Staff helpline cares about your privacy and is fully committed to processing your personal information in accordance with fair information practices and applicable data privacy laws (specifically, the UK General Data Protection Regulation (‘GDPR’) and the 2018 Data Protection Act). Within this document, Staff helpline is referred to as ‘the Company’.

Scope

This notice explains how the Company handles the personal information of all data subjects such as employees, applicants, interims, former employees, dependants, beneficiaries, contractors, consultants, and temporary agency workers whilst operating its human resources activities. The Company may amend this notice from time to time, should it become necessary to do so.

Collection and Use of Personal Information

The Company will process your personal information to administer the employment and/or contractual relationship with you. The Company may collect, use, and transfer your personal information through automated and/or paper-based data processing systems. The Company has established routine processing functions (such as processing for regular payroll and benefits administration) and will also process personal information on an occasional or ad hoc basis (such as when an employee is being considered for a particular new position or in the context of changes to marital status for example).

During the course of recruitment activities, the Company will collect the following types of personal information:

• Personal identification information, such as your name, home address, date of birth, gender, work-related photographs, and home telephone number.
• Government-issued identification numbers, such as national ID for payroll purposes.
• Immigration, right-to-work and residence status.
• Time and attendance data (utilising facial recognition biometric data) – where applicable.
• Next of kin and emergency contact details.
• Job-related information, such as years of service, work location, employment ID, work record, vacation absences, and contract data.
• Educational and training information, such as your educational awards, certificates and licenses, vocational records, and in-house training attendance.
• Recruitment and performance-related data, such as objectives, ratings, comments, feedback results, career history, work equipment, career and succession planning, skills and competencies and other work-related qualifications.
• CCTV footage and other information obtained through electronic means such as swipe-card records – where applicable.
• Information related to your usage of the Company’s assets.
• Information needed for compliance and risk management, such as disciplinary records, background check reports and security data.
• Payroll and payment or benefits-related information, such as salary and insurance information, dependents, government identifier or tax numbers, bank account details, and employment related benefits information.

The Company processes personal information for the following purposes:

• Workforce planning, recruitment, and staffing.
• Workforce administration, payroll, compensation, and benefit programs.
• Performance management, learning and development.
• Advancement and succession planning.
• Legal compliance, including compliance with government authority requests for information, liens, garnishments, and tax compliance.
• Workplace management, such as travel and expense programs and internal health and safety programs.
• Internal reporting.
• Audit.
• To protect the Company, its workforce, and the public against injury, theft, legal liability, fraud, or abuse.
• Other legal and customary business-related purposes.

In addition, the Company shall process sensitive personal information (‘special category’ data) if it is needed for legitimate business objectives or if it is required to comply with applicable law. Sensitive personal information will not be collected, processed, or transferred, except where adequate privacy protection mechanisms are in place and after having first obtained your informed consent, if required by law.

Your personal information may be passed to a Client (defined as an organisation the Company operates with and supplies Workers on assignment to), and vice versa. Such data may include confirmation of your performance on a specific assignment, which the Client may provide to the Company so that it can ensure you are performing at the standard requirements. Information will only be shared to ensure that the Company can administer the employment and/or contractual relationship with you. The Company will not pass any personal data that is not necessary to fulfil its obligations to you and the Client.

The Company may obtain information about you from Staff Helpline ing for potential candidates from third party sources such as job sites. If you engage with the Company via any social media platform such as Facebook, Instagram or any other future platform the Company will receive information from the applicable site.

The Company uses data processors, which are third party organisations providing services (or elements thereof) to the Company. The Company has a contract in place with all data processors which ensures that all data processors are only permitted to process data in accordance with instructions received by the Company as the data controller and data protection law. Data processors are not permitted to share your personal information with any third-party organisation.

Where data processors are based outside of the UK or EU, the Company ensures that data is legally protected, and transfers are undertaken either:

• On the basis of an adequacy decision where the EU has decided that the destination country has an adequate and equivalent level of protection to that if it were in the EU, or
• By ensuring the processor’s contractual commitment to handle and process personal data to UK standards (as per the UK General Data Protection Regulation and the 2018 Data Protection Act)
• In future, if the UK provides its own adequacy judgements for overseas data protection regimes these will be reflected by the Company

Disclosures

The Company may disclose your personal information for its legitimate purposes or a third party’s legitimate interests for the continuity of its business/service, in the following circumstances:

• Other entities/subsidiaries of the Company, joint ventures, sub-contractors, vendors, or suppliers performing services on the Company’s behalf for the aforementioned purposes; or
• A newly formed or acquiring organisation if the Company Staff helpline is involved in a merger, sale, or a transfer of business.

The Company may also disclose your details to any recipient:

• If it is legally obliged to, such as by applicable court order or law.
• With your consent, such as for employment verification or bank loans.
• When reasonably necessary such as in the event of a life-threatening emergency.

Choice

The Company respects your right to object to any uses or disclosures of your personal information which are not:

• Required by law.
• Necessary for the fulfilment of a contractual obligation (e.g., employment contract).
• Required to meet the legitimate interests of the Company as an employer (such as disclosures for internal auditing and reporting purposes or other processing covered by this notice). If you do object, the Company shall endeavour to work with you to find a reasonable accommodation.

Automatic Processing

At times the Company will use automated systems/processes and automated decision making (like profiling) to improve and support your experience. Automation allows the Company to make processes intuitive, simple, and easy to use. You have Rights in relations to Automatic Processing, see ‘Know Your Rights’.

International Transfers

Your personal information may be transferred outside of the country where you work, including to countries which do not provide the same level of protection for your personal information. The Company is committed to protecting the privacy and confidentiality of personal information when it is transferred. Where such transfers occur, the Company shall ensure that adequate protection exists either through appropriate contractual arrangements or as required by law.

Accuracy

The Company takes reasonable steps to ensure that personal information is accurate, complete, and current. Please note that you have shared responsibility with regards to the accuracy of your personal information. Please notify the Company through your local site contact of any changes to your personal information or that of your beneficiaries or dependants.

Access

You may reasonably access and update the personal information pertaining to you that is on file with the Company. You can exercise this right by contacting:

DPO@staffhelpline.co.uk

• Your ability to access and correct personal information is not limited by transfers of personal information – the ability shall exist regardless of where personal information is physically situated within the Company.
• Your right to access your personal information may have some restrictions. For example, access may be denied in the case of recurrent access requests within a short time interval, or where providing such access or correction could compromise the privacy of another person or unreasonably expose sensitive company information.

Right to Erasure

You can ask the Company to delete any information it holds about you if the law and the Company’s data retention policies allow for this.

Security

The Company takes precautions to protect personal information from loss, misuse, and unauthorised access, disclosure, alteration, and destruction. The Company has taken appropriate technical and organisational measures to protect the information systems on which your personal information is stored and require its suppliers and service providers to protect your personal information by contractual means.

Retention

Your personal information will be retained as long as necessary to achieve the purpose for which it was collected, usually for the duration of any contractual relationship and for any period thereafter as legally required or permitted by applicable law, after which point all information shall be securely destroyed in accordance with the Company’s Data Protection and Information Security policies.

The Company will only continue to contact you for a period of two years after you have left employment or registered interest to work for the Company.

If you do not want us to contact you anymore, please contact:
DPO@staffhelpline.co.uk

Handling Privacy Concerns

If you have any questions about this notice or if you believe that your personal information is not handled in accordance with the applicable law or this notice, you have several options:

Contact the Company

• Discuss the issue with your supervisor or another supervisor or manager.
• Contact the Company’s Human Resources department (enquiries@staffhelpline.co.uk)
• Contact the Company’s Data Protection Officer (DPO@staffhelpline.co.uk)

Contact the Information Commissioner’s Office (the ‘ICO’)

• Telephone the ICO helpline (0303 123 1113)
• Visit the ICO website (https://ico.org.uk/global/contact-us/)
• Write to the ICO at the following postal address:
• Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

The Company’s ICO Registration Numbers are as follows:

• Sraff Helpline ltd              123456789

‘Know Your Rights’

The UK General Data Protection Regulation (GDPR) and the 2018 Data Protection Act (DPA) enshrines a number of rights for data subjects which are listed below, all of which are supported by the Company. Further information about these rights may be accessed by clicking the link shown at the bottom of the page.

1. The right to be informed:

The right to be informed encompasses our obligation to provide ‘fair processing information’. This emphasises the need for the Company to be transparent about how your personal data is used.

1. The right of access:

You have the right to obtain: (a) confirmation that your data is being processed; (b) access to your personal data; and (c) other supplementary information – this largely corresponds to the information that is provided in the Company’s Privacy Policy.

1. The right to rectification:

You are entitled to have personal data rectified if it is inaccurate or incomplete

1. The right to erasure:

The right to erasure is also known as ‘the right to be forgotten’. The broad principle underpinning this right is to enable you to request the deletion or removal of personal data where there is no compelling reason for its continued processing.

1. The right to restrict processing:

Under the DPA, you have the right to ‘block’ or suppress processing of personal data. The restriction of processing under the GDPR is similar. When processing is restricted, the Company is permitted to store the personal data, but not further process it. Retaining just enough information about you to ensure that the restriction is respected in future is permitted.

1. The right to data portability:

The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.

1. The right to object:

You have the right to object to:

(a) processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);

(b) direct marketing (including profiling); and

(c) processing for purposes of scientific/historical reStaff Helpline  and statistics.

1. Rights in relation to automated decision making and profiling:
   The GDPR provides safeguards for you against the risk that a potentially damaging decision is taken without human intervention. These rights work in a similar way to existing rights under the DPA.

More detailed information on each of the rights can be found here:
https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/

Cookie Policy

You are on www.staffhelpline.co.uk, the website of Staff helpline*. This website uses cookies.

If you provide personal data to Staff helpline for any specific purpose such as to receive alerts or to register with us, your personal data will be stored by us. Please refer to Staff helpline’s Privacy Policy for further information.

Use of Cookies

Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Cookies are small text files which are downloaded when you visit a website or application. Your browser can read these files and, in some cases, remember your preferences, e.g. which content to display on the screen.

Cookies include a (unique) number. They do not contain personal data. Staff helpline cannot use cookies to identify you personally. Nor can cookies be used to recognise you on other websites.

To find out more about cookies, including how to see what cookies have been added to your browser and how to manage and delete them, visit www.allaboutcookies.org.

Types of Cookies

The following types of cookie may be used by Staff helpline:

• Strictly Necessary Cookies

These cookies are essential to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies the services you have asked for may not be provided.

(B)Performance Cookies

It is important for Staff helpline to understand how you use the website, for example, how efficiently you navigate around it, and what features you use. Performance cookies enable Staff helpline to gather this information and help us to improve the website and your experience of it. These cookies collect anonymous information on the pages visited.

(C)Functionality Cookies

These cookies remember your choices to improve your experience. Functionality cookies enable Staff helpline to provide additional functions to you on the website, such as personalisation and remembering your saved preferences.

(D)Persistent Cookies

Any of the above types of cookie may be a persistent cookie. Persistent cookies are those which remain on your computer or device for a predetermined period and are activated each time you visit the website.

(E)Session Cookies

Any of the above types of cookie may be a session cookie. Session cookies are temporary and only remain on your computer or device from the point at which you visit the website until you close your browser. Session cookies are deleted when you close your browser.