Recruitment Privacy Notice

A Recruitment Privacy Notice explains what personal data we hold about you, it's purpose, and how it may be shared during the recruitment process.

Recruitment Privacy Notice

This non-contractual Recruitment Privacy Notice explains what personal data (personal information) we hold about you, how we collect it, and how we use and may share personal information during the recruitment process. Please ensure that you read this notice and any other similar notice we may provide to you from time to time.

Who collects the personal information

The Company is a ‘data controller’ gathers and uses certain personal information about you.

Data protection principles

The data protection principles which we will apply when gathering and using personal information are that:

  1. we will process personal information lawfully, fairly and in a transparent manner;
  2. we will collect personal information for specified, explicit and legitimate purposes only, and will not process it in a way that is incompatible with those legitimate purposes;
  3. we will only process the personal information that is adequate, relevant and necessary for the relevant purposes;
  4. we will keep accurate and up to date personal information, and take reasonable steps to ensure that inaccurate personal information is deleted or corrected without delay;
  5. we will keep personal information for no longer than is necessary for the purposes for which the information is processed; and
  6. we will take appropriate technical and organisational measures to ensure that personal information is kept secure and protected against unauthorised or unlawful processing, and against accidental loss, destruction or damage.

About the personal information we collect

Details summarising the personal information we collect and hold during the recruitment process, how and why we do so, how we use it and with whom it may be shared is below.

Where personal information may be held

Personal information may be held at our offices and third-party agencies, service providers, representatives and agents as described above and in cloud-based IT services. In the event that we use cloud-based IT services, personal information may be transferred internationally to other countries around the world, including countries that do not have data protection laws equivalent to those in the UK. We have security measures in place to seek to ensure that there is appropriate security for personal information we hold.

How long we keep your personal information

We keep the personal information that we obtain about you during the recruitment process for no longer than is necessary. How long we keep your personal information will depend on whether your application is successful, and you become employed by us, the nature of the personal information concerned and the purposes for which it is processed.

If your application is successful, we will keep only the recruitment personal information that is necessary in relation to your employment. For further information, see our data protection (employment) policy.

Your rights to correct and access your personal information and to ask for it to be erased

Please contact our Data Protection Contact (dataprotection@perform-partners.com) if (in accordance with applicable law) you would like to correct or request access to personal information that we hold or if you have any questions about this notice. You also have the right to ask our Data Protection Contact for some, but not all, of the personal information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing personal information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Criminal records information

We may carry out Disclosure and Barring Service (DBS) checks (including requesting a criminal record certificate), where we feel that a DBS check is proportionate and relevant for your role. A record that the DBS check was completed and whether it was satisfactory will be kept; however, the check itself will usually be disposed of securely unless we feel it is relevant to the ongoing employment relationship, in which case it will be kept securely for six months (unless relevant for regulatory inspections in which case it will be retained until the next inspection).

How to complain

We hope that we can resolve any query or concern you raise about our use of your personal information. If not, contact the Information Commissioner at ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.

Key to sections below

FRP – to carry out a fair recruitment process

GEP – to maintain employment records and for good employment practice

Informed – to make an informed decision to shortlist for interview and (if relevant) to recruit

Insurance – to comply with the terms of our insurance

LO – to ensure compliance with legal and/or regulatory obligations

Medical Professional – your doctors and other medical/occupational health professionals

PTC – to enter into/perform the contract

Personnel – relevant managers, HR, professional advisors, payroll and consultants

Progress – to progress your application, arrange interviews and inform you of the outcome at all stages

SPI – for reasons of substantial public interest (e.g. equality opportunities and prevention and/or detection of unlawful acts)


The information we collect 

Your name, contact details (including emergency contact), other employment records ☐

How we collect the information: From you

Why we collect the information (including legitimate interest): FRP, Progress

How we use and may share the information: Progress. Shared with Personnel

Details of your academic history qualifications, experience, employment history (including job titles, salary and working hours) and interests

How we collect the information: From you, in the completed application form and interview notes (if relevant)

Why we collect the information (including legitimate interest): FRP, Informed

How we use and may share the information: Informed. Shared with Personnel

Information regarding your criminal record

How we collect the information: From you, in your completed application form and DBS where application is made

Why we collect the information (including legitimate interest): LO, SPI

How we use and may share the information: Informed. To carry out statutory checks. Information shared with Personnel,  DBS and other regulatory authorities as required. For further information, see * below

Details of your referees

How we collect the information: From you

Why we collect the information (including legitimate interest): FRP [In the regulated sector, LO: to obtain regulatory references]

How we use and may share the information: FRP. Information shared with Personnel and the referee

Your nationality and immigration status and information from related documents (e.g. passport)

How we collect the information: From you, the Home Office (if required)

Why we collect the information (including legitimate interest): PTC, GEP, LO

How we use and may share the information: To carry out right to work checks. Share: Personnel, the Home Office (if required)

Medical, sickness and absence records (including sensitive personal information regarding your physical and/or mental health)

How we collect the information: From you, Medical Professionals, any insurance benefit administrators

Why we collect the information (including legitimate interest): LO & SPI

How we use and may share the information: Share: Personnel, Medical Professionals, any insurance benefit administrators*

A copy of your driving licence if required by your role

How we collect the information: From you, the DVLA portal

Why we collect the information (including legitimate interest): PTC, GEP, Insurance

How we use and may share the information: Informed, Share: Personnel, our insurers, any penalties/banning check provider

You are required (by law or in order to enter into your contract of employment) to provide the categories of information marked ‘☐’ above to us to enable us to verify your right to work and suitability for the position.

* Sensitive Personal Information

Before processing any sensitive personal information, staff must notify the Data Protection Contact of the proposed processing, in order that the Data Protection Contact may assess whether the processing complies with the special conditions for processing sensitive personal information.