Privacy Notice - Employee Data

This Privacy Notice provides details of the personal data we collect from you or about you, what we do with it, how you might access it and who it might be shared with.

This Privacy Notice also covers data we collect as part of our pre-employment checking.

What we do with your personal data

We will always process your data in accordance with the latest Data Protection Act. Your personal data is processed only in connection with your employment or employment application and for a number of administrative purposes. Many of these purposes are achieved using external platforms and providers acting on our instructions as our sub-processors:

  • Managing people processes such as recruitment, payment of salaries and pensions, performance management, health insurance, employee benefits, learning and development and disciplinary matters.
  • Providing facilities such as the IT service, compliance tracking, learning portals, expenses, travel management, vehicle management and transport management.
  • Monitoring usage of our IT systems for information security and data protection purposes.
  • Monitoring equal opportunities.
  • Preventing and detecting crime, such as using CCTV and using photographs on ID Cards.
  • Sharing ID data with building landlord access services and security.
  • Providing communications about news and events, such as through PIB Portal.
  • Maintaining contact with past employees.
  • Fundraising and Marketing.
  • Provision of wellbeing and support services.
  • Provision of benefit services and platforms
  • Compliance with legal obligations such as making external/statutory returns to HMRC and regulators.
  • Maintaining professional charters and memberships.
  • Any other purposes as are reasonably required by us for the performance of your contract to protect vital interests, for the performance of a task in the public interest, to comply with our legal obligations, in accordance with our legitimate business interest.
  • We may use your personal information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so

We may process sensitive personal data for a number of administrative purposes:

  • Equal opportunities monitoring.
  • Managing people processes such as absence management, parental leave and related pay schemes.
  • Managing a safe environment and ensuring fitness for work.
  • Provision of occupational health and wellbeing services to individuals.
  • Compliance with our health and safety and our occupational health obligations.
  • People management and administration, for example to consider how an employee’s health affects his or her ability to do his or her job and, if the employee is disabled, whether he or she requires any reasonable adjustment to be made to assist him or her at work.
  • The administration of insurance, pension, sick pay and any other related benefits.
  • In connection with unspent convictions to enable us to assess an employee’s suitability for employment.
  • Managing gender pay gap reporting and activity.
  • Referencing and screening checks for all new employees using our Group approved referencing sub-contractor.
  • Referencing and screening during employment as part of our ‘Good Repute’ Standards.
  • Our People Team responding to referencing and screening enquiries from third parties if appropriate.

What personal data do we collect?

The personal data we hold may include:

  • Information gathered about an employee and any references obtained during recruitment.
  • Details of terms of employment.
  • Payroll, tax and National Insurance information.
  • Performance information.
  • Details of grade and job duties.
  • Health records including any disabilities.
  • Absence records, including holiday records and self-certification forms.
  • Details of any disciplinary investigations and proceedings.
  • Learning & development records.
  • Vehicle data and insurance documentation.
  • Contact names and addresses including Next of Kin and family members if provided.
  • Correspondence with the company and other information provided to us.
  • Unspent conviction data.
  • Bank account details.
  • Video footage, testimonials, audio recording including CCTV and photographs within the office environment for news articles.
  • Copy of identification documents.
  • Pre-employment and during employment checking data such as references, visas, DBS data (or National equivalent), adverse financial history and directorships.

How do we look after personal data?

We only collect personal data that is required for the purposes of providing employment and employee services. We restrict, secure and control all of our information assets against unauthorised access, damage, loss or destruction; whether physical or electronic. We retain personal data only for as long as is necessary to perform the functions above and to respond to your requests, or longer if required by law, or if we need to retain the data to perform a contract.

If we retain your personal data for historical or statistical purposes we will ensure that the personal data cannot be used for any other purpose. Whilst in our possession, together with your assistance, we try to maintain the accuracy of your personal data.

How long is your personal data retained?

For unsuccessful job applications or those who do not accept a position with us, we will generally destroy your data after 6 months, unless you have requested that we retain your information for longer.

For recruited staff, except as otherwise permitted or required by applicable law or regulatory requirements, we will only retain your personal information for as long as we believe it is necessary to fulfil the purpose for which the personal information was collected (including, for the purpose of meeting any contractual obligations),  In most cases your data will be deleted after 7 years after you have left the company or as otherwise set out in accordance with our data retention schedule and/or required by law.

How can you access your personal data?

You have the right to request access to any of your personal data we may hold. If any of that information is incorrect, you can request that we change it. If we are not using your information correctly, you can, in some cases, request that we stop using it or that we delete it completely.

You can make a written or verbal request to obtain access to the data held about you. This is called a Subject Access Request. If you would like to make a request to see what personal data of yours we hold, you may make a request to our Data Protection Officer using the details above.

Where we have asked for your consent to use your personal data, you have the right to withdraw that consent at any time. If you withdraw your consent, we will stop using your personal data where legally possible. Any processing undertaken before your withdrawal remains valid and lawful.

Changes to our Privacy Notice

We keep our privacy notice under regular review and we will let you know about any updates. This version is 1.10.

Our Contact Information and Data Protection Officer

The Business Unit you work for is a subsidiary of PIB Group Limited
Our Data Protection Officer can be contacted directly here:

Data Protection Officer
PIB Group Limited
1 Minster Court
Mincing Lane
London, EC3R 7AA
dpo@pib-insurance.com
0330 058 9700

Our Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), contact details below:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Tel: 0303 123 1113
Web: https://ico.org.uk