Introduction

This job applicant privacy notice applies to all individuals who apply for a job with Daisy Communications, Digital Wholesale Solutions and/or Daisy Corporate Services, which are all part of the Daisy Group of companies. When we refer to “we”, “our” or “us” we are referring to Daisy Group Holdings Limited of Lindred House, 20 Lindred Road, Brierfield, Nelson, BB9 5SR (Company No. 09162741) and its subsidiaries or any of them as the context so requires.

We are the controller of any personal data processed during the recruitment process. We are committed to protecting your personal data. This privacy notice tells you how you can expect us to use your personal data. We keep this privacy notice under regular review to make sure it is accurate and up to date. If we make any changes, we will publish an updated version of this notice on our website.

Any links from our website to other websites are provided merely for your convenience and do not imply our endorsement of the content or the provider. If you follow a link to any of these websites, you do so at your own risk and we do not accept any responsibility or liability for the content of such websites.

Information we may process about you

We will not process more information about you than is necessary. We will ask for information about you at different stages of the recruitment process to ensure we only process data that is relevant. We may process the following information about you:

  • Name and contact details e.g. telephone number and email address
  • CV and cover letter
  • A declaration of your right to work in the UK
  • A declaration of whether you have any unspent criminal offences
  • Interview notes
  • Proof of your right to work in the UK e.g. passport, birth certificate, national insurance number
  • Referee details and references
  • A Disclosure and Barring Service (DBS) check or higher security check depending on the job role
  • Bank account details
  • Details of any medical conditions or disabilities that may require us to make a reasonable adjustment
  • Medical information, if subject to a medical examination
  • Next of kin/emergency contact details
  • Pension information
  • Equal opportunities monitoring information e.g. marital status, religious beliefs, ethnic origin – this information is optional and it will not affect your job offer if you do not provide it

We will gather this information in a variety of ways including directly from you, publicly available sources such as LinkedIn and third parties such as your referees and the DBS. You are not obliged to provide the information we request from you. However, if you do not provide it, we may be unable to progress your application.

Why we process your personal data

We will process your personal data for one or more of the following purposes:

  • To assess your suitability for a job vacancy you applied for
  • To verify information provided by you, such as your right to work in the UK and criminal records
  • To make reasonable adjustments for you, if necessary
  • To conduct reference checks
  • To correspond with you regarding the progress of your application or future jobs you may be suitable for
  • For equal opportunities monitoring
  • If successful, to make necessary arrangements regarding your pay and emergency contacts

In order to process your personal data, we must have a lawful basis to do so. We will only process your personal data where you have consented to the processing or the processing is necessary for one or more of the following reasons:

  • For the performance of a contract with you or to take steps at your request before entering into a contract
  • For our legitimate interests or those of a third party
  • To comply with a legal obligation
  • To carry out employment obligations
  • For preventative or occupational medicine or assessing your working capacity
  • For equal opportunities monitoring

Where we consider it is within our legitimate interests or those of a third party to process your data, we will ensure this does not override your interests, rights and freedoms. We consider it is within our legitimate interests to fully assess applications for employment to ensure only suitable candidates are both assessed and selected.

We also consider it is in our legitimate interests to seek assurances as to the integrity and reliability of people we employ to ensure data is handled responsibly and our reputation is upheld. Therefore, we take reasonable steps to verify the information you have provided to us, including a DBS check. We will only ask for information about unspent convictions, unless an exception applies.

Retention of your personal data

We will only retain your personal data for as long as is necessary, based on our business needs and any legal or regulatory requirements. If you are unsuccessful, we will normally retain your personal data for up to 6 months, after which it will be securely destroyed. If you are successful, the information you have provided will form part of your employee record and you will be provided with an employee privacy notice detailing how we will process your personal data.

Sharing your personal data

Your personal data may be shared with any member of the Daisy Group of companies. Your personal data may also be shared with our recruitment partner, Lorien. Here is a link to Lorien’s privacy notice. Your personal data may also be shared with third parties such as Smart Recruiters, building landlords and management facilities providing CCTV and access control, government bodies e.g. the DBS and HMRC and referees provided by you.

There may be other circumstances in which we may lawfully share your data with third parties, for example, where we are required to do so by law, by court order, or to prevent fraud or other crimes. Where we share data, however, we will do so in accordance with applicable data protection laws.

Transfers of your personal data

We will generally only share your data within the European Economic Area (EEA). However, if we need to transfer your data outside of the EEA, we will only do so where:

  • A decision has been made by the European Commission that a place provides adequate protection for your personal data; or
  • We have put in place appropriate safeguards to protect your personal data such as standard contractual clauses; or
  • We rely on a specific ground for the transfer (called a derogation), such as your consent.

For more information on international transfers or a copy of the measures in place (where applicable) please contact us using the details at the end of this notice.

Your rights and how to contact us

The General Data Protection Regulation (GDPR) provides you with the following rights regarding your personal data:

  • The right to access the personal data we hold about you (commonly known as a subject access request)
  • The right to rectify the personal data we hold about you where it is inaccurate or incomplete
  • The right to have the personal data we hold about you deleted (commonly known as the right to be forgotten)
  • The right to restrict the way we use your personal data
  • The right to data portability e.g. to get your personal data from us in a commonly used and machine-readable format or ask us to transfer it to another organisation
  • The right to object to the way we process your personal data

There are some rights that we will always comply with, such as an objection to receiving direct marketing. However, we are not obliged to comply with all requests we receive. If there is a legitimate reason why we cannot comply with a request you make, for example a legal requirement may mean we have to keep your data even if you have requested that we delete it, we will let you know. We will endeavour to respond to you within one month of receiving your request. However, if a request is manifestly unfounded or excessive, we may require an extra two months to respond to it or we may refuse to comply with it. If this is the case, we will let you know within a month of receiving your request.

We will not charge you for exercising your rights, unless the request is manifestly unfounded or excessive, in which case we may charge a reasonable fee for our administrative costs. We may require identification from you before we can consider your request. If identification or a fee is required, we will let you know without undue delay.

In addition to these rights, if we are processing your personal data based on your consent, you have the right to withdraw your consent at any time, free of charge.

If you would like to exercise any of your rights or have any concerns about our processing of your personal data, you can contact our Data Protection Officer at:

  • compliance@daisygroup.com
  • Lindred House, 20 Lindred, Brierfield, Nelson, BB9 5SR

If you are dissatisfied with the way we have handled your data, you also have the right to complain to a supervisory authority. In the UK, the supervisory authority is the Information Commissioner. The Information Commissioner’s Office can be contacted at:

  • 0303 123 1113
  • casework@ico.org.uk
  • Wycliffe House, Water Lane, Wilmslow, SK9 5AF