The Recruitment Process
BU processes your personal data to take steps at your request before entering a contract with you. We will also process your personal data to enter into a part time hourly paid contract or a permanent employment contract with you if you are appointed.
We will share your personal data internally as needed for the recruitment exercise and any appointment, including with HR members, recruitment panel members, interviewers, the recruiting manager, and payroll.
Occasionally, external individuals may serve as experts on selection panels. In such cases, the University will provide applicant details to these individuals via the candidate management system for recruitment purposes.
Except as set out in this Notice, BU typically does not share your personal data with third parties. However, for pre-employment checks, we will gather references and verify your right to work through an approved identification document validation technology provider. We will share your data with former employers for references, background check providers, and the Disclosure and Barring Service for criminal records checks, where necessary. If an external funding body directly funds your employment, your payroll data and CV may be shared with them.
If your appointment is grant-funded, salary information and your CV may need approval from the external funding body. If your role involves working with third-party organisations such as the NHS, information about your employment may be shared with them.
BU utilises Atlantic Data Ltd, a third-party organization, to administer Disclosure and Barring Service (DBS) checks on our behalf. BU shares limited personal details with Atlantic Data Ltd for this process (such as title, forename, middle name, surname, gender, date of birth, email). A copy of Atlantic Data Ltd.’s privacy statement is available here: https://policydocuments.disclosures.co.uk/Privacy_Statement.pdf
Campus Facilities
We process your information in a number of ways in order to manage the BU estate (land and buildings) on the Talbot, Lansdowne and Chapel Gate sites, so that we can provide a safe, secure, efficient and well-managed environment. This includes:
- Operation of CCTV systems. Data generated through the operation of these systems will in certain circumstances be shared with the police.
CCTV systems are in place in some parts of BU’s estate for the purposes of ensuring a safe and secure environment, preventing crime and anti-social behaviour and facilitating the detection or prosecution of criminal behaviour. CCTV footage is processed in accordance with BU’s CCTV policies and procedures. Access to the footage is securely controlled by BU’s IT security arrangements. We may provide CCTV footage to the police where they believe that a crime has been or may have been committed and we are satisfied that the CCTV footage may assist them in their investigation and disclosure would comply with the data protection legislation.
- Management of car parks and provision of parking permits. This includes sharing data with the third party provider of parking enforcement services.
Your data is processed within BU when we process any application you make for a BU parking permits. A third party provider carries out monitoring and enforcement of the terms and conditions of use of BU car parks. Separate privacy information about this processing is provided on the signs in BU car parks and when you make any application for a BU parking permit.
Trade Union Membership
The recognised unions at BU (UCU and UNISON) are controllers for the personal information connected to your union membership. BU holds some union subscription details in order to process salary deductions for union membership for which you will have given your consent.
Monitoring of staff
All of our IT systems are auditable and can be monitored, though we don’t do so routinely. We are committed to respecting individual users’ reasonable expectations of privacy concerning the use of our IT systems and equipment. However, we reserve the right to log and monitor such use in line with our Acceptable Use Policy and BU Staff and Authorised Users Information Security Policy. BU reserves the right to use monitoring activities to protect against threats to its students, staff and to BU itself.
Smartcard passes
All staff are all issued with a Smartcard pass that displays their name, staff reference number and photograph. This is a multi-function card and contains key information that is utilised by a number of systems around BU, including for the swipe access system for the entry and exit of our premises . Smartcards details (names, numbers and photographs) are held on BU Servers controlled by Estates and can only be accessed by a restricted number of people. Any data recorded by the Audit Trail Function (Audit Trail Data) will not be used for monitoring individuals, except for the purpose of the prevention and detection of crime or in a life or death situation (see BU’s Code of Practice for Access to Smart Card Data for further details).
Should you lose your pass you will need to contact [email protected]. The Smartcard policy and Smartcard FAQs provide further details.
Disputes
BU will use the information it holds as necessary for establishment, exercise or defence of legal claims which are or may be taken against it. For this, your data will be processed by relevant contacts within the Professional Service or Faculty, our internal Legal Services team as well as any external legal advisor and BU’s insurer, U.M. Association Limited. BU uses Shakespeare Martineau LLP for external legal support for employment related disputes.
IT Service Desk Calls
Calls are recorded for quality and training purposes. The recordings are only used to improve the Service Desk service provision. The call recordings are deleted after 3 months.
Privacy Notice Contents
-
Introduction
-
When and how we collect your data
-
What personal data we process and why
-
Lawful basis for processing your personal data
-
How we hold your personal data and for how long
-
Data Sharing
-
Overseas transfers of personal data
-
Your rights as a data subject and how to exercise them
-
Further Information