Godfrey North is committed to protecting your personal information in every aspect of our recruitment services.
This privacy notice describes how Godfrey North collects and uses the personal information you provide to us, in accordance with the General Data Protection Regulation (GDPR).
The kind of information we hold about you
In order to provide our recruitment services, we are required to collect, store, and process your personal information, this may include:
The information you have provided to us in your curriculum vitae, covering letter or in interview or consultation
The information you have provided on an application form, including name, title, address, telephone number, personal email address, employment history, right to work documents, driving licence details, salary and benefits details and qualifications
We may also collect, store and use the following types of more sensitive personal information:
Information about your religious beliefs in order to comply with Fair Employment Legislation
Information about your health, including any medical condition, health and sickness records
Information about criminal convictions and offences
Information about your credit history or other relevant background checks for a particular role
We may be required to process additional information for candidates who would be working on a temporary basis or contract for Godfrey North (either employed through Godfrey North on a contract for services, working under an umbrella company or working as their own Ltd Company) with any of our clients, this could include:
National Insurance number
Details of criminal convictions
Sick leave details
Disciplinary and grievance information
Candidates who are self-employed as a contractor may also need to provide some additional information which could include:
Companies House information
Details of Public Liability insurance
How your personal information is collected
We collect personal information about candidates from the following sources:
You, the candidate
A background check provider where required
A credit reference agency where required
Disclosure and Barring Service in respect of criminal convictions where required
Your named referees, from whom we collect information in relation to your previous employment background and personal character
Any other publically available sources where appropriate
How we will use information about you
We need certain personal information primarily to allow us to provide our recruitment services to you and to enable us to comply with legal obligations. In some cases, we may use your personal information to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests. The situations in which we will process your personal information are listed below.
Providing our recruitment services
Retaining your information on a computerised database
Carrying out background and reference checks, where application
Submitting your CV or application form to third parties
Checking you are legally entitled to work in the UK
Assessing skills, qualifications and suitability for a particular job
Send you marketing communications and information relating to our services which we think may be of interest to you (which you have the right to opt-out of)
To prevent or detect crime, protect public funds or otherwise to complying with any legal or regulatory requirement
If you are engaged as an employee or contractor through Godfrey North we may also need to use your personal data to administering the contract, we have entered into with you, paying you, deducting tax and National Insurance contributions and comply with our legal obligations arising under the contract.
How we use particularly sensitive personal information
We will use your particularly sensitive personal information in the following ways:
We will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during a test or interview
We will use information about your religious beliefs to ensure meaningful equal opportunity monitoring and reporting
If you fail to provide personal information
If you fail to provide certain information when requested, we may not no longer be able to provide our recruitment services to you.
Information about Criminal Convictions
We will only collect information about criminal convictions if it is appropriate given the nature of the role and where we are legally able to do so. Where appropriate, necessary and in line with our contractual obligations to clients and candidates, we will collect information about criminal convictions as part of the recruitment process or we may be notified of such information directly by you.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.
We will only share your personal information with third parties where it is necessary for the purposes of providing our recruitment services, to administer the working relationship with you or where we have another legitimate interest or lawful basis in doing so. This may include providing a CV, application form or salary information to prospective employers or where information needs to be shared with referees or third party testing providers for the purposes of your application for employment. All third-party data processors including pension administrators and IT service providers are required to take appropriate security measures to protect your personal information in line with our data protection policies. We do not allow third-party data processors to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
We may transfer your personal information outside the EU in order to provide our recruitment services to you. If we do, you can expect a similar degree of protection in respect of your personal information.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We will retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Rights of access, correction, erasure, and restriction
Under certain circumstances, by law you have the right to:
Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below)
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it
Request the transfer of your personal information to another party
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact Matthew Godfrey, Managing Director, in writing.
Right to withdraw consent
In circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please notify the Office Manager in writing. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Data Protection Compliance
Our Managing Director will oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the Managing Director. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.