Close menu

Privacy Notice for Job Applicants

The College adheres to the General Data Protection Regulation (GDPR), with respect to all information held about Job Applicants. The College is registered with the Information Commissioner’s Office – Registration Number Z5536030.

The Data Protection Officer can be contacted via email at dataprotection@barton.ac.uk.

As part of any recruitment process, the College collects and processes personal data relating to job applicants. The College is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

Purpose of holding this personal information

The College needs to process data to take steps at your request prior to entering into a contract with you. It also needs to process your data to enter into a contract with you.

In some cases, the College needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant’s eligibility to work in the UK before employment starts.

The College has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the College to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. The College may also need to process data from job applicants to respond to and defend against legal claims.

The College processes health information if it needs to make reasonable adjustments to the recruitment process for candidates who have a disability. This is to carry out its obligations and exercise specific rights in relation to employment.

Where the College processes other special categories of data, such as information about ethnic origin, sexual orientation, health or religion or belief, this is for equal opportunities monitoring purposes.

The College will not use your data for any purpose other than the recruitment exercise for which you have applied.

The lawful basis on which we use this information

Under the GDPR, it is necessary for the College to demonstrate the lawfulness of processing your personal information. There are a number of different bases on which the College may store and process your personal information. These are contractual reasons, legal obligation, public task, legitimate interest, vital interest and consent. Further information about the specific basis on which we store and process any of your personal information can be obtained from the Data Protection Officer at the College – dataprotection@barton.ac.uk.

Your rights

Under data protection legislation, you have the right to request access to the information that we hold about you. A request to access your personal information is known as a ‘Subject Access Request’ (SAR) and can be made in writing or verbally to the Data Protection Officer. This can be done by contacting dataprotection@barton.ac.uk or through the College website. In most cases there is no fee for a SAR and the College will respond to you within one month.

As a data subject, you have a number of rights. You can:

  • access and obtain a copy of your data on request;
  • require the College to change incorrect or incomplete data;
  • require the College to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
  • object to the processing of your data where the College is relying on its legitimate interests as the legal ground for processing; and
  • ask the College to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the College’s legitimate grounds for processing data.

If you wish to exercise any of the rights set out above or wish to ask questions about the way in which we store and process your personal information please contact dataprotection@barton.ac.uk.

If you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner.

Personal information that you provide and that we hold about you

The College collects a range of information about you. This includes:

  • your name, address and contact details, including email address and telephone number;
  • details of your qualifications, skills, experience and employment history;
  • information about your current level of remuneration;
  • whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process;
  • information about your entitlement to work in the UK; and
  • equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health, and religion or belief.

The College collects this information in a variety of ways. For example, data might be contained in application forms and CVs; obtained from your passport or other identity documents that you are asked to provide if invited to interview; or collected through interviews and other forms of assessment, such as a micro teach or other interview task.

The College will also collect personal data about you from third parties, such as references supplied by former employers. The College will seek information from your referees with your permission only.

Data will be stored in a range of different places, including on your application record, in the College’s recruitment system and on other IT systems (including email).

Who has access to data?

Your information will be shared internally for the purposes of the recruitment exercise. This includes members of the HR team, interviewers and other staff involved in the recruitment and selection process. For some senior roles, data may be shared with Governors involved in the recruitment process.

The College will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. The College will then share your data with former employers to obtain references for you and the Disclosure and Barring Service to obtain necessary criminal records checks.

The College will not transfer your data outside the European Economic Area.

How does the College protect data?

The College takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.

Retaining your information

If your application for employment is unsuccessful, the College will hold your data on file for 6 months after the end of the relevant recruitment process. At the end of that period, your data is deleted.

If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.

What if you do not provide personal data?

You are under no statutory or contractual obligation to provide data to the College during the recruitment process. However, if you do not provide the information, the College may not be able to process your application properly or at all.

You are under no obligation to provide information for equal opportunities monitoring purposes and there are no consequences for your application if you choose not to provide such information.

For more information about how the College manages Data Protection issues please visit the Data Protection section of the College’s website.