The Galway Clinic (GC) has implemented this document to demonstrate its commitment to the

Similar documents
Blackwater Motors Group PRIVACY POLICY

DATA PROTECTION NOTICE

Privacy Policy 2018 VERSION 1.0

THE COMPETITION AND CONSUMER PROTECTION COMMISSION JOB APPLICANT PRIVACY NOTICE 1. INTRODUCTION... 2

LSEG Recruitment Privacy Notice

a) Account data is data gathered directly from you or your employer for the purposes of entering into a contract for the services we offer

UCD Human Resources. UCD HR Privacy Statement - Employee

SUNSEEKER INTERNATIONAL LIMITED PRIVACY POLICY FOR JOB APPLICANTS

CELESTYAL CRUISES LIMITED SUBJECT ACCESS REQUEST POLICY

PRIVACY NOTICE - Recruitment

PERSONAL DATA REQUEST RESPONSE TEMPLATE GUIDANCE

Depending on the circumstances, we may collect, store, and use the following categories of personal information about you:

WEBSITE PRIVACY POLICY. Park Retail is a subsidiary of Park Group plc. (registered in England with company number ) ( Park Group ).

Recruitment Privacy Notice

Privacy Statement - Recruitment

Our Privacy Principles

THINK LEGAL RECRUITMENT PRIVACY POLICY ONLINE AND GENERAL USE

WEBSITE PRIVACY POLICY. Park Retail is a subsidiary of Park Group plc. (registered in England with company number ) ( Park Group ).

GENERAL DYNAMICS UK LTD NOTICE TO APPLICANTS REGARDING THE PROCESSING OF PERSONAL DATA

Nissa Consultancy Ltd Data Protection Policy

Privacy Notice for Candidates

University for the Creative Arts Application Declaration. Data Protection Privacy Notice

GDPR P4 Privacy Policy Statement & Guidance for Employees and External Providers

DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS

Privacy Policy. To invest significant resources in order to respect your rights in connection with Personal Data about you:

Privacy Notice. The Kind of Information We Hold About You

RECRUITMENT PRIVACY NOTICE

Trinity is committed to protecting the privacy and security of personal data.

PRIVACY NOTICE - DRIVER HIRE TRAINING

The data protection rules require that personal information we hold about you must be:-

WIGAN & LEIGH COLLEGE

PRIVACY POLICY. 1. Who is who in this privacy policy?

Getting ready for the new data protection laws A guide for small businesses, charities and voluntary organisations

Notice. Recruitment Privacy Notice

WORLEYPARSONS RECRUITMENT PRIVACY NOTICE

DATA PROTECTION RECRUITMENT POLICY OF THE EUROPEAN COMMUNICATIONS OFFICE (ECO)

Xerox Privacy Notice: Rights of data subjects pursuant to the General Data Protection Regulation

Information duties for applicants

What personal details do we hold

Privacy policy. 1.1 We are committed to safeguarding the privacy of our donors, supporters and all those involved in School Club Zambia (SCZ).

HEALTHY WORKPLACE PRIVACY POLICY

STROMMA S PRIVACY POLICY

STROMMA S PRIVACY POLICY

CHECKLIST FOR TASKS NEEDED IN ORDER TO COMPLY WITH GDPR. Legal02# v1[RXD02]

GDPR Annotated Privacy Statement

The website for 10 Y Fan is hosted by - payments for registration and merchandise are processed by Stripe.

GDPR DATA PROCESSING NOTICE FOR FS1 RECRUITMENT UK LTD FOR APPLICANTS AND WORKERS

The Society of St Stephen s House Site Security and Monitoring Privacy Notice

TimePlan Education Group Ltd ( the Company ) Data Protection. Date: April Version: 001. Contents

EcoNova's Privacy Policy Statement

HR Garda Vetting Privacy Notice. Kerry County Council Comhairle Contae Chiarraí

VITROLIFE S PRIVACY POLICY

WILLIAM FRY JOB APPLICATION/RECRUITMENT DATA PROTECTION NOTICE

James Frost Data Compliance Manager. Privacy Notice (including for use on the company website)

Please read the following carefully in order to understand our policies and practices regarding your personal data and how we process them.

How employers should comply with GDPR

RECRUITMENT PRIVACY NOTICE

Privacy Policy EDCTP Association

Data Protection Employee Privacy Notice

RSD Technology Limited - Data protection policy: RSD Technology Limited ( the Company )

Stolle Europe Introduction Important information and who we are Controller and contact information Complaints

PRIVACY NOTICE FOR JOB APPLICANTS

Quarries Skills Certification Scheme

UK SCHOOL TRIPS PRIVACY POLICY

Introduction. Welcome to the OAG Aviation Group privacy notice.

Data Protection Policy

PREPARING YOUR ORGANISATION FOR THE GENERAL DATA PROTECTION REGULATION YOUR READINESS CHECKLIST DATA PROTECTION COMMISSIONER

This Notice applies to you if you are a job applicant or other potential employee of the Kao Company.

The Data Controller for all personal data stored and processed by Horiba MIRA Ltd is:

Policy Document for: Data Protection (GDPR) Approved by Directors: September Due for Review: September Statement of intent

STAFF PRIVACY NOTICE

INTERNATIONAL WHAT GDPR MEANS FOR RECORDS MANAGEMENT

Brasenose College is committed to protecting the privacy and security of personal data.

General Data Protection Regulation (GDPR)

HYDRASUN LTD RECRUITMENT PRIVACY NOTICE

PERSONAL INFORMATION

DATA PROTECTION POLICY

The Growth Company Group Privacy Notice

DATED: 25/05/2018 GDPR PRIVACY NOTICE FOR HOPES & DREAMS LTD FOR EMPLOYEES, CHILDREN ATTENDING A GROUP NURSERY AND THEIR PARENTS

GDPR POLICY. This policy complies with the requirements set out in the GDPR, which will come into effect on

Wesley House data protection statement and privacy notice (staff)

Julia Woodhouse Privacy Notice (including for use on the company website)

We have prepared a general privacy notice covering all subject data and including use of our website at

UoW takes measures to enable data to be restored and accessed in a timely manner in the event of a physical or technical incident.

Data Protection Policy Approved by: COG Approved: 9 August 2017 Review date: August 2019 Version: Statement of Intent

Quarries Skills Certification Scheme

Data Protection Policy. Data protection. Date: 28/4/2018. Version: 1. Contents

What does the GDPR mean for recruitment?

DELL BANK INTERNATIONAL D.A.C DATA PROTECTION STATEMENT - USE OF PERSONAL DATA 1

SCHOOLS DATA PROTECTION POLICY. Guidance Notes for Schools

EXECUTIVES ONLINE PRIVACY STATEMENT

SAVINGS PRIVACY NOTICE YOUR PERSONAL INFORMATION AND WHAT WE DO WITH IT

Data Protection Policy

Transcription:

Galway Clinic Recruitment Privacy Notice 1. Introduction The Galway Clinic (GC) has implemented this document to demonstrate its commitment to the protection of your personal data. We recognises that protecting personal data, including special categories of data (sometimes referred to as sensitive personal data), is very important to you and that you have an interest in how we collect, use, store and share such information. This notice sets out how we will use and protect your personal data for recruitment purposes and provides an overview of how GC ensures the protection of personal data in the context of recruitment procedures. It also sets out which rights persons submitting personal data in that context have. Please note that we reserve the right to update this Privacy Notice as required. The most recent version of this document can be found on our website using the following link https://www.galwayclinic.com/general/recruitment-privacy-policy 1.1 Company Information References to GC, us, our and we refer togalway Clinic, and any associated companies from time to time. More information about GC can be found at: www.galwayclinic.com. 1.2 Legislation All personal data we gather will be processed in accordance with all applicable data protection laws and principles, including the EU General Data Protection Regulation 2018 and the applicable Irish Data Protection Acts. 1.3 Queries and Complaints If you require further information about the way your personal data will be used, or if you are unhappy with the way we have handled your personal data, and wish to contact us please submit your concerns to:dpo@galwayclinic.com

The DPO@galwayclinic.commailbox is managed by the GC DPO function and all correspondence received will be addressed accordingly, including support from the designated GC Data Protection Officer. You have the right to lodge a complaint with the Office of the Data Protection Commissioner. To contact the Office of the Data Protection Commissioner, please use the following details: Data Protection Commissioner Helen Dixon Canal House Station Road Portarlington County Laois Telephone: +353 (0)761 104 8000 Telephone: +353 (0)57 868 4800 Email: info@dataprotection.ie LoCall Number: 1890 252 231 Fax: +353 (0)57 868 4757 Please note that we will take all appropriate steps to keep your personal data safe. In the unlikely event that we have a security breach, we will notify you without undue delay about the circumstances of the incident as required within our legal obligations.

2. Recruitment Privacy Information 2.1 How do we collect information? It is necessary that we collect personal data relating to prospective employees. This data may be collected directly by our staff or by recruitmentagencies, which you have engaged during the search for employment. Sometimes we may request that other organisations, where you have indicated that you have previously worked, provide us with data relating to you in order to ensure that you are an optimal fit for GC. 2.2 What do we use information for? We use your personal data to validate your qualifications for the relevant position for which you have applied for or have been referred for. This enables us to ensure that our staff are of the highest standard and capable of providing superior healthcare to our patients. Specifically, we may use the personal data we gather for any or all the following purposes: Process Description Lawful Basis for Processing under GDPR Job Applications Checking Referees Pre-employment screening When you apply for a job at GC, certain data is collected and shared among a panel within GC. All applicants must go through this screening process. We may contact references which you have provided to us to validate your work experience and achievements. There are a number of steps which may be taken in order to further validate your suitability for the role being applied for, including: interviews; psychometric testing; and occupational health assessments. for the performance of a contract to which the applicant is party or to take steps at the request of the applicantprior to entering a contract. for the performance of a contract to which the applicantis party or to take steps at the request of the applicant prior to entering a contract. for the performance of a contract to which the applicant is party or to take steps at the request of the applicant prior to entering a contract. for the assessment of the working capacity of the applicant.

Process Description Lawful Basis for Processing under GDPR Garda Vetting CCTV Footage Visitor Sign-In We may require that you are Garda vetted prior to confirming your offer of employment. CCTV cameras are in operation both inside and outside of the clinic in order to protect our staff, patients and property. Visitor data is recorded at our reception to keep a log of external parties who are operating within the clinic. The National Vetting Bureau Bill 2012. The use of the data is in our legitimate interests as a healthcare provider. The use of the data is in our legitimate interests as a healthcare provider. System Maintenance Call Recording Sometimes data may be accessed during system repairs and updates, as required. Candidate data will also be used in order for the Clinic to maintain system back-ups in the event of an IT system failure. Telephone calls made to our enquiries line are sometimes recorded for quality purposes. for the management of health services. to ensure high standards of quality and safety of health care. The use of the data is in our legitimate interests as a healthcare provider. to ensure high standards of quality and safety of health care. 2.3 Who do we share information with? There are various circumstances in which we may share personal data with other parties. Generally, this includes our staff, medical consultants with whom we have an existing relationship and some preadvised third parties. Any party which you have given us permission to speak with (family, friends or otherwise),health insurance providers. We take steps to ensure that any third-party partners who handle your information comply with data protection legislation and protect your information to the same extent as we do. We only disclose personal information that is necessary for them to provide the service that they are undertaking on our behalf. We will aim to anonymise your information or use aggregated non-specific data sets where possible. 2.4 What type of information is collected? While the type of personal data we collect may vary based on your application and the role being applied for, we believe it is important that you are aware of the types of personal data we may gather

and use. The following table is a non-exhaustive list of the categories and types of personal data we use to perform our duties. Please note that the information listed under one category may be used for the performance of a task, or in relation to activities listed under another heading or as outlined in Section 2.3 above. Reason Personal Identity Contact Details Education Work Experience Occupational Health Determining Benefits Payroll Clinic Security Type of Data Collected Title, name, ID Documents Home address, email address, mobile number Academic qualifications, dates of attendance, grades achieved Details of work experience, employment references Medical report Information regarding personal circumstances and family status Bank account details CCTV footage, visitor sign-in logs.

3. How long do we retain information? How long we keep data is primarily determined by how long it is required for the stated purpose, for time periods set out by legislation or the period required to defend ourselves against legal action. For candidates, information such as your CV which has been collected during the recruitment process is retained for 1 year from the date of the recruitment decision. Where we wish to retain personal data beyond statutory periods we will either: Anonymise the information so that it is no longer possible to determine who the data relates to. Have justification for doing so (e.g. legal claims). Please feel free to contact us if you would like more information about our specific retention periods. 4. What are your rights? You have a number of rights when it comes to your personal data. On receipt of a valid request to invoke one your rights, we will do our best to adhere to your request as promptly as reasonably possible, however, restrictions may apply in certain situations. 4.1 Right of Access You have a right to know what personal data we hold on you, why we hold the data, and how we are using the data. When submitting your request, please provide us with information to help us verify your identity and as much detail as possible to help us identify the information you wish to access (i.e. date range, subject of the request). 4.2 Right to Rectification You have a right to request that the personal data held in relation to you is up to date and accurate. Where information is inaccurate or incomplete, we encourage you to contact us to have this information rectified. Upon receipt of your request, we will ensure that the personal data is rectified and as up to date as is reasonably possible. 4.3 Right to be Erasure You have the right to seek the erasure of personal data relating to you in the following circumstances: The personal data is no longer required for the purposes for which is was obtained. Where the use of the data is only lawful on the basis of consent, you withdraw consent to the processing and no other lawful basis exists. The personal data is being used unlawfully. You object to the use of your personal data and there are no overriding legitimate grounds for the use of the data Your personal data requires deletion in line with legal requirements.

However, we will be unable to fulfil an erasure request if the personal data is required for execution of an employee s active employment contract. Please be aware that in certain circumstances we may need to retain some information to ensure your preferences are respected in the completion of our duties. For example, we cannot erase all information about you where you have also asked us not to send you future communications. Otherwise, your preference not to receive communications from us would be erased. 4.4 Right to Restriction You have the right to restrict the extent for which your personal data is being used by us in circumstances where: You believe the personal data is not accurate (restriction period will exist until we update your information). The processing of the personal data is unlawful but you wish to restrict the use of the data rather than erase it. Where the personal data is no longer required by us but you require the retention of the data for the establishment, exercise, or defence of a legal claim. You have a pending objection to the future use of your personal data. When the use of your data has been restricted, your personal data will only be further used: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of other people; or for reasons important to public interest. We will contact you to confirm where the request for restriction is fulfilled and will only lift the restriction after we have informed you that we are doing so. 4.5 Right to Data Portability You have the right to the provision of all personal data that you have provided to GC in relation to you in a structured, commonly used and machine-readable format where: The lawfulness of the use of your personal data by us is reliant on the basis a contract. The lawfulness of the use of your personal data by us is reliant on the provision of your consent. The data is being utilised by fully automated means. You may also request that we send this personal data to another legal entity where technically feasible. We will refuse such a request if the data being requested may adversely affect the rights and freedoms of others. 4.6 Right to Object You have the right to object to the further use of your personal data where: The lawfulness of the use of your personal data by us is reliant on the basis of our legitimate interests. Where the data is non-sensitive, and being used for reasons in the public interest. Where the data is being used for direct marketing purposes.

If you wish to object to the use of your data, please contact us with your request. We will then stop using the data of personal data unless it is required for legal proceedings. 4.7 Right not to be subject to Automated Decision Making, including Profiling You have a right not to be subject to a decision based solely on automated processing or profiling, where such decisions would have a legal effect or significant impact on you. Where we (or one of our third-party processors) use profiling, which produces legal effects for you or otherwise significantly affects you, you will have the right to object to such processing. 5. Cookies GC respects the privacy of all visitors to our websites. Our website employs cookies in order to operate effectively, more information on how our website uses cookies can be found at https://www.galwayclinic.com/cookie-policy

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback