As part of any recruitment process, Gentoo Group collects and processes personal data relating to job applicants. We are committed to being transparent about how we collect and use that data and to meeting our data protection obligations.
This is a secure site and though every effort has been made to ensure privacy, the security of communication over the Internet cannot be guaranteed. Gentoo Group does not assume any responsibility for any harm, loss, or damage you may experience or incur by the sending of personal or confidential information.
By using this site, you signify you understand Gentoo Group’s online privacy notice. If you do agree to this notice, please do not use this site. We reserve the right, at our discretion, to update, change, modify, add or remove portions of our site and notice from time to time.
What information do we collect?
We collect a range of information about you. This includes:
We may collect this information in a variety of ways. For example, data might be contained in application forms, CVs, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment, including online tests.
We may also collect personal data about you from third parties, such as references supplied by former employers, information from employment background check providers and information from criminal records checks. We will seek information from third parties only once a job offer to you has been made and will inform you that we are doing so.
Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).
Why do we process personal data?
We need to process data to take steps at your request prior to entering into a contract with you. We may also need to process your data to enter into a contract with you.
In some cases, we need to process data to ensure that it is complying with its legal obligations. For example, we are required to check a successful applicant's eligibility to work in the UK before employment starts.
We have a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment process, assess and confirm a candidate's suitability for employment and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.
We may process special categories of data, such as information about ethnic origin, sexual orientation or religion or belief, to monitor recruitment statistics. We may also collect information about whether or not applicants are disabled to make reasonable adjustments for candidates who have a disability. We process such information to carry out our obligations and exercise specific rights in relation to employment.
For some roles, we are obliged to seek information about criminal convictions and offences. Where we seek this information, we do so because it is necessary for us to carry out our obligations and exercise specific rights in relation to employment.
We will not use your data for any purpose other than the recruitment exercise for which you have applied.
If your application is unsuccessful, we may keep your personal data on file in case there are future employment opportunities for which you may be suited. We will ask for your consent before we keep your data for this purpose and you are free to withdraw your consent at any time.
Who has access to data?
Your information may be shared internally for the purposes of the recruitment exercise. This includes members of the HR team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff for the processing of the data. Any equality data that you share with us will be accessed by HR only and will not be shared with interviewers.
We will not share your data with third parties, unless your application for employment is successful and we make you an offer of employment. We will then share your data with former employers to obtain references for you, employment background check providers to obtain necessary background checks and the Disclosure and Barring Service to obtain necessary criminal records checks.
We will not transfer your data outside the European Economic Area.
How do we protect data?
We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed and is not accessed except by authorised employees in the proper performance of their duties. We operate a Data Protection Policy, Information Security Handbook and Digital Behavioural guidelines.
For how long do we keep data?
The Group will hold all of your personal data you provide us in line with our Retention Guidelines and once out of retention will be deleted.
If your application for employment is unsuccessful, we will hold your data on file for 12 months after the end of the relevant recruitment process. At the end of that period or if you withdraw your consent, your data is deleted or destroyed.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.
As a data subject, you have a number of rights. You can:
What if you do not provide personal data?
You are under no statutory or contractual obligation to provide data to us during the recruitment process. However, if you do not provide the information, we will be unable to process your application properly or at all.
Recruitment processes are not based solely on automated decision-making.
Data Protection Officer
Gentoo Group’s Data Protection Officer is Paul Sandersfield and contact details are as follows:
Email: firstname.lastname@example.org or email@example.com
Telephone: (0191) 525 5988
All Gentoo companies are registered with the Information Commissioner’s Officer under the following references: