INTRODUCTION
We, Science in Sport (SIS), are data controllers for your personal data. We take the protection of your personal data very seriously and strictly adhere to the rules laid out by data protection laws and the General Data Protection Regulation (GDPR-EU and GDPR-UK).
This privacy notice gives you information on how we collect and process your personal data at recruitment.
We have appointed a data protection officer (DPO) responsible for monitoring and providing guidance with our GDPR status. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the contact information in section 13 of this privacy notice.
WHY WE COLLECT YOUR PERSONAL INFORMATION
We collect your personal data for one of the following purposes:
- To manage communications between you and us
- Where we need to perform the contract we have entered into with you
- To follow our recruitment process and determine eligibility for the advertised role
- To check your eligibility to work
- To validate your qualifications and employment history
- For equal opportunities monitoring
LAWFUL BASIS OF PROCESSING INFORMATION
We only collect and use personal information about you when the law allows us to. Most commonly, we use it where:
- The processing is necessary for compliance with a legal obligation to which the controller is subject
- It is necessary for our legitimate interests (or those of a third party) namely facilitating and enabling the management of all matters relating to the recruitment process and our business, but only where your interests and fundamental rights do not override those interests.
- If the processing is necessary for the performance of a contract
WHAT INFORMATION WE COLLECT AND WHERE FROM
We collect personal information from you when you apply for a role with SIS. The categories of personal information that we may collect, store and use about you may include:
- Name, address, telephone number, email.
- Employment history
- Qualifications & Training history
- Copies of your CV and covering letters
SPECIAL CATEGORY DATA
We may collect the following special category data from you:
- Disability details
- Ethnicity
- Right to work documentation (that including Biometric data)
We will only process special category data where we have an Article 9 exception allowing us to do so, in this case, it will be explicit consent as per Article 9 Paragraph 2a of the GDPR.
THIRD PARTY COLLECTION OF PERSONAL DATA
We may also collect your data through third parties such as recruitment websites and consultants if you applied for a role via these methods or by using a third-party source such as Facebook or LinkedIn, and that SIS may use external sourcing-tools to add additional information.
Additionally, we may collect information from former employers, background check providers and credit refence agency if relevant to the role. We will inform you if such checks are required before collecting any further information.
HOW LONG WE KEEP INFORMATION
We pride ourselves on ensuring that your personal data is only retained for the period that we need it for, or in accordance with laws, regulations, and professional obligations that we are subject to. All personal information collected has a defined retention period, which is in-line with our retention policy. If you would like to find out how long your information is being retained, please refer to the contact details in the "additional information", section of this policy.
SECURITY OF PERSONAL INFORMATION
We take the responsibility of protecting your privacy very seriously and we will ensure your data is secured in accordance with our obligations under the Data Protection laws. We have in place technical and organisational measures to ensure personal information is secured and to prevent your personal data from being accessed in an unauthorised way, altered or disclosed. The processing of your personal data will only take place subject to our instruction.
We have policies and procedures to handle any potential data security breaches and data subjects, third parties and any applicable regulators will be notified where we are legally required to do so.
We have ensured that all employees have had information security and data protection training. If you would like more details of the security we have in place, please refer to the contact details in the "additional information", section of this policy.
YOUR INDIVIDUAL RIGHTS
In this Section, we have summarised the rights that you have under General Data Protection Regulation. Some of the rights are complex, and not all the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights under General Data Protection Regulation are:
- Right to Object
- Right of Access
- Right to be Informed
- Right to Rectification
- Right to Erasure
- Right to Restrict Processing
- Right to Data Portability
If you have any questions about these rights, please refer to the contact details in the "additional information", section of this policy.
FAILURE TO PROVIDE PERSONAL INFORMATION
Where we need to collect personal data by law or in order to process your instructions or perform a contract we have with you and you fail to provide that data when requested, we may not be able to carry out your instructions or perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our engagement or contract you have with us, but we will notify you if this is the case at the time.
AUTOMATED DECISION MAKING
Your personal data is not used in any automated decision making (a decision made solely by automated means without any human involvement) or profiling (automated processing of personal data to evaluate certain conditions about an individual).
TRANSFERS TO THIRD PARTIES
SIS may disclose your personal data, listed in section 4 to some third parties to help us perform our day-to-day activities. All third parties are contractually bound to protect the personal data we provide to them. We may use several or all of the following categories of recipients:
- Business partners, suppliers, contractors for the performance of any contract we enter into with them or you
- Companies where necessary for administrative purposes and to provide services to you
- Third parties that support us to provide products and services e.g. IT support, cloud-based software services, providers of telecommunications equipment, training providers
- Recruitment service providers
- Third parties involved in mergers and acquisition or funding activities
TRANSFERS OUTSIDE OF THE UK
In this section, we provide information about the circumstances in which your personal data may be transferred and stored in countries outside the UK.
We may share personal information with third parties outside of the UK. Any personal information transferred will only be processed on our instructions and we ensure that information security at the highest standard would be used to protect any personal information as required by the Data Protection laws.
Where personal data is transferred outside of the UK to a country without an adequacy decision, we will ensure appropriate safeguards are in place prior to the transfer. These could include:
- Standard Contractual Clauses with UK addendum
- International data transfer agreement
- Binding Corporate Rules
- An exception as defined in Article 49 of the EU/UK GDPR
For more information about transfers and safeguarding measures, please contact us using the information in section 13.
RIGHT TO COMPLAINT
We take any complaints about our collection and use of personal information very seriously.
If you think that our collection or use of personal information is unfair, misleading, or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.
To make a complaint, please contact us via email on dpt@sisplc.com
Alternatively, you can contact us:
By Post:
SIS Data Protection: 2nd Floor, 16-18 Hatton Garden, Farringdon, London EC1N 8AT, United Kingdom
Alternatively, you can make a complaint to the Information Commissioner’s Office:
By Post:
Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
By Website: Click Here
By Email: Click Here
By Phone: 0303 123 1113 (Local rate) or 01625 545 745 (National rate)
ADDITIONAL INFORMATION
Your trust is important to us. That is why we are always available to talk with you at any time and answer any questions concerning how your data is processed. If you have any questions that could not be answered by this privacy policy or if you wish to receive more in-depth information about any topic within it, please contact our DPO via email dpt@sisplc.com
POLICY REVIEW AND AMENDMENTS
We keep this notice under regular review. This notice was last updated 08/01/2023.
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may notify you in other ways from time to time about the processing of your personal information.
