Our Job Applicants Privacy Policy

TrustID Data Protection Privacy Notice (Job Applicants)

This non-contractual notice explains what personal data (personal information) TrustID Limited of 9 Greyfriars Road, Reading, Berkshire RG1 1NU (‘we’, ‘the Company’) hold about you, how we collect it, and how we use and may share personal information in relation to your application for employment by the Company (‘your application’). Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time.

Who collects the personal information?

The Company is a ‘data controller’ and gathers and uses certain personal information about you. The contact details of our data protection officer are: URM Consulting Limited, Blake House, Manor Park, Manor Farm Road, Reading RG2 0JH.

Data protection principles

The data protection principles which we will apply when gathering and using personal information are that:

1. We will process personal information lawfully, fairly and in a transparent manner;

2. We will collect personal information for specified, explicit and legitimate purposes only, and will not process it in a way that is incompatible with those legitimate purposes;

3. We will only process the personal information that is adequate, relevant and necessary for the relevant purposes;

4. We will keep accurate and up to date personal information, and take reasonable steps to ensure that inaccurate personal information is deleted or corrected without delay;

5. We will keep personal information for no longer than is necessary for the purposes for which the information is processed; and

6. We will take appropriate technical and organisational measures to ensure that personal information is kept secure and protected against unauthorised or unlawful processing, and against accidental loss, destruction or damage.

What information we may collect

We may collect the following information during your application (i.e. contents of any CV and covering email you send to us, or a third party submits on your behalf, and any information about yourself you give us at any interview you attend) including:

• Your full name

• Your postal address

• Your email address

• Your family circumstances

• Your educational qualifications

• Your work experience

• Your former employers

• Any special category personal data which you choose to submit to us, such as disability information, race or ethnicity, trade union membership, etc.

• Your hobbies and interests

How we collect the information

We collect this information from you in your application either directly from yourself via Indeed, LinkedIn or the Trust ID website; or indirectly from recruitment agencies.

Why we collect the information and how we use it

We collect and use this information to assess and process your application (including sending invitations for interviews, and interviewing). Our lawful basis for processing your personal data for this purpose is that it is necessary for our legitimate interests as controller. The exception allowing us to process any special category personal data about yourself which you choose to provide during your application is that by doing so you have manifestly made such data public.

How we may share the information

Your personal information may be shared with other parties, such as recruitment agencies, our external HR advisors and Tech4. The recipient of the personal information will be bound by confidentiality obligations.

Where personal information may be held

Personal information may be held at our offices and third-party service providers, representatives and agents as described above and in cloud-based IT services (on UK-based servers). Currently none of the personal information is transferred internationally to other countries around the world, including countries that do not have data protection laws equivalent to those in the UK, but if this situation changes in future this privacy notice will be updated to reflect any relevant change. We have security measures in place to seek to ensure that there is appropriate security for personal information we hold.

How long we keep your personal information

We keep personal information during and after your application for no longer than is necessary. If you are unsuccessful, TrustID will delete your data within 7 days of the role being filled, unless otherwise agreed with you.

Your rights to correct and access your personal information and to ask for it to be erased

Please contact our Data Protection Contact (Matt Green-Armytage) on dpo@trustid.co.uk if (in accordance with applicable law) you would like to correct or request access to personal information that we hold or if you have any questions about this notice. You also have the right to ask our Data Protection Contact for some, but not all, of the personal information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing personal information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

We hope that we can resolve any query or concern you raise about our use of your personal information by you contacting the Company on dpo@trustid.co.uk. If not, contact the Information Commissioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.

Version number and updates

This is Version 3 of this privacy notice and is dated 15 July 2022. We keep this privacy notice under review and update it as necessary.

If you would like to download this policy, then please click here.

What being ISO27001 certified means

Our ISO 27001 accredited certification lets you know that we follow information security best practice, helping to eliminate or minimise the risk of a security breach, keep information secure and ensure compliance with data protection regulations.

ISO logo