General Data Protection Regulation (GDPR)
Ritz Recruitment Ltd – Job Applicant Privacy Notice
Head Office: 105 Bishopsgate, London EC2M 3UE or email@example.com
In accordance with the European General Data Protection Regulations (taking effect on 25 May 2018), by submitting an application to Ritz Recruitment by email or other means, you consent to us processing your personal data as follows:
Who • Only the Management, Consultants & Admin Teams within Ritz Recruitment who have access to job applicant data. Client organizations who have retained Ritz Recruitment to assist with permanent and temporary staffing recruitment will be supplied with job applicant data only once the applicant has confirmed that consent is given and agreed. Ritz Recruitment always endeavors to ensure client organizations are GDPR compliant businesses.
Ritz Recruitment do not share applicant data with other 3rd parties except for storage (see “Where” below).
What • Ritz Recruitment hold the data shown in the CV, cover letter/email and interview notes, which may include full name, address, telephone number, email address, qualifications, skills, experience and employment history, including start and end dates with previous employers.
How • Ritz Recruitment collects personal information about job applicants in a variety of ways. For example, data is collected through submissions from recruitment job portals, our website as well as candidates applying directly by email, fax or post.
Interviewing and Employment decisions are not based solely on automated decision-making.
Ritz Recruitment has internal policies and controls in place to ensure that data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by authorized individuals, as detailed in the “Who” section.
When • We will destroy data about job applicants who are not invited to interview 3
months after submission date.
For all candidates interviewed, we hold data for 12 months following the date of last interview, unless the candidate is then successfully employed by either a client or Ritz Recruitment directly.
Ritz Recruitment has a legal requirement to hold some applicant data for longer periods than 12 months, examples of this would be where we have successfully placed an applicant with a client, or the applicant joined the payroll of Ritz Recruitment in a temporary or permanent employee role.
Where • Data is held on the Ritz Recruitment email system, Office 365, the Ritz Recruitment IT server and a 3rd Party Recruitment & HR Database provided by Oxford Software (a GDPR compliant business). Data is not transferred outside the EEA.
Why • Ritz Recruitment processes personal data of job applicants to assist clients to recruit new staff. In addition, Ritz Recruitment supplies to client’s temporary staff, complying in all cases to promote equal opportunities.
The business is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
The retention periods above are deemed reasonable for a candidate to be properly considered.
As a data subject, you have a number of rights. You can: access and obtain a copy of your data on request; require the organisation to change incorrect or incomplete data; require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing; and ask the organisation to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the organisation's legitimate grounds for processing data.
If you would like to exercise any of these rights, please contact the Compliance Officer at Ritz Recruitment – Head Office. Furthermore, if you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner. www.ico.org.uk