You are using Internet Explorer - an outdated and unsupported browser, therefore sections of this site may not work as intended. We recommend you to reload the site in a modern browser such as Edge, Firefox or Chrome.

Microsoft's cybersecurity team actively encourages users to stop using Internet Explorer - Edge is now the default browser installed on Windows 10

Privacy Notice for candidates

The Company is committed to protecting the privacy and security of your personal data.

The purpose of this privacy notice is to let you know clearly how the Company collects and uses personal data about you for the purposes of the recruitment exercise that you are taking part in (whether as an employee, worker or contractor).

The Corinthian Group is a ‘data controller’. This means that we are responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

It is important that you read and understand this notice so that you are aware of how and why we are using your personal data.

How is your personal data collected and stored?

In connection with your application for work with us, we will collect, store, and use personal data about you that you have provided to us directly as part of the application process. This may include, for example, information in application forms, CVs or resumes and covering letters, or collected through interview or other forms of assessment including online tests.

We may also collect personal data about you from the following sources:

  • Recruitment agencies
  • Background check providers
  • Credit reference agencies
  • Disclosure and Barring Service in respect of criminal convictions
  • Your named referees
  • Information from third parties from a publicly accessible source, such as the FCA register

We may collect, store and use the following “special categories” of more sensitive personal data about you:

  • Information about your health, including any medical condition, health and sickness records.
  • Information about criminal convictions and offences.

Your personal data will be stored in a range of different places, including on your application records, in HR management systems and on other IT systems (including email).

Why do we collect and use personal data about you?

The Company has a legitimate interest in processing your personal data during the recruitment process and for keeping records of the process.

Processing personal data about candidates allows the Company to manage the recruitment process, assess and confirm a candidate’s suitability for employment or engagement and decide who to make an offer to. The Company may also need to process personal data about candidates to respond to and defend against legal claims.

The Company needs to process personal data about you to take steps at your request prior to entering into a contract with you. It may also need to process your personal data to enter into a contract with you.

In some cases, the Company needs to process personal data about you to ensure that it is complying with its legal obligations. For example, it is required to check a successful candidate’s eligibility to work in the UK before employment starts.

For some roles, the Company is obliged to seek information about criminal convictions and offences. We will only collect this information where we are legally able to do so. Where the Company seeks this information, it does so because it is necessary for it to carry out its obligations and exercise specific rights in relation to employment.

The Company may also need to process personal data about candidates to respond to and defend against legal claims, where it is necessary to protect your interests (or someone else’s interest) and you are not capable of giving consent or where you have already made the information public.

If you decide not to provide personal data

If you do not provide information when requested, which is necessary for us to consider your application, we will not be able to process your application successfully.

Automated decision-making

Our recruitment processes are not based solely on automated decision-making.

Who has access to recruitment data?

Your personal data may be shared internally for the purposes of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.

As part of the recruitment process the Company may share your personal data with third party test providers in order to assist in assessing your suitability for the role for which you are applying. Otherwise the Company will not share your personal data with third parties, unless your application for employment is successful and it makes you an offer of employment. The Company will then share your personal data with former employers to obtain references for you, employment background check providers to obtain necessary background checks and (where necessary) the Disclosure and Barring Service to obtain necessary criminal records checks.

The Company will not transfer your personal data outside the European Economic Area.

How does the Company protect your personal data?

The Company takes the security of your personal data seriously. We have put in place appropriate technical and organisational measures to prevent your personal data from being accidentally lost, destroyed, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who need to access it in the proper performance of their roles for the Company. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. These measures are in accordance with applicable laws and regulations.

Where the Company engages third parties to process your personal data on its behalf, they are also obliged to implement appropriate technical and organisational measures to ensure the security of data.

How long will the Company retain your personal data for?

If your application is successful, personal data gathered during the recruitment process will be transferred to our HR files and retained during your employment or engagement. The periods for which we will continue to hold your personal data will be notified to you in a new privacy notice.
If your application is unsuccessful we will retain your personal data for a period of six months after we have communicated our decision to you. We retain your personal data for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal data in accordance with applicable laws and regulations.

If we wish to retain your personal data on file, on the basis that a further opportunity may arise in future and we may wish to consider you for that, we will write to you separately, seeking your explicit consent to retain your personal data for a fixed period on that basis.

Your rights

We have appointed a data protection officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the DPO by email: [email protected]
Under certain circumstances, by law you have the right to:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of incomplete or inaccurate personal data we hold about you.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are processing it for our legitimate interests (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to another party where processing is carried out by automated means.

If you would like to exercise any of these rights, please contact our DPO by email: [email protected]

If you believe the Company has not complied with your data protection rights you can complain at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

Making the Complex Simple.
We will help you take the stress
out of arranging your employee benefits.

Contact Us
Website by Big Orange Media