Who are we?
We are the Joseph Rowntree Foundation (JRF) & Joseph Rowntree Housing Trust (JRHT). We are a registered charity in England and Wales (number 210169) and the address of our head office is: The Homestead, 40 Water End, York, YO30 6WP.
What Information do we ask for, and why?
All of the information you provide during the recruitment process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements where necessary.
We will not share any of the information you provide during the recruitment process with any third parties. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format. It will be used by the recruitment team, the people team and the hiring manager only.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role that you have applied for in line with the job description and person specification.
We do not collect more information than we need in order to fulfil our stated purposes and will not retain it for longer than is necessary.
The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t.
We will ask for your personal details including:
- Name and contact details
- Your previous experience and education
- Your referees
- Answers to questions relevant to the role you have applied for.
Our recruitment team will have access to all of this information, as well as the hiring manager.
You will also be asked to provide equal opportunities information. This is not mandatory information – if you don’t provide it, it will not affect your application. This information will not be made available to any staff outside of our recruitment team, including hiring managers, in a way which can identify you. Any information you do provide, will be used only to produce and monitor diversity statistics.
You will be asked to complete a criminal records declaration to declare any unspent convictions.
If you are unsuccessful following either shortlisting or interview/assessment for the position you have applied for, we will only keep the personal data you provided for the application process for a period not longer than 12 calendar months from when we last processed your application.
We may on occasion ask if you would like your details to be retained in our talent pool for the purposes of contacting you in the future should other suitable vacancies arise. This would be for an initial period of 12 months after which we would contact you again to ask the same question. Should we receive no response to this request then your details will be removed subject to the paragraph above.
If we make a conditional offer of employment, we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.
You will therefore be required to provide:
- Proof of your identity – you will be asked to attend our office with original documents, we will take copies.
- Proof of qualifications – you will be asked to attend our office with original documents, we will take copies.
- We may (dependent upon role) contact you to complete a request for the Disclosure and Barring Service. You will be sent an electronic link to facilitate this in addition to providing original forms of ID that are destroyed once the check is complete. In addition to providing original forms of ID for this purpose that will be destroyed once a DBS number has been issued.
- We will contact your referees, using the details you provide in your application, directly to obtain references and information on your trustworthiness, integrity and reliability.
- We will ask you to complete a questionnaire about your health. This is to establish your fitness to work. The Occupational Health form may be shared with Occupational Health providers who may ask for access to your GP records.
Confirmed, unconditional offer of employment
If we make a final offer, we will ask you for the following:
- Bank details – to process salary payments
- HMRC starter checklist – to ensure you are placed on the right tax code and where applicable any student loan data is captured.
- Emergency contact details – so we know who to contact in case you have an emergency at work.
This information will remain in the HR Department and will be retained as part of your personnel file.
As your employer, the company needs to keep and process information about you for employment purposes.
The information we hold and process will be used for our management and administrative use only. We will keep it and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately, during the recruitment process, whilst you are working for us, at the time when your employment ends and after you have left. This includes using information to:
- Enable us to comply with the employment contract.
- Enable us to comply with any legal requirements.
- Pursue the legitimate interests of the company and protect our legal position in the event of legal proceedings.
- Complete Health and Safety associated documentation (please refer to the Health and Safety retention table within the “how long do we keep your information” section.
We may also need to use certain information in order for Finance to process invoices relating to, for example, a training course, for processing of individual payments, applications for bank, credit and purchasing cards (role dependent) and to access internally used financial systems.
Much of the information we hold includes:
- Your application form
- Your contract of employment and any amendments to it
- Correspondence with or about you, for example letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary
- Information needed for payroll, benefits and expenses purposes
- Contact and emergency contact details
- Records of holiday, sickness and other absence
- Information needed for equal opportunities monitoring policy
- Records relating to your career history, such as training records, appraisals, other performance measures and, where appropriate, disciplinary and grievance records.
Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes. This information will be used in order to comply with our health and safety and occupational health obligations – to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate. We will also need this data to administer and manage statutory and company sick pay. In addition, we may use this information to monitor and produce (for our own use) reports relating to absence levels across the organisation.
How we hold your personal information
Your data will be processed by our staff, who are all based in the UK. The data we process may be held internally on our own managed systems, externally on cloud based services or on the systems of partners who process information on our behalf.
We are committed to storing data securely wherever it is held, and ensuring it is only accessible to authorised personnel. Where data is stored on partner systems we expect them to adopt security practices aligned with our own and to be GDPR compliant.
Who we share it with
Our recruitment team will have access to all of the information during the recruitment process, as well as the HR team. The hiring manager will also have access to some of the data as outlined during the recruitment process.
We may disclose specific information when required to do so by government bodies, law enforcement bodies and regulatory authorities such as the HMRC. We will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you, for instance we may need to pass on certain information to the pension provider, health insurance schemes.
We may share the personal information of JRF and JRHT Directors and of the five highest paid non-executive employees with the US Tax authorities for the purpose of maintaining our status as an exempt foreign private foundation which minimises the tax withheld on income arising from our US investments.
Transferring your information outside the European Economic Area (EEA)
We will only transfer your personal data out of the EEA if at least one of the following applies:
- The European Commission has made an ‘adequacy decision’ about the country or organisation, regarding the legal framework in place in that country or organisation for the protection of individuals’ personal data as adequate.
- They are a US company covered by the EU-US Privacy Shield framework.
- That the transfer of information is covered by appropriate safeguards, which are listed in the GDPR
- We have your explicit consent to the transfer of your data.
What happens when you leave your employment with JRF/JRHT
Should you leave our employment, we are required to keep any data that relates to PAYE (pay as you earn), for a period of 7 years after the end of the tax year from the date of leaving. A full list of retention dates of documents that may have been held on your staff file can be found on the table overleaf.
Your documents will be held electronically and when required (in line with retention periods), destroyed securely and in line with GDPR compliance.
How long we keep your information
|Item Description||How Long Do We Keep It?|
|Application Form||12 months* on Recruitment File Destroyed 7 years from date of leaving employment|
|CV||12 months* on Recruitment File|
|Equal Opportunities Monitoring Form||Input on electronic system and destroyed immediately|
|References||Held on electronic staff file. Destroyed 7 years from leave date|
|Pre-employment Health Declaration||Held on electronic staff file. Destroyed 7 years from leave date|
|Professional Reg Details (NMC Pin etc)||Held on electronic staff file. Destroyed 7 years from leave date|
|DBS details – (Disclosure No, date of issue, processing date & reference No’s)||Held on electronic staff file. Destroyed 7 years from leave date|
|DBS ID||Held on electronic staff file. Destroyed 7 years from leave date|
|Right to work documents||Held on electronic staff file. Destroyed 7 years from leave date|
|Exam Certificates relevant to the role||Held on electronic staff file. Destroyed 7 years from leave date|
|Training Records||Held on electronic staff file. Destroyed 7 years from leave date|
|Offer Letter & signed employment contract||Held on electronic staff file. Destroyed 7 years from leave date|
|New Starter Form||Held on electronic staff file. Destroyed 7 years from leave date|
|Contractual Change Forms||Held on electronic staff file. Destroyed 7 years from leave date|
|Change of Contract Letter||Held on electronic staff file. Destroyed 7 years from leave date|
|Fit notes/Self Certs/Return to Work Forms||Held on electronic staff file. Destroyed 7 years from leave date|
|Occupational Health Reports||Held on electronic staff file. Destroyed 7 years from leave date|
|Absence Stage Management Meeting Information||Held on electronic staff file. Destroyed 7 years from leave date|
|Maternity/Paternity/Adoption/Parental Leave||3 years after the end of the tax year in which the leave ends|
|Informal/Formal Management Action||6 years|
|Purchase Ledger Invoices||7 years|
|Bank, credit & purchasing applications||Until application is complete|
|Names & Roles for access to financial systems||7 years|
|Delegated authority signatures||Retained for as long as in post|
Resignation / Leavers Form
|7 years after employment has ended|
|Exit Interview|| |
Destroy once answers anonymously logged
|Pensions Information||99 years|
(* 12 months from the last action on your application e.g. after shortlisting, after interview etc.)
|Item Description||How Long Do We Keep It?||Comments|
|H&S Strategy papers||6 yrs|
|Reports relating to accidental exposure to substances hazardous to health or potential exposure||40 yrs||Including medical reports subsequent to exposure – keep out all DLO records|
Individual health surveillance records
|Accident reports and investigations relating to you||6 yrs||Unless they include, or have the potential to include, exposure to hazardous substances|
|Accident reports relating to under 18’s||Up to age 21|
|H&S training records||3 yrs|
Risk Assessments (all except DSE)
|Legionella Risk Assessments containing the name of the employee performing the assessment & the name of the person responsible||2 yrs||From period covered by last assessment – therefore keep the assessment immediately prior to current|
|Legionella testing, monitoring, check records containing the name of the employee performing the assessment||5 yrs|
|DSE Assessments||2 yrs|
|Claims records||7 yrs||From date of last recorded action unless relating to persons under 18|
|Claims records (under 18’s)||Up to age 28|
|Major projects H&S||5 yrs|
|Workplace Inspections||6 yrs|
|Asbestos records for properties inc name of the staff member that is responsible||5 yrs after disposal of the property|
What are your rights?
Under the General Data Protection Regulation (GDPR) & the Data Protection Act 1998 (DPA) you have a number of rights with regard to your personal data.
You have the right to ask for a copy of the information we hold about you. You will need to make a formal request called a ‘subject access request’. To make a subject access request you must make your request in writing and provide proof of your identity.
If any of the information we hold is inaccurate or out of date, you have the right to have it corrected, updated or deleted by contacting our Data Protection Officer.
Questions and complaints
If you have any questions about the personal data we hold about you or how we use it you can contact our Data Protection Officer who will make every effort to help you.
Data Protection Officer
Joseph Rowntree Foundation
40 Water End
York YO30 6WP
Or by email at: [email protected]
If you are not satisfied with our response or believe we are not complying with the law when using your personal data, you can complain to the Information Commissioner’s Office.
Information Commissioner's Office
Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number
Last updated 28 September 2018