When providing this information to us, Credence is the Data Processor and your employer is the Data Controller. Credence recognises the importance of looking after your data: keeping it secure and only using it for the purpose for which we have been engaged. This document explains in more detail what information we require, what we will do with your data and what you can expect from us. It will also explain your rights under the Data Protection Act 1998.
Our online screening form is designed only to collect the information necessary in order to carry out the background checks that your current or future employer has asked us to undertake. In doing so it is important that you complete the form, providing as much information as possible to help us complete the screening process as quickly as possible.
In the course of our work we also collect information from other private and government organisations in order to do your background screening.
Credence will only disclose your personal information to people and private and government organisations for the purpose of undertaking background screening checks in accordance with the agreement with our client.
We will only use this information for the purpose for which it is collected: specifically, we will not sell this information or use it for marketing purposes.
In the course of processing your data it may be necessary for us to transfer some of it to other countries, including those outside the EEA. Before doing so we will ask your permission which is included in the Consent you are asked to sign prior to us commencing your background screening. If we need to send your personal data outside the EEA, we will only send the information required to complete that element of your background screening.
We have taken measures to ensure your data is protected from unauthorised access. Your data is stored in a secure ISO 27001 data centre located in the UK. Access to our online system is through unique user ids and passwords. Access to the internal processing application is linked to authorised IP addresses only. All personal data is encrypted.
In line with Data Protection regulations we will only keep your data in a form that permits identification of you for no longer than is necessary. This period is defined by the agreement between your employer/future employer and us. All personal data older than the agreed period is removed from our systems.
Once you have provided your data you will be asked to also provide your consent for us to undertake your background screening. You can, at any time, withdraw your consent and we will immediately cease processing any of your data. We will notify your current or future employer that you have withdrawn your consent. To withdraw your consent you should notify Credence or the Data Controller. Credence’s contact details are included in the invitation email that you received with the link to this screening process.
Where we are made aware of personal or sensitive personal data that has been processed by Credence that is incorrect, we will take reasonable steps to investigate whether the information is incorrect and, if so, update our records to reflect the correct position. We will also notify details of the changes to any parties with whom we have shared the data.
If you have any questions in connection with this Privacy Statement or concerns regarding privacy issues then email us at dpo(@)credence.co.uk or write to us at the following address:
Data Protection Officer,
1 Suffolk Way,
Kent TN13 1YL.