Go to the main content section.Welcome. You are not signed in. Sign In Beginning of the main content section. Printable Format

Privacy Agreement 

Introduction


This is the privacy notice for applicants to roles with Guardian News and Media Limited ("GNM") through this website. It will explain what happens with the personal data that you provide as part of the job application process. GNM is a “data controller” in relation to your personal data. This means that we are responsible for deciding how and why we hold and use your personal data.

 

We need to process your personal data in order to process your application for employment. There are also statutory requirements we have to comply with in relation to your application. If we are not able to carry out the processing activities we describe in this privacy notice, we may not be able to continue with your application. Of course, we hope it would never come to that, and this is simply information we are obliged to provide to you as part of this privacy notice

 

When we say "we" or "us" in this document, we mean GNM.

In this privacy notice you will see reference to "GDPR" - that refers to the General Data Protection Regulation which is a European law governing your rights in relation to your personal data, and how organisations should protect it.

 

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or otherwise processing personal data about you, so that you are aware of how and why we are using such information.

What personal data we collect and how we use it

 

Personal data essentially means any information about you.


We will collect, store, and use the following categories of personal data about you in order to process your job application:

 

  • identification data, such as name, title, citizenship, passport, drivers' licence information and tax reference;
  • personal information, such as your date and place of birth, emergency contact details and, gender;
  • contact details, such as your home address, telephone number and email address;
  • education and work experience, such as contact details for your current/former employer, information about your educational background, your work experience and other experience;
  • other application data, such as information included in your application form/CV, information about the jobs that you had searched for or looked at on our pages and jobs for which you had submitted an application;
  • information collected as part of the interview process, such as notes taken from your interview or information provided from recruitment agencies;
  • background check information, such as information obtained through reference checks and confirmation about your work/educational background

Our website is hosted on theguardian.com. When you visit our website, we may also collect information from you automatically, for example using cookies and other similar technology. For more information on how cookies and similar technology are used on our site, please refer to the privacy policy and cookies policy for theguardian.com.



There are also “special categories” of more sensitive personal data which require a higher level of protection.

We may also collect, store and use the following “special categories” of more sensitive personal data:

  • health and medical data, such as information on disability for purposes of accommodating your application and interview and compliance with legal obligations;
  • criminal records data, in the event we conduct or receive the results of criminal records background checks in relation to you in the process of your application, where relevant and appropriate to the role that you are applying for;
  • diversity monitoring data, such as information about your race or ethnicity and religious beliefs.

Any diversity monitoring data provided will only be used for statistical purposes and will not affect the success of your application.

 

How we collect personal data about you

 

You will be asked to provide most of the personal data that we collect about you directly to us using either the web form or, at a later stage in the application process, through the interview process.

 

However, we may sometimes collect personal data about applicants through the application and recruitment process from an employment agency or background check provider (at a later stage in the recruitment process).

 

How we will use personal data about you and situations in which we will use your personal data

 

We need all the categories of information in the list above primarily to allow us to take steps at your request that are necessary prior to entering into an employment contract with you and to enable us to comply with legal obligations.

 

In some cases we may use your personal data to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests. In rare cases and only where appropriate, we rely on your consent to process your personal data.

 

We have listed the situations in (or in reality the purposes for) which we will process your personal data below. The list also contains the legal ground under which we process your data according to data protection law and our legitimate interest where this is the relevant legal ground.
 

Situation

Legal ground

Our legitimate interest (if applicable)

Processing your job application information

Necessary steps prior to contract

N/A

Making a decision about your recruitment (including whether to interview or to employ you or to engage you on a non-employment basis, whether temporary or permanent)

Necessary steps prior to contract

N/A

Checking you are legally entitled to work in the UK

Complying with our legal obligations

N/A

Equal opportunities monitoring

Substantial public interest to identify or keeping under review equal opportunities

N/A

Background check information

 

Legitimate interest to verify your qualifications and work experience.

N/A

Criminal record checks

Preventing or detecting unlawful acts and protecting the public against dishonest

N/A

Employment, professional qualification and academic history verification

Our legitimate interest

To assess your suitability for employment/engagement with us

 

To ensure accuracy of employment history provided by applicant and to determine trustworthiness of the applicant

Sending you email notifications

Your consent

N/A

Using cookies for analytics

Our legitimate interest

To measure and understand how applicants use our website

Responding to and complying with requests and legal demands from regulators or other authorities

Complying with our legal obligations

N/A

 

When relying on the legitimate interests basis for processing your personal data, we will balance the legitimate interest pursued by us and any relevant third party with your interest and fundamental rights and freedoms in relation to the protection of your personal data to ensure it is appropriate for us to rely on legitimate interests and to identify any additional steps we need to take to achieve the right balance.

 

Regarding the email notifications we send you, you can choose to receive notifications by email to acknowledge receipt of your job application or to receive an alert when a similar job position has been posted. If you would like us not to send you these notifications, changes to your notification preferences can be made in your account.

 

For some roles, it will be necessary for background screening checks to be conducted, such as checking educational and professional qualifications and employment history. Higher risk positions may require additional checks such as criminal records checks. Criminal records checks will only be conducted where the check is directly relevant to the relevant role and proportionate to the particular risks that may arise out of wrongdoing in that role. Any background screening will only be conducted once a job offer has been made and only a limited number of our recruitment team will have access to this information. You will be informed if any background check is a necessary condition to the job offer. You will also be informed of these checks before they take place.

Change of purpose

 

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

 

Updating your personal data

 

Once an account has been created with the recruitment system you will be able to change certain data about yourself when you are logged in such as updating contact details and submitting additional documents or removing existing documents in your application.

 

Sharing your personal data with third parties

 

We use service providers in the recruitment process (including pre-employment screening and background checks), and in managing recruitment systems. These third parties service providers have undergone security checks, and have been carefully selected by us. We do not allow our third party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

We may also share your personal data with regulators, courts, and other authorities (e.g. tax and law enforcement authorities), independent external advisors (e.g, auditors), insurance providers and internal compliance and investigation teams (including external advisers appointed to conduct internal investigations) to comply with our legal obligations.

 

Logging in using Google+

If you log-in to our site using a Google log-in, you grant permission to Google to share your user details with us. This only includes your first and last name, your email address and whether your email address has been validated, your age range, a link to your Google profile and, if you have one, your profile picture. We will then use this information to form a profile for your account on our recruitment platform.
If you remove “GNM Taleo Google+” from your Google account settings, we will no longer have access to this information.

Transferring your personal data to a country outside the EEA

Information we collect may be transferred to, stored and processed in any country or territory where one or more of our linked companies or service providers are based or have facilities. While other countries or territories may not have the same standards of data protection as those within your home country, we will continue to protect personal data we transfer in line with this privacy policy.

 

Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:

 

  • We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data.
  • We may also use specific approved contracts with our service providers that are based in countries outside the EEA. These contracts give your personal data the same protection is has in the EEA .
  • Where we use service providers in the United States, we may transfer personal data to them if they are part of the Privacy Shield scheme, which requires them to provide a similar level protection of your personal data to what is required in the EEA.

If you are located in the EEA, you may contact us for a copy of the safeguards which we have put in place for the transfer of your personal data outside the EEA.

Data Security

 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

 

We have put in place policies and procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

 

How long we will keep your personal data

 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

 

If your application is unsuccessful, the information that we have collected about you for the recruitment process will be kept for up to 6 months after the position has been filled, and we will delete your account thereafter. If you wish for your details to be deleted prior to this please contact hr.admin@theguardian.com. For some roles you may be given an opportunity for your information to be held on file in case similar opportunities arise in the future.

Your rights with regard to your personal data held by us

 

Under certain circumstances, by law you have the right to:
 
•   
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. We do have to take into account the interests of others though, so this is not an absolute right, and if you want to request more than one copy we may charge a fee.


•   
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. Once an account has been created with GNM’s application tracking system you will be able to change certain data about yourself when you are logged in such as updating contact details.


•    Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).


•    Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.

 

•    Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.


•    Request the transfer of your personal data to another party.


If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact
the Data Protection Manager at Guardian News and Media Limited, Kings Place, 90 York Way, London N1 9GU. Or, email dataprotection@theguardian.com.
 
No fee usually required
 
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

Data Protection Officer

 

We have appointed a Data Protection Officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact us at Guardian News and Media Limited, Kings Place, 90 York Way, London N1 9GU or email . You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

 

Changes to the privacy notice

 

Should we make changes to our privacy policy we will post them here. Where the changes are significant, we may also choose to email all our registered users with the new details. Where required by law, will we obtain your consent to make these changes.

 

Changes to this policy by date

 

July 2015: Addition of how to get access to your personal data, corrected the link to the main theguardian.com privacy policy

 

May 2018: Updated to reflect the requirements under the General Data Protection Regulation