Melrose HR Ltd Candidate Privacy Policy

Introduction

Through our candidate application and recruitment process Melrose HR Ltd will collect, process and store personal information about you. Candidate data is processed for two main purposes which are;
(a) application,
(b) assessment.

This document explains why we collect your personal information, what information we collect and how it is processed.

In this Privacy Notice the term “processing” covers all activities involving your personal information, including collecting, handling, storing, sharing, accessing, using, transferring and disposing of the information.

1) Why do we collect your personal information?

In order to manage your application, we are required to process certain personal information about you. The purposes for this are set out below. We only process your information which is necessary for the purposes of progressing your application or which is required by law or any regulatory requirements.  There are rules set out by Article 6 (general data) and Article 9 (for special data) that we comply with for the strict purpose of the data we collect, use and store.  Not all of the purposes set out below will apply to you.

  • Application: CV, application form, name, address, employment history, academic and professional qualifications.
  • Assessment: CV, application form, interview (face to face, telephone or video), behavioural assessments (such as a formal prepared presentation), technical assessments;

2) What personal information might we process?

Here are some examples of the type of information we may process.

  • Personal details such as name, address, date and place of birth;
  • Work history/job data; previous employers, positions, dates, etc.
  • Employee Benefits; basic salary, benefits, bonuses, etc.;
  • Education and work history including professional qualifications and skills;
  • Vaccination Status/ Nationality/visa/ right to work permit information; (e.g. passport, driving licence, National Insurance numbers)
  • Photographs and images from recorded assessments;
  • Assessment results e.g. Psychometric assessment results, results from video or telephone assessment

During the process, we may also capture some sensitive personal data about you (e.g. disability information). We only do this in order to make reasonable adjustments to enable our candidates to apply for jobs with us, to be able to take online/telephone assessments, to attend interviews/assessments, to prepare for starting at the bank (if successful) and to ensure that we comply with regulatory obligations placed on us with regard to our hiring.

Melrose HR Ltd do have regulatory obligations for processing information relating to your criminal background due to our work with vulnerable adults and children.  If the position you are applying for has access to children or vulnerable adults/and or their records, we will require an enhanced Disclosure from the Disclosure and Barring Service for the successful candidate.

3) Who do we share your personal information with?

Your data will usually be presented to the client company by Melrose HR Ltd. Data will be stored, processed and managed by Melrose HR Ltd.

The recruitment process will involve:

  • Assessing and progressing your application,
  • Assessing your suitability (skills, strengths, behaviours for the role)

Your personal information may be shared with the client company and people:

  • Those employees who will manage your role or are acting on their behalf;
  • Employees in the client company with responsibility for tasks in the recruitment process;
  • Employees in the client company with Legal, Conduct, Risk, HR, Regulatory or Fraud responsibility for investigating issues of compliance regulations, policies and contractual requirements;
  • Employees in IT, within the client company or outsources for this purpose, and system owners who manage user access;
  • Audit and Investigations employees in relation to specific audits/investigations; and
  • Security managers for facilities/premises.

4) How do we protect your information?

Our HR and Recruitment systems are protected to ensure unauthorised or unlawful processing of personal information, accidental loss or destruction of, or damage to, personal information does not occur. Our staff are also trained to ensure they are compliant with GDPR and Data Protection legalisation.

5) Your Rights

Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.

If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.

You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data. Please refer to the Information Commissioners Office website;

https://ico.org.uk/

 

6) Identity and contact details of controller

Melrose HR is the controller of data for the purposes of the DPA 18 and GDPR. If you have any concerns as to how your data is processed you can contact:

Data Controller

recruitment@melrosehr.com

It is your responsibility to keep personal data up to date throughout the application process so that accurate application records can be maintained.

7) Data Retention

In accordance with our Data Retention Policy, we keep data belonging to unsuccessful candidates for a period of six months before deletion. If you wish for this information to be deleted prior to this please email recruitment@melrosehr.com.

January 2022