Policies

Quality Policy

Customer Focus

City Centre believes in focusing on customers, both clients and candidates. We are committed to being a leader in our field and the quality of our services is determined solely by the customers we serve. City Centre’s policy is continuously to improve our services.

Management Leadership

City Centre believes in management by leadership at all levels and offering and demonstrating at all times and at all levels visible to customers, the superior value in products and services offered by City Centre and its staff.

Teamwork

City Centre work together to give effect to this policy, combining our ideas and skills to improve the quality of our work. We will reinforce the principles that support and reward improvements in quality. City Centre can be viewed as a team composed of many interlocking teams. These teams take a variety of forms and each is like a small business with its own customers.

Analytical Approach

City Centre will use statistical methods and other problem-solving tools to control and improve our processes. Data based analyses will direct our decisions.

Continuous Improvement

City Centre will apply an analytical approach through teamwork in the active pursuit of improvements in quality through a continuous cycle that focuses on assessing, planning, making and verifying improvements of key processes.

Equal Opportunities & Diversity Policy

CC Business Services Ltd embraces diversity and will seek to promote the benefits of diversity in all of our business activities. We will seek to develop a business culture that reflects that belief.

We will seek to widen the media in which we recruit to ensure as diverse an employee and candidate base as possible. We will strive to make sure that our clients meet their own diversity targets.

CC Business Services Ltd is committed to diversity and will promote diversity for all employees, workers and applicants and shall adhere to such a policy at all times.

We will review on an on-going basis all aspects of recruitment to avoid unlawful or undesirable discrimination. CC Business Services Ltd will treat everyone equally irrespective of sex, sexual orientation, gender reassignment, marital or civil partnership status, age, disability, colour, race, nationality, ethnic or national origin, religion or belief, political beliefs or membership or non membership of a Trade Union or spent convictions, and places an obligation upon all staff to respect and act in accordance with the policy. CC Business Services Ltd is committed to providing training for its entire staff in equal opportunities practice.

CC Business Services Ltd shall not discriminate unlawfully when deciding which candidate/temporary worker is submitted for a vacancy or assignment, or in any terms of employment or terms of engagement for temporary workers. CC Business Services Ltd will ensure that each candidate is assessed only in accordance with the candidate’s merits, qualifications and abilities to perform the relevant duties required by the particular vacancy.

CC Business Services Ltd will not accept instructions from clients that indicate an intention to discriminate unlawfully.

Environmental Policy

At City Centre recruitment we recognise that our business activities have a
direct and indirect impact on the environment and, therefore, we strive to act
in an environmentally responsible manner.

As a service company our main impact on the environment is through the
buildings we operate and the resources used by our staff in their day-to-day
work. Our environmental practices reflect our business operations and main
risks and interactions with the environment and are largely focused on:

• Compliance with environmental laws and regulations.
• Minimising waste by the promotion of recycling practices and re-use
of materials as opposed to disposal, where this is practicable
• Reduce carbon emissions where possible and constantly evaluate
our impact on bio diversity during the operation of our business.
• Efficient use of energy and water and investigating ways of
reducing consumption in this area
• Raising awareness of environmental issues within the Group

On a day-to-day basis, responsibility for managing environmental practices is
delegated to relevant operational management and at a Group level our Chief
Executive has been given responsibility for overseeing the Group’s corporate
social responsibility practices, which includes the environmental area. A
Corporate Responsibility Committee has been established which meets
periodically to review, amongst other matters, the Group’s current and
potential future action.

This environmental policy has been approved by the CC Business Services Board of Directors
and is available to our employees, customers and other interested
parties and will be reviewed annually.

Modern Day Slavery and Human Trafficking

CC Business services Ltd t/a City Centre Recruitment (the “Company”) acknowledges the provisions of the Modern Slavery Act 2015 and will ensure transparency within its organisation and with suppliers of goods and services to the organisation. The Company is satisfied from its own due diligence there is no evidence of any act of modern day slavery or human trafficking within its own organisation.

As part of the Company’s due diligence processes into slavery and human trafficking the supplier approval process incorporates a review of the controls undertaken by the supplier. Imported goods from sources outside the UK and EU are potentially more at risk of slavery and human trafficking issues. The level of management control required for these sources will be continually monitored.

The company will not knowingly support or deal with any business involved in slavery or human trafficking.

The Company will undertake responsibility for implementing this Policy Statement and its objectives.

This Policy Statement will be reviewed and published annually.

Signed:- Dan Shrimpton Managing Director
Date:- 14th March 2016

Health & Safety Policy

HEALTH AND SAFETY POLICY STATEMENT

SECTION 1: General Statement of Policy

CC Business Services Ltd (T/A City Centre recruitment) Policy

It is the policy of CC Business Services Ltd (T/A City Centre recruitment) to provide and
maintain safe and health working conditions, equipment and systems of work for all our
employees, and to provide such information and training as they need for this purpose.
Appropriate preventative and protective measures are, and will continue to be implemented
following the identification of work-related hazards and assessment of the risks related to them.
It is also the policy of CC Business Services Ltd (T/A City Centre recruitment) to ensure that its
business is conducted in a manner so as to reduce the risks to members of the public. CC
Business Services Ltd (T/A City Centre recruitment) may require you to attend such training
and/or induction programmes in order to meet the aims of CC Business Services Ltd (T/A City
Centre recruitment).

CC Business Services Ltd (T/A City Centre recruitment) accepts its responsibility for health and
safety of other persons who may be affected by CC Business Services Ltd (T/A City Centre
recruitment)’s activities.

The allocation of duties for safety matters, the identity of competent persons appointed with
particular responsibilities, and the arrangements made to implement this policy are set out
herein and in associated health and safety documented records.

This policy will be kept up to date, to reflect changes in the nature and size of the business. To
ensure this, the policy and its effectiveness will be reviewed annually.
CC Business Services Ltd (T/A City Centre recruitment)’s responsibility
It is the duty of management to ensure the following:

• Providing and maintaining systems of work that are safe and without risk to health;
• Ensuring safety and absence of risks to health in connection with handling, storage
and transport;
• Providing information, instruction, training and supervision;
• Maintaining all places of work in a safe condition;
• Providing and maintaining a safe working environment.

Your responsibility

All employees and workers have a duty in law to act responsibly and to take reasonable
care for the health and safety at work of both themselves and their colleagues. This duty
can be carried out by:
• Working safely and efficiently;
• Using any protective equipment provided and meeting statutory obligations;
• Reporting incidents that have lead to injury or damage;
• All such incidents must be recorded and copied to your divisional Manager using
the internal report form. Any failure to adhere to CC Business Services Ltd (T/A City
Centre recruitment) Health and Safety Policy and Procedures will be considered a
serious disciplinary offence and is one which may lead to dismissal;
• Adhering to CC Business Services Ltd (T/A City Centre recruitment) procedures for
securing a safe workplace. Individuals will be nominated to undertake health and
safety duties as required.

Accidents

CC Business Services Ltd (T/A City Centre recruitment) is obliged by law to keep a record
showing details of all accidents, which occur on the premises. Therefore all accidents,
however minor, to both employees and customers must be reported immediately. If any
accidents are serious to warrant hospital treatment these must also be reported to the local
authority. A RIDDOR form must be completed.

Security

If you are responsible for setting the alarm, failure to set the alarm may result in disciplinary
action being taken.

Fire & Emergency

You must observe the evacuation procedures laid down in the event of a fire or any other
emergency situation. You must be aware of the location of the emergency exits, assembly
points and first aid kit. Procedures to be carried out in the event of a fire or emergency will
be found on the notice board.

SECTION 2: Responsibilities

Ultimate responsibility for health and safety rests at director level, with delegation of duty to
managerial employees. Those named must be fully aware of their duties, details of which
should be included in their job description.

1. Overall and final responsibility within the organisation rests with
Name: Dan Shrimpton
Status: Managing Director
Location: Bournemouth – 01020 586931

2. Person responsible for execution of the policy at

Premises: Bournemouth
Name: Jacqui Walter
Status: Director
Location: Bournemouth

Premises: Weymouth
Name: Simon Thomas
Status: Director
Location Bournemouth

Premises: Yeovil
Name: Simon Thomas
Status: Director
Location Bournemouth

Premises: Southampton
Name: Simon Thomas
Status: Director
Location Bournemouth

Premises: Taunton
Name: Simon Thomas
Status: Director
Location Bournemouth

3. Person who will deputise
Name: Dan Shrimpton
Status: Director
Location: Mobile (07778928809)

4. Employees must rectify risks to health and safety themselves where possible.
Failing this, the risk must be reported straight away to the appropriate person
named above.

5. Person responsible for safety training
Name: Simon Thomas
Status: Director
Location: 01202 586 930

6. Person responsible for investigating accidents and dangerous occurrences
Name: Dan Shrimpton
Status: Director
Location: Mobile (07778 928 809)
Signed:………………Dan Shrimpton …………………………………………………….
Position:……Managing Director…………………………………………………………

Complaints Procedure

Complaints Procedure

City Centre Recruitment is committed to ensuring that our clients and candidates receive the highest quality service. However, we recognise that on occasion, customers may experience difficulties and as such we operate an effective and efficient complaints procedure which seeks to resolve problems as quickly as possible. Our Complaints procedure is an integral part of our Quality Management System and is externally and independently audited to ensure compliance with ISO 9001:2000

Level 1 – Informal Procedure

This level allows small problems to be resolved in a sensible and timely manner.

You should contact your Account Resourcer as soon as possible after the situation that gives rise to the complaint. This can be done by telephone, e-mail or in writing.

Informal complaints will usually require little investigation and you should therefore receive a satisfactory response in writing in between 1 to 2 working days. If you are not satisfied with the result, you may wish to lodge a formal complaint of which the formal procedure will apply.

Level 2 & 3 Formal Procedure

This procedure is in place for serious incidents that require investigation e.g. gross misconduct. Determination of the level of the complaint between 2 and 3 will be made at the time by our customers or candidates

You should contact your designated Account Manager in writing, by fax, e-mail or post.

You will receive acknowledgement of your complaint within 1 working day.

To help us process your complaint effectively, please provide the following information:

  • Information on whether it is an original complaint or a follow-up to a reply you were not satisfied with.
  • A clear description of the complaint, outlining any action you may have already taken.
  • Your full postal address, telephone and fax numbers and e-mail address

What happens next?

You may be contacted for additional information

A full investigation of the events will be carried out

You may be requested to provide written statements from any witnesses

For complaints of a serious nature regarding a temporary worker, that person, will be advised immediately and all assignments suspended until completion of the investigation

The investigating officer will provide a full written explanation within 3 working days of receiving your complaint. If this is not possible, we will notify you and give you a date by which you can expect a full reply.

All complaints will be recorded with full details and action taken.

All resolved complaints will be signed off by the Account Director and be filed as closed.

All complaints will be immediately reported to the Account Manager and Director.

Complaints are recorded using the appropriate Complaints Record Form. This is reviewed on a regular basis for apparent adverse trends in service quality as part of the management review of our internal systems.

Privacy Notice

We care about your information

CC Business Services Ltd t/a City Centre Recruitment is a data controller and data processor for the purposes of data protection legislation. Relevant, authorised members of our staff will have access to the information.

We ask you to share information with us so that we can provide you with work-finding and related services. This document tells you what you can expect from us and how we will protect your rights. It applies to information we collect about agency workers, staff members and individuals who work at the companies we do business with.

We have a full Data Protection Policy and Data Retention Policy which you are invited to view http://www.citycentrerecruitment.co.uk/about-us/policies/

If you wish to exercise any of your rights, please contact: Dan Shrimpton our Data Protection Officer.

Why do we process your information?
We process information about you known as ‘personal data’ to enable us to carry out our business as an employment agency for the purposes of permanent recruitment services and as an employment business for the purposes of temporary recruitment services.

By law, we have obligations to ensure that the candidates we place into vacancies are suitable for those positions and that the vacancies are suitable for those candidates. We have a duty of care to look after the best interests of our customers and to do that we need to collect and process relevant information.

We process some other information to help us make sure we are delivering a service that treats people legally and fairly, prevents human rights abuses, and is always improving.

Who will we share information with?
Information shared with client organisations – In order for our client organisations to consider workers for opportunities within their businesses, we need to share worker information with them. We have contracts in place with these organisations that require them to treat worker information as confidential before we share worker information with them.

Information shared with workers – In order to perform our recruitment services (such as arranging interviews, for example) we often need to share client contact information (such as name, job title and contact details) with workers.

Auditors & Inspectors – From time to time we may be audited by third parties to ensure that we are operating a legally compliant and ethical business. These third parties may include:
• Government regulatory and enforcement audits
• Independent social compliance audits
• Client audits
Other – If we would like to share your data with anyone not covered in this privacy notice (such as sharing testimonials with potential customers, for example), we will only do this where we have a legitimate reason to do so and where required will ask for your specific consent to do so.

What are your rights?
All individuals have the following rights regarding their personal information (also called ‘personal data’)

1. The right to be informed – You have the right to know what information we hold about you, what we are using it for, who we are sharing it with, how long we are keeping it, and on what basis we are processing the data. While we always prefer to process data based on your explicit consent, as a recruitment organisation we also have a ‘legitimate interest’ in processing your data to ensure we are matching you to suitable vacancies. There are also times when we have to process your information because we are required to by law.
2. The right of access – If you would like to see the records we hold on file for you, please contact Dan Shrimpton our Data Protection Officer. All requests must be made in writing and will be dealt with within 30 days.
3. The right to rectification – If you believe we are holding incorrect information, you can ask us to correct it.
4. The right to erasure – You can ask us to remove your information from our records. As long as there is no legal requirement for us to keep them (for example, HMRC require us to keep payroll records for 6 years), we will remove your details. This will mean that we won’t be able to contact you with any work opportunities in future.
5. The right to restrict processing – Instead of asking to be removed, you can ask us to stop processing it – so you can ask us to stop contacting you about work opportunities, for example.
6. The right to data portability – If you want to take your data to another organisation, please contact Dan Shrimpton our Data Protection Officer.
7. The right to object – You have the right to object to your data being processed on the basis of legitimate interests, direct marketing, and processing for statistical purposes. We will stop processing your information immediately unless there are legal reasons for us not to do so.
8. The right not to be subject to automated decision-making (including profiling) – You have the right to object to automated decision-making howewver we do not use automated decision-making in our recruitment process
What information do we collect? How do we use it? How long do we keep it?
This privacy notice has been divided into sections, so that you can read the information relevant to you. Each section tells you what information we collect, how we use it, and how long we will keep it for. These sections are:
• Agency workers
• Staff members
• Individuals who work at the companies we do business with

AGENCY WORKERS
Agency Workers are workers we supply to work with our client companies.

What information do we collect?
We collect personal data from you in order to fulfil our contract with you, to comply with our legal obligations and where it is in our legitimate interests in order to provide you with work seeking services and to supply our clients with labour.
This will include:
• Your name and contact details
• Your right to work status (and to take copies of your passport/other allowable documents)
• Your skills, experience and qualifications (where relevant)
• Details about the type of work you are looking for
• Your next of kin
• Whether you require any reasonable adjustments in the recruitment process
• Questions about your work seeking activity, to help us make sure we are protecting your welfare and your rights.
• Your national insurance number and bank details in order to pay you for any work you do
We may also ask for further information to confirm your suitability for work, which may include:
• Reference details
• Health questions relevant to the type of work you are applying for
• Whether you have any unspent criminal convictions
Once a contract has been offered, we will also ask for the following information:
• Whether you require any reasonable adjustments to undertake any roles

For some roles, we may use assessments as part of the recruitment process such as literarcy, numeracy or skills tests, and these results will be held on file.

How do we use it?
The information we collect will only be used for the purposes of progressing your application for work, or to fulfil legal or regulatory requirements if necessary. The information we ask for helps us to assess your suitability for work. You don’t have to provide the information we ask for, but it might affect our ability to provide you with work if you don’t.

How long do we keep it?
We keep the information for either the minimum period we are required to keep it by law, or as defined in our Data Retention Policy or for as long as you give us consent to keep the information.

STAFF MEMBERS
Staff members are those people who work directly for and within our organisation.

What information do we collect?
We collect personal data from you in order to fulfil our contract with you, to comply with our legal obligations and where it is in our legitimate interests as an employer/labour provider to recruit new workers to fill vacancies in our business.
As part of our recruitment process, in order to assess your suitability for employment, we will ask for the following information:
• Name and contact details
• Your right to work status (including taking copies of original passport/visa documents)
• Your skills, experience and qualifications
• Whether you require any reasonable adjustments in the recruitment process
• Questions relevant to your ability to carry out the role
• Whether you have any unspent criminal convictions
Once a job offer has been made and accepted, we will also ask for the following information:
• Bank details
• National Insurance Number
• Your next of kin
• Whether you require any reasonable adjustments to undertake the role

How do we use it?
The information we ask for helps us to assess your suitability for employment, to enable us to employ you and to fulfil legal or regulatory requirements with us. You don’t have to provide the information we ask for, but it might affect our ability to employ you if you don’t.

This information is collected, processed and retained because employers have a ‘legitimate interest’ under data protection law to do this.

How long do we keep it?
If you are successful in your application for employment with us, we keep the information you provide for either the minimum period we are required to keep it by law, or as defined in our Data Retention Policy or for as long as you give us consent to keep the information.

If you are unsuccessful in your application for employment with us, the information will be kept on file for one year after the end of the recruitment process for that role.

Once you are working with us, your employee record will include other relevant information, including:
• Training records
• Appraisal and performance review records
• Sickness absence records
• Correspondence records (including disciplinary and grievance meeting notes where relevant)

Your employee record will be retained for the duration of your employment and for differing periods depending on the records as defined in our Data Retention Policy following the end of your employment.

EXTERNAL BUSINESS CONTACTS

External business contacts means individual members of staff at the supplier, support, client and other organisations we work with to perform the legitimate activities of our business.

What information do we collect?

We collect personal data in order to comply with our legal obligations and where it is in our legitimate interests as an employer/labour provider to do so.

Individuals within the companies we work with are also entitled to have their personal information protected.
We will only share information where it is allowed by law and relevant to our legitimate business activities, such as providing name, job title and contact details when arranging an interview.

We may also share professional information that is already in the public domain (such as company website pages, LinkedIn profiles, and similar media).

How do we use it?

The information we ask for will only be used in connection with the legitimate activities of our business.

How long do we keep it?

We keep the information for either the minimum period we are required to keep it by law, or for as long as you give us consent to keep the information, whichever is longer.

We will retain contact details for individuals within client organisations while the organisation remains a current or prospective client organisation.

Individuals within the organisations we work with have the same rights as any other individual (including the right to be forgotten). Anyone wishing to exercise their rights under data protection legislation should contact Dan Shrimpton our Data Protection Officer.

Lawful Basis for processing

Job Application

Lawful basis for processing: contract

 

City Centre Recruitment has a contractual obligation to provide applicants with a job application service, including sending their details to the prospective employer.

Providing a name, contact details and a covering letter are all prerequisites for City Centre Recruitment to fulfill their contractual obligation to applicants.

Purpose of processing: To allow visitors to apply for jobs and for City Centre Recruitment staff to receive applications.

Job Mailing List

Lawful basis for processing: Consent

A mailing list is a very convenient way for applicants to receive new roles however some recipients may find regular emails overly intrusive. For this reason we believe we must ask applicants for their consent for sending regular emails.

Purpose of processing: Job applicants often wish to be updated when new jobs become available. This data processing allows us to notify them as soon as new positions come in.

Contact Form

Lawful basis for processing: Legitimate interests

It is in both the visitor’s and City Centre Recruitment’s interests that the message is safely received by City Centre Recruitment. Therefore we must keep a copy of the message so it can be retrieved in the event of an email failure.

Purpose of processing: The message details are stored in the database for 1-2 months to ensure messages can be retrieved should there be a failure with email.

GDPR Individual Rights

Right to be informed

All information regarding GDPR can be found in this Privacy Policy.

Right of access

If you would like to have access to a copy of the data this website holds relating specifically to you, please email info@citycentrerecruitment.co.uk with your request. Your data will be provided free of charge within one month of receiving your request.

Right of rectification

If you would like us to rectify any of the data this held on this website relating specifically to you , please email info@citycentrerecruitment.co.uk with your request. We will rectify the data free of charge within one month of receiving your request.

Right of erasure

If you would like us to remove any or all of the data held on this website relating specifically to you , please email info@citycentrerecruitment.co.uk with your request. We will remove the data free of charge within one month of receiving your request. Please note, this may not be possible if the data is essential to services we are contractually obliged to provide you with. We will inform you if this is the case.

Right to restrict processing

If you would like us to restrict the processing of any data held on this website relating specifically to you , please email info@citycentrerecruitment.co.uk with your request. We will restrict processing of your data free of charge within one month of receiving your request. Please note, this may not be possible if the data is essential to services we are contractually obliged to provide you with. We will inform you if this is the case.

Right to data portability

If you would like to have access to a copy of the data this website holds relating specifically to you, please email info@citycentrerecruitment.co.uk with your request. Your data will be provided in CSV format free of charge within one month of receiving your request.

Right to object

For any mass communication you receive from us, you can opt-out immediately using the opt-out link provided. However, if you feel there is any other processing of your data you would like to object to, please email info@citycentrerecruitment.co.uk with your request. We will terminate any further processing of your data immediately and free of charge.

Rights related to automated decision making including profiling

This website does not make use of any automated decision making or profiling.

Data Protection Policy

Introduction

CC Business Service t/a City Centre Recruitment takes the security and privacy of your data seriously. We need to gather and use information or ‘data’ about you as part of our business and to manage our relationship with you. We intend to comply with our legal obligations under the Data Protection Act 2018 (the ‘2018 Act’) and the EU General Data Protection Regulation (‘GDPR’) in respect of data privacy and security. We have a duty to notify you of the information contained in this policy.
This policy applies to data processed regarding current and former employees and workers, job applicants, agency work seekers, agency workers and individual client contacts. If you fall into one of these categories, then you are a ‘data subject’ for the purposes of this policy.

You should read this policy alongside your contract of employment or contract for services and any other notice we issue to you from time to time in relation to your data.

The Company has registered with the ICO and its registration number is Z2611294

The Company has measures in place to protect the security of your data in accordance with our Data Security Policy. A copy of this can be obtained from Dan Shrimpton our Data Protection Officer.

The company will hold data in accordance with our Data Retention Policy. A copy of this can be obtained from Dan Shrimpton our Data Protection Officer We will only hold data for as long as necessary for the purposes for which we collected it.
The Company is a ‘data controller’ for the purposes of your personal data. This means that we determine the purpose and means of the processing of your personal data.

This policy explains how the Company will hold and process your information. It explains your rights as a data subject. It also explains your obligations when obtaining, handling, processing or storing personal data in the course of working for, or on behalf of, the Company.

The Company will only process personal data where it has a legal basis for doing so.

The Company’s Privacy Notice is available on our website, provided to job applicants, work seekers and agency workers in the application pack and provided to current and new clients.

The Company has separate policies and privacy notices in place in respect of suppliers and other categories of data subject. A copy of these can be obtained from Dan Shrimpton our Data Protection officer

The Company will review the personal data it holds on a regular basis to ensure it is being lawfully processed and it is accurate, relevant and up to date.

Before transferring information to a third party (e.g. past, current or prospective employers, suppliers, clients, intermediaries or any other third party), the Company will establish that it has a legal basis for making the transfer.

This policy does not form part of your contract of employment or contract for services if relevant and can be amended by the Company at any time. It is intended that this policy is fully compliant with the 2018 Act and the GDPR. If any conflict arises between those laws and this policy, the Company intends to comply with the 2018 Act and the GDPR.

Data Protection Principles
Personal data must be processed in accordance with our ‘Data Protection Principles.’ It must:
• be processed fairly, lawfully and transparently;
• be collected and processed only for specified, explicit and legitimate purposes;
• be adequate, relevant and limited to what is necessary for the purposes for which it is processed;
• be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;
• not be kept for longer than is necessary for the purposes for which it is processed;
• be processed in accordance with the rights of data subjects;
• not be transferred to another country without appropriate safeguards being in place; and
• be processed securely.
We are accountable for these principles and must be able to show that we are compliant.

How we define personal data
‘Personal data’ means information which relates to a living person who can be identified from that data (a ‘data subject’) on its own, or when taken together with other information which is likely to come into our possession. It includes any expression of opinion about the person and an indication of the intentions of us or others, in respect of that person. It does not include anonymised data.

This policy applies to all personal data whether it is stored electronically, on paper or on other materials.
This personal data might be provided to us by you, or someone else (such as a former employer, or your doctor), or it could be created by us. It could be provided or created during the recruitment process or during the course of the contract of employment or contract for services or after its termination. It could be created by your manager or other colleagues.

We will collect and use the following types of personal data about you:
• recruitment information such as your application form and CV, references, qualifications and membership of any professional bodies and details of any pre-employment assessments;
• your contact details and date of birth;
• the contact details for your emergency contacts;
• your gender;
• your marital status and family details;
• information about your contract of employment or contract for services including start and end dates of employment, role and location, working hours, details of promotion, salary/rates of pay (including details of previous remuneration), pension, benefits and holiday entitlement;
• your bank details and information in relation to your tax status including your national insurance number;
• your identification documents including passport and driving licence and information in relation to your immigration status and right to work for us;
• information relating to disciplinary or grievance/worker complaints and disputes investigations and proceedings involving you (whether or not you were the main subject of those proceedings);
• information relating to your performance and behaviour at work;
• training records;
• electronic information in relation to your use of IT systems/swipe cards/telephone systems;
• your images (whether captured on CCTV, by photograph or video);
and
• any other category of personal data which we may notify you of from time to time.
How we define special categories of personal data
‘Special categories of personal data’ are types of personal data consisting of information as to:
• your racial or ethnic origin;
• your political opinions;
• your religious or philosophical beliefs;
• your trade union membership;
• your genetic or biometric data;
• your health;
• your sex life and sexual orientation; and
• any criminal convictions and offences.
We may hold and use any of these special categories of your personal data in accordance with the law.

How we define processing
‘Processing’ means any operation which is performed on personal data such as:
• collection, recording, organisation, structuring or storage;
• adaption or alteration;
• retrieval, consultation or use;
• disclosure by transmission, dissemination or otherwise making available;
• alignment or combination; and
• restriction, destruction or erasure.
This includes processing personal data which forms part of a filing system and any automated processing.

How will we process your personal data?
The Company will process your personal data (including special categories of personal data) in accordance with our obligations under the 2018 Act.
We will use your personal data for:
• Compliance with a legal obligation (e.g. real time information reporting to HMRC)
• The performance of the contract (e.g. processing payroll, monitoring attendance)
• Protecting the legitimate interest of the Company or third party (e.g. collecting information during a disciplinary, grievance, complaints or disputes process, or collecting workplace data in order to improve workplace performance). You have the right to challenge our legitimate interests and request that we stop this processing. See the section on subject data access rights for further detail.

We can process your personal data for these purposes without specifically informing you or obtaining your consent. We will not use your personal data for an unrelated purpose without telling you about it and the legal basis that we intend to rely on for processing it.

If you choose not to provide us with certain personal data, you should be aware that we may not be able to carry out certain parts of the contract between us. For example, if you do not provide us with your bank account details we may not be able to pay you. It might also stop us from complying with certain legal obligations and duties which we have such as to pay the right amount of tax to HMRC.

Privacy by design and default
We are required to demonstrate that privacy considerations are embedded into all our processes and procedures. We complete documented data protection impact assessments on our processes and procedures to ensure we are compliant with the principles of GDPR. This is completed each time a policy or procedure is changed.

The types of measures that we have implemented includes:
• Data minimisation (i.e. not keeping the data longer than is necessary)
• Pseudonymisation (personal data which cannot be attributed to an individual without additional information. The information must be kept separately and is subject to technical and organisational measures to ensure the individual cannot be identified)
• Anonymisation (using separate keys/codes so that individuals cannot be identified)
• Cyber security
Examples of when we might process your personal data
We have to process your personal data in various situations during your recruitment, employment or engagement and even following termination of your employment or engagement. For example:
• to decide whether to employ or engage you;
• to decide how much to pay you, and the other terms of your contract with us;
• to check you have the legal right to work in the UK;
• to carry out the contract between us including where relevant, its termination;
• training you and reviewing your performance;
• to decide whether to promote you;
• to decide whether and how to manage your performance, absence or conduct;
• to carry out a disciplinary or grievance investigation or complaints and disputes procedure in relation to you or someone else;
• to determine whether we need to make reasonable adjustments to your workplace or role because of your disability;
• to monitor diversity and equal opportunities;
• to monitor and protect the security (including network security) of the Company, of you, our other staff, customers and others;
• to monitor and protect the health and safety of you, our other staff, customers and third parties;
• to pay you and provide pension and other benefits in accordance with the contract between us;
• paying tax and national insurance;
• to provide a reference upon request from another employer;
• to pay trade union subscriptions;
• monitoring compliance by you, us and others with our policies and our contractual obligations;
• to comply with employment law, immigration law, health and safety law, tax law and other laws which affect us;
• to answer questions from insurers in respect of any insurance policies which relate to you;
• running our business and planning for the future;
• the prevention and detection of fraud or other criminal offences;
• to defend the Company in respect of any investigation or litigation and to comply with any court or tribunal orders for disclosure;
and
• for any other reason which we may notify you of from time to time.

We will only process special categories of your personal data (see above) in certain situations in accordance with the law. For example, we can do so if we have your explicit consent. If we asked for your consent to process a special category of personal data, then we would explain the reasons for our request. You do not need to consent and can withdraw consent later if you choose by contacting Dan Shrimpton our Data Protection Officer.

We do not need your consent to process special categories of your personal data when we are processing it for the following purposes, which we may do:
• where it is necessary for carrying out rights and obligations under employment law;
• where it is necessary to protect your vital interests or those of another person where you/they are physically or legally incapable of giving consent;
• where you have made the data public;
• where processing is necessary for the establishment, exercise or defence of legal claims; and
• where processing is necessary for the purposes of occupational medicine or for the assessment of your working capacity.
We might process special categories of your personal data for the purposes detailed above which have an asterisk beside them. In particular, we will use information in relation to:
• your race, ethnic origin, religion, sexual orientation or gender to monitor equal opportunities;
• your sickness absence, health and medical conditions to monitor your absence, assess your fitness for work, to pay you benefits, to comply with our legal obligations under employment law including to make reasonable adjustments and to look after your health and safety; and
• your trade union membership to pay any subscriptions and to comply with our legal obligations in respect of trade union members.
We do not take automated decisions about you, using your personal data or use profiling in relation to you, except where the automated/profiling decision:
• Is necessary for the entering into or performance of a contract between the Company and you;
• Is authorised by law; or
• You have given your explicit consent

Sharing your personal data
Sometimes we might share your personal data with group companies or our contractors and agents to carry out our obligations under our contract with you or for our legitimate interests.

We require those companies to keep your personal data confidential and secure and to protect it in accordance with the law and our policies. They are only permitted to process your data for the lawful purpose for which it has been shared and in accordance with our instructions.

We do not send your personal data outside the European Economic Area. If this changes you will be notified of this and the protections which are in place to protect the security of your data will be explained.

How should you process personal data for the Company?
Everyone who works for, or on behalf of, the Company has some responsibility for ensuring data is collected, stored and handled appropriately, in line with this policy and the Company’s Data Security and Data Retention policies.

The Company’s Data Protection officer is responsible for reviewing this policy and updating the Company management on the Company’s data protection responsibilities and any risks in relation to the processing of data. You should direct any questions in relation to this policy or data protection to dan@citycentrerecruitment.co.uk.

The following details the key rules and good practice that apply to everyone in the Company that processes personal data and you may be subject to monitoring, inspection and risk assessment to ensure that these are being applied.
• You should only access personal data covered by this policy if you need it for the work you do for, or on behalf of the Company and only if you are authorised to do so. You should only use the data for the specified lawful purpose for which it was obtained.
• You should not share personal data informally.
• You should keep personal data secure and not share it with unauthorised people.
• You should regularly review and update personal data which you have to deal with for work. This includes telling us if your own contact details change.
• You should not make unnecessary copies of personal data and should keep and dispose of any copies securely.
• You should use strong passwords.
• You should lock your computer screens when not at your desk.
• Personal data should be encrypted before being transferred electronically to authorised external contacts.
• Consider anonymising data or using separate keys/codes so that the data subject cannot be identified.
• Do not save personal data to your own personal computers or other devices.
• Personal data should never be transferred outside the European Union except in compliance with the law and authorisation of the Data Protection Officer
• You should lock drawers and filing cabinets. Do not leave paper with personal data lying about.
• You should not take personal data away from Company’s premises without authorisation from your line manager or the Data Protection Officer.
• Personal data should be shredded and disposed of securely when you have finished with it.
• You should ask for help from Data Protection Officer if you are unsure about data protection or if you notice any areas of data protection or security we can improve upon.
• Any deliberate or negligent breach of this policy by you may result in disciplinary action being taken against you in accordance with our disciplinary procedure.
• It is a criminal offence to conceal or destroy personal data which is part of a subject access request (see below). This conduct would also amount to gross misconduct under our disciplinary procedure, which could result in your dismissal.

How to deal with data breaches
We have robust measures in place to minimise and prevent data breaches from taking place. Should a breach of personal data occur (whether in respect of you or someone else) then we must take notes and keep evidence of that breach. If the breach is likely to result in a risk to the rights and freedoms of individuals, then we must also notify the Information Commissioner’s Office within 72 hours.

Where a breach is likely to result in a high risk to the rights and freedoms of individuals, then we will also take appropriate steps to inform those individuals without undue delay.

If you are aware of a data breach you must contact Dan Shrimpton our Data protection Officer immediately and keep any evidence, you have in relation to the breach.

Subject access requests
Data subjects can make a ‘subject access request’ (‘SAR’) to find out the information we hold about them. This request must be made in writing. If you receive such a request, you should forward it immediately to the Data Protection Officer/Data Protection Manager who will coordinate a response.

If you would like to make a SAR in relation to your own personal data, you should make this in writing to Dan Shirmpton our Data Protection Officer. We must respond within one month unless the request is complex or numerous in which case the period in which we must respond can be extended by a further two months.

There is no fee for making a SAR. However, if your request is manifestly unfounded or excessive we may charge a reasonable administrative fee or refuse to respond to your request.

Data subjects’ rights
You have the right to:
• Information about what personal data we process, how and on what basis as set out in this policy.
• Access to your own personal data by way of a subject access request (see above).
• Correct any inaccuracies in your personal data. To do you should contact Dan Shirmpton our Data Protection Officer
• Request that we erase your personal data where we were not entitled under the law to process it or it is no longer necessary to process it for the purpose it was collected. To do so you should contact Dan Shirmpton our Data Protection Officer. While you are requesting that your personal data is corrected or erased or are contesting the lawfulness of our processing, you can apply for its use to be restricted while the application is made.
• Object to data processing where we are relying on a legitimate interest to do so and you think that your rights and interests outweigh our own and you wish us to stop.
• Object if we process your personal data for the purposes of direct marketing.
• Receive a copy of your personal data and to transfer your personal data to another data controller. We will not charge for this and will in most cases aim to do this within one month.
• With some exceptions, not to be subjected to automated decision-making.
• Notified of a data security breach concerning your personal data.
• In most situations we will not rely on your consent as a lawful ground to process your data. If we do however request your consent to the processing of your personal data for a specific purpose, you have the right not to consent or to withdraw your consent later. To withdraw your consent, you should contact Dan Shirmpton our Data Protection Officer. In most situations we will not rely on your consent as a lawful ground to process your data.
• Data portability which allows you to obtain and reuse your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
• Complain to the Information Commissioner directly.
Further information on your rights, our obligations, exceptions to the above, and a helpline number can be found on the Information Commissioner’s Office website (www.ico.org.uk).

Bournemouth - 01202 586 930

Southampton - 02382 350 250

Weymouth - 01305 831 707

Yeovil - 01935 478 800

Taunton - 01823 354 300

Nationwide Driving - 0345 450 3360

Website by JD