As part of our recruitment process, we collect, store and process certain data about you which is classified as Personal Data or Special Personal Data under the General Data Protection Regulation (GDPR). This privacy notice outlines the data we collect, how we use and store it, why we collect it, and your rights when it comes to data protection.
Types of Personal Data we collect
We currently collect the following information about you:
- Information provided in your CV, application form, cover letter or during the interview process, including your name, date of birth, age, gender, ethnicity or race, home address, personal email address, education and employment history, qualifications and work experience, and references;
- Information collected or created during the recruitment process, including correspondence between us, interview notes and test scores (where applicable);
- Information about disclosed criminal convictions. For certain roles we may carry out background checks or checks against public social media content;
How we collect Personal Data and why
Most of the information we process is provided to us directly by you, for the purpose of progressing the recruitment process, assessing your suitability for the role, communicating with you, carrying out reference checks, and meeting our legal and regulatory requirements. We may also use this information to ensure the effective administration and management of the recruitment process, or to deal with disputes or accidents.
In some cases, data may have been obtained from additional sources, such as employment agencies, or may have been created by us during the recruitment process.
Who we share Personal Data with
The information you provide is not shared with any third parties other than our data processors.
Our legal basis for processing Personal Data
Under the General Data Protection Regulation, the lawful bases we rely upon for processing this informatin are:
- Your consent (you are able to remove your consent at any time by contacting GenomeKey's CISO - [email protected]);
- We have a contractual obligation;
- We have a legal obligation; and
- We have a legitimate interest.
How we store your Personal Data
Your digital information is stored securely in the company storage area. This data is encrypted, and access is restricted and audited. Any physical information is kept in restricted access areas such as a locked cupboard. We keep your information for the duration necessary to meet our obligations. In most cases, this is for the duration of your employment, up to a fixed period of time afterwards. Where data is no longer needed for its stated purpose, your data is securely and irrevocably deleted or shredded.
Your data protection rights
Under data protection law, you have a number of rights relating to your data. These rights differ depending on the lawful basis for the data processing, but may include the following rights:
- Your right of access - the right to ask us for copies of your Personal Information;
- Your right to rectification - the right to ask us to rectify personal information you think is inaccurate, and the right to ask us to complete information you think is incomplete;
- Your right to erasure - the right to ask us to erase your personal information in certain circumstances;
- Your right to restriction of processing - the right to ask us to restrict the processing of your personal information in certain circumstances;
- Your right to object to processing - the right to object to the processing of your personal information in certain circumstances; and
- Your right to data portability - the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact GenomeKey's CISO if you wish to make a request.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us by contacting GenomeKey's CISO at [email protected]
You can also complain to the Information Commissioner’s Office (ICO) if you are unhappy with how we have used your data, though we ask that any issues are first directed to the company so that we can attempt to resolve them quickly and satisfactorily.
The ICO's address is:
Information Commissioner's Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk