Privacy Policy

Privacy Policy – Recruitment 

Purpose

This privacy policy (“Privacy Policy”) applies to people applying for a role (“you” ”your”) with the Horizon Care and Education Group (“Horizon”).

The Privacy Policy, sets out the ways in which we collect, use, and share the personal data of candidates who apply for a role with us using the Application Tracking System (“ATS”) from Tribepad. Tribepad operate our Talent Acquisition Platform which includes access to the Applicant Tracking System (“ATS”), Candidate Relationship Management (“CRM”), Onboarding and Partner Ecosystem,– a copy of Tribepad’s privacy notice can be found at https://www.tribepad.com/privacy-and-cookies-policy  It also explains what rights you have to access or change your personal information.

We are your data controller which means that we decide how your personal data is held, used, and protected. We are required under data protection laws to notify you of the information set out in this Privacy Policy.

This policy applies to personal data of candidates and potential candidates for employment and any recruitment events or recruitment programs. It does not apply to any personal data of employees, independent contractors, customers, or young people of Horizon.

Please read this policy and keep it together with any other privacy policy you may be provided with when we collect or process your personal information.

This Privacy Policy sets out your rights under all applicable data protection and privacy legislation in force from time to time in the UK, including the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (UK GDPR); the Data Protection Act 2018 (DPA 2018) (and regulations made thereunder) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended and the guidance and codes of practice issued by the Information Commissioner.

We take your privacy and our responsibility to protect your information seriously.

Generic information

Data Controller

Horizon is made up of a number of companies, which work together to provide various aspects of our services.  Each company is a data controller in its own right and is separately registered with the UK data protection regulator, the Information Commissioner’s Office (“ICO”).  Our companies and their registration numbers are as follows:

Company name

Companies House registration number

ICO registration number

Range Topco Limited

12135972

ZB311382

Range Midco 1 Limited

12136061

ZB311384

Range Midco 2 Limited

12136205

ZB311386

Range Bidco Limited

12136344

ZB311392

Horizon 2918 Limited

08086214

ZB311397

Horizon 2912 Limited

07888171

ZB311400

Horizon Care & Education Group Limited

06454959

Z1377892

Horizon Supported Accommodation Limited

04878290

Z8845498

Horizon Education (South London) Limited

06984574

ZB307627

 

Data Protection Officer

Horizon has appointed a Data Protection Officer (“DPO”), who has responsibility for advising on and monitoring data protection compliance.  You can contact the DPO at:

Data Protection Officer

Venture House, 12 Prospect Park

Longford Road

Cannock

Staffordshire

WS11 0LG

Tel: 07552 445 569

Email: dpo@horizoncare.co.uk  

Your right to contact the Information Commissioner

If you are not happy with how we have handled your query, or you believe that we have not handled your personal information in keeping with the law, you have the right to complain to the Information Commissioner’s Office (ICO), which oversees the protection of personal information in the United Kingdom.  Alternatively, you may choose to contact the ICO directly about your query, regardless of whether you have raised it with us first.

Definitions

  • Personal Data: Any information that relates to an identified or identifiable individual.
  • Processing: Any operation performed on personal data, including collection, storage, use, disclosure, and deletion.

Compliance with Data protection Principles

We will comply with all applicable data protection laws.

Under the Data Protection Principles contained in the applicable data protection laws the personal data we hold about you must be:

  • used lawfully, fairly and in a transparent way.
  • collected only for a valid purpose that has been clearly explained to you and not used in a way that is incompatible with these purposes.
  • relevant to the purposes you have been informed about and limited to these purposes.
  • accurate and kept up to date.
  • kept only as long as necessary for the purposes you have been informed of.
  • kept securely.

Data Collection and Use

Personal Information

Personal Information means any information about a living individual from which that individual can be identified. The information you provide to us might include:

  • your name, postal address, email address, phone number, contact details; –        age range;
  • nationality;
  • ethnicity;
  • religion or belief;
  • sexual orientation;
  • caring responsibilities;
  • disability/long-term health condition and their affect;
  • neurodiversity;
  • gender;
  • Education o secondary school education o highest level of education o university attended (if applicable)
  • details of your educational history, qualifications, skills, experience, and employment history;
  • bank account details;
  • your current salary or remuneration and benefits, leaving date and reason for leaving (where provided by candidate directly or indirectly via a third-party recruiter or previous employer);
  • proof of and documents showing your entitlement to work in the UK;
  • details of previous employment and workplace;
  • copy of passport and driving licence;
  • recruitment information, CV and cover letters, references, or previous employers; – photographs;

Tribepad collects personal data for the following purposes:

  • Recruitment and hiring processes
  • Employee management and HR functions
  • Customer service and support

Personal data will only be collected when necessary and will be used in accordance with applicable laws and regulations.

Special Category Information

You may provide us with more sensitive information, known as Special Category

(“sensitive”) information which may include details about a person’s racial or ethnic origin, political opinions, religious, philosophical, or similar beliefs, trade union membership, genetics, biometrics, health, sexual life, or sexual orientation. If you supply this kind of sensitive information to us, it will be treated differently, and we will explain why we are collecting it. We will only process sensitive information where you have given your explicit consent. See the section below on “How we use your information” in relation to sensitive data to find out more about our use of your sensitive information.

How we Collect Information

We collect your information during the recruitment process directly from you (namely through the application process) or from third parties.

Information we receive from third parties:

We collect information as appropriate to each applicant from third parties such as:

  • recruitment agencies and other recruitment partners and solutions including online services such as LinkedIn or other – relevant background check agencies or

other company employees who have interviewed you;

  • medical practitioners with your consent;
  • referees;
  • previous employers.

How We Use Information About You

We use your information lawfully. We do not sell your information to third parties. However, we may share your information as set out in the section ‘Sharing/Storing your information’.  The details of how we use your information and the legal basis for our use are set out below:

  • Where it is necessary to comply with legal obligations, such as to check you are legally entitled to work in the UK.
  • Where it is necessary for our ‘legitimate business interests’ (legitimate interests) or those of a third party and your interests and fundamental rights do not override those interests.

This means our legitimate interests in conducting and managing our business and our employment or working relationship with you.

If you have any concerns about our processing, you have rights and choices, which include the right to object (please see the section headed ‘Exercising your Rights’).

We may use your information for the purposes listed below on the basis of our legitimate interests:

  • to process any job applications, you submit to us;
  • to work with our third-party recruitment agency to process any job applications you submit to us;
  • to decide whether to recruit you;
  • to inform and structure interviews as part of the recruitment process;
  • to make decisions about your appointment;
  • to contact you in case of suitable vacancies;
  • to enable us to comply with our policies and procedures and to carry out our legal obligations and enforce our legal rights, or to protect your rights; –         to detect and prevent fraud and unauthorised access or illegal activity;
  • to operate a safe and lawful business where we have a legal obligation.

We will use your sensitive information in the following cases:

  • where necessary to carry out any employment law obligations in relation to your application;
  • where it is needed for the public interest, such as for equal opportunities monitoring and reporting;
  • we will use your personal information relating to health, to comply with your employment law rights to health and safety at work;
  • we will use your personal information relating to health in conjunction with our occupational health advisers to assess your fitness to work;
  • we may also process it where you have already made the information public;
  • where you have given your explicit consent;

Equal opportunity data which you may choose to voluntarily provide as part of the application process will only be processed with your consent and used to ensure we are effectively attracting and recruiting from a diverse range of candidates in line with our ongoing diversity and inclusion initiatives; and – where your personal data is required for legal claims.

 

  Processing of your Information 

Your information may be processed by our employees. We have adequate technical and organisational safeguards in place in our company and with third party processors to protect your information. Third party processors of your information include:

  • our website hosts and operators, IT services and support providers, database operators, site analytics providers and software developers; –     Tribepad who operate our Talent Acquisition Platform.

Sharing/Storing Your Information

  • Personal data relevant to the application will be shared and stored in Tribepad ATS for 6 months. After 6 months, if you are unsuccessful at shortlisting, your personal data would be anonymised, if you have not agreed to Horizon storing your data.
  • If you are successful within your application, your personal data will be shared into the onboarding module within the Tribepad ATS. 
  • once onboarding is complete your personal data (bank details, signed contract) will be shared with the Sage People system and the Payroll system.
  • If you are unsuccessful for the role you applied for, your data will be stored in the talent pool module within Tribepad, if you have given permission for us to keep your data.

We may share your data with third parties (including legal or other advisors, regulatory authorities, courts, and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property, or safety of our employees or where such disclosure may be permitted or required by law or where we have a legal obligation to do so.

Where appropriate we require relevant third parties to enter into an agreement committing to compliance with all relevant data protection laws and we require them to have appropriate security measures in place to protect your information from unauthorised access, processing, or use.

Data Retention

Personal data will be retained only for as long as necessary to fulfil the purposes for which it was collected or as required by law. Once the retention period has expired, data will be securely deleted or anonymised as per the above.

We will retain your information during the term of your interaction with us or for as long as we reasonably require the information for our legitimate interests, or for the purposes of exercising our legal rights and obligations, or for as long as we have your consent to do so. 

If you are successful, your information will be kept along with any other employee related personal data you provide us in your personnel records for the duration of your employment with us and for seven years (7) after this date in accordance with our document retention policy.

Exercising your rights

Under data protection law, you have rights in relation to the way in which your personal data is processed.  These are:

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to have incomplete data completed;
  • the right to erasure;
  • the right to restrict processing;
  • the right to object to processing;
  • the right to data portability; and
  • rights in relation to automated processing.

You can find out more about your rights and the circumstances in which they may apply at https://ico.org.uk/your-data-matters/. 

If you want to exercise any of these rights, please email your request to

enquiries@horizoncare.co.uk  FAO: Data Protection Officer, or by visiting our registered office which is at Venture House, 12 Prospect Park, Longford Road, Cannock WS11 0LG.

Automated processing

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. Recruitment processes are not based solely on automated decision-making. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making unless we have a lawful basis for doing so and we have notified you. An example of automateddecision making would be where the ATS system picks up whether  you have the right to work in the UK. This will be based on the information you have provided.

Data processors and international transfers

To help us provide the best services possible we use a number of external suppliers, for example, like many organisations, we use systems hosted by external companies.  Where this is the case, we take great care to select suppliers who can demonstrate to us that they have excellent data protection and security practices, and we put in place arrangements between us that very clearly set out what they can and cannot do with the personal data.  

We do not allow personal data to be processed outside of the European Economic Area (EEA) unless the supplier is able to demonstrate to us that appropriate safeguards are in place to protect data. 

Policy Review and Updates

This policy will be reviewed annually and updated as necessary to ensure compliance with applicable laws and regulations