Potential Employee of Thursday’s Child Privacy Notice
Potential Employee of Thursday’s Child Privacy Notice
If you are a potential employee or applying for a role with Thursday’s Child this notice applies to you.
- At Thursday’s Child we care about your data.
- Our data processing activities are always in line with the General Data Protection Regulation (GDPR)
- We keep to a minimum the information we hold about you
- We use your data to assess your suitability for a role at Thursday's Child
- We delete your data when it is no longer needed for these things
- We take security seriously
- You have privacy rights as an individual
- We are happy to talk to you about how we process and protect your data
What we hold
If you have applied for a job with us then we will hold the following information until such time as your application for a specific role is either successful or unsuccessful:
- The information that you provided on your CV or application form. This information is held with the potential intention of starting a contract with you.
- If you attend an interview, we will hold interview notes. This is a legitimate thing for us to do and ensures that we make the correct and unbiassed decision on the best candidate.
- If your application is successful then your data is processed as per the Fair Processing Notice available in the employee handbook.
- If your application is unsuccessful then your CV and interview notes will be stored for 3 months just in case there are any disputes on either side, or if that particular role becomes vacant again. This is a legitimate thing for a business to do.
- If you give us a ring or make contact by email, we will follow up on your enquiry and see if there is a way in which we can help you. We keep a record of enquiries received, so that we know what we have said to whom. This is a legitimate thing for a business to do to ensure that both parties are happy with the service levels between them.
- Technical personal data is also captured if you use our website and that is processed to protect our users from cyber attacks and also for us to see which bits of our website are being used the most, which in term helps us with our strategy planning, a legitimate thing for companies to do.
Note: we do not accept unsolicited CVs; these are deleted immediately. We also do not keep old CVs beyond what we have stated above. CV’s go out of data quickly and we have an obligation to have correct data in our systems, as well as having a lawful reason for holding it. “Just in case” is not a good reason.
Details of the technical personal data that we process is below
- We generate log files from various servers when you visit our website: this will include an IP address assigned to you or, more likely, to someone who provides you with Internet access.
- The cookies we use only contain anonymous information to improve the services we offer, and do not contain personal information.
- Our website, like many others, uses Google Analytics, a web analytics tool provided by Google, to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google can provide more details about their cookies.
Using Your Information
We have to tell you what our lawful basis is for processing your data, so we are letting you know the reference to the GDPR after each section.
We may use the logs from our servers to assist in our firm's security, as well as to determine visitor behaviour and help us plan our strategy (e.g. such as working out which pages on the site are most popular, or whether particular events have caused an increase in traffic).
The legal basis for processing this data is Article 6.1(c): we have legal and regulatory obligations to protect our clients and their information, also under Article. 6(f): strategy planning is a legitimate thing for a business to do.
Transfers of your data
We do not transfer or process data outside the European Economic Area or other countries deemed to have inadequate protection of data by the EU.
We also have a small number of companies providing services to us. These are our processors and we have confirmed that they all meet the requirements of EU data protection laws. They are mentioned in the relevant parts of our privacy statement so you are aware of when we use them.
- All our laptops are password protected, as are our phones.
- Our phones are fully encrypted.
- Our servers and desktop computers are protected by physical security.
- The ability to log on to all these devices is restricted to members of staff, each having their own unique log on credentials.
- Landline phone calls are not encrypted.
- If you have particular security requirements, please call us to discuss how we can support you.
We do not record telephone calls. This may change in the future, but if it does, don’t worry, we will let you know.
You have lots of rights in respect of our processing of your personal data. The relevant rights are:
- Request a copy of your personal data and information about our processing of it
- Request that we delete information on you if we do not need to hold it
- Request that we correct any personal data that we hold on you
- Request that we stop processing your data, for certain things, eg marketing although we can still hold it
- Request that we move your data to another organisation’s IT system electronically
If you want to exercise any of these rights, please just contact us on [email protected]
You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/
If you want to talk to us about this you can call contact us on email at: [email protected]
Return to our Data Privacy Summary