Bachmann Recruitment Limited – Privacy Notice
- Who are we?
Bachmann Recruitment Limited (“Company”) is committed to protecting the rights of individuals in line with the Data Protection (Bailiwick of Guernsey) Law, 2017 (“DPL”) and the General Data Protection Regulation (“GDPR”).
BachmannHR Group Limited has a Data Protection Officer who can be contacted through email@example.com
- What personal data do we collect about you?
The personal information that we collect from you will/may include; name, date of birth, nationality, passport data, home address, telephone number, email address, emergency contact, job title, staff number, bank account details, tax information, national insurance information, social security information, health and medical information, education history, employment history, references.
This information will be obtained via various documentation and correspondence required for you to engage in employment or a contractual agreement with us.
You will, of course, inevitably be referred to in many company documents and records.
- How will your information be used?
- The Company needs to keep and process information about you for normal employment and contractual purposes. The information we hold and process will be used for our management and administrative use only. We will keep and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately, during the recruitment process, whilst you are working for us, at the time when your employment ends, after you have left and during the time we have entered into a contractual agreement with you. This includes using information to enable us to comply with the employment contract, to comply with any legal requirements, pursue the legitimate interests of the Company and protect our legal position in the event of legal proceedings. If you do not provide this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision.
- As a company pursuing to provide maritime services including payroll administration, full crew management, provision of temporary seafarers, corporate ownership and yacht management activities, we may sometimes need to process your data to pursue our legitimate business interests, for example to prevent fraud, administrative purposes or reporting potential crimes. We will never process your data where these interests are overridden by your own interests.
- Much of the information we hold will have been provided by you, but some may come from other internal sources, such as your manager, or in some cases, external sources, such as referees.
- Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes. This information will be used in order to comply with our health and safety and occupational health obligations – to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate. We will also need this data to administer and manage statutory and company sick pay, health insurance or life insurance policies.
- Where we process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation, we will always obtain your explicit consent to those activities unless this is not required by law or the information is required to protect your health in an emergency. Where we are processing data based on your consent, you have the right to withdraw that consent at any time.
- In addition, we monitor computer and telephone use, as detailed in our company handbook available on the company’s network.
- Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you, for instance we may need to pass on certain information to, pension or health insurance schemes.
- We may transfer information about you to other group companies for purposes connected with your employment or the management of the company’s business.
- In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements. We have in place safeguards including email encryption to ensure the security of your data.
- We do not use automated decision making. The Company could however potentially use automated decision making in the future as part of our defined role to facilitate our legal obligations.
- If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that purpose and any other relevant information.
- What is our legal basis for processing your personal data?
BachmannHR Group Limited’s legal basis for processing your personal data will either be:
- The consent you have given us (or explicit consent for special categories of data),
- Where the processing of such data is necessary for the performance of a contract of which you are party to or in order to take steps at the request of yourself prior to entering into a contract
- Where processing is necessary for the purposes of the legitimate interests pursued by the company or by a third party
- Who will receive your information?
Your personal data will be received by the company and will be processed by the staff within the company and other in house companies. Your data may/will also be sent to third parties including:
Social security offices
Supervisory authorities and other regulatory bodies
Law enforcement agencies
- What are your individual rights?
Under the GDPR and DPL you have a number of rights with regard to your personal data which are;
- The right to be informed
You have the right to be informed about the collection and use of your personal data along with the purpose for the processing, the recipients and the security of your data.
- The right of access
You have the right to access your personal data that the data controller is processing so you are aware of and can verify the lawfulness of the processing.
- The right to rectification
You have the right to have any inaccurate personal data rectified, or completed if it is incomplete.
- The right to erasure
You have right to have your personal data erased under certain circumstances such as the personal data is no longer necessary for the purpose which it was originally collected or processed or when relying on consent as the lawful basis for processing the data and you have withdrawn the consent.
- The right to restrict processing
You have the right to restrict the processing of your personal data such as if you contest the accuracy of the data, the data has been unlawfully processed or the data controller no longer needs your personal data for the purpose of processing or the processing is unlawful.
- The right to data portability
You have the right to obtain, reuse your personal data for your own purposes across different services. Your personal data will be provided to yourself, or on request, can be sent directly to a new data controller.
- The right to object
You have the right to object to the processing of your personal data when the data is processed for the performance of a task in the public interest/exercise of official authority (including profiling), when your personal data is being used for direct marketing and processing for purposes of scientific/historical research and statistics.
- The right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data relating to you infringes the GDPR and DPL.
- The right not to be subject to automated decision making
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning yourself.
If you have provided consent for the processing of your data you also have the right to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
Any requests or objections or queries should be made in writing to the Data Protection Officer:-
Data Protection Officer
Sir William Place
St Peter Port
- How long will your information be held?
We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept for up to a seven year period after the termination of your employment or contractual agreement with us:
You also have the right to erasure (detailed above) which gives you the right to erase your personal data when the processing if no longer necessary in relation to the purpose for which it was collected which can be sooner than the date retention period.
Data that is no longer relevant will be securely destroyed or deleted.
- Security of your information
The security of your personal data is the very important to us and we make sure your data is secure by having adequate firewalls, anti-malware, anti-virus and anti-spyware which we regularly keep up to date.
When storing your data, we store it both on our company network and physical copies. Electronic copies of your personal data are stored on our company’s network which requires personalised logins to access. Physical copies of your personal data are stored in securely locked cabinets during out of office hours and also in our secure filing room, access to which is protected by a key code and key.
- How to make a complaint
If you are unhappy with the way in which your personal data has been processed you may in the first instance contact our Data Protection Officer using the contact details above.
If you remain dissatisfied then you have the right to apply directly to The Office of the Data Protection Commissioner for a decision. The Information Commissioner can be contacted at:
The Office of the Data Protection Authority,
St Martin’s House
St. Peter Port
- Updates to Privacy Notice
We will amend this Privacy Notice from time to time to ensure it remains up to date. Please visit our website to keep up to date with any changes.