Privacy Policy
Affinity Care Recruitment is committed to protecting and respecting your rights with the data we hold about you and process. This policy explains when and why we collect personal information about you, how we use it and the conditions under which we may disclose it or share it with others and keep it secure.
Scope
This policy applies to every individual that contacts us and includes client organisations and individuals within those organisations that have access to our portal and contact us for advice. The policy also applies to those consultants, workers and employees that join our team.
Procedures
How will we collect information from you?
We
obtain most of your personal information when you initially contact us
to receive services from us or provide services on our behalf. It is
your responsibility to inform us of any changes so that we can keep the
information we collect from you up to date and accurate. We will
practice ‘safer recruitment’ checks for those who undertake work for us.
What type of information will we collect from you?
We will need to collect the following information from each client we work with:
- Names of key stakeholders
- Company/organisation name
- Your contact details, i.e. email address and telephone number
- Your registered address and location addresses for accounting (for invoicing and payment processing).
We
need this information to set you up on our system and ensure that we
are able to communicate with you, undertake work for you at your service
locations, and process transactions in to and out of the business. We
will need to collect the following information for people that we
recruit and that will undertake work for us, or on our behalf:
- Name, home address and contact details including phone number and email address
- Your up to date CV to include qualifications, an up to date chronology of work undertaken
-
Evidence of qualifications by way of certificatesYour right to work in
the UK, and verification of your identity and home address
- References from the most recent employers/ organisations you have undertaken work or, to cover the last 3 years.
- References sought will be both factual and character references.
- We will also need your bank account details in order to make payments to you.
Following the data protection principles – How we will use and process your data
Personal data shall be:
-
processed lawfully, fairly and in a transparent manner in relation to
individuals we hold personal data about (‘lawfulness, fairness and
transparency’)
- collected for specified,
explicit and legitimate purposes and not further processed in a manner
that is incompatible with those purposes; further processing for
archiving purposes in the public interest or statistical purposes shall
not be considered to be incompatible with the initial purposes (‘purpose
limitation’);
- adequate, relevant and
limited to what is necessary in relation to the purposes for which they
are processed (‘data minimisation’)
- accurate
and, where necessary, kept up to date; we will ensure every reasonable
step is taken to ensure that any personal data which is inaccurate,
having regard to the purposes for which they are processed, are erased
or rectified without delay (‘accuracy’);
-
kept in a form which permits identification of data subjects for no
longer than is necessary for the purposes for which the personal data
are processed; personal data may be stored for longer periods insofar as
the personal data will be processed solely for archiving purposes in
the public interest or statistical purposes subject to implementation of
the appropriate technical and organisational measures required by the
GDPR in order to safeguard the rights and freedoms of individuals
(‘storage limitation’);
- processed in a manner
that ensures appropriate security of the personal data, including
protection against unauthorised or unlawful processing and against
accidental loss, destruction or damage, using appropriate technical or
organisational measures (‘integrity and confidentiality’).”
Keeping your data secure
When
you give us your personal information we take steps to ensure it is
stored and treated securely and access is limited to those who need it,
such as those working for us, our accountants and other organisations as
we will determine and expressly inform you of from time to time. We
may, on occasion, share data with our trusted business partners for the
purpose of likely future benefits to be gained by the customer or
visitor.
Rights of Data Subjects
- The right to be informed
We
will inform you what data is being collected, how it’s being used, how
long it will be kept and whether it will be shared with any third
parties. This information will be communicated concisely and in plain
language.
- The right of access
Individuals
can submit subject access requests, which obliges us to provide a copy
of any personal data we hold concerning you, the individual. The
regulations give us one month to produce this information, although
there are exceptions for requests that are manifestly unfounded,
repetitive or we believe are excessive.
- The right to rectification
If
you discover that the data we hold about you is inaccurate or
incomplete, you can request that we update it. As with the right of
access, we have one month to do this, and the same exceptions (as at
point 2) apply.
- The right to erasure
Individuals
can request that we erase their data in certain circumstances, such as
when the data is no longer necessary, the data was unlawfully processed
or it no longer meets the lawful ground for which it was collected. This
includes instances where the individual withdraws consent. The right to
erasure is also known as ‘the right to be forgotten’. We cannot erase
information about any individual where there are legislative or
regulatory reasons for us to keep the data we hold. \we will inform you
of any such data and the legal or regulatory reason that we cannot erase
it.
- The right to restrict processing
You can request that we limit the way we use your personal data. It’s an alternative to requesting the erasure of data.
- The right to data portability
You
are permitted to obtain and reuse your personal data for your own
purposes across different services. This right only applies to personal
data that an individual has provided to us by way of a contract or
consent.
- The right to object
You
can object to the processing of personal data that is collected on the
grounds of legitimate interests or the performance of a task in the
interest/exercise of official authority. We will stop processing
information unless we can demonstrate compelling legitimate grounds for
the processing that overrides the interests, rights and freedoms of the
data subject or if the processing is for the establishment or exercise
of defence of legal claims.
- Rights related to automated decision making including profiling
The
GDPR includes provisions for decisions made with no human involvement,
such as profiling, which uses personal data to make calculated
assumptions about people. There are strict rules about this kind of
processing, and you are permitted to challenge and request a review of
the processing if you believe the rules aren’t being followed.
Rights to complain
You
have the right to file a complaint with the Information Commissioner’s
Office (ICO), which is the supervisory authority in the UK for data
protection matters (www.ico.org.uk), at any time. However, we would appreciate the opportunity to address your concerns before you decide to contact the ICO.
Please
reach out to us first, and we will do our best to resolve the issue.
Please reach out to us first, and we will do our best to resolve the
issue.
References
The Information Commissioners Office (ICO): www.ico.org.uk
The Governments website: https://www.gov.uk/data-protection
The EU’s General Data Protection Regulations (GDPR) 2016/679