This privacy notice is designed to provide information about our practices concerning the collection, use and disclosure of personal information in the course of our employment practices. During the course of our employment practices we collect, store and process personal information about prospective, current and former employees, partners and workers. Personal information is any data from which an individual can be identified.
Browne Jacobson is made up of Browne Jacobson LLP and Browne Jacobson Ireland LLP. When we mention ‘Browne Jacobson’, ‘we’, ‘us’ or ‘our’ in this privacy notice, we are referring to the relevant business responsible for processing your data. You will be informed which entity is processing your personal data as your employer, however your personal data may be processed by the other business from time to time.
Please read this notice carefully and contact us if you have any queries by emailing us at: email@example.com or by writing to:
The People Director
Browne Jacobson LLP
Castle Meadow Road
+44 (0)115 976 6000
+44 (0)115 947 5246
This privacy notice may change from time to time so we recommend that you review it periodically. This version of the privacy notice was last updated in December 2022.
This privacy notice applies to all persons whose personal information we collect and process in connection with our employment practices. This includes applicants, employees (and former employees), workers (including agency and casual workers and contractors), partners (and former partners), and those carrying out placements and work experience.
In order to carry out our employment practices we process data in relation to:
We use different methods to collect personal information from and about you, including:
You may voluntarily provide us with your personal information, for instance when you:
Information may also be provided by your manager or peers.
Third party sources
We may collect personal information from the following third party sources:
Automated technologies or interactions
We are trained to handle your information correctly and protect your confidentiality and privacy. Your personal information may be stored in different places, including in your electronic personnel file, our HRIS (PeopleXD), Objective Manager and in other IT systems including our email system. These systems are secure and only those who require access to carry out their job role are authorised to access this information. Your information is never sold for commercial purposes and only processed for marketing purposes where we have your consent to do so.
Your information is never sold for commercial purposes and only processed for marketing purposes where we have your consent to do so.
We process personal information in connection with our employment practices for the following purposes:
When processing personal data we comply with the data protection principles and our own data protection policy. We will only disclose the personal data we receive in connection with our employment practices where necessary and where we are satisfied that the data will be adequately protected. Third parties we disclose such data to include:
Where we engage third parties to process personal data on our behalf, we do so on the basis of a contract that is compliant with data protection legislation and requires that those third parties will only process your personal data on our written instructions, are under a duty of confidentiality, and are obliged to implement appropriate technical and organisational measures to ensure the security of your personal data.
We may transfer personal data outside the UK or the EEA where adequate protection measures are in place in compliance with data protection laws.
We share your personal data within the business. This will involve transferring your data outside the UK or the EEA, as applicable.
Whenever we transfer your personal data outside the UK or EEA, as applicable, we ensure that at least one of the following safeguards is in place, as applicable:
We retain personal data in accordance with our retention and destruction schedule, a copy of which can be found here.
We are strongly committed to data security and take appropriate steps to protect the personal information we hold from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic and managerial procedures to safeguard and secure that information. Further details can be found in our data protection policy.
Data protection law requires us to have a legal basis for processing your information. In most cases we will only process your personal information:
When processing personal data we comply with the data protection principles and our own data protection policy. By doing so, we consider that the interests and fundamental freedoms of people whose personal data we process do not override the pursuit of our legitimate interests in relation to our employment practices.
Whilst the majority of processing of personal data in relation to our employment practices will not require consent, we will inform you if your consent is required and seek that consent before any processing takes place. In the limited circumstances where you have provided your consent to the collection, processing and transfer of personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.
In most cases we process personal data that falls into one of the special categories specified by the General Data Protection Regulation where necessary to perform or exercise our legal rights and obligations under the law relating to employment, social security or equalities, for the purposes of occupational medicine or for the establishment, exercise or defence of legal claims. We may also process special category data where necessary in your vital interests and where you are unable to give consent.
Where we process special category data for the purposes of monitoring or business analysis we will do so on an anonymised basis.
If we process your personal data, you have a number of rights. You may request a copy of the personal data we hold about you (and request that that data be provided in a portable format) and you may object to our processing of it or ask us to rectify it, restrict the way in which we process it or erase it from our records. For further information about your rights, or how to exercise them, please contact us using details above.
Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting the Legal Director - Risk & Compliance in the first instance by using the contact details below. If we are unable to resolve your concerns and you remain dissatisfied, you have the right to complain to the relevant supervisory authority.
In the UK the relevant supervisory authority is the Information Commissioner’s Office (ICO). The ICO’s contact details are available here: https://ico.org.uk/concerns.
In Ireland the relevant supervisory authority is the Data Protection Commission (DPC). The DPC’s contact details are available here: www.dataprotection.ie.
Our UK representative is Browne Jacobson LLP. You may contact our representative at:
Risk & Compliance Director
Browne Jacobson LLP
Castle Meadow Road
or by emailing firstname.lastname@example.org
Our EU representative is Browne Jacobson Ireland LLP. You may contact our representative at:
Jeanne Kelly, Partner
Browne Jacobson Ireland LLP
6-7 Fitzwilliam Square