Candidate Privacy Notice

DLP Candidate Privacy Notice

Through our candidate application and recruitment process DLP (as the parent company for a number of trade names including DLP UK, DLPA, Ieli, HR Ltd, Andon Frères, PAC, Noti-nto-day, CTHR and L4L) will collect, process and store personal information about you. Candidate data is processed for four main purposes which are (a) application, (b) assessment and (c) pre-employment screening, and (d) worker permissions. This document explains why we collect your personal information, what information we collect and how it is processed.

In this Privacy Notice the term “processing” covers all activities involving your personal information, including collecting, handling, storing, sharing, accessing, using, transferring and disposing of the information.

1) Why do we collect your personal information?

To manage your application, we will process certain personal information about you. The purposes for this are set out below. We only process your information which is necessary for the purposes of progressing your application or which is required by law or any regulatory requirements.  There are rules set out by Article 6 (general data) and Article 9 (for special data) that we comply with for the strict purpose of the data we collect, use and store.  Not all of the purposes set out below will apply to you.

  • Application: CV, name, address, employment history, academic and professional qualifications, age, diversity (i.e. gender. ethnicity, disability, sexual orientation ), nationality, previous disciplinary matters and work experience – see schedule 1 for full list;
  • Assessment: CV, psychometric tests (such as a situational judgement test, ability or personality test), interview (face to face, telephone or video), behavioural assessments (such as a role play, group exercise or formal prepared presentation), technical assessments;
  • Pre-employment screening (PES); reference checking and DBS

2) What personal information might we process?

Here are some examples of the type of information we may process.

  • Personal details such as name, address, date and place of birth;
  • Work history/job data; previous employers, positions, dates, etc.
  • Employee Benefits; basic salary, benefits, bonuses, etc.;
  • Education and work history including professional qualifications and skills;
  • Employer feedback / references to include regulated references where necessary;
  • Nationality / visa / right to work permit information; (e.g. passport, driving licence, National Insurance numbers)
  • Photographs and images from recorded assessments or from onsite CCTV;
  • Results of pre-employment screening checks (e.g. credit history, criminal records checks where legally permitted)
  • Assessment results e.g. Psychometric assessment results, results from video or telephone assessment

During the process we also capture some sensitive personal data about you (e.g. disability information). We do this in order to make reasonable adjustments to enable our candidates to apply for jobs with us, to be able to take online/telephone assessments, to attend interviews/assessments, to prepare for starting at the bank (if successful) and to ensure that we comply with regulatory obligations placed on us with regard to our hiring.

3) Who do we share your personal information with?

Your data will usually be presented to DLP by (a) a Recruitment Agency or (b) by you contacting us as a result of a recruitment campaign.  Under both scenarios data will be stored, processed and managed by DLP. Any data will only be shared to external partners if it is necessary or required (for example in order to carry out Pre-employment screening).

The recruitment process will involve:

  • Assessing and progressing your application,
  • Assessing your suitability (skills, strengths, behaviours for the role)
  • Activities needed to complete the on-boarding and screening process of a successful application.

To enable these processes your personal information may be shared internally, but the information shared is limited to what is required by each individual to perform their role in the recruitment process.

Your personal information may be shared internally with the following people:

  • Those employees who will manage your role or are acting on their behalf;
  • Employees in DLP with responsibility for tasks in the recruitment process;
  • Employees in DLP with Legal, Conduct, Risk, HR, Regulatory or Fraud responsibility for investigating issues of compliance regulations, policies and contractual requirements;
  • Employees in IT, within DLP or outsources for this purpose, and system owners who manage user access;
  • Audit and Investigations employees in relation to specific audits/investigations; and
  • Security managers for facilities / premises.

DLP may also need to share your information with certain external third parties including those listed below.  You have the right of access of any third party and contact details will be supplied.

  • Companies who provide candidate interview and assessment services;
  • Suppliers who undertake background screening;
  • Academic institutions (Universities, colleges, etc.) in validating information you’ve provided
  • Other third-party suppliers (or potential suppliers), who provide services on our behalf;
  • Previous roles (paid or unpaid) you have held for the purpose of carrying out reference checking.

4) How do we protect your information?

Our HR and Recruitment systems are protected to ensure unauthorised or unlawful processing of personal information, accidental loss or destruction of, or damage to, personal information does not occur.

5) Your Rights

You are entitled to see information DLP hold about you. You can also request changes to be made to incorrect information. You can request information to be deleted or blocked if you legitimately think DLP should not be processing that information, or is processing it incorrectly.

If you have any queries about this notice or your personal information generally, including questions about accessing your personal information or correcting it, you should contact the DLP DPO (data protection officer) in the first instance.  Alternatively, you can make a “subject access request” to request information on the data we hold about you.

It is your responsibility to keep personal data up to date throughout the application process so that accurate application records can be maintained.

6) Criminal records, Credit reference Agencies & DBS checks

Dependent upon the position DLP do not have regulatory obligations for handling money, criminal or statutory checks. However, if this becomes relevant to the role, (or specific to clients wishes) we will explain this and ask for specific consent. You have the right of access to your personal records held by credit reference agencies. We will supply their names and addresses upon request.

7) Data Retention

In accordance with our Data Retention Policy we keep data belonging to unsuccessful candidates for a  period of six months before deletion.

Schedule 1:

Full list of information we may process

  • Name, work and home contact details
  • Date and place of birth
  • Education and work history
  • *Individual demographic information in compliance with legal requirements (such as marital status, national identifier, passport/visa information, nationality, citizenship, military service, disability, work permit, date and place of birth or gender)
  • *Health issues requiring adaptations to working environment
  • Job title, grade and job history
  • Employment contract related information (including compensation, location, hours of work and so on)
  • Reporting and managerial relationships
  • *Leaves of absence (such as maternity leave, sickness absence)
  • Photograph(s)
  • Disciplinary / grievance records
  • Time and attendance details
  • Bank account details for salary payment purposes
  • Expenses such as travel and expenses claimed from the bank
  • Skills and qualifications
  • Training history and plans
  • Results of original and ongoing employee screening, where relevant
  • *Details provided in relation to Conduct policies (such as conflicts of interest, personal account dealing, trade body membership and so on)
  • *Health & safety incidents, accidents at work and associated records
  • *Building CCTV images
  • *Audio recordings of telephone interviews
  • *Video recordings of interview
  • *Notes from face to face interviews
  • Psychometric test results and associated reports
  • Results from behavioural assessments
  • Results from technical assessments

* These categories of information might potentially include some sensitive personal information. Sensitive personal information is not routinely collected about all applicants, it may be collected for legal obligations, or if you choose to disclose it to us during the course of the application or interview process.

Also see DLP Cookie Notice and DLP Privacy Notice.