Employee and Recruitment Privacy Notice (“Privacy Notice”)
Seedrs is committed to protecting the privacy and security of your personal data. This Privacy Notice describes how we collect and use personal data about you before, during and after your working relationship with us, in accordance with applicable data protection legislation. It applies to job applicants, employees and former employers, workers and former workers (including contractors), and work experience placements.
It is important that you read this Privacy Notice, together with our primary Privacy Notice which outlines our core data protection obligations and commitments when we are collecting or processing personal data.
1. The information we hold about you
We may collect, store, and use the following categories of personal data about you:
• Personal details such as name, image, date of birth, gender, national insurance number, address, email address, and telephone number;
• Information obtained during your recruitment including your CV, covering letter, application, notes from interviews, assessment results, qualifications, communications with you, and references;
• Nationality and right to work information such as a copy of your passport and work visa;
• Your employment agreement, salary, annual leave, pension and benefits information;
• Payroll data such as your bank account details and tax information;
• Information about your use of our information and communication systems such as through your work email and instant messaging accounts;
• Performance appraisals and reviews; and
• Disciplinary and grievance information.
We may also collect, store, and use the following categories of sensitive or special category personal data about you where the law allows us to:
• Information about your race or ethnicity, religious beliefs, or sexual orientation;
• Information about your physical or mental health, your disability status, and work-related health and sickness records such as details of any absences from work including time on statutory parental leave and sick leave, workplace accidents, and decisions as to your fitness for work; and
• Information about criminal convictions and offences.
2. How is your personal data collected?
We typically collect personal data directly from you, or from where you have made your personal data publicly available. We may also collect it from third parties such as employment agencies, background check providers, former employers, and from references you have provided to us.
3. How we will use information about you
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the circumstances set out below.
To carry out our obligations under our contracts with you or others, we may use your personal data for the following activities:
• Administering and maintaining personnel records;
• Paying and reviewing your remuneration and other benefits;
• Communicating with you by email, instant message, or telephone;
• Undertaking performance appraisals and reviews;
• Providing general support necessary in the course of employment (e.g. arranging travel, paying expenses and providing company credit cards);
• Securing access to services necessary so that you can carry out your employment duties (e.g. bank account access, training); and
• Carrying out our day to day business as necessary.
To pursue our legitimate interests in evaluating prospective employees, having an inclusive and diverse workforce, and engaging in legal disputes, we may use your personal data for the following activities:
• During the recruitment process, to process and store information that you or a recruiter provides in connection with an available role, to communicate with you and in some cases to use a referencing service to contact your referees;
• To ensure meaningful equal opportunity monitoring and reporting; and
• To deal with any legal disputes involving us, you, or other employees, workers and contractors.
To comply with our legal obligations, we may use your personal data for the following activities:
• To comply with employment and other laws or to carry out our obligations as a regulated financial services firm;
• To ensure your health and safety in the workplace and to assess your fitness to work, to provide appropriate workplace adjustments, to monitor and manage sickness absence;
• Providing references and information to government agencies for tax and social security purposes;
• Checking you are legally entitled to work; and
• Participating in audits or investigations we are required to do or be subject to by law.
We may process your personal data when you provide your consent such as when you direct us to provide details to a third party for the purposes of an application (e.g. to a bank for a mortgage application).
Less commonly, we may use special category or criminal offence data where it is necessary to protect your interests (or someone else’s interests) and you are not capable of giving your consent.
4. Sharing your data
Seedrs will need to share your personal data internally (both in the country where you work and in other countries in which we have operations) and may be required to share it with some external parties or associates of Seedrs. Your information will only be shared if it is necessary or required.
We may have to share your data with third parties including regulators or other government bodies, and third-party service providers, in accordance with the purposes of processing set out above. All such external third-parties are required to take appropriate security measures to protect your personal data in line with our policies and the law.
Which third-party service providers process my personal data? We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions. The following categories of third-party service providers may process personal data about you:
• HR recruitment and performance management;
• Payroll, pension and benefits providers;
• Platform operations providers including cloud hosting, process and log management, data analysis, and task automation;
• Consultancy firms such as in the legal, financial or advertising industries;
• Workplace training providers;
• Image processing;
• Online workplace tools such as email and calendar hosting, electronic document signing, password managers, event managers, online advertising tools, and internal communication and intranet;
• Customer support;
• Social media channels and management;
• Business development management, business intelligence, and marketing tools;
• Identity verification providers; and
• Security, fraud, and platform performance monitoring and detection.
Transferring information outside the UK or EU. We may transfer the personal data we collect about you outside the UK or EU in order to perform our contract with you. We ensure that any organisation based outside the UK or EU employs adequate protections, such as the EU model contract clauses, over any international transfers of personal data. If you require further information about these protective measures, you can request it from firstname.lastname@example.org.
5. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We also have procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
6. How long will you use my information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer an employee or worker of the company we will retain and securely destroy your personal data in accordance with applicable laws and regulations.
7. Your rights
By law, in certain circumstances, you have the right to:
• Request access to your personal data (commonly known as a “data subject access request”);
• Request correction of the personal data we hold about you;
• Request erasure of your personal data;
• Object to processing of your personal data;
• Request the restriction of processing of your personal data;
• Request transfer of your personal data to another party;
• Withdraw consent where you have given this in relation to your personal data; and
• Lodge a complaint with the Financial Conduct Authority or the Information Commissioner’s Office.
8. Communicating with us
If you wish to make a notification to us, or have any questions about this Privacy Notice, please email email@example.com.