Leyton Healthcare Recruitment Privacy Notice
Effective date January 28, 2022
Leyton Healthcare are committed to respecting your privacy and protecting your personal data. We define personal data broadly as information that directly identifies an individual or that makes an individual identifiable when combined with other information.
This Recruiting Privacy Notice (“Privacy Notice”) describes how we handle and protect your personal data in connection with Leyton Healthcare’s recruiting processes and programs. In case of a conflict between this Privacy Notice and applicable law, applicable law will govern.
This Privacy Notice only applies to the personal data of job applicants, potential candidates for employment or partnership, and those who participate in our recruiting programs and events. This personal data is submitted directly to Leyton Healthcare through the online application process and follow-up communications and/or through alternative channels (e.g., via NHS Jobs or professional recruiting firms). This Privacy Notice does not apply to the personal data of our employees, partners, clients, vendors or any other person from whom Leyton Healthcare collects personal data for other purposes.
By submitting your personal data to us, you acknowledge that:
- You have read and understood this Privacy Notice and agree to the use of your personal data as set out herein
- You are not required to provide any requested information to us, but your failure to do so may result in our not being able to continue your candidacy for the job for which you have applied.
- All of your representations are true and correct to the best of your knowledge and belief, and you have not knowingly omitted any related information of an adverse nature. Providing any inaccurate information may make you ineligible for employment.
- This Privacy Notice does not form part of any contract of employment offered to candidates hired by Leyton Healthcare.
Personal data we collect
The types of personal data that we request from you and the ways that we process it are determined by the role you apply with us.
We usually collect personal data directly from you when you apply for a role with us, such as your name, address, contact information, photographs and videos, work and educational history, achievements, identity documents, and test results. If you receive an offer from us, we may then conduct a background check and, to the extent permitted by applicable law, we may also collect data related to criminal offences and proceedings. We also collect similar personal data about you from third parties, such as professional recruiting firms, your references, prior employers, Leyton Healthcare employees with whom you have interviewed or who recommended your candidacy, and, to the extent permitted by applicable law, employment background check providers. We may also collect personal data about you online to the extent that you have chosen to make this information publicly available. For example, we may find your profile on professional social media websites (such as LinkedIn), and contact you about suitable roles.
Sensitive personal data includes ethnicity, health, trade union membership, philosophical beliefs, sexual orientation, and other categories as prescribed by law. We may collect sensitive personal data about a candidate to the extent permitted to do so by applicable laws (e.g., equal opportunity laws) and to support our efforts to create an inclusive and diverse work environment. We may also collect sensitive personal data to the extent that a candidate chooses, without being asked, to voluntarily disclose it during the recruiting process. Under limited circumstances and to the extent permitted by applicable law, we may also collect sensitive personal information relating to health and medical characteristics, such as status of infection, test results, and vaccination status, to address our public health and workplace safety obligations and to protect Leyton Healthcare and its employees, clients, and third parties.
Use of your personal data
We collect and use your personal data for legitimate human resources and business management reasons, including:
- identifying and evaluating candidates for potential employment, as well as for future roles that may become available;
- maintaining records in relation to recruiting and hiring;
- ensuring compliance with legal requirements, including those relating to public health and workplace safety;
- fostering our diversity and inclusion programs and practices;
- conducting background checks, including, to the extent permitted by applicable law, and if you receive an offer from us, criminal history checks;
- protecting our legal rights to the extent authorized or permitted by law; and
- protecting the workplace and communicating with medical professionals, law enforcement, or other public authorities in the event of an emergency or public health event, such as when the health or safety of you or one or more individuals may be endangered, including, to the extent permitted by applicable law, sharing data about the status of an infection, test results, and vaccination status.
We may also use your personal data for Leyton Healthcare analytics purposes, including in aggregated/pseudonymized form, to improve our recruitment and hiring process and augment our ability to attract successful candidates.
Legal basis for processing your personal data
Our processing of your personal data for the purposes mentioned above is based:
- in part, on our legitimate business interests in evaluating your application to manage our relationship with you, to ensure that we recruit appropriate employees, and to evaluate and maintain the efficacy of our recruiting process more generally; and in operating our business and protecting Leyton Healthcare and its employees, clients, and third parties.
- in part, on our performing contractual and precontractual measures relating to our potential employment relationship with you;
- in part, on our complying with applicable law with regard to personal data necessary to satisfy our legal and regulatory obligations, including with regard to public health and workplace safety;
- in part, on your consent, if we offer you the opportunity to participate in our optional recruiting programs or if we collect sensitive personal data for legally permitted purposes other than compliance with our legal obligations regarding public health and workplace safety.
If you receive an offer from us, we may conduct a background check on you or instruct a third party to do so on our behalf. Background screening will only be done where permitted by the law applicable to the location where the position is located and to the extent necessary and proportionate to the role that you are being offered. A background check will only involve criminal background data to the extent permitted by law. Our legal basis for background screening is our need to perform precontractual measures related to establishing our employment relationship. If a background screening is required, you may be contacted by a third-party background screening service provider to request authorization for the release of your information, and at that time you will be provided with further information about the process and what personal data it might involve.
Data recipients and international data transfers
Individuals performing administrative functions and IT personnel within Leyton Healthcare may also have limited access to your personal data to the extent necessary perform their jobs. We have put in place legal mechanisms designed to ensure adequate data protection for your personal data when it is processed by Leyton Healthcare.
We use third-party service providers to provide a recruiting software system. We also share your personal data with other third-party service providers that may assist us in identifying and recruiting talent, administering and evaluating pre-employment screening and testing, and improving our recruiting practices.
Except to the extent necessary to accomplish the Leyton Healthcare uses and purposes described in this Privacy Notice, we do not disclose your personal data to third parties. We also prohibit our service providers from using your personal data for non-Leyton Healthcare purposes. We do not otherwise share or sell your personal data to third parties.
We maintain processes designed to help ensure that any processing of personal data by third-party service providers is consistent with this Privacy Notice and protects the confidentiality, availability, and integrity of your personal data in compliance with applicable law. We do not transfer your data outside the United Kingdom.
Automated sorting of applications
We may sometimes use data analytics and algorithms to help us to review the large quantities of candidates and application data that we receive. These algorithms help us prioritise the application review process and sort candidates on the basis of professional characteristics that suggest strengths and capabilities necessary to perform the relevant role. The algorithms are designed to analyse the candidate’s application data and compare it to our historical data on previously successful and unsuccessful candidates.
The automated results are always considered in tandem with, and not in lieu of, human judgement. We evaluate each individual candidate on their own merits.
Certain roles may require specific prerequisites or skills (for example, particular professional qualifications or certifications, or number of years in a similar role). Applications that do not meet those requirements will be automatically rejected.
If you accept an offer of employment with us, any relevant personal data collected during your pre-employment period will become part of your personnel records and will be retained in accordance with our data retention requirements and with the privacy notice applicable to Leyton Healthcare employees, which will be provided during the on-boarding process.
If we do not employ you, we may nevertheless continue to retain and use your personal data for a 12 to 24 months for system administration purposes, to consider you for potential future roles, and to perform research. Thereafter, we will either contact you to ask if you would like to remain on our database and if no confirmation is made, we will delete your data.
To the extent that we have collected personal data, including sensitive personal data, for the specific purpose of fulfilling our legal obligations regarding public health or workplace safety, we will retain that data for the duration of those legal obligations. Thereafter, we retain a minimal amount of your personal data to establish our compliance with those obligations.
We may want to remain in contact with you and consider you for future employment opportunities. In such an event, we will seek your consent to include you in one of our recruiting programs that provides you ways to further learn about and stay in touch Leyton Healthcare, either prior to or after you formally apply for a job opportunity. Participation in these recruiting programs is entirely optional.
If you join a recruiting retention program, we retain your personal data for a period of time specific to that program, but if you wish to withdraw at any time, please contact us to let us know.
We use generally accepted standards of technical and operational security to secure your personal data. Only authorized personnel of Leyton Healthcare and of our third-party service providers are permitted to access personal data, and these employees and third-party service providers are required to treat this information as confidential.
We take reasonable steps that are designed to keep your personal data accurate, complete, and up-to-date for the purposes for which it is collected and used. We also have implemented measures that are designed to help ensure that our processing of your personal data complies with this Privacy Notice and applicable law.
In accordance with applicable law, you may have one or more of the following rights:
- a right to request information about the personal data we hold about you, including the details of how we use that information and who we share it with;
- a right to request a copy of the personal data that we hold about you;
- a right to amend or rectify your personal data if any of the information held about you is incorrect or out of date;
- a right to portability of your personal data;
- a right to request erasure of your personal data;
- a right to demand that we cease the processing of your personal data or that we restrict the processing of your personal data;
- a right to withdraw your consent to the processing of your personal data, to the extent our processing relies on your consent as the lawful basis for processing. This right may not apply if there are other legal justifications to continue processing or we need to retain certain personal data where required or permitted under applicable law; and/or
- a right to provide us with instructions as to the processing of your personal data in case of death.
In addition, and where granted by applicable law, you may have the right to lodge a complaint with the data protection authority.
If you would like to make a request to access, review, correct, delete or port the personal data we have collected about you, to assert a right with regard to your personal data, or to discuss how we process your personal data, please contact us.
To help protect your privacy and security, we will take reasonable steps to verify your identity before granting you access to your personal data. We will make reasonable attempts to promptly investigate, comply with, or otherwise respond to your requests as may be required by applicable law. Depending upon the circumstances and the request, we may not be permitted to provide access to personal data or otherwise fully comply with your request; for example, where producing your information may reveal the identity of someone else. We normally provide your data for free for the first time. We do reserve the right to charge an appropriate fee for complying with your request where allowed by applicable law, and/or to deny your requests where, in the Leyton Healthcare’s discretion, they may be unfounded, excessive, or otherwise unacceptable under applicable law.
Cookies and other tracking technologies
If you have any questions about this Privacy Notice or if you would like to communicate with our Data Protection Officer or the Practice Team, please contact us at firstname.lastname@example.org or Leyton Healthcare, 4th Floor, Oliver Road Polyclinic, Leyton Healthcare, London E10 5LG.
Leyton Healthcare reserves the right to modify this Privacy Notice. We will post any changes to our Privacy Notice on this page. Please check this page regularly to keep up-to-date.