FRESHFIELDS BRUCKHAUS DERINGER
ONLINE RECRUITMENT PRIVACY NOTICE
Freshfields Bruckhaus Deringer (the “firm”, “we”, “us”, “our”) takes its data protection and information security responsibilities very seriously and is committed to protecting your personal data and privacy.
Through this privacy notice (the Notice) we want to provide you with clear and transparent information regarding the ways in which we collect and use information about you when you apply for a role with us, during the recruitment and selection processes that follow, and following the completion of these processes. Importantly, we want to help you understand your options should you require further information, should you have a complaint, or should you wish to exercise any of the rights that you may have under applicable data protection laws.
Please read this Notice alongside our other notices that we make available when we collect or process personal data, including in particular our general privacy notice available on our website accessible here: https://www.freshfields.com/en-gb/footer/privacy/(the General Privacy Notice). Our General Privacy Notice will provide you with further information regarding how, when and why we use personal data, the rights of individuals whose data we handle and how to exercise those rights, and our structure and various processing activities. This Notice supplements our other notices and is not intended to override them.
When we refer to ‘personal data’ in this Notice, we refer to information about you, and from which you could be identified, including your name, contact details, qualifications, work experience and background information.
SOURCES OF YOUR PERSONAL DATA
Generally, we obtain your personal data directly from you, and on occasion from certain third parties like recruitment agencies or other service providers who are involved in and assist us with our recruitment and screening processes. We may also generate data about you during your application process.
USING YOUR PERSONAL DATA
We will only use your personal data fairly, and where we have a lawful basis to do so. We can use your personal data on the basis of your consent, or if we have another legally permitted basis to do so – for example in relation to a contract with you, or when we need to comply with a legal obligation, or when we have a legitimate interest to use your personal data if it is fair and reasonable to do so.
In relation to our recruitment and applicant management processes, we need to use your personal data to:
- communicate with you;
- conduct screening, assessments and interviews;
- conduct pre-employment checks (including determining your legal right to work, and carrying out criminal record and credit checks where applicable);
- match you to job vacancies;
- make offers and issue contracts of employment;
- administer your personnel records – should your application be successful;
- deal with any queries or disputes in relation to your application; and
- ensure that we comply with our legal obligations.
RETAINING YOUR PERSONAL DATA
Your personal data will be retained for as long as necessary to process your application and for the purposes for which your personal data has been collected – in particular those noted above under the ‘USING YOUR PERSONAL DATA’ section of this Notice.
We may continue to hold information about you and your application(s) after an application process has been completed, for a legitimate purpose, including to:
We will delete or anonymise your information when we no longer need it. However, we may continue to hold anonymised statistical information which does not identify you.
If at any stage you wish to withdraw an application that you have made, or to have your information removed from our systems, or do not wish us to contact you in relation to future employment opportunities, you can let us know by sending an email to HRServices@freshfields.com. This will not prejudice any future application you may wish to submit.
PROTECTING YOUR PERSONAL DATA
We have in place a robust privacy and information security framework to safeguard all data that we handle, including your personal data. This framework includes appropriate technical and organisational measures intended to protect personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. We are ISO27001:2013 certified and align with National Institute of Standards and Technology (NIST) and Control Objectives for Information and Related Technology (COBIT) standards. ISO27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving information security management systems. The firm enforces a stringent information security policy to ensure that data are stored safely and securely. This policy applies to all staff members and to any process or task that involves the handling of data, particularly when dealing with third parties.
ACCESSING AND TRANSFERRING YOUR PERSONAL DATA
Only those with a legitimate need to access your personal data will be able to do so. Information relating to your application and profile, including your contact details, will only be available to those of our staff who need it to consider and progress your application, including to contact you and/or assess your suitability for a role that you have applied for, or, at your option, to contact you in relation to potentially suitable employment opportunities with us. Where necessary, we may disclose this information to certain third parties, such as to a limited number of suppliers who assist us with our recruitment and screening processes, our legal advisors in the event of a dispute or complaint, or to certain authorities to comply with a legal obligation that applies to us.
Personal data may need to be transferred between our offices, or to certain third parties, outside the European Economic Area. Within our firm we have in place specific data processing agreements which incorporate the European Commission's standard contractual clauses, and which allow us to share and handle personal data between our offices globally. Where necessary, standard contractual clauses are also put in place with third parties, together with other contractual requirements including to keep any personal data they receive confidential and to use such data strictly in accordance with our instructions.
YOUR DATA AND YOUR RIGHTS
Please consult our General Privacy Notice here: https://www.freshfields.com/en-gb/footer/privacy/(see SECTION 8) for a fuller explanation of your rights in relation to your personal data, what they mean for you, and how to exercise those rights.
You can seek to exercise those rights by contacting us at email@example.com. We may require you to provide us with satisfactory proof of your identity in order to ensure that your rights are respected and protected, but also to ensure that your personal data are only disclosed to you.
Please note that if you exercise certain of your rights, we may be unable to progress your application or to contact you about future opportunities.
OUR CONTACT DETAILS
This Notice is intended to help you understand how your personal data are used by us in the context of our recruitment and related activities, so you may be comfortable that such use is legitimate, fair and transparent. However, if you have a query, concern or complaint regarding our use of your personal data, or if anything in this Notice or our General Privacy Notice is unclear to you, we would like to assist you to resolve it. You can report a concern or ask us questions by contacting:
You also have the right to complain to your local data protection authority. In the UK this is the Information Commissioner’s Office whose contact details are accessible here: https://ico.org.uk/and for complaints please see here: https://ico.org.uk/make-a-complaint/
If you are unsure as to who is your local data protection authority, please contact us using the details noted below.
The Data Protection Officer
Telephone: +44 20 7716 4000
Freshfields Bruckhaus Deringer LLP
100 Bishopsgate, London EC2P 2SR