Throughout your employment, we must utilise your personal data to fulfil legal obligations – such as tax or pension contributions. We also need it to meet contractual provisions – your bank details to pay you, for instance. We routinely process other information e.g. recording your holidays, sickness, maternity etc. Sometimes we compare your information with that of other staff e.g. to monitor the ethnicity of our workforce. When we do, we normally try to anonymise such information.
As a data controller, we are accountable for the personal data we process and always do so in a fair, lawful and transparent manner. We process information both manually and electronically but it is always for a specific, legitimate purpose. We keep it only for as long as necessary to fulfil that purpose. We retain it securely and confidentially throughout. When its purpose is fulfilled, we securely destroy or erase it.
Sometimes we share your information with third parties e.g. HMRC, pension and benefit providers, our professional advisors etc. On other occasions we may receive information about you from a third party e.g. your chosen referee for a job application, a criminal record check etc.
Sometimes we may process personal data outside the UK and occasionally outside the European Economic Area. If we do, you can expect a similar degree of protection in respect of your personal information.
If you want to ask something about your data you are welcome to contact our Data Protection Officer who is William Connor / firstname.lastname@example.org . If you want details of current information we hold about you this is also where to send your request. There is normally no charge and we will respond within a month where practicable.
It’s important that the information we hold about you is accurate and up-to-date. If you think something’s out-of-date, incorrect or inappropriate please tell us. This includes your bank account, home address, telephone number(s) etc. We also need to know who to contact on your behalf in an emergency. And you need to tell them you’ve given us their contact details.
The security of your personal data is very important to us. Your privacy is uppermost in the design and operation of our data systems. Unfortunately, not all information systems are under our immediate control (HMRC for instance). And we recognise criminality is increasingly sophisticated. Consequently, we will advise you promptly if we become aware of any significant breach of security involving your personal data.
If you’re ever concerned about how we’ve handled your personal data please raise this confidentially in writing with email@example.com. We will investigate and respond as quickly as possible. If you are unhappy with our response, you may be able to raise your concern with the appropriate supervisory authority (which in the UK is normally the Office of the Information Commissioner).
Please read “Data Protection Policy” which you’ll find in our employee handbook. This sets out more detail about how we deal with personal data.