Information Security Manager

You Have already applied for this vacancy, please go to your account to see your progress.

Recruitment Privacy Notice (compliant with GDPR) As part of our recruitment process ElectraLink Ltd collects and processes personal data relating to applicants and potential employees. We are committed to being transparent about how we collect, use and store data, as well as meeting our data protection obligations under the GDPR.

As defined by the General Data Protection Regulation (GDPR) Electralink Limited is the Data Controller and ultimately responsible for ensuring the data you provide is kept secure, processed correctly and that you understand your legal rights in relation to the data you provide.

The recruitment software we use via this website is supplied by IRIS Software Group Limited and they are defined as a Data Processor under the GDPR. They will only process your data in accordance with our instructions.

IRIS can be contacted at: 4th Floor Heathrow Approach, 470 London Road, Slough, England, SL3 8QY

For Data Protection enquiries, please contact the Help Desk at support@networxrecruitment.com

What data does ElectraLink Ltd collect?

ElectraLink Ltd collects a range of data and information about you, including:

•  your name, address and contact details (including email address and telephone numbers);
•  details of your qualifications, skills, experience and employment history;
•  information about your salary expectations (including current salary and benefit entitlements);
•  whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process and potential employment; and
•  information about your entitlement to work in the UK.

ElectraLink Ltd may collect this information in a number of ways. For example, data may be contained within application forms, CVs, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment.

We may also collect personal data about you from relevant third parties, such as references supplied by former employers or from LinkedIn. We will seek information from former employers only once a job offer has been made to you and will inform you that we are doing so in advance.

Data may also be stored in a number of different places, including on your application record, in HR management systems and on other IT systems (including email).

Why does ElectraLink Ltd process personal data?

ElectraLink Ltd needs to process data when progressing your application prior to entering into a contract with you. This may also be required to enable a contract to be entered into. In some cases, we need to process data to ensure that we are complying with our legal obligations, such as mandatory checks of a successful applicant’s eligibility to work in the UK prior to commencing employment.

We have a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing applicant data allows us to manage the recruitment process, to assess and confirm applicant suitability for each role, ultimately deciding to whom we offer employment. We may also need to process data from job applicants to respond to and defend against legal claims.

ElectraLink Ltd may process special categories of data, such as information about gender, ethnicity, sexual orientation, religion or belief in order to monitor recruitment statistics. We may also collect information about applicant disabilities to ensure that we can make reasonable adjustments for candidates who do have a disability; such information is processed to carry out our legal obligations and to exercise specific employment rights.

If your application is unsuccessful ElectraLink Ltd may keep your personal data on file in case there are future employment opportunities for which you may be suitable. We will ask for your consent before your data is retained for this purpose and you are free to withdraw your consent at any time.

We will store your application data for 6 months after the vacancy has closed. After this period, it will be fully anonymised.

How does ElectraLink Ltd protect data?

We take our data protection obligations very seriously at ElectraLink Ltd. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed by parties other than our employees in the proper performance of their roles.

For how long does ElectraLink Ltd keep data?

If your application for employment is unsuccessful at any stage in the process, we will hold your data on file for 6 (six) months after the end of the relevant recruitment process. If you agree to us keeping your personal data on file, we will hold your data on file for a further 6 (six) months for consideration of future employment opportunities. At the end of this period, or once your consent has been withdrawn if sooner, your data is deleted or destroyed.

You will be asked when you submit your CV whether you give us consent to store your data for the full 12 months in order to be considered for alternative positions. If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your HR file (electronic and paper based) and retained throughout the course of your employment. The periods for which your data will be held thereafter are in accordance with the GDPR.

Who has access to data?

Your information may, from time to time, be shared internally for the purposes of our recruitment process.

This may include members of the HR and recruitment team, interviewers, managers in the relevant business area and IT staff if access to the data is necessary for the performance of their respective roles.

Your data will not be shared with third parties unless you are a successful applicant and we make you an offer of employment. In this case, we will then share your data with former employers in order to obtain references for you and employment background check providers to conduct necessary background checks.

What if you do not provide personal data?

You are under no statutory or contractual obligation to provide personal data to ElectraLink Ltd during the recruitment process. However, if you choose not to provide the information requested, we may not be able to process your application properly or at all.

We use some automated screening tools as part of this application process. The answers you provide to one or more of the questions (excluding any special categories/equal opportunity questions) may result in your application being automatically declined. This technology is used to help us manage the high volume of applications we receive and can assure applicants the same outcome would occur if we manually reviewed your application. The reason for the decline will be made available to you in your candidate account.

Your rights

As a data subject, you have a number of enforceable rights:

• to access and obtain a copy of your personal data on request;
• to require ElectraLink Ltd to change incorrect or incomplete data;
• to require ElectraLink Ltd to delete or stop processing your data, for example where the data is no longer necessary for the intended purposes of processing; and
•  to object to the processing of your data where ElectraLink Ltd is relying on its legitimate interests as the legal ground for processing.

If you would like to exercise any of your rights as above, please contact us on privacymanager@electralink.co.uk

If you do not consider that ElectraLink Ltd has complied with your relevant data protection rights, you can also make a complains to the Information Commissioner’s Office (ICO).