Recruitment homePlease log in below using your existing username and password - once logged-in, you will be presented with a menu of options.
If you have not already registered, then please register now.
For information on how we use and manage personal data, view our Privacy Policy.
Please review our privacy policy, before proceeding below. By clicking Accept you confirm that you have read and understand our Privacy Policy.
PRIVACY NOTICE Data controller: Gambling Commission Data protection officer: Alistair Quigley – Programme Director Support Services, ICT The organisation collects and processes personal data relating to its employees to manage the employment relationship. The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations. This privacy notice describes how we collect and use personal information about you during and after your working relationship with us, in accordance with the General Data Protection Regulation (GDPR). Who does this privacy notice apply to? It applies to all current and former employees, workers and contractors. This notice does not form part of any contract of employment or other contract to provide services. The organisation reserves the right to update this privacy notice at any time, and you will be provided with an updated copy when any substantial updates are made. It is important that you read this notice, together with any other privacy notice that may be provided on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why the organisation uses such information and what your rights are under data protection legislation. What information does the organisation collect? The organisation will collect, store, and use a range of your personal information including: • your name, address and contact details, including email address and telephone number, date of birth and gender; • the terms and conditions of your employment; • details of your qualifications, skills, experience, educational and employment history, including start and end dates, with previous employers and with this organisation; • information about your current and previous remuneration, including entitlement to benefits such as pensions and voluntary benefits; • details of your bank account, national insurance number and tax code; • information about your marital status and next of kin; • information about your nationality and entitlement to work in the UK (passport or birth certificate); • information about your driving licence and personal vehicle (only for roles where driving is involved); • information about personal financial history (in relation to roles where an employee has agreed to the advanced security clearance dependent on the role being undertaken); • details of your schedule (days of work and working hours) and attendance at work; • details of periods of leave taken by you, including holiday, sickness absence, family leave and sabbaticals, and the reasons for the leave; • details of any disciplinary or grievance procedures in which you have been involved, including any warnings issued to you and related correspondence; • assessments of your performance, including appraisals, performance reviews and ratings, training you have participated in, performance improvement plans and related correspondence; and • a personal photograph to allow entrance in out of the premises. The organisation may also collect, store and use the following "special categories" of more sensitive personal information to comply with legal obligations, and to enable the carrying out of required statutory checks: • information about your criminal record; • information about your race or ethnicity, religious beliefs, sexual orientation and political opinions collected from you in an anonymised equal opportunities monitoring form, or with your express consent which can be withdrawn at any time; • details of trade union membership to operate check-off for union subscriptions; and • information about your health, including any medical condition, health and sickness records, including whether or not you have a disability for which the organisation needs to make reasonable adjustments. How does the organisation collect and store your personal information? The organisation collects this information in a variety of ways. For example, data is collected through application forms, CVs or resumes; obtained from your passport or other identity documents such as your driving licence; from forms completed by you at the start of or during employment; from correspondence with you; or through interviews, meetings or other assessments. The organisation will collect additional personal information in the course of job-related activities throughout the period of your engagement. In some cases, the organisation collects personal data about you from third parties, such as references supplied by former employers, information from employment background check providers, information from credit reference agencies and information from criminal records checks permitted by law. The organisation seeks information from third parties with your consent only. Data is stored in a range of different places, including in your personnel file, in the organisation's People Services management systems and in other IT systems (including the organisation's email system). How will the organisation use your personal data? The organisation will only use your personal data when the law allows. Most commonly the organisation will use your personal data in the following circumstances: • To perform an employment contract (e.g. processing your data to pay you in accordance with your employment contract and to administer benefits, pension and any other employee entitlements). • To comply with a legal obligation. (e.g. to check your entitlement to work in the UK, to deduct tax, to comply with health and safety laws and to enable you to take any periods of leave to which you are entitled. • Where it is necessary for the organisation’s legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests: The situations in which the organisation will process your personal information are as follows: • running recruitment and promotion processes; • maintaining accurate and up-to-date employment records and contact details (including details of who to contact in the event of an emergency), and records of employee contractual and statutory rights; • operating and keeping a record of disciplinary and grievance processes, to ensure acceptable conduct within the workplace; • operating and keeping records of employee performance and related processes, to plan for career development, and for succession planning and workforce management purposes; • operating and keeping records of absence and absence management procedures, to allow effective workforce management and ensure that employees are receiving the pay or other benefits to which they are entitled; • obtaining occupational health advice, to ensure compliance with duties in relation to individuals with disabilities; • meeting obligations under health and safety law; • ensuring that employees are receiving the pay and benefits to which they are entitled; • operating and keeping records of other types of leave (including maternity, paternity, adoption, parental and shared parental leave), to allow effective workforce management, to ensure that the organisation complies with duties in relation to leave entitlement, and to ensure that employees are receiving the pay or other benefits to which they are entitled; • ensuring effective general People Services and business administration; • monitoring your use of the organisation’s information and communication systems to ensure compliance with IT policies; • providing references on request for current or former employees; • responding to and defend against legal claims; and • maintaining and promoting equality in the workplace. Where the organisation relies on legitimate interests as a reason for processing data, it has considered whether or not those interests are overridden by the rights and freedoms of employees or workers and has concluded that they are not. The organisation will only use your personal information for the purposes for which it was collected, unless the organisation reasonably considers that there is a need to use it for another reason and that reason is compatible with the original purpose. You will be notified if the organisation needs to use your personal information for an unrelated purpose, and you will be informed of the legal basis under which this is permitted. Special categories of personal information require higher levels of protection. The organisation needs to have further justification for collecting, storing and using this type of personal information. The organisation may process special categories of personal information in the following circumstances: • In limited circumstances, with your explicit written consent. • Where the organisation needs to carry out legal obligations or exercise rights in connection with employment. • Where it is needed in the public interest, such as for equal opportunities monitoring or in relation to an occupational pension scheme • Where it is needed to assess your working capacity on health grounds, subject to appropriate confidentiality safeguards • Less commonly, the organisation may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public. The organisation does not need your consent if special categories of your personal information data are used in accordance with the organisation’s written policy to carry out legal obligations or exercise specific rights in the field of employment law. In limited circumstances, you may be asked for your written consent to allow the organisation to process certain particularly sensitive data. If so, you will be provided with full details of the information requested and the reason for the request, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us. Information about criminal convictions The organisation may only use information relating to criminal convictions where the law allows. This will usually be where such processing is necessary for the organisation to carry out its obligations and provided that this is done so in line with our Security Clearance Policy which can be found on Hive, our intranet. In line with this policy the organisation will collect information about criminal convictions as part of the offer process or may be notified of such information directly by you in the course of you working for the organisation. The organisation is allowed to use your personal information in this way to carry out our obligations to HMS. Less commonly, the organisation may use information relating to criminal convictions where it is necessary in relation to legal claims, where it is necessary to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public. Who has access to data? Your information will be shared internally, including members of the People Services team and your line manager. Some of your information may be available to other managers and Directors in the business area in which you work. The organisation shares basic personal information, such as your name and date of birth, with third parties in order to obtain pre-employment references from other employers, obtain employment background checks from third-party providers and obtain necessary criminal records checks from the Disclosure and Barring Service. The organisation also shares your data with third parties that process data on its behalf in connection with payroll, the provision of benefits and the provision of occupational health services. The organisation will not transfer your data to countries outside the EU. How does the organisation protect data? The organisation takes the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. If you require more information on this then please speak to a member of the People Services team. Where the organisation engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data. We have received written confirmation from them on their approach to data security and processing under the GDPR. The organisation has put procedures in place to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where legally required to do so. For how long does the organisation keep data? The organisation will hold your personal data in accordance with our Data Retention Policy, which can be provided on request. In some circumstances the organisation may anonymise your personal information so that it can no longer be associated with you. In this case the information may be used without further notice to you. Your rights of access, correction, erasure, and restriction As a data subject, you have a number of rights under certain circumstances. You can: • access and obtain a copy of your data on request; • require the organisation to change incorrect or incomplete data; • require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; • object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing; and • ask the organisation to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the organisation's legitimate grounds for processing data. If you would like to exercise any of these rights, please contact People Services in writing. You can make a subject access request by completing the organisation's form which is available online or via People Services. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact People Services in writing. Once your notification that you have withdrawn your consent has been received, the organisation will no longer process your information for the purpose or purposes you originally agreed to, unless it has another legitimate basis for doing so in law. If you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner. What if you do not provide personal data? You have some obligations under your employment contract to provide the organisation with data. In particular, you are required to report absences from work and may be required to provide information about disciplinary or other matters under the implied duty of good faith. You may also have to provide the organisation with data in order to exercise your statutory rights, such as in relation to statutory leave entitlements. Failing to provide the data may mean that you are unable to exercise your statutory rights. Certain information, such as contact details, your right to work in the UK and payment details, have to be provided to enable the organisation to enter a contract of employment with you. If you do not provide other information, this will hinder the organisation's ability to administer the rights and obligations arising as a result of the employment relationship efficiently. Automated decision-making You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless the organisation has a lawful basis for doing so and you have been notified of this.