Privacy Policy
Access Healthcare Northern Ireland
Employees and Candidates Privacy Policy
Access Healthcare Northen Ireland respects the privacy of its employees and candidates and is committed to protecting personal information in compliance with the UK Data Protection Act (UK DPA) and the General Data Protection Regulation (GDPR) 2018. Access Healthcare Northen Ireland’s Privacy Policy explains how we collect, process, disclose, and safeguard the personal data of employees and candidates in the course of providing recruitment and related services.
1. Data Collection and Types of Information:
1.1) Personal Data – Access Healthcare Northen Ireland collects employees’ and candidates’ personal data to provide recruitment services, including identifiers like name, email address, phone number, IP address, work experience, qualifications and other details necessary for recruitment. This data may also include contact information (address, phone number), third-party references, notes from meetings, interviews, calls, assessment test results (e.g., psychometric tests) and other data relevant to work placements or services.
1.2) Non-Personal Data – Access Healthcare Northen Ireland collects non-personal data, such as demographic information, statistical details about website visitors, and browser types. This data cannot identify an employee or a candidate and is used to improve our services.
1.3) Sensitive Data – Access Healthcare Northen Ireland avoids collecting sensitive data unless explicitly required and consented to by an individual.
2. Data Collection Methods:
2.1) Access Healthcare Northen Ireland collects personal data directly when an individual interacts with Access Healthcare Northen Ireland by phone, letter, email, or through our website, submits a CV or other application form, subscribes to email updates, and completes psychometric or competency assessments.
2.2) Access Healthcare Northen Ireland may collect data from third parties, including professional references, results from competency tests, feedback on performance, information related to workplace incidents or complaints, insurance claims, or legal inquiries.
3. Use of Data on Learning Management System (LMS):
3.1) Access Healthcare Northen Ireland may collect and use certain personal data to support LMS. This helps us provide training, improve skills, and enhance our team’s professional growth. Personal data processed in these systems is used solely for educational purposes within the organization and is accessible only to authorized personnel.
3.2) The data may include, but is not limited to, employee identification information, training progress, assessments, and course completion records. We maintain strict confidentiality and apply security measures to protect this data in alignment with our overall data protection standards and this Privacy Policy.
4. Legal Bases for Processing Personal Data:
4.1) Access Healthcare Northen Ireland processes employees’ and candidates’ personal data under the following legal bases:
- Consent – when a person gives explicit consent.
- Contractual requirement – to fulfil obligations under a contract with a person.
- Legitimate interests – for operating, maintaining, and improving our services.
- Legal obligation – to comply with applicable laws and regulations.
5. Processing and Disclosure of Data:
5.1) Access Healthcare Northen Ireland may process and disclose employees’ and candidates’ personal data for the following purposes:
- To provide recruitment services and assist in job placement.
- To apply for jobs on a candidate’s behalf and notify them about opportunities.
- To market recruitment services and enhance customer service.
- To share internally among the recruitment team to identify further opportunities.
- To share internally with the sister companies (Accelerate, Archer Recruitment Ireland, Archer IT Recruitment Malta, Access Healthcare Ireland) to ensure smooth daily operations.
5.2) Access Healthcare Northen Ireland may disclose employees’ or candidates’ personal data to third parties where relevant:
- Prospective employers and referees.
- Professional associations, regulatory or law enforcement agencies as required by law.
6. Data Sharing and International Transfers:
6.1) Access Healthcare Northen Ireland may share data with third parties only when:
- Required by law or a court order.
- Necessary for recruitment services, with adequate data protection measures in place.
6.2) If employees’ or candidates’ personal data needs to be transferred outside the EEA, Access Healthcare Northen Ireland will notify a person and ensure safeguards are in place to protect personal data. This typically occurs only for recruitment purposes, though Access Healthcare Northen Ireland primarily operates within the EEA.
6.3) Employees’ or candidates’ personal data may be processed by a third-party data processor outside the EEA, Quintessential Talent Private Limited, for recruitment services. There is a written contract between Access Healthcare Northen Ireland and Quintessential Talent Private Limited, ensuring that the data processor will only handle personal data when instructed to do so by Access HealthcareNorthen Ireland.
7. Data Retention and Security:
7.1) Access Healthcare Northen Ireland retains employees’ and candidates’ personal data only as long as necessary for the purposes it was collected, typically up to 7 years from the last contact unless otherwise required by law or upon removal request.
7.2) Access Healthcare Northen Ireland implements security procedures to protect personal data from unauthorized access, alteration, or disclosure. Only authorized personnel are allowed access to the data for recruitment-related and operational purposes.
7.3) We use secure communication methods to protect personal data and its storage.
7.4) In the event of a data breach, our IT team follows a defined incident response plan to quickly contain and mitigate any potential risks. Affected individuals will be notified as soon as possible, in accordance with applicable data protection laws.
8. Employees’ and Candidates’ Rights Under GDPR:
- Access and Portability – allows to request access to personal data and receive it in a portable format.
- Rectification – allows for correction of any inaccurate or incomplete personal data.
- Erasure – allows to request deletion of personal data where applicable.
- Restriction – allows to limit processing under certain conditions.
- Objection – allows to object to processing based on legitimate interests.
- Withdraw Consent – allows to withdraw consent where applicable.
9. How to get in touch
To get in touch with any query in relation to personal data, send a mail to privacy@accesshealthcare.co.uk outlining the nature of the request. The Access Healthcare Northen Ireland team will respond within one month of receiving a request. If additional information is needed, Access Healthcare Northen Ireland may ask to fill out the ‘Subject Access Request Form’.
10. Review of the Privacy Policy
We reserve the right to update it at any time to reflect changes in our business practices, legal requirements, and personal data processing methods. The last update to this Privacy Policy was on 11/11/2024.