A SUMMARY OF HOW WE USE YOUR PERSONAL DATA
1. About us
We are Aldermore Bank ("Aldermore"), our Company Registration number is 947662 and our Head Office address is 1st Floor, Block B, Western House, Lynch Wood, Peterborough, PE2 6FZ. This privacy notice summarises how and why Aldermore use your personal data when you apply for employment or engagement with us.
In this notice we provide examples of how personal data is collected and how it is used. You can contact our Data Protection Officer if you have any questions about this notice, would like further information about the points raised or to exercise any of your rights.
2. What personal data do we collect from you, how do we collect it?
In connection with your application for work or engagement with us we may collect store and use certain personal data which (either on its own or when combined with other information we hold about you) allows us to identify you as an individual and which is about you.
This includes information you have provided to us in your CV or application form such as name, address, telephone number, email address, date of birth, gender, employment history and qualifications as well as information you provide to us during interview and/or screening. We may ask you to complete psychometric or ability testing to assess your suitability for the role. We work with SHL to undertake these assessments.
We may also collect, store and use special categories of data including information about your health and any medical condition, information about your race or ethnic origin, religious beliefs or political opinions, disability and sexual orientation and information about criminal convictions and proceedings.
We will generally collect your personal data directly from you or via third parties such The Curve Group, Resource Management or other agencies. However, we may also collect data from and/or combine your personal data with information from other sources such as fraud prevention agencies (Cifas), and publicly available sources such as professional and public network sites, such as LinkedIn.
3. What do we do with your data and who might we share it with?
We process your data to assess your suitability for the role you have applied for, in accordance with our contract, or to take steps to enter into a contract if your application is successful. We may also use your personal data to comply with our legal obligations, such as detecting and monitoring fraud to comply with our regulatory obligations.
Some of our processing of your personal data is done on the basis that it is necessary for our legitimate interests in running an efficient and effective Bank, including administration, record keeping and governance, improving our recruitment and engagement process and for marketing research and developing statistics, as well as some profiling and automated decision making. We only use automated decision making to ensure that you can work in the UK. In the event that you confirm that you do not have the right to work in the UK, an automatic decision is made by our software to reject your application for employment or engagement.
We will use information about any medical condition to consider whether we need to make adjustments during the recruitment process. If we offer you a role we may also collect health information to consider whether any adjustments need to be made to your role and in order to comply with Health and Safety legislation.
We will only use information about your race or ethnic origin, religious or philosophical beliefs, your sex life or sexual orientation and any disability to ensure equal opportunities monitoring and reporting.
Aldermore will also collect information about your criminal history if we decide to offer you a relevant role. For example, if we offer you a role where we are legally required by the Financial Conduct Authority to carry out criminal record checks. We have a policy document in place which explains more about how we process this data and which is available here
We may also, from time to time, ask you for your consent for other purposes, which we will explain to you at the time. Much of what we do with your personal data is not based on your consent and is instead based on other legal grounds. However, for processing that is based on your consent, you have the right to revoke that at any time.
4. How we use Fraud prevention agencies
We process your personal data on the basis that we have a legitimate interest in preventing fraud and other Relevant Conduct (defined below), and to verify identity, in order to protect our business and customers and to comply with laws that apply to us. This processing of your personal data is also a requirement of your engagement with us.
Details of the personal data that will be processed include, for example: name, address, date of birth, any maiden or previous names, contact details, document references, National Insurance Number and nationality. Where relevant, employment details will also be processed.
We and Cifas may also enable law enforcement agencies to access and use your personal data to detect, investigate, and prevent crime.
The fraud prevention agency Cifas has databases for the purpose of allowing organisations to record and share data share data on their fraud cases, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct (“Relevant Conduct”) carried out by their staff and potential staff. “Staff” means an individual engaged as an employee, director, trainee, homeworker, consultant, contractor, temporary or agency worker, or self-employed individual, whether full or part time or for a fixed-term.
5. How long we keep your information
We keep data relating to candidate enquiries that do not lead to employment or engagement for 12 months after we have communicated our decision to you. We do this so that, in the event of a legal claim, we are able to demonstrate that we have not discriminated against any candidates on prohibited grounds. If we wish to retain your personal information on file on the basis that we may wish to contact you about future opportunities, we will keep your information for up to 12 months and we will retain your data for this purpose on the basis of both parties having a legitimate interest in sharing communications about potential future career opportunities.
After this time, the data is securely disposed of.
Cifas can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
6. Data privacy notices from other organisations
Fraud Prevention Agencies and Cifas will use your personal data to perform their services or functions as data controllers in their own right. These notices are separate to our own. Additionally, where an agency or other intermediary processes your personal data as a data controller in its own right, its own privacy notice will apply and you should ask them for a copy if you have not received one by the time you are introduced to us.
7. What are your rights over your personal data?
- To request access to your personal data and to obtain information about how we process it
- To object to the processing of your personal data
- To restrict processing of your personal data
- To have your personal data erased
- To have your personal data corrected if it is inaccurate and to have incomplete data completed;
- To move, copy or transfer your personal data
- Rights in relation to automated decision making including profiling
8. Contact us
Data Protection Officer
Aldermore, 1st Floor, Block B, Western House,
Lynch Wood, Peterborough