Please note that all applicants will be required to confirm they have read the following Terms and Conditions - Data Protection Policy before submitting their application.


Information for Job Applicants

A Data Protection Policy has been agreed by the Faculty of Advocates and Faculty Services Limited to ensure that the processing of personal data relating to employees, ex-employees and job applicants is carried out by them in compliance with the requirements of the Data Protection Act 2018.

The objectives of the policy are:

1.    To ensure that the processing of personal data relating to employees, ex-employees and job applicants, conforms to the Data Protection Principles.

2.    To be able to respond promptly to the request of any data subject exercising his or her rights under the Data Protection Act 2018.

3.    To ensure that all representatives of the Faculty of Advocates and Faculty Services Limited who deal with the processing of personal data relating to employees, ex-employees and job applicants, are aware of their responsibilities under the Data Protection Act 2018.


If you wish a full copy of the Data Protection Policy (Staff) this will be made available on request to the Human Resources Manager who is the Data Controller for the purposes of the legislation.


Definition of Data Processing

In relation to personal data, ‘data processing’ includes:

·       obtaining, recording or holding the data

·       carrying out any operation or set of operations on the data, including:

(a) organisation, adaptation or alteration of the data,

(b) retrieval, consultation or use of the data,

(c) disclosure of the data by transmission, dissemination or otherwise making available, or

(d) alignment, combination, blocking erasure or destruction of the data.

 

Data Protection Principles

1.      Personal data should be processed fairly and lawfully and, in particular, shall not be processed unless: (a) at least one of the conditions in Schedule 2 (DPA18) is met, and (b) in the case of sensitive personal data, at least one of the conditions in schedule 3 (DPA18) is also met.

2.      Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be processed in any manner incompatible with the purpose or those purposes.

3.      Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

4.      Personal data shall be accurate and, where necessary, kept up to date.

5.      Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

6.      Personal data shall be processed in accordance with the rights of data subjects under this Act.

7.      Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

8.      Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

 

A summary of the type of personal data held by the Faculty of Advocates or Faculty Services Limited in relation to your application is attached. The summary also indicates: (1) typical sources of this data; (2) the purposes of its processing; (3) the length of time such data will be held; and (4) a list of those with permission under the policy to access the personal data.

 

Consent

In accordance with the Data Protection Act 2018 it is important that the Faculty of Advocates and Faculty Services Limited has a record that you consent to the processing of your personal data as described in this document. 


The Right to Access your Personal Data

If you wish to see or have altered the personal data held on your behalf by the Faculty of Advocates or Faculty Services Limited, then please follow the procedure below, which is based on the recommendations in the Data Protection Act 2018.

1.       You should make your request in writing to the Human Resources Manager who is the Data Controller.

2.      If the request is one for access to data then arrangements will be made, within forty days of receipt, to allow the data subject to inspect the data held.

3.      If some data includes information relating to another individual, and permission from that third party to allow access cannot be obtained, then access to that particular data may be denied by the Data Controller.

4.    If the request is to prevent processing, or to have inaccurate data rectified, blocked, erased and destroyed, then the Data Controller will consider the request and respond in writing within forty days of receipt.

 

APPENDIX Job Applicants

  Data held:

·           application form, including covering letter, CV etc

·         references

·         interviewers' assessment notes

  Sources:

·              job applicant

·         interviewee's chosen referees

·         interviewers

   Purpose:

·         to identify and contact applicant

·         to assess the application against the selection criteria

·         to identify any reasonable adjustments which may be required under the Equality Act 2010

·         as evidence of the decision-making process

·         to provide statistics for management analysis

   Duration held :

·              6 months after decision made on application

   Permission to access :

·              Job applicant (data subject) on written request to the Human Resources Manager (data controller)

·         Interviewers

·         Human Resources Department

·         Human Resources Manager

·         Office Bearers

·         Directors of the Board of Faculty Services Ltd

·          Members of the Finance Committee of the Faculty