Recruitment Privacy Notice
Version 2, issued: July 2020
1. Introduction and scope
This Privacy Notice provides information on the processing of personal data by ASC Healthcare Limited ‘ASC Healthcare’. This Privacy Notice was last reviewed in July 2020 and may be changed over time. You are advised to check regularly for any changes.
ASC Healthcare, based at Milnthorpe Road, Breightmet, Bolton, BL2 6PD, is the controller for the processing of all personal data of job candidates and future employees or temporary workers working under its supervision (such as trainees).
2. For which purpose are we processing your personal data?
We will process your personal data for the purpose of (i) managing and administering recruitment processes and thereto related policies and practices within ASC Healthcare and (ii) to communicate with you with regard to your interest in employment at ASC Healthcare. Please note that the recruitment process may include:
- Candidate assessment
- Pre-employment screening
- Employment referencing
- Health screening
3. On what lawful basis do we process personal data for this purpose?
We will process your personal data on the basis of our legitimate interest in ensuring that ASC Healthcare can efficiently and effectively assess and select candidates. Pre-employment screening of potential recruits will be executed for security reasons or in relation to export controls, anti-bribery & corruption, ethics & compliance and any other legal or regulatory obligations to which we may be subject.
4. Which personal data do we process for this purpose?
For this purpose, we process your contact details (name, title, telephone, email and home addresses), all information contained in your cover letter or CV/resume (such as your professional memberships, employment and education history), information you have published on professional social networking sites (such as LinkedIn), your correspondence with ASC Healthcare and/or any relevant operating companies with regard to job applications (including references). We may also process personal data necessary for assessing your credit standing, proof of work eligibility and any past unspent criminal convictions.
5. How long do we retain your personal data?
In order to review your candidacy against other opportunities at ASC Healthcare during this period, we will retain your personal data for up to one calendar year from the date of your application.
Should you be become an employee of ASC Healthcare, your personal data will be covered by our Employee Privacy Notice.
6. Who has access to your personal data?
Your personal data will be available within ASC Healthcare to only those who need access to the data and only to the extent necessary to meet the purpose specified in section 2 (above). We will take appropriate measures to ensure that your personal data is adequately protected. Your personal data may also be available to Security and Vetting Solutions (‘SVS’) in order to conduct verification and background checks on potential recruits once an offer of employment has been made and you have accepted. In other cases, your personal data will not be supplied to third parties, except as required by law.
Where SVS processes your personal data solely on our instructions, it acts as a data processor and we enter into an agreement with SVS to ensure that your personal data is appropriately safeguarded. At a minimum, we reserve the right to audit SVS’s security processes, with the right to terminate the agreement where we find the security to be inadequate.
Where we share your data with 3rd party assessment providers as part of the selection process, we will notify you of this in advance. This notification will include the reasons for sharing your personal data with this third party, as set forth herein.
7. How is your personal data secured?
ASC Healthcare have taken adequate safeguards to ensure the confidentiality and security of your personal data. We have implemented appropriate technical, physical and organisational measures to protect your personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access, and against all other forms of unlawful processing (including, but not limited to unnecessary collection) or further processing.
8. Your rights
You have a number of rights under applicable data protection law in respect of our processing of your personal data. These include:
- the right to request access to your personal data;
- the right to request rectification of any personal data that we hold;
- subject to certain conditions:
- the right to request erasure of your personal data;
- the right to request restriction of processing of your personal data;
- the right to have your personal data transferred to another controller;
- where we rely on your consent for processing, the right to withdraw such consent; and
- the right to lodge a complaint with a data protection authority (in England, this is the Information Commissioners Office). A list of other authorities can be found here.
Further details on the scope of these rights can be found in the ASC Healthcare Data Subject Request Form. Should you wish to exercise your rights, please complete the Request Form and send (including any supporting documents) to the Information Security Lead: firstname.lastname@example.org
When in doubt, or if you have any questions relating to data protection, you can contact us via the HR team.