Recruitment Privacy Notice
What this privacy notice covers
Minster Law Ltd (referred to in this document as “we”, “us” or “our”) takes privacy very seriously. This Privacy Notice explains our practices including your choice regarding the collection, use and disclosure of your personal data, which you provide in connection with your application for employment. This Notice applies to all data that we collect about you. Please read this Notice carefully and contact us if you have any questions using the details provided in the contact and feedback section below.
This Privacy Notice sets out:
- personal data we collect about you
- why we collect your personal data
- when we collect your data and how long we keep it for
- what we do with your data
- how we and other organisations will keep your personal data safe
- the rights and choices you have when it comes to your personal data
We are the Data Controller of the personal data we process and therefore are responsible for ensuring our systems, processes, suppliers and employees comply with Data Protection laws in relation to the data we handle.
We have a Data Protection Officer, who oversees compliance with Data Protection laws and this Privacy Notice, and provides guidance and advice as required. You can contact our Data Protection Officer by emailing or by writing to our registered office the details for which are provided in the contact and feedback section below.
Personal data we collect about you
- We collect your personal details including but not limited to your name and contact details (together with your e-mail address) and other relevant information from your Curriculum Vitae (CV). This allows us to keep you informed on the outcome of your application, and let you know about future suitable vacancies.
- Special Category Data: some information is ‘special’ and needs more protection due to its sensitivity. It’s often information you would not want people to know about and is very personal to you, such as answers to questions about diversity and equal opportunities. We will only use special category data about you for the specific purpose that you provide it. Answering such questions are optional.
- When considering your application, if you have previously been employed by Minster Law Limited or have made previous applications within the last year, then we may carry out checks against data that we may already hold on you.
- We only collect personal data that we need from you to consider your application for employment and will not collect any unnecessary data.
Why we collect your personal data
- We collect data about you, so that we can provide the following services from the point you are introduced, to the point you leave us.
- Employee administration
- We will only look to employ individuals who properly identify themselves so that we can check, for example, on your right to work in the UK
- We do not sell your data or pass on your data to be used to contact you about, for example, products or services, unless we have notified you of this beforehand.
When we collect your data and how long we keep it for
- We collect personal data from you before you are formally a Minster Law employee to support the recruitment process and to assess whether we are able to employ you.
- Should you be successful in your application then the personal data collected will then form part of your employment records and will be retained in accordance with your contract of employment and in accordance with Minster Law’s Data Protection Policy, a copy of which is available upon request.
- If your application is unsuccessful, we will keep your information for one year in line with legal requirements and for administration purposes. We may also contact you if other job opportunities during this time which we think may be suitable for you.
What we do with your data
We will use your data to assess your suitability for the role that you are applying for. If you are successful in your application we will carry out various checks as described below:-
We may need to share your data to meet our regulatory and legal obligations, with the following organisations:
- Regulatory Authorities such as the Solicitors Regulation Authority (SRA) or the Financial Conduct Authority (FCA)
- Pre-employment Screening Agency to undertake background and reference checks to support the job application process. Minster Law Limited is also required by the SRA and FCA to ensure that its employees are of good character and are able to perform their job, and it is our policy to complete credit references. This will involve a search with a credit reference agency and a record of this search will appear on your credit report but will not be visible to third parties. This will also involve a criminal records check with the Disclosure and Barring Service.
We may also ask your previous employers to confirm certain information about you however we will notify you before we do this.
In order to apply for any jobs through this website you must create an account. To create an account you must provide your name, a valid email address and any other mandatory personal information which is indicated on the registration page. Creating an account allows you to use the website to register to receive job alerts and to apply for jobs. You can log into your account at any time and update the information you have provided.
Any incomplete vacancy applications will be deleted after the closing date for the vacancy.
By using the website you indicate your explicit consent to the Minster Law Limited and its subsidiary and associated companies to process your personal data, including special category personal data, for the purposes set out above.
You also certify that all the information you have given is true, complete and accurate, and acknowledge that if any information you have given is incorrect, incomplete or misleading, this may lead to withdrawal of any offer of employment or dismissal without notice if you have commenced work.
How we and other organisations will keep your personal data safe
We endeavor to keep all data safe by taking all reasonable precautions to protect data from misuse, loss and unauthorized access, modification or disclosure. Examples of our security are as follows:
- Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’.
- Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
- Training employees to make them aware of how to handle information and how and when to report when something goes wrong
- Regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches)
- Robust contracts with our suppliers to ensure the confidentiality of your personal data. We review all contracts of business regularly, and regularly ensure that our key suppliers apply the same levels of protection, security and confidentiality we apply. If your data is processed outside of the EEA, we will take all necessary steps to ensure it is adequately protected. From time to time we may need to process some of your data using third party processors located in countries outside of the European Economic Area (EEA), for example, for the purposes of data hosting, analytics, credit searches and fraud prevention. This includes ensuring there is an agreement in place with the third parties which provides the same level of protection as required by the data protection regulations in the UK and EEA
The rights and choices you have when it comes to your personal data
The Data Protection law gives you a number of rights to control what personal information is used and how it is used by us. The following summarises your rights in relation to this. For more detailed information please visit the Information Commissioner’s Office website (www.ico.org.uk)
7.1 Right to be informed
This document informs you of your right to fair processing of information and provides transparency over how we use your personal data.
7.2 Right of Access
You also have the right to ask for all the information we have about you and the services you receive from us. This is called a Subject Access Request. When we receive a request from you, we must give you access to everything we’ve recorded about you within 30 calendar days. We will do this free of charge.
However, we can’t let you see any parts of your record which contain:
- confidential information about other people; or
- data that a professional thinks will cause serious harm to your or someone else’s physical or mental wellbeing; or
- if we think that giving you the information may stop us from preventing or detecting a crime.
This applies to personal information that is in both paper and electronic records. If you ask us, we’ll also let others see your records, (except if one of the points above applies), using the most secure method possible.
If you can’t ask for your records in writing, we’ll make sure there are other ways that you can. If you have any queries about access to your information please contact email@example.com for more details.
More information about subject access can be found on the Information Commissioners website (www.ico.org.uk).
If you wish to exercise this right with any suppliers that we have shared data with, you will need to write to them directly as they may control and process your data in their own right. Please contact firstname.lastname@example.org for more details on how to do this.
7.3 Right to Rectification
You have the right to request your data to be updated where you believe it to be incorrect or inaccurate. We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
7.4 Right to Erasure (right to be forgotten)
In some circumstances you can ask for your personal information to be deleted, for example:
- where your personal information is no longer needed for the reason why it was collected in the first place
- where you have removed your consent for us to use your information (where there is no other legal reason us to use it)
- where there is no legal reason for the use of your information.
Where your personal information has been shared with others, we’ll do what we can to make sure those using your personal information comply with your request for erasure, but again you may need to contact them separately to exercise this right.
Please note that we can’t delete your information where:
- we’re required to keep it by law
- we require it to meet our regulatory and statutory obligations
- it is necessary for defending any future legal claims.
7.5 Right to Restrict Processing
You have the right to ask us to restrict or limit what we use your personal information for
- where you have identified inaccurate information, and have told us of it
- where we have no legal reason to use that information, but you want us to restrict what we use it for rather than erase the information altogether.
When information is restricted it can’t be used other than to securely store the data and with your consent to handle legal claims and protect others. Where restriction of use has been granted, we’ll inform you before we carry on using your personal information.
7.6 Right to Object
In certain circumstances you have the right to object to us processing your personal data. This applies to processing that we complete as a legitimate interest. If you wish to exercise this right, you must provide a specific reason as to why you are objecting. Please be aware that this right is not absolute, and there might be some circumstances where we can continue to process your data.
7.7 Rights related to automated decision making, including profiling
You have the right to know about and question decisions made about you automatically, unless it’s required for any contract you have entered into, required by law, or you’ve consented to it.
Some profiling does take place for some appointments. You have the right to object to this processing. To exercise this right you should make this clear within your application, but you can also contact us at any time with this objection. The easiest way to do this is by email to email@example.com
Contact and Feedback
If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated.
If at any time you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office (www.ico.org.uk).
To exercise all relevant rights or for queries regarding complaints, in the first instance please contact our Data Protection Officer in writing to:
Data Protection Officer, Minster Law Ltd, Kingfisher House, Calder Park, Wakefield, WF2 7UA.
You can also email us at firstname.lastname@example.org.
The person at Minster Law who:
- is the first point of contact for supervisory authorities, customers and employees whose data is processed
- monitors compliance with data protection laws, including managing internal data protection activities, advising on data protection impact assessments; training staff and conduct internal audits.
Any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
Means obtaining, recording or holding the information or data, or carrying out any operation or set of operations on the information or data, including:
- organisation, adaptation or alteration of the information or data
- retrieval, consultation or use of the information or data
- disclosure of the information or data by transmission, dissemination or otherwise making available
- alignment, combination, blocking, erasure or destruction of the information or data
Special Category Data
Sensitive personal data such as information about an individual’s:
- ethnic origin
- trade union membership
- biometrics (where used for ID purposes)
- sex life or
- sexual orientation
- IP address
Organisations that we work with under agreement/contract to support our HR Service.