This privacy notice sets out the personal data the College collects about its Personnel and how that data is used and protected.
Personnel is defined as any College employee, worker or contractor who accesses any of the College’s personal data and will include employees, consultants, contractors and temporary personnel hired to work on behalf of the College.
What data will we collect from you – Job Applicants
We will collect personal data from you when you apply for a job with us. This will include your name; address; phone number; email; date of birth; NI number; current employment details including job title, start and end dates, current salary, notice period, reason for leaving; past employment details; education details; whether you are related to any personnel of the College or governing body; references; driving license; vehicle ownership.
We will also ask you if you would like to provide us with data regarding any disabilities you may have and whether there are any special arrangement you require for interview; plus your gender, ethnicity religion/belief and sexual orientation.
What data will we collect from you – College Employees
We will collect additional personal data from you when you are offered a position and once you become an employee at the College. This may include your marital status; previous surname(s); next of kin and contact details; bank details; pension details; other employment; certifications/qualifications, photograph; disqualification information; voluntary salary reductions; student loan details; attachment to earnings data; medical information; car registration, make and model; car insurance details; tax code data; pre‑employment health questionnaire/medical report; criminal record details.
Over the course of your employment we will store and process personal data about you which may include appraisal/performance management; training & development records; travel expenses; contract details; working time; annual leave; travel expenses; changes to your terms and conditions.
This could also include disciplinary, grievance, capability details, sickness absences, maternity/paternity/adoption information; accidents and injuries at work; health information; flexible working; exit interviews; return to work notifications; parental leave request forms; occupational health records.
We use CCTV at our site for the purposes of crime prevention, security and health and safety and, accordingly, will capture imagery of personnel whilst they are at the College. Our door/car park entry system also records location data.
To support remote working and preparations to return to campus during the corona virus pandemic the College will collect additional data. This will include details about your personal circumstances and to confirm whether you fall into a vulnerable category. The legal basis for processing the data is to maintain our contractual relationship with you and to comply with a legal obligation to ensure your health and safety at work in line with the Health and Safety at Work Act 1974. The data will be used by HR, your line manager/Head of Department and any other relevant College staff in order to assess any specific risks to you in the role you undertake at College and will be retained in line with our data retention schedule.
How will we use your data
We will use your personal data set out above as follows:
- for the recruitment process and for carrying out pre‑employment checks;
- for safeguarding students;
- for checking your identity and right to work in UK;
- for checking your qualifications;
- to keep an audit trail of the checks we have made and our relationship with you in case of employment claims;
- to set up payroll and pension and to reimburse expenses;
- for dealing with HMRC;
- for communicating with you;
- for carrying out our role as your employer or potential employer.
What is our legal basis for this processing?
Generally, the data we collect is processed on the basis that it is necessary for performing our employment contract with you, or it is necessary to take steps before entering into a contract with you.
We also collect and use personal information on the basis that we need to do so in order to comply with our legal obligations.
Where we collect medical/health data this is defined as special category data. We collect and process this on the grounds that it is necessary for carrying out our obligations under employment law and/or necessary to assess the working capacity of employees. In some circumstances we may request your consent.
Where we collect data to enable us to ensure and monitor equality of opportunity and treatment e.g. your ethnicity, disability, religious belief, sexual orientation this is defined as special category data. We process this data on the grounds that it is in the public interest, specifically by enabling us to identify and keep under review the existence or absence of equality of opportunity or treatment.
How will we store and secure your data?
All the above data is held electronically in password protected systems which are accessed by authorised College staff only. Some hard copy information is also retained, where this is the case it is stored in a locked area which is accessed by authorised College staff only.
The College uses software systems to process some of its personnel data which are provided by the following third party suppliers:
Corero Resource 3200 – finance system
UNIT-e – student management system;
The College has a written agreement in place to ensure the protection of any data included which can be accessed by the provider. The providers do not have any routine access to the data processed by the software other than in the course of the provision of technical support and system development. This includes an online, two stage security validation system.
Does anyone else process your data
When you apply for a job with us we use the Association of Colleges’ (AoC) Education Recruitment System to process your data. We have a third party data processing agreement in place with the AoC which includes relevant clauses to ensure the protection of your personal data. Please note you may have also registered using the AoC system to access roles more generally across the FE sector, if this is the case your data is also processed by the AoC and you should review the relevant AoC privacy notice.
We use Cintra HR & Payroll Services Ltd to process payments in our payroll system.
We use Russell Richardson Ltd to confidentially dispose of any hard copy data; this may include your personal data.
Where we use third party processors we have an appropriate contract in place. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
Who do we share your data with?
We do not share information about our personnel unless the law and our policies allow/require us to do so.
We may share the personal information that you give us with the following organisations (or types of organisation) for the following purposes:
- We will share information with HM Revenue and Customs for the purposes of administering your tax and national insurance arrangements.
- Where you are a member we will share relevant information with the Universities Superannuation Scheme for the purpose of administering your pension arrangements.
- Where you are a member we will share relevant information with the South Yorkshire Pensions Authority for the purpose of administering your pension arrangements.
- Where appropriate we may share your contact details with our security services provider.
- We may be asked to share personal data about you with the National Office for Statistics as part of our statutory duties.
- We may be required to share your data with law enforcement agencies.
- We may be required to share your data with NHS Test and Trace to enable them to identify and contact people who may have been exposed to the coronavirus. Further information is available at https://ico.org.uk/global/data-protection-and-coronavirus-information-hub/
We may also share your personal information with third parties who provide services to the College as follows:
- In some circumstances the College may engage the services of an occupational health provider or medical practitioner, where it is proposed that this is undertaken the human resources department will ensure that the individual concerned is provided with full details of the provider, an outline of any data to be shared/requested and be asked to provide their consent where appropriate.
- From time to time the College may use the services of a third party recruitment agency. This is for the purpose of recruiting and employing personnel. Where this is the case we may share information about the individual employees concerned. The College will have a written contract in place with any provider utilised which will include appropriate clauses to ensure the protection of personal data.
- The College’s audit providers may view your data as part of their audit of the College.
Is your data transferred outside of Europe
We do not store or transfer your personal data outside Europe.
Is your data used to make any automated decisions?
We do not make automated decisions using the data outlined in this notice.
How long will we keep your data
We will not keep your personal information for longer than we need it for the purposes we have explained above.
When you apply for a job with us, but your application is unsuccessful, we will normally keep your personal information for six months. In exceptional circumstances we may ask if we can retain your information for longer, for example if we think there may be a future vacancy you might be interested in. In such a case we would request your specific consent.
When you are an employee we will keep your personal information in line with our data retention schedule.