The Company is a recruitment business which provides work-finding services to its clients and work-seekers. The Company must process personal data (including sensitive personal data) so that it can provide these services – in doing so, the Company acts as a data controller.
You may give your personal details to the Company directly, such as on an application or registration form or via our website, or we may collect them from another source such as a jobs board. The Company must have a legal basis for processing your personal data. For the purposes of providing you with work-finding services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement.
1.Collection and use of personal data
a) Purpose of processing and legal basis
The Company will collect your personal data (which may include sensitive personal data) and will process your personal data for the purposes of providing you with work-finding services. The legal bases we rely upon to offer these services to you are:
- Legitimate interest
b) Legitimate interest
Where the Company has relied on a legitimate interest to process your personal data our legitimate interests is/are as follows:
- We interpret the legal basis for this processing is our legitimate interest in finding an appropriate person for a job vacancy. We consider that by registering with Nurseline Community Services you have given your permission to us collecting and holding personal information for disclosing this information to potential employers and clients in our recruitment process.
c) Recipient/s of data
The Company may process your personal data and/or sensitive personal data with the following recipients:
- Clients for work finding services
- Payroll Systems (Safe Outsourcing, Sage)
- Online rostering / Workforce management system / Document Storage (Sirenum, 3B Forms)
- Document destruction service (Shred-It)
- Hosting Services (GoDaddy)
- Email Marketing Tools / Analytics Tool (Mailchimp, Google Analytics)
d) Statutory/contractual requirement
Your personal data is required by law and/or a contractual requirement (e.g. our client may require this personal data), and/or a requirement necessary to enter into a contract. You are obliged to provide the personal data and if you do not the consequences of failure to provide the data are:
- Failure to provide this data will affect us being able to complete the recruitment process and therefore we would be unable to find you suitable work.
2. Overseas Transfers
The Company may transfer only the information you provide to us to countries outside the European Economic Area (‘EEA’) for the purposes of providing you with work-finding services. We will take steps to ensure adequate protections are in place to ensure the security of your information. The EEA comprises the EU member states plus Norway, Iceland and Liechtenstein.
3. Data retention
The Company will retain your personal data only for as long as is necessary. Different laws require us to keep different data for different periods of time.
The Conduct of Employment Agencies and Employment Businesses Regulations 2003, require us to keep work-seeker records for at least one year from (a) the date of their creation or (b) after the date on which we last provide you with work-finding services.
We must also keep your payroll records, holiday pay, sick pay and pensions auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security and tax legislation.
Where the Company has obtained your consent to process your personal and sensitive personal data, we will do so in line with our retention policy (a copy of which is attached). Upon expiry of that period the Company will seek further consent from you. Where consent is not granted the Company will cease to process your personal data and sensitive personal data.
4. Your rights
Please be aware that you have the following data protection rights:
- The right to be informed about the personal data the Company processes on you;
- The right of access to the personal data the Company processes on you;
- The right to rectification of your personal data;
- The right to erasure of your personal data in certain circumstances;
- The right to restrict processing of your personal data;
- The right to data portability in certain circumstances;
- The right to object to the processing of your personal data that was based on a public or legitimate interest;
- The right not to be subjected to automated decision making and profiling; and
- The right to withdraw consent at any time.
Where you have consented to the Company processing your personal data and sensitive personal data you have the right to withdraw that consent at any time by contacting our Compliance Manager.
5. Complaints or queries
If you wish to complain about this privacy notice or any of the procedures set out in it please contact our Compliance Manager.
0117 4030 943
You also have the right to raise concerns with Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/concerns/, or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.