Policies

Employment information privacy notice

The University of Leicester is the Data Controller for your employment information.

This privacy notice explains how we use your personal information, and your rights regarding that information.

What information are you collecting?

The organisation collects and processes a range of information about you. This includes:

  • personal contact details such as your name, date of birth, title, address, email address and other contact details;
  • the terms and conditions of your employment;
  • details of your qualifications and employment history with previous employers and with the organisation;
  • information about your remuneration, including entitlement to benefits such as pensions or insurance cover;
  • details of your bank account and national insurance number;
  • information about your dependants and emergency contacts;
  • information about your nationality and entitlement to work in the UK;
  • information about your criminal record (if required for your role);
  • details of your working hours, attendance at work, periods of leave taken by you and the reasons for the leave;
  • details of any disciplinary or grievance procedures in which you have been involved, including any warnings issued to you and related correspondence;
  • assessments of your performance and details of training you have participated in;
  • information about medical or health conditions, including whether or not you have a disability for which the organisation needs to make reasonable adjustments;
  • details of trade union subscriptions when taken directly;
  • equal opportunities monitoring information;
  • in some departments, workload and work allocation is maintained

The organisation collects this information in a variety of ways. For example, data is collected through application forms or CVs; obtained from your passport or other identity documents; from forms completed by you at the start of or during employment; from correspondence with you; or through interviews, meetings or other assessments.

In some cases, the organisation collects personal data about you from third parties, such as references supplied by former employers, information from employment background check providers and information from criminal records checks permitted by law.

Data is stored in a range of different places, including in your personnel file, in the organisation's HR management systems and in other IT systems (including the organisation's email system).

Why are you collecting my data?

The University holds information about members of staff in order to manage staff recruitment, probation, development, safety, reward, discipline and other functions such as security, equal opportunities and welfare.

In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations. For certain positions, it is necessary to carry out criminal records checks to ensure that individuals are permitted to undertake the role in question.

Some special categories of personal data, such as information about gender, health or medical conditions, is processed to carry out legal obligations (such as those in relation to employees with disabilities and for health and safety purposes). With your consent this information may also be shared with Occupational Health to ensure that the organisation can help support you with your absence or facilitate your return to work.

Where the organisation processes other special categories of personal data, such as information about ethnic origin, sexual orientation, health or religion or belief, this is done for the purposes of equal opportunities monitoring. Data that the organisation publishes for these purposes is anonymised. Employees are entirely free to decide whether or not to provide such data and there are no consequences of failing to do so.

How will you use this data?

The University processes staff personal data in order to:

  • Pay your salary
  • Review staff performance
  • Assess suitability for promotion
  • Monitor absence and sickness records in accordance with HR policy
  • Enable staff to undertake their roles
  • Publish online staff directories of basic contact details
  • For academic staff only, record the individual's research activities in the research tool IRIS

What is the legal basis for processing the data?

The legal basis for processing personal data is the employment contract between the University and the individual, and where necessary where processing is necessary for compliance with the University’s legal obligations.

Where special category data is processed the legal basis is where it is necessary for the purposes of compliance with the University’s legal obligations such as equal opportunities monitoring, and where processing is necessary for the purpose of occupation medicine, or the assessment of the working capacity of the employee.

If you are sharing my data with others, who are you sharing it with?

Information is passed between various sections of the University for operational reasons (for example, the HR Division notifies changes of personnel to the Library, IT Services and other units on a ‘need to know’ basis).

Information may be disclosed to external agencies to which the University has obligations such as:

Information may be shared outside of the UK for selected staff with roles based outside of the UK.

How long will you process the data for?

We retain employee data for 6 years from the end of employment as outlined in the University’s retention schedules.

What are my rights and how can I enforce them?

  • Right to be informed
  • Right of access
  • Right of rectification
  • Right to restrict processing
  • Right to data portability
  • Right to object if your data is used for direct marketing purposes

How do I complain to the Information Commissioner’s Office?

The Information Commissioner can be contacted on:

  • Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK95AF
  • 0303 123 1113
  • ICO website

Back to top
MENU