to our internal complaints procedure by contacting dpo@talos360.co.uk. If you are not satisfied with the outcome of our investigation, you have the right to contact the ICO (http://www.ico.org.uk).  

6. 6. SHARING DATA

6.1 The data that you submit to this site may be:

• • Made available to the Data Controller

• • Made available to the Data Processor

• • Used to communicate with you about your application

• • Used to communicate with you in regards to recruitment

• • Used to supply you with relevant (optional) job alerts

• • Added to a searchable candidate database

• • Analysed for our internal statistics to improve processes

6.2 Sometimes information may be processed on our behalf by relevant third parties; this includes but is not limited to: video interviewing companies, payroll software, criminal history screening and HR software. 6.3 We will not collect your information for unrelated purposes without first requesting your consent. 6.4 In some cases, we may be compelled or permitted by the law, an official authority or regulatory requirements to process your personal information without your consent or knowledge, even after you have exercised your right to withdrawal, to be forgotten, or objected to processing. If this happens, we will only process the limited personal data that we are required to do so under these specific requirements.  

7. 7. BACKGROUND SCREENING

7.1 As part of the background screening process, Hartford Care may carry out a background check to determine any criminal history relating to yourself. 7.2 Hartford Care utilise Credence Background Screening Limited (‘Credence’) to process and collect criminal records information. 7.3 The your personal information will be used to gather information regarding:

• • spent convictions;

• • unspent convictions;

• • conditional cautions;

• • cautions;

• • reprimands;

• • warning;

• • and, any other relevant information from the local police force.

7.4 When Hartford Care requests Credence to supply information which Credence sources from the UK’s Disclosure & Barring Service (“DBS”), Disclosure Scotland (“DS”) and/or AccessNI (“ANI”), Hartford Care warrants that it will:

• • observe and fully comply with the DBS / DS / ANI Code of Practice;

• • only request the standard, enhanced or Protecting Vulnerable Groups (PVG) checks for roles that meet the appropriate legislation;

• • make all Candidates aware of the DBS / DS / ANI Code of Practice at the start of the recruitment process and make a copy available to any Candidate on request;

• • include a statement on its application forms or accompanying documentation that DBS / DS / ANI information on the Candidate will be requested in the event of the Candidate being offered a position;

• • comply with its legal requirements for the secure storage, handling, retention and disposal of information which Credence sources from the DBS / DS / ANI;

• • ensure that identity validation of Candidates is undertaken in accordance with DBS / DS / ANI guidelines;

• • and, confirm that Credence plays no part in the recruitment decision.

 

8. 8. LENGTH OF DATA STORAGE

8.1 If there is no activity on your candidate account for 12 months, it will be deactivated. You can also request to withdraw your details at any time and thereafter your data will be fully anonymised for further protection.  

9. 9. PRIVACY POLICY CHANGES

9.1 Provided that compliance is maintained in regards to the General Data Protection Regulation (EU) 2016/679, we reserve the right to amend and modify this privacy statement for any reason and at any time.