Privacy Notice for Employees | Data Protection Legislation Compliance

Net Talent Partners - Privacy Notice for our Employees

This notice explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you during your employment and after it ends.

We are required to notify you of this information under data protection legislation.

Please ensure that you read this notice and any other similar notice we may provide to you from time to time when we collect or process personal information about you.

Who collects the information

Net Talent trading as Net Talent Limited ("the Company") is a "data controller" and gathers and uses certain information about you. Some of this information (your name, work email address, work telephone number and job title)

Data protection principles

We will comply with the data protection principles when gathering and using personal information, as set out in our GDPR Data Protection Policy (Employment) https://www.nettalent.net/legal/gdpr

About the information we collect and hold

The table set out in the Schedule summarises the information we collect and hold, how and why we do so, how we use it and with whom it may be shared.

We may also need to share some of the categories of personal information set out in the Schedule with other parties, such as external contractors and our professional advisers and potential purchasers of some or all of our business or on a restructuring. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We may also be required to share some personal information as required to comply with the law.

We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it.

Where information may be held, shared or accessed

The following third parties may have access to your personal information and, in some circumstances, your special category data (if applicable), for the purposes noted below:

• our document disposal management company, Restore, who deal with confidential shredding and document waste disposal requirements

Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described above. The information narrated above contained on the intranet may be accessed from the USA, UAE and Qatar and other countries around the world, including countries that do not have data protection laws equivalent to those in the UK, for the reasons described above.

Whenever we transfer your personal data outside of the European Economic Area (EEA) (including when we allow your personal data to be accessed from other countries via our intranet), we seek to ensure that a similar degree of protection is afforded to your personal data by ensuring that appropriate safeguards are implemented or by ensuring that an applicable derogation from the restrictions under the data protection legislation applies, including any of the following:

We will only transfer your personal data to organisations in countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. Currently this includes Andorra, Argentina, Canada (commercial organisations only), Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland and Uruguay. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.

Where we use certain service providers and within our group companies, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
Where we use providers based in the USA (such as Microsoft) and within our group companies, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the European Union and the USA. For further details, see European Commission: EU-US Privacy Shield.
We may transfer your personal data outside of the EEA where this is necessary for the purposes of performing a contract between us and you (including your employment contract).
We may transfer your personal data outside of the EEA where you have provided your explicit consent to such transfer, provided that you are able to provide such consent freely in accordance with the data protection legislation.
We may transfer your personal data outside of the EEA where the transfer is necessary for the establishment, exercise or defence of legal claims.

We have security measures in place to seek to ensure that there is appropriate security for information we hold. Your personal data is stored in a secured premises in a locked cabinet and on a secure client relationship management (CRM) database enforced by password protocols.

How long we keep your information

We keep your information during and after your employment for no longer than is necessary for the purposes for which the personal information is processed. Further details on this are available in our Employee Data Retention Policy (insert hyperlink to where policy is stored on the website).

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

If you have any queries or concerns about this notice or about our use of your personal information, please contact our Data Protection Officer.

If our Data Protection Officer is not able to address your query or concern, you can contact the Information Commissioner at https://ico.org.uk/make-a-complaint/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.

You are required (by law or under the terms of your contract of employment, or in order to enter into your contract of employment) to provide the categories of information marked ‘☐’ above to us to enable us to verify your right to work and suitability for the position, to pay you, to provide you with your contractual benefits, such as to administer statutory payments such as statutory sick pay (SSP). If you do not provide this information, we may not be able to employ you, to make these payments or provide these benefits.

* Further details on how we handle sensitive personal information is set out in our GDPR Data Protection Policy (Employment) https://www.nettalent.net/legal/gdpr