UoW takes measures to enable data to be restored and accessed in a timely manner in the event of a physical or technical incident.

Similar documents
STAFF PRIVACY NOTICE

Depending on the circumstances, we may collect, store, and use the following categories of personal information about you:

GDPR DATA PROCESSING NOTICE FOR FS1 RECRUITMENT UK LTD FOR APPLICANTS AND WORKERS

GDPR P4 Privacy Policy Statement & Guidance for Employees and External Providers

LIFE STYLE CARE PLC. Privacy Statement for Employees. August 2018

DATED: 25/05/2018 GDPR PRIVACY NOTICE FOR HOPES & DREAMS LTD FOR EMPLOYEES, CHILDREN ATTENDING A GROUP NURSERY AND THEIR PARENTS

GDPR Policy of Lovedaycare Nursery

What personal details do we hold

DATED. 14 th MAY 2018 GDPR PRIVACY NOTICE FOR TRUSTEES, EMPLOYEES, VISITORS, STUDENTS, CHILDREN ATTENDING

St Stephen in Brannel Parish Council PRIVACY NOTICE. For Staff*, Councillors and Role Holders 1 **

DIGITGAIN LTD. Rectory Road, Padworth Common, West Berkshire, RG7 4JD Tel: DATED GDPR PRIVACY POLICY FOR EMPLOYEES,

DATA PROTECTION POLICY

Alwoodley Golf Club. Privacy Notice for Employees, Workers, Officers and Consultants

We reserve the right to update this privacy notice at any time. Please check our website from time to time for any changes we may make.

Wellington College Belfast

Abercorn Care Limited Employment Application Form

DATA PROTECTION POLICY

This privacy notice applies to School staff, including employees, workers, secondees and contractors.

How The Cabinet Office Handles HR and Finance Personal Information

Job applicant privacy notice (compliant with the General Data Protection Regulations (GDPR)

DATED MAY 2018 GDPR PRIVACY NOTICE FOR EMPLOYEES, CHILDREN ATTENDING AND THEIR PARENTS

University of Suffolk. Privacy Information Notice for Employees and other Workers

EDWARDS COMMERCIAL CLEANING SERVICES LTD and EDWARDS COMMERCIAL CLEANING (NORTH) LTD Data Protection Policy for Employees, Workers and Consultants

Union Employees Privacy Statement

PRIVACY NOTICE FOR JOB APPLICANTS

GDPR Privacy Notice for Staff

Parent / Carer Privacy Notice

Stolle Europe Introduction Important information and who we are Controller and contact information Complaints

THORNHILL CRICKET AND BOWLING CLUB LIMITED

Data Protection Employee Privacy Notice

PRIVACY NOTICE FOR OUR MEMBERS

CURTIS BANKS LIMITED. Privacy Information Notice (for employees) curtisbanks.co.uk

CURTIS BANKS LIMITED. Privacy Information Notice (for employees) curtisbanks.co.uk

DATED th May GDPR PRIVACY NOTICE AND THEIR PARENTS

DIOMED DEVELOPMENTS LIMITED DATA PRIVACY NOTICE FOR APPLICANTS

Privacy notice for the school workforce

You can contact us directly at Dechert LLP, 160 Queen Victoria Street, London, EC4V 4QQ, United Kingdom or by ing

MARLDON BOWLING CLUB

Privacy notice for suppliers, contractors and volunteers

SSI SERVICES (UK) LTD APPLICANT PRIVACY NOTICE

[STAFF DATA PROTECTION NOTICE]

Data Protection Policy

Privacy Notice Work Force

The Heathland School. Privacy notice for staff

Privacy notice for the school workforce (all staff) The personal data we hold

THE PORTSMOUTH GRAMMAR SCHOOL

DATA PROTECTION POLICY

Swansea University Recruitment Privacy Policy

PRIVACY NOTICE 1. PERSONAL INFORMATION

P Drive_GDPR_Data Protection Policy_May18_V1. Skills Direct Ltd ( the Company ) Data protection. Date: 21 st May Version: Version 1.

BRADFORD DIOCESAN ACADEMIES TRUST

TimePlan Education Group Ltd ( the Company ) Data Protection. Date: April Version: 001. Contents

Privacy Notice for Staff

2 What personal information are we collecting?

PRIVACY NOTICE - DRIVER HIRE TRAINING

Data Protection Policy. Data protection. Date: 28/4/2018. Version: 1. Contents

RSD Technology Limited - Data protection policy: RSD Technology Limited ( the Company )

Copyright 2018, Tech Mahindra. All rights reserved. WORKER PRIVACY NOTICE

GDPR transparency notice for candidates (contractors and permanents)

CHESHUNT SWIMMING CLUB

James Calvert Spence College. Privacy Notice for Staff. Date: 13/01/2019

LSEG Recruitment Privacy Notice

Candidate Privacy Notice

GDPR - Privacy Notice Staff

GDPR - Privacy Notice Staff

Privacy Notice: for staff, trustees, governors and all who are engaged to work within The Evolve Trust

TCS Privacy Notice - Staff

Privacy Notice: All staff

University for the Creative Arts Application Declaration. Data Protection Privacy Notice

Wesley House data protection statement and privacy notice (staff)

LPC Law Recruitment Privacy Notice

The Data Controller for all personal data stored and processed by Horiba MIRA Ltd is:

NCVO recruitment & GDPR applying for a job with us

PRIVACY NOTICE for Welsh St Donat s Community Council, May 2018

The Growth Company Group Privacy Notice

RECRUITMENT PRIVACY NOTICE

Employee Privacy Notice

Workforce Privacy Notice

APPLICATION FORM SCAFFOLDING LTD POSITION APPLIED FOR PERSONAL DETAILS NEXT OF KIN DRIVING LICENCE DETAILS YES YES. T Offence code. Date.

HYDRASUN LTD RECRUITMENT PRIVACY NOTICE

City. The and any protection and. privacy. City. City Act City (ICO) and our. The. contact the: College Plymouth P

Severn Trent candidate privacy policy. Updated: July 2018

W h i t t l e s C h a r t e r e d A c c o u n t a n t s

Nissa Consultancy Ltd Data Protection Policy

CHANNING SCHOOL DATA PROTECTION POLICY

Page 1 of 6 Copyright York Archaeological Trust 2018 Edition 2 ( )

Page 1 of 6 Copyright York Archaeological Trust 2018 Edition 2 ( )

Bank of China (UK) Limited Privacy Notice

Privacy Statement About this privacy policy Who are we and how to contact us

Network Rail internal privacy notice

The Company is a data controller, meaning that it determines the processes to be used when using your personal data. Our details are as follows:

HOLY TRINITY CE PRIMARY SCHOOL PRIVACY NOTICE FOR PARENTS / CARERS OF PUPILS

GENERAL DATA PROTECTION REGULATION. New Data Protection Laws

Little Gaddesden C. of E. Primary School

PRIVACY NOTICE FOR STAFF

RECORD OF PROCESSING ACTIVITIES ST CUTHBERT S CATHOLIC HIGH SCHOOL

THE COMPETITION AND CONSUMER PROTECTION COMMISSION JOB APPLICANT PRIVACY NOTICE 1. INTRODUCTION... 2

WORLEYPARSONS RECRUITMENT PRIVACY NOTICE

Recruitment/appointment including assessing your job application

Transcription:

PRIVACY NOTICE UNIVERSITY OF WARWICK We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event that you have a complaint. Who we are The University of Warwick ( UoW ) is committed to protecting the privacy and security of personal information. The purpose of this notice is to promote transparency in the use of personal information, and to outline how the University and Human Resources (HR) collect and use personal information during and after your working or visiting relationship with us, in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 1998. The UoW collects, uses and is responsible for certain personal information about you. This is known as processing. When we do so we are regulated under the General Data Protection Regulation (GDPR) 2016 which applies across the European Union (including in the United Kingdom) and we are responsible as data controller of that personal information for the purposes of those laws. You, as the individual to whom the personal information relates, are the data subject. Security To ensure full compliance the UoW carries out detailed risk analysis, has instituted a number of organisational policies, in addition to physical and technical measures. Where appropriate, we also take measures such as anonymisation to ensure data cannot be used to identify you and/or encryption to ensure that the data cannot be accessed without the right security accesses and codes. Where UoW engages a third party to process personal data it will do so on the basis of a written contract which conforms to the security requirement of the General Data Protection Regulation. UoW takes measures to enable data to be restored and accessed in a timely manner in the event of a physical or technical incident. UoW also ensures that we have appropriate processes in place to test the effectiveness of our security measures. 1 12

Scope This notice is intended for job applicants, employees, (current and former), workers (including agency), apprentices, interns, work experience and volunteers, contractors, honorary/ visiting associates. Data Protection Principles We will apply the following data protection principles when processing your personal information. The personal information must be: Processed lawfully, fairly and in a transparent manner. Collected only for legitimate purposes that have been clearly explained to you as the data subject and not used in any way that is incompatible with those purposes. Relevant, adequate and limited to the purposes notified to the data subject. Accurate, kept up to date and held securely in order to protect against unlawful or unauthorised processing, and accidental loss, destruction or damage. Retained only for the period necessary for the purposes notified to the data subject and kept in a form that does not identify the data subject for longer than necessary Processed securely with safeguards in place to prevent unauthorised or unlawful processing or accidental loss/destruction Lawful Basis for Processing Personal Data Personal information will only be used when the law permits this to happen. Most commonly personal information will be used in the following circumstances: Where you have given us your consent In order to fulfil UoW s obligations to you as part of your contract of employment. Where UoW needs to comply with a legal obligation (for example, the detection or prevention of crime and financial regulations) Where it is necessary for UoW s legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. To protect the vital interests of the data subject or of another person (for example, in the case of a medical emergency) In order to perform a task carried out in the public interest 2 12

We may use your particularly sensitive personal information in the following circumstances where, in addition to a lawful basis for processing, there exists one of the grounds: Explicit consent where you give us given explicit consent. Legal obligation related to employment - The processing is necessary for a legal obligation in the field of employment and social security law or for a collective agreement. Vital interests - The processing is necessary in order to protect the vital interests of the individual or of another natural person where the data subject is physically or legally incapable of giving consent. This is typically limited to processing needed for medical emergencies. Not for profit bodies - The processing is carried out in the course of the legitimate activities of a not-for-profit body and only relates to members or related persons and the personal data is not disclosed outside that body without consent. Public information - The processing relates to personal data which is manifestly made public by the data subject. Legal claims - The processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity. Substantial public interest - The processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law. Healthcare - The processing is necessary for healthcare purposes and is subject to suitable safeguards. Public health - The processing is necessary for public health purposes and is based on Union or Member State law. Archive - The processing is necessary for archiving, scientific or historical research purposes, or statistical purposes and is based on Union or Member 3 12

State law. Member States can introduce additional conditions in relation to health, genetic, or biometric data. How is your personal information collected? This information for employees, workers (including agency), volunteers and work experience, contractors, honorary position holders and visiting individuals is typically collected through the application and recruitment process, either directly from the data subjects or sometimes from an employment agency or background check provider. Additional information may be collected from third parties such as former employers, and other referees. UoW will also collect additional personal information in the course of work related activities throughout the period of you working for or with the University. Type of information The following are examples of personal information which may be collected, stored and used: Personal contact details such as name, date of birth title, addresses, telephone numbers, and personal email addresses. Marital status and dependents Gender. Next of kin and emergency contact information. National Insurance number, bank account details, payroll records and tax status information Salary, annual leave, pension and benefits information. Copy of driving licence. Our purpose in collecting this information is to ensure that those who are employed in a driving capacity for UoW are legally entitled to do so. Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process). Employment records (including job titles, work history, working hours, training records and professional memberships). 4 12

Compensation history, including merit pay and SPRR payments. Salary benchmarking and pay modelling. Personal development information (including PDR, training and progression). Disciplinary, grievance and performance management information. Information relating to maternity, paternity, shared parental or adoption leave. CCTV footage and other information obtained through electronic means such as swipe/identity card records. Our purpose in collecting this information is to ensure the safety and security of UoW, its people and facilities Information about your use of our information and communications systems. Photographs. Our purpose in collecting this information is in order to issue identity cards to staff which allow the use of and access to UoW facilities Information relating to Research Passports (in order to undertake research in the NHS). We may also collect, store and use the following categories of sensitive personal information: Information about your race or ethnicity, religious beliefs. Our purpose in collecting this information is for equality, diversity and inclusion monitoring and institutional reporting Trade union membership. Our purpose in collecting this information is to facilitate communication with a particular body where necessary Information about your health, including any medical condition, health and sickness records, and disability information. Our purpose in collecting this information is so that we can assess your fitness for work and need for any reasonable adjustments Information about criminal convictions and offences. 5 12

Purpose of Processing and associated legal basis Purpose Making a decision about your recruitment, continued engagement or termination. Checking you are legally entitled to work in the UK. Paying you and making the relevant tax and National Insurance deductions, as appropriate and required. Providing associated workplace benefits. Liaising with your pension provider and administering your pension, including spousal and dependants entitlement Administering the contract the University has entered into with you. Business management and planning, including accounting and auditing. Conducting performance reviews, managing performance and determining performance requirements, including making decisions in relation to completion of probation. Gathering evidence for conducting investigations for possible grievance or disciplinary hearings. Education, training and development requirements. Dealing with legal disputes involving you, or other employees, workers and contractors, including accidents at work. Ascertaining your fitness to work and managing sickness absence. Legal Basis and/or complying with a legal obligation and/or complying with a legal obligation and/or performance of a contract and/or legitimate interest of sound management of the business of the University and legitimate interest of ensuring staff have access to training and development where required and legitimate interest of ensuring 6 12

the efficient running of the University To prevent fraud. To monitor your use of our information and communication systems to ensure compliance with the University s IT policies. Equal opportunities monitoring. Issuing identity cards to staff Providing staff parking permits Legitimate interest of ensuring proper usage and network security of University systems Legitimate interest of maintaining security whilst allowing staff access to university areas Change of Purpose UoW will only use personal information for the purposes for which it was collected unless it is considered reasonably that it is needed for another purpose and the reason is compatible with the original purpose. If the University needs to use your personal information for an unrelated purpose, it will notify you and will explain the legal basis that permits it to do so. The University may process your personal information without your knowledge or consent, in compliance with this policy and procedure, where this is permitted by law. Consent for the use of personal information Once you have accepted an offer of employment with UoW, as part of the on-boarding process we will seek your consent for the processing of your personal data for the following services: Warwick Sport By providing your consent, you are agreeing to have the following personal information processed, including: 1. Your full name 2. Your date of birth 3. Emergency contact details 4. Your Warwick ID number 5. Your employee photograph 7 12

6. Your start date Benefits Bronze package Information Marketing to expect By default you will be enrolled in bronze membership allowing you to gain access to facilities free of charge. You will be provided with exclusive news, updates, discounts and marketing information. Warwick Retail By providing your consent, you are agreeing to have the following personal information processed, including: 1. Your full name 2. Your date of birth 3. Your Warwick ID number 4. Your employee photograph 5. Your start date Third Party Eating at Warwick Marketing to expect By providing your details you will be able to use your card in order to gain a 10% discount for food purchases within the campus. Full details can be found: eating.warwick.ac.uk In limited circumstances UoW may contact you for your written consent to the processing of particularly sensitive data. In such circumstances UoW will provide you with full details of the information needed and the reason it is needed, so that you can consider whether you wish to give your consent. Where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Individuals need to write to 8 12

infocompliance@warwick.ac.uk to withdraw their consent. Once UoW been notified that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law. If the latter is the case we will inform you of this legitimate basis. Information in relation to criminal convictions Information in relation to criminal convictions will only be used where permitted by law. This will usually be where such processing is necessary to carry out our obligations for example where it is appropriate to do so given the nature of the role. UoW will use information about criminal convictions and offences to assess your suitability to carry out the work for which you have been engaged. Data Sharing UoW may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where there is another legitimate interest in so doing, including but not limited to for joint appointments with other external organisations. Third parties with whom we may share your data include: Third parties within the EEA The respective pension scheme applicable to your contract (USS, UWPS, NHS) Legal basis Compliance with a legal obligation and/or performance of a contract United Kingdom Visas and Immigration (UKVI)(reference visa applications). Disclosure and Barring Service (DBS) checking organisation (GB Group) NHS HMRC Car Parking Partnership Parking Eye Compliance with a legal obligation Compliance with a legal obligation and/or legitimate interest and/or consent Compliance with a legal obligation Staff Parking Facilities Staff are offered the option of purchasing a permit to park in UoW car parks. The scheme is administered on behalf of UoW by Car Parking Partnership ( CPP ) and Parking Eye. 9 12

By opting in to the scheme you enter in to a contract with UoW for the provision of a service, namely parking. UoW will collect the following data in order to provide that service under contract. 1. Vehicle registration number 2. Make and model of vehicle If parking terms and conditions are breached, UoW will share the following information with CPP and Parking Eye for enforcement purposes: 1. Your vehicle registration number 2. The start and end date of your parking permit Transfers of data outside of the EEA We may transfer the personal information we collect about you to countries outside the EEA so long as there is a legal basis for doing so or we have your consent. In certain circumstances we may seek your explicit consent to send your personal information outside of the EEA. When doing so we will inform you in clear terms of any associated security risks in order to enable you to make an informed decision. Before sending your personal data to countries outside of the EEA data we will ensure that adequate data protection provisions are in place, the processor has provided appropriate safeguards to ensure enforceable rights and legal remedies or other specified conditions are met under data protection law. Data retention Personal information will be retained only for as long as is necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting or reporting requirements. Details of retention periods are contained in the University s Records Retention Schedule (RRS) In some circumstances we may anonymise your personal information so it may no longer be associated with you, and in these circumstances we may use such information without further notice to you. The personal information of former job applicants, employees, workers (including agency), apprentices, interns, work experience and volunteers, contractors, honorary/ visiting associates will be retained and securely destroyed in line with the retention periods set out in the RRS and/or applicable legal requirements. Your Rights Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to: Fair processing of information and transparency over how we use your use personal information 10 12

Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address Require us to correct any mistakes in your information which we hold Require the erasure of personal information concerning you in certain situations Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations Object at any time to processing of personal information concerning you for direct marketing Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you Object in certain other situations to our continued processing of your personal information Otherwise restrict our processing of your personal information in certain circumstances Claim compensation for damages caused by our breach of any data protection laws You can request to be removed from future publications and digital content at any time, but you cannot be removed from materials which have already been published. To exercise any of these rights an individual needs to send an email to infocompliance@warwick.ac.uk. No fee will be charged although the University reserves the right to charge a fee if a data subject access request is made or the request for access is clearly unfounded or excessive, or to refuse to comply with the request in these circumstances. Data Protection Officer The University has appointed a Data Protection Officer (Anjeli Bajaj) to oversee compliance. Their contact details for queries are as follows: E-mail: Address: infocompliance@warwick.ac.uk Data Protection Officer University House Kirby Corner Rd University of Warwick 11 12

Coventry CV4 8UW Individuals have the right to make a complaint at any time to the Information Commissioner s Office (ICO), which is the UK supervisory authority for data protection issues, who may be contacted at https://ico.org.uk/concerns/ or telephone: [0303 123 1113]. However, please bear in mind that the ICO does recommend that data subjects approach the data controller in the first instance with any queries/complaints. Changes to this Privacy Notice This privacy notice was published on 16 th May 2018. The University reserves the right to update this policy at any time and we will provide you with a new privacy notice whenever we make substantial updates. 12 12

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback