Data controller: Sonardyne International Limited, Ocean House, Blackbushe Business Park, Yateley, Hampshire GU46 6GD
Data Compliance Manager: Head of Risk and Compliance, Sonardyne International Limited, Ocean House, Blackbushe Business Park, Yateley, Hampshire GU46 6GD.
Sonardyne is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. You are being sent a copy of this privacy notice because you are applying for work with us (whether as an employee, worker or contractor). It makes you aware of how and why your personal data will be used, namely for the purposes of the recruitment exercise, and how long it will usually be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) (GDPR).
As part of any recruitment process, Sonardyne collects and processes personal data relating to job applicants. Sonardyne is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
Data Protection Principles
We will comply with data protection law and principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
The kind of information we hold about you
In connection with your application for work with us, we will collect, store, and use the following categories of personal information about you:
- The information you have provided to us in your curriculum vitae and covering letter including date of birth, gender, employment history, qualifications.
- Your name, address and contact details, including email address and telephone number.
- Any information you provide to us during an interview, including face to face and telephone interviews and associated emails.
- Information about your current level of remuneration, including benefit entitlements.
- Whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process.
- Information about your entitlement to work in the UK
- Results from any tests or personality profile questionnaires
- Information obtained from your passport or other identity document.
How is your personal information collected?
We collect information about candidates from the following sources:
- You, the candidate
- Recruitment agencies, from which we collect the following categories of data: The information you have provided to us in your curriculum vitae and covering letter including date of birth, gender, employment history, qualifications.
- Your named referees
- The following data from third parties is from a publicly accessible source.
Sonardyne will seek information from third parties only once a job offer to you has been made and will inform you that it is doing so.
Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).
Why does Sonardyne process personal data?
We will use the personal information we collect about you to:
- to take steps at your request prior to entering into a contract with you. It may also need to process your data to enter into a contract with you.
- to ensure that it is complying with its legal obligations. For example, we are required to check a successful applicant’s eligibility to work in the UK before employment starts.
- to respond to and defend against legal claims.
- assess your skills, qualifications, and suitability for the role.
- carry out background and reference checks, where applicable.
- communicate with you about the recruitment process.
- keep records related to our hiring processes.
- comply with legal or regulatory requirements
Sonardyne has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows Sonardyne to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job.
How we use particularly sensitive data
Sonardyne may process special categories of data, such as information about ethnic origin, sexual orientation or religion or belief in the following ways:
- to monitor recruitment statistics.
- to ensure equal opportunity monitoring.
- to collect information about whether or not applicants are disabled to make reasonable adjustments for candidates who have a disability. Sonardyne processes such information to carry out its obligations and exercise specific rights in relation to employment.
Sonardyne does not carry out criminal records checks as a matter of course. For some roles, Sonardyne is obliged to seek information about criminal convictions and offences. For example, if the role involves driving company vehicles details of driving licence and driving convictions will be requested. Where Sonardyne seeks this information, it does so because it is necessary for it to carry out its obligations and exercise specific rights in relation to employment.
You may wish to voluntarily disclose information about unspent criminal convictions. We will only process such data if we are authorised to do so under the Data Protection Bill and will confirm in writing the nature of any processing. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data.
Sonardyne will not use your data for any purpose other than the recruitment exercise for which you have applied.
Who has access to data?
Your information may be shared internally for the purposes of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.
Sonardyne will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. Sonardyne will then share your data with former employers to obtain references for you.
Your data may be transferred outside the European Economic Area (EEA) to aid the recruitment process for overseas recruitment. We will request your consent to this before any information is shared.
How does Sonardyne protect data?
Sonardyne takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so
For how long does Sonardyne keep data?
If your application for employment is unsuccessful, Sonardyne will hold your data on file for 12 months after the end of the relevant recruitment process. At the end of that period or once you withdraw your consent, your data is deleted or destroyed.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.
What if you do not provide personal data?
You are under no statutory or contractual obligation to provide data to Sonardyne during the recruitment process. However, if you do not provide the information, Sonardyne may not be able to process your application properly or at all.
Recruitment processes are not based solely on automated decision-making.
As a data subject, you have a number of rights. You can:
- access and obtain a copy of your data on request;
- require Sonardyne to change incorrect or incomplete data;
- require Sonardyne to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
- object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing;
- request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; and
- request the transfer of your personal data to another party.
If you would like to exercise any of these rights, please contact the Data Compliance Manager at Sonardyne International Limited, Yateley in writing.
We have appointed a Data Compliance Manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the Data Compliance Manager.
If you believe that Sonardyne has not complied with your data protection rights, you can complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.