All information provided on your application form will be processed by the Chartered Society of Physiotherapy (CSP) in accordance with the principles of the General Data Protection Regulations (GDPR) 2018 for the purpose of assessing your suitability for employment.
What we need from you
Under the GDPR, the CSP is what is known as the ‘Controller’ of the personal data you provide to us. Our company registration number is RC000107 and its registered address is: , 3rd Floor South, Chancery Exchange, 10 Furnival Street, London, EC4A 1AB
Sensitive personal data
The CSP ask candidates to provide some sensitive personal information on our equal opportunities form when applying for a job. This includes your age, gender, ethnicity, religion or belief, sexual orientation and disability. This data is used solely for monitoring purposes, and will not be seen by anyone involved in the selection process. This information is stored securely and anonymously and it is not compulsory for you to provide it.
In addition to the data described above. We will also collect personal data about you for the purpose of assessing your job application. The information we collect includes your name, date of birth, address, email address, employment history and qualifications.
Why do we need it?
We need this personal data about you for the purpose of assessing your job application and in order to keep in touch with you at each stage of the recruitment process.
If you do not provide this information, then we will be unable to process your job application.
We will not collect any personal data from you that we do not need. Under GDPR you have several rights regarding the use of your personal data and these are summarised further below.
What do we do with it?
The information you provide will be stored on our computerised personnel information system, which is used for CSP recruitment. Your personal data will be kept so that you do not have to re-enter it if you wish to apply for future roles.
Your information is held on a cloud-based system whose servers are located within the United Kingdom. We take all reasonable steps to ensure that your personal data is processed securely.
The personal data we hold about you will be processed solely by CSP Human Resources and CSP employees involved in the selection and recruitment process.
Your application form is anonymised during the shortlisting process and equal opportunities data is stored separately to this to ensure fair treatment of all applicants. Equal opportunities information is kept for monitoring purposes only and is not shared with anyone outside of HR.
Please note as stated above all application forms are anonymised, however a very small number of vacancies require you to apply using a C.V. If this is the case it will be clearly stated on the advertisement. In these circumstances your application will not be anonymised.
The legal basis for processing your personal data
The GDPR says we must have a lawful basis to process personal information. We rely on the following legal conditions to process personal data:
Consent: by submitting your application, you are giving us consent to process the personal information you have supplied to assess your suitability for a job.
Legitimate Interest: under the GDPR, we can process personal information under this condition, providing:
- this activity is necessary to fulfil our recruitment objectives;
- this activity meets with the expectations of the person who the personal information relates to;
- this activity doesn’t override your rights and freedoms; and
- you have been given an opportunity to object to the processing.
How long do we keep your data?
If you are unsuccessful in your application, we will keep your personal data for a maximum of six months after a recruitment campaign closes, after which time it will be securely destroyed.
If you are successful, your personal data relating your recruitment will be kept for the first six months of your employment with us. All other information will be kept for the duration of your employment with us and for seven years after that.
What are your rights?
Under GDPR, you have several rights regarding the use of your personal data. These include:
- to be given clear, transparent and free information about how your data will be used (which we have detailed above):
- to access your personal data, so that you can see how this information is being used by us;
- to have your personal information updated and corrected;
- to obtain and reuse the personal data you have given to us for your own purposes;
- to request that we permanently delete or remove your information; and
- to request that we don't use your personal data for specific purposes and, unless we are under a legal or contractual obligation, we must respect your wishes.
If you would like more information or wish to exercise any of the rights outlined above, please contact us at firstname.lastname@example.org