Unitemps privacy notice
Unitemps City St George’s, University of London
Find a job
Unitemps privacy notice
Unitemps City St George’s, University of London
Company Name: | Unitemps City St George’s, University of London (‘the Company’) |
---|---|
Company Contact details: | Unitemps City St George’s, University of London Email: dataprotection@city.ac.uk Unitemps operates as a franchise network. Contact details and privacy notices for all UK franchises can be found here: https://www.unitemps.com/privacy-notice |
Document: | Privacy Notice |
Date: | 2nd December 2024 |
Version: | 2.0 |
The Company is a recruitment business which provides work-finding services to its clients and work-seekers. The Company must process personal data (including special category data) so that it can provide these services – in doing so, the Company acts as a data controller. When you register with a different Unitemps branch, apply for their roles, or are engaged under a contract for services to work for them then they will act as data controller, their privacy notice will apply to the processing of your data and you should direct any queries to them directly.
You may give your personal details to the Company directly, such as on an application or registration form or via our website, or we may collect them from another source such as a jobs board. The Company must have a legal basis for processing your personal data. For the purposes of providing you with work-finding services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement. At all times we will comply with current data protection laws.
1. Collection and use of personal data
Purpose of processing and legal basis
The Company will collect your personal data (which may include special category data) and will process your personal data for the purposes of providing you with work-finding services. This includes for example, contacting you about job opportunities, assessing your suitability for those opportunities, updating our databases, putting you forward for job opportunities, arranging payments to you and developing and managing our services and relationship with you and our clients.
If you have opted-in we may also send you marketing information and news via email. You can opt-out from receiving these at any time by clicking “unsubscribe” when you receive these communications from us.
In some cases we may be required to use your data for the purpose of investigating, reporting and detecting crime and also to comply with laws that apply to us. We may also use your information during the course of internal audits to demonstrate our compliance with certain industry standards.
We must have a legal basis to process your personal data. The legal bases we rely upon to offer our work-finding services to you are:
To fulfil a contractual obligation that we have with you
When you register your details on our website we ask you to agree to our terms of engagement. You will also be working under a Contract for Services should you find temporary work through Unitemps and we shall process your data as is necessary for the performance of this contract
Your consent
We may process your personal data on the basis that you have consented to us doing so for a specific purpose, for example, if we would like to put you forward for a vacancy that you have not applied for we would ask for your consent to share your details with our client, we also ask for your consent to send you any marketing information.
You may withdraw your consent to our processing of your personal information for a particular purpose at any stage. Please note that we may continue to retain, or otherwise use your personal information, where we have a legitimate interest or a legal or contractual obligation to do so. Our processing in that respect will be limited to what is necessary in order to comply with those interests or obligations.
To comply with a legal obligation that we have
We must comply with a number of statutory provisions, including the Conduct of Employment Agencies and Employment Businesses Regulations 2003, when providing our recruitment services which require us to process personal data. These require us to:
- verify a candidate’s identity
- assess a candidate’s suitability for a job role
- conduct right to work checks
- adhere to payroll, tax, social security and HMRC requirements
Where we have a legitimate interest
This is where the Company has a legitimate reason to process your data provided it is reasonable and does not go against what you would reasonably expect from us. Where the Company has relied on a legitimate interest to process your personal data our legitimate interests are as follows:
- managing our database and keeping work-seeker records up to date;
- assessing your suitability and to contact you regarding potential opportunities and/or our services
- in order to source potential opportunities or roles as part of our Recruitment Services
- contacting you to seek consent where we need it;
- providing work-finding services to you, including sending your information to our clients where you have demonstrated an interest in doing that particular type of work but not expressly consented to us passing on your cv;
- retaining records of our dealings and transactions and where applicable, use such records for the purposes of:
- establishing compliance with contractual obligations with Clients or suppliers
- addressing any query or dispute that may arise including establishing, exercising or defending any legal claims
- protecting our reputation
- maintaining a back-up of our system, solely for the purpose of being able to restore the system to a particular point in the event of a system failure or security breach
- financial reporting
- determining staff training and system requirements
Statutory/contractual requirement
The Company has certain legal and contractual requirements to collect personal data (e.g. to comply with the Conduct of Employment Agencies and Employment Businesses Regulations 2003, immigration and tax legislation, and in some circumstances safeguarding requirements.) Our clients may also require this personal data, and we may need your data to enter into a contract with you. If you do not give us personal data we need to collect we may not be able to continue to provide work-finding services to you.
Recipients of data
Unitemps is a franchise network and the details you provide will be shared with all of the UK Unitemps franchises in our network in order to provide you with our Recruitment Services. The Company will also process your personal data and/or special category data with the following recipients:
- Hirers and clients, necessary for the provision of our Recruitment Services
- Your former or prospective new employers that we obtain or provide references to
- Any regulatory authority or statutory body pursuant to a request for information or any legal obligation which applies to us
- Parties who process data on our behalf to include:
- IT support
- Storage service providers including cloud
- Legal and professional advisers
- Background screening providers
- Payroll departments/bureaus
- Government, law enforcement agencies and other regulators e.g the Police, Home Office, HMRC, Employment Agencies Standards Inspectorate (EASI), DWP
2. This section applies when we have not collected your personal data directly from you
Categories of data: The Company has collected the following personal data on you:
Personal data:
- Name
- Contact details, including telephone number, email address and postal address
- Experience, training, qualifications and skills
- CV – which may include job history and educational history
- Contact details of referees
If you register as a candidate on our website, or if you work for us, then we will need to collect further personal data from you directly
Special category data:
We may have collected special category data on you, for example health or religion information, if you have included any of this type of special category data in your CV.
Source of the personal data: The Company sourced your personal data/special category data from:
- Social Media such as LinkedIn
- Online jobsites such as Reed
- The public domain
- Recommendations from clients or candidates
Where we have obtained your personal data from a third party such as an online job board, it is our policy to advise you of the source when we first communicate with you.
3. Overseas Transfers
The Company may transfer only the information you provide to us to countries outside the European Economic Area (‘EEA’) for the purposes of providing you with work-finding services. We will only do this if the client and the job role are based outside the EEA. We will take steps to ensure adequate protections are in place to ensure the security of your information. The EEA comprises the EU member states plus Norway, Iceland and Liechtenstein. For further information on international transfers of personal data please visit the ICO’s pages.
4. Data retention
The Company will retain your personal data only for as long as is necessary for the purpose we collect it. Different laws require us to keep different data for different periods of time. For example, the Conduct of Employment Agencies and Employment Businesses Regulations 2003, require us to keep work-seeker records for at least one year after the date on which we last provide you with work-finding services.
We must also keep your payroll records, holiday pay, sick pay and pensions auto-enrolment records for as long as is legally required by HMRC and associated national minimum wage, social security and tax legislation. This is currently 3 to 6 years.
We are required to hold records relating to your right to work for 2 years after your engagement with us has ended.
If you have never worked for us we will delete your personal data from our systems 2 years from the last date of any activity on your profile. If you have worked for Unitemps we will be required to keep some of your data for longer periods due to statutory requirements but we will delete all of your data from our system 7 years after your last period of engagement.
Your personal data will be securely destroyed at the expiry of any relevant retention period.
5. Your rights
Please be aware that you have the following data protection rights:
- The right to be informed about the personal data the Company processes on you;
- The right of access to the personal data the Company processes on you;
- The right to rectification of your personal data;
- The right to erasure of your personal data in certain circumstances;
- The right to restrict processing of your personal data;
- The right to data portability in certain circumstances;
- The right to object to the processing of your personal data that was based on a public or legitimate interest;
- The right not to be subjected to automated decision making and profiling; and
- The right to withdraw consent at any time.
Where you have consented to the Company processing your personal data and special category data you have the right to withdraw that consent at any time by contacting dataprotection@city.ac.uk. Please note that if you withdraw your consent to further processing that does not affect any processing done prior to the withdrawal of that consent, or which is done according to another legal basis.
There may be circumstances where the Company will still need to process your data for legal or official reasons. We will inform you if this is the case. Where this is the case, we will restrict the data to only what is necessary for the purpose of meeting those specific reasons.
If you believe that any of your data that the Company processes is incorrect or incomplete, please contact us using the details above and we will take reasonable steps to check its accuracy and correct it where necessary.
You can also contact us using the above details if you want us to restrict the type or amount of data we process for you, access your personal data or exercise any of the other rights listed above.
6. Data Security
The Company keeps your personal data secure at all times using both physical and technical measures.
Where appropriate, we also take measures such as anonymisation to ensure data cannot be used to identify you and/or encryption to ensure that the data cannot be accessed without the right security accesses and codes.
Where the Company engages a third party to process personal data it will do so on the basis of a written contract which conforms to the security requirement of the GDPR and DPA 2018.
The Company takes measures to enable data to be restored and accessed in a timely manner in the event of a physical or technical incident.
The Company also ensures that we have appropriate processes in place to test the effectiveness of our security measures.
7. Complaints or queries
If you wish to complain about this privacy notice or any of the procedures set out in it please contact dataprotection@city.ac.uk or write to:
Data Protection Officer
Information Assurance Team
City St George’s, University of London
Northampton Square
London
EC1V 0HB
United Kingdom
You also have the right to raise concerns with Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/concerns/, or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.
8. Changes to this privacy notice
We will update this privacy notice from time to time. We will post any changes on the notice with revision dates. If we make any material changes, we will notify you.