CF FERTILISERS UK LIMITED

JOB APPLICANT PRIVACY NOTICE

CF Fertilisers UK Ltd (“CF Fertilisers”, we”, “us”, “our”) of Ince, Chester CH2 4LB, in our capacity as your prospective employer, is a data controller of your personal information. We are committed to protecting your privacy under data protection laws when we process your personal information.

 

WHO SHOULD READ THIS PRIVACY NOTICE?

This privacy notice applies to all job applicants (“YOU”) whose personal information we collect or process. We will use personal information only for the purposes mentioned in this privacy notice.    

 

how to contact us 

Any questions regarding our Privacy Policy should be directed to our Data Protection Officer at CF Fertilisers UK Limited at or alternatively you can contact the talent and recruitment manager at our Ince Head Office. Contact details are on the location pages of our website www.cfcareers.co.uk .

 

What kinds of personal information about you do we process?

We may receive and process personal information about you as set out in Annexe 1.

 

SOURCES OF THIS personal information

We may collect your personal information from you.  In addition, we may obtain it from the following sources:

Third party recruitment agencies or other educational institutions with whom you may be studying or associated with, from which we collect the following categories of data:

  •  CV, qualifications, and employment history data.
  • Screening information provided by Agenda Screening.
  • Your named referees, if successful in your application, from whom we collect the following categories of data; length of time known, relationship to you, job title, dates of employment, comments about your suitability
  • From other third parties where lawful to do so.   

 

What are the legal grounds for our processing of your personal information?

We process your personal information for particular purposes in connection with your prospective employment relationship with us and for the management and administration of our business.  Data protection laws require us to explain the legal grounds to justify our processing of your personal information.

 

For some processing activities as you will see from the lists below, we consider that more than one legal ground may be relevant.  This is not the case where we rely on your consent – we will not seek your consent where we do not need it.  However, this does not mean that alternative lawful reasons will not apply to justify our keeping of some personal information after you withdraw your consent.  For example if you consent to something, then withdraw that consent, we will still retain your personal information if we have to do that to keep a record for our legal or regulatory compliance purposes.  This is why in the lists below you will see the processing activities which we do based on your consent also mentioned in some other places.  

 

The lawful reasons are set out in Annexe 2.

 

DO YOU HAVE TO PROVIDE US WITH YOUR PERSONAL INFORMATION?

We cannot administer our relationship with you unless we have your personal information.  We have statutory reasons to obtain your personal information and this is because employment laws and other applicable laws mean we do have to collect information from you.  Where provision of personal information by you to us is optional, we will make this clear, for instance in application forms we will explain if some data fields are optional and can be left blank. 

 

IS YOUR PERSONAL INFORMATION TRANSFERRED OUTSIDE THE europan economic area (EEA)?

Personal Information is transferred by us to members of our Group who process it and who are based in the US.  It may in addition be transferred to other locations outside the EEA for example to our service providers if they or their servers are based there. When your personal information is processed within the EEA then it is protected by European data protection standards.  Some countries outside the EEA do not have adequate protection for personal information by law and this includes the US.  We will make sure that suitable safeguards are in place before we transfer your personal information to those countries. Safeguards can include contractual obligations imposed on the recipients of your personal information. Those obligations require the recipient to protect your personal information to the standard required in the European Economic Area. Safeguards can also include requiring the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing and where the framework is the means of protection for the personal information.

 

We have intra-company agreements in place within our Group, including in relation to transfers of your personal information to the US, which put in place safeguards for your personal information. 

 

MONITORING INVOLVING PROCESSING OF YOUR PERSONAL INFORMATION

In this section monitoring means any listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person face to face meetings and other communications.  We may monitor where permitted by law and we will do this where the law requires it.  Some of our monitoring may be to comply with regulatory rules, self-regulatory practices or procedures relevant to our business, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures, to have a record of what we have discussed with you and actions agreed with you, to protect you and to provide security for you (such as in relation to fraud risks on corporate customer accounts) and for quality control and staff training purposes.  Some of our monitoring may check for obscene or profane content in communications.

 

for how long is YOUR personal information retained BY US?

CF Fertilisers UK Limited will make every effort not to hold data longer than is reasonably necessary.  Unless we explain otherwise to you, we will hold your personal information for the periods as defined in the CF Retention Policy.

 

See below for reasons why we need to hold your personal information.

 

Retention in case of claims: Information in relation to unsuccessful candidates who do not currently work in the business will be destroyed after 12 months. For successful candidates or unsuccessful candidates who are already employed by CF , your personal information will usually be held by us for a period of 7 years from the date of termination of employment or other relationship with us and this is because you might legally bring claims against us during that time.  

 

Retention in accordance with legal and regulatory requirements:  We will retain it for longer than 7 years where we are required to do so by laws or regulations (e.g. some health and safety laws).   Please refer to our Retention Policy for further details. 

 

In addition, any personal information contained in any work related correspondence (such as emails) or other records may be retained for longer periods dependant on the retention period of the file that your personal information is held.  Please refer to our Retention Policy for further details. 

 

what are YOUR rights under data protection lawS?

Here is a list of the rights that all individuals have under data protection laws.   

 

  • The right to be informed about your processing of your personal information;
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed;
  • The right to object to processing of your personal information;
  • The right to restrict processing of your personal information;
  • The right to have your personal information erased (the “right to be forgotten”);
  • The right to request access to your personal information and to obtain information about how we process it;
  • The right to move, copy or transfer your personal information (“data portability”);
  • Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you (at this time we do not do this type of automated decision making but we need to tell you that this right does exist under data protection laws).

 

You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/.

 

Data anonymisation and use of aggregated information

Your personal information may be converted into statistical or aggregated data which cannot be used to re-identify you.  It may then be used to produce statistical research and reports. This aggregated data may be shared and used in all the ways described in this privacy notice.

 

WHO IS IN OUR GROUP?

As at the date of this privacy notice, the members of our Group are: CF Industries Inc.  You should check our intranet page from time to time in case of any changes to our Group.

 

ADDITIONAL INFORMATION ABOUT With whom information IS shared

CF Fertilisers UK Limited will not share, sell (except in a business restructuring scenario – see above) or rent your personal information to third parties. However, we may disclose your personal information to third party suppliers who provide services on our behalf, such as employment related benefits providers and other third parties in connection with benefits (such as pension trustees and payroll providers) and other more general service providers such as organisations and businesses who provide document storage and IT services to us.  Please refer to the ‘legitimate interests’ heading above where we mention this sharing in more detail.   

 

In addition we may provide your personal information to other organisations where you request (and consent) that we do this, for example to other companies and organisations when you have applied for a role there and where you list us as a referee .

 

CF Fertilisers UK Limited may disclose personal information if required to do so by law (e.g. to HMRC, the police, the Information Commissioner’s Office, courts of law) or if it believes that such action is necessary to protect and defend the rights, property or personal safety of CF Fertilisers UK Limited, employees, staff, agency workers and customers of our Services.

 

 

Annexe 1

What kinds of personal information about you do we process?

 

Contact Information

  • Name(s)
  • Address(es)
  • Email address(es)
  • Contact details including mobile telephone number(s)

Personal Information

  • Date of birth

Identity and Background Information

  • Details of education and qualifications and results
  • Career history
  • Passport information
  • Driving licence information
  • Psychometric test results
  • Right to work, residency and/or other visa information
  • Curriculum Vitae (CV) or resume and information contained in any associated correspondence
  • Image or photographs
  • Personal details contained in any application form
  • Hand written and computer generated evaluative notes and decisions from group activities, presentation, pre interview tasks and interviews
  • Preferences relating to job location and salary Conflicts of interests (including where related to family networks)
  • Information about your current level of remuneration, including benefit entitlements

Sensitive Information

  • Physical and mental health information (including occupational health requirements, day-to-day health concerns which we might ought to be aware of (e.g. if you are diabetic or epileptic), dietary requirements, allergies etc.
  • Image or photographs which reveal racial or ethnic origin or religious beliefs for instance

Security, Location and Access Information

  • Information (including image and biometric data) captured or recorded by electronic card access systems, CCTV and other security control systems

 

 

 

 

 

ANNEXE 2

 

What are the legal grounds for our processing of your personal information?

The lawful reasons are set out below. Each lawful reason is in bold underlined text and in summary these are: contract, legitimate interests, compliance with legal obligations; protecting vital interests; and consent.  Underneath each of these you will see additional headers which are also in bold text.  We use these additional headers only to make things clearer for you.  The lawful reasons themselves are in bold underlined text throughout. 

1)      Processing that is necessary to perform the employment contract or other services contract that we have with you:

Recruitment and workforce planning

a)       Assessing your skills, qualifications and suitability for the role

b)      Communicating with you about the recruitment or application process

c)       Keep records related to our hiring or application process

d)      Administering and complying with any potential employment or other contract;

e)      Administering any potential role that you perform for us;

f)        Keeping a record of your right to work in the UK (as relevant) and any other legal or regulatory requirements including reporting;

g)       Where relevant and permitted by law, verification and vetting including criminal background checks (as relevant);

Security and governance

h)      Monitoring the security of our physical premises and systems, networks and applications;

i)        Ensuring compliance with our policies and procedures;

Sharing with these other people and organisations based on our and/or their legitimate interests

  • Members of our Group;
  • Our legal and other professional advisers;
  • Governmental and regulatory bodies (e.g. HMRC, the Information Commissioner’s Office);
  • Law enforcement agencies including the police;

2)      Processing that is necessary to comply with our legal obligations:

Recruitment and workforce planning

a)       Keeping a record of your right to work in the UK (as relevant);

General employment management and administration

b)      Communicating with you and providing you with information from time to time;

c)       Determining whether any adjustments are necessary to enable you to carry out your role;

Security and governance

d)      Monitoring the security of our physical premises and systems, networks and applications;

e)      Preventing fraud and other crime;

Legal and regulatory compliance and responsibilities

f)        For compliance with legal and regulatory obligations and other governance obligations;

g)       For establishment, defence and enforcement of our legal rights or those of any other member of our Group, including complying with disclosure orders arising in civil proceedings;

h)      When we monitor emails, calls and other communications and activities

i)        Conducting internal investigations with respect to legal compliance, suspected misuse of or the general security of our assets and information such as fraud detection and prevention, including through the use of computer forensics;

j)        Conducting internal or external audits of our records and information, operations and legal compliance;

k)       Responding to employment and industrial relations matters where required by applicable law, including grievances, arbitrations, negotiations, elections and strikes;

l)        Observing your rights and the rights of other people in relation to the processing of your and/or their (as relevant) personal information;

Day to day business operations

m)    Supporting our diversity programmes and staff support networks and initiatives;

Sharing with these other people and organisations for compliance with our legal obligations

  • Law enforcement agencies and governmental and regulatory bodies such as HMRC, the Information Commissioner’s Office; and
  • Courts and to other organisations where that is necessary for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations.

 

3)      Processing with your consent:

 

a)       When you request that we share your personal information with someone else and consent to that (for instance, where you list us as a referee in a job application);

b)      Observing your rights and the rights of other people in relation to the processing of your and/or their (as relevant) personal information; and

c)       For some of our processing of special categories of personal information such as about your health or disability access needs in cases where we need your consent such as where employment law (or other applicable law) does not make this lawful already.

 

* (Note: For processing that is based on your consent, you have the right to take back that consent for future processing at any time. You can do this by contacting us (see below).  

 

Sharing with these other people and organisations with your consent

 

  • When you request that we share your personal information with someone else and consent to that (as above); and
  • Observing your rights and the rights of other people (for instance in response to their subject access request when we have consent (in cases where needed) to include comments you have made about them or other personal information identifying you).