PRIVACY POLICY & GDPR STATEMENT
DATA PRIVACY POLICY (UK OFFICES)
This policy sets out the personal information that we collect and process about you, the purposes of the processing and the rights that you have in connection with it.
1. Types of personal information we collect
As part of our recruitment process we may use a 3rd party to obtain information about candidates and applicants such as a pre-employment screening service or the CRB (Criminal Records Bureau) where appropriate.
The types of personal information we may process routinely include any of the following:
Candidates:
- Identification data: civil/marital status; first and last name; photograph; date and place of birth; nationality
- Contact details: address; telephone number (fixed and mobile); email address.
- Employment details: employment history; current job; company name; grade; salary & Benefits; geographic location.
- Academic and professional qualifications: degrees; titles; skills; language proficiency; training information.
Employees:
- Identification data: civil/marital status; first and last name; photograph; date and place of birth; nationality.
- Family household composition: civil status (married, divorced, widow(er); number of children.
- Contact details: address; telephone number (fixed and mobile); email address; emergency contact information.
- Employment details: job title; company name; grade; geographic location; employee performance and evaluation data; employee discipline information; information regarding previous roles and employment; employee benefits information; leave/absence requests.
- National identifiers: national ID/passport number; tax ID; government identification number; driver’s license; visa or immigration status.
- Academic and professional qualifications: degrees; titles, skills; language proficiency; training information; employment history; CV/résumé.
- Financial data: bank account number; bank details; salary and compensation data; bonuses; pension qualification information; payroll data.
- IT related data: computer ID; user ID and password; domain name; IP address; log files; software and hardware inventory; software usage pattern tracking information (i.e., cookies and information recorded for operation and training purposes).
- Lifestyle: hobbies; social activities; holiday preferences.
Relatives:
- Identification data: name; age; date of birth; place of birth.
- Contact details: home address; telephone number (including mobile telephone number); email address.
- Professional details: job title; employer; work address; email address; telephone number (including mobile telephone number).
Sensitive personal information may include any information that reveals your racial or ethnic origin, religious, political or philosophical beliefs, (“Sensitive Personal Information”). As a general rule, we try not to collect or process any Sensitive Personal Information about you, unless authorised by law or where necessary to comply with applicable laws.
We may also, in some circumstances, need to collect, or request on a voluntary disclosure basis, some Sensitive Personal Information for legitimate employment-related purposes:
- Race and ethnicity may appear indirectly on photos and other information available on passports and national IDs, which are necessary to comply with local immigration laws and for employee travel management. However, race/ethnicity are not processed purposefully in Europe with the exception of where we are tracking to measure the effectiveness of our diversity efforts.
In such circumstances we shall ensure that such Sensitive Personal Information is collected and processed in accordance with all applicable laws.
2. Purposes for processing personal information
For the processing of any personal data to be legal, there has to be a satisfactory reason for that processing to take place. These reasons are specified by law and include:
- We are processing your data for the performance of a contract:
– for example, for contractors we process your bank details so that we can pay your
Invoices, as agreed under the contract between you and us. - Processing is necessary to comply with a legal obligation
– for example, If we are obliged to make national insurance and tax payments on your behalf, so we need your national insurance and tax reference numbers for this. - The processing is necessary for us to pursue our legitimate interests as an employment Agency:
Time Sourcing will review each processing activity to establish the lawful basis of processing. We will only process your personal data where we can do so based on one of these three reasons.
We may process your personal information for the following purposes:
Employees:
- the management of employment-related activities including but not limited to: employment records; payroll; administrative and managerial tasks; time-tracking; compensation; equity- related awards; healthcare and other benefit administration; employee traveling, expense tracking and reimbursement; appointments or removals; disciplinary matters; ensuring compliance with Group and company policies; working time management; determining and reviewing salaries; employee career development (including superannuation, employee evaluations); talent management; compliance with applicable legal and other requirements; management reporting and analysis; enabling internal contacts and communication; providing training and learning services; providing IT support to Employees; management and maintenance of the functioning and security of the IT systems and network; social activities and personnel representation.
Relatives:
- Management of healthcare and other benefits for relatives of employees; providing social and cultural programs and activities to relatives of employees; storing emergency contact details.
Candidate Applicants:
- Management of internal and external hiring process. selecting and scheduling meetings and /or Interviews with potential employers; communicating with employers and candidates.
3. Who we share your personal information with
We may share your personal information with the following recipients or categories of recipients:
- Employees with authorised access and on a need-to-know basis only (including direct managers, senior management, office management and HR teams).
- Third party service providers appointed by and acting on behalf of Time Sourcing;
- Business associates and other professional advisers;
- The recipient’s legal department;
- Any person or organisation to whom the recipient may be required by applicable law or regulation to disclose personal information, including law enforcement authorities, central and local government.
4. Monitoring
The Company may engage in the monitoring of electronic messages and files processed by the Company’s Electronic Services for business purposes. This monitoring may consist of (but is not exclusive to):
- Establishing evidence of the Company’s financial transactions,
- Gaining routine access to the Company’s business communications,
- Ensuring compliance with regulatory or self-regulatory rules or guidance,
- Maintaining the effective operation of the Company’s systems and procedures (for example, so as to detect and prevent the spread of malicious code),
- Ensuring that the Company’s standards of service are maintained and determining where employees may need further training, and
- combating crime and investigating or detecting unauthorised use of the Company’s telephone, e-mail and Internet systems and procedure.
If the Company suspects that its electronic facilities are being abused or used inappropriately it may monitor anyone at any time. This may include opening any e-mails or messages sent or received, or content posted, to assess their content.
Please see the IT & Digital Acceptable Use policy for further information.
Please note, we allow all our employees a safe space on the system for storage of their own personal files and documents. This file should be marked private and will not be subject to monitoring unless we are given a reasonable cause for concern or to investigate.
5. Transfer of personal information abroad
As we operate on a global level, we may need to transfer personal information to countries other than the ones in which the information was originally collected. When we export your personal information to a different country, we will take steps to ensure that such data exports comply with applicable laws.
6. Data retention periods
Personal information will be stored in accordance with applicable laws and kept as long as required in order to carry out the relevant purposes or as otherwise required by applicable law.
7. Your data privacy rights
In the European Economic Area, you have certain rights under data protection laws which include the right: (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure if your personal information is inaccurate, no longer necessary in relation to the purposes for which it was collected, or is being unlawfully processed; (iii) to restrict or object to the processing of your personal information; and (iv) if applicable, to portability of your personal information.
To make such a request, please use the contact details at below. We will consider and act upon any such requests in accordance with applicable data protection laws.
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.
8. Updates to this Information
This information may be updated periodically to reflect any necessary changes in our privacy practices. In such cases, we will inform you, for example, via email update or staff intranet, and indicate in the information when it was most recently updated. We encourage you to check periodically in order to be aware of the most recent version of this information.
9. Questions and Concerns
You can address any questions or concerns relating to this or our privacy practices to the contact details below.
10. Contact details
Please address any questions or requests relating to this policy to Grant@time-sourcing.com