Privacy notice - Ireland
Renishaw Ireland Limited
Applicant Privacy Notice
1. What is this document and why should you read it?
1.1 This privacy notice explains how and why Renishaw Ireland Limited and Renishaw plc including each of its operating entities (also referred to as “Renishaw”, “we”, “our” and “us”) uses personal data about individuals who apply to work with us either as employees, staff, contractors, trainees or consultants (referred to as “you”).
1.2 You should read this notice, so that you know what we are doing with your personal data. Please also read any other privacy notices that we give you, that might apply to our use of your personal data in specific circumstances in the future. There is a separate Staff Privacy Notice that will apply to you if you are offered employment or engagement by Renishaw.
1.3 This notice does not form part of your contract of employment or any other contract to provide services.
2. Renishaw's data protection responsibilities
2.1 “Personal data” is any information that relates to an identifiable natural person. Your name, address, contact details, salary details and CV are all examples of your personal data, if they identify you.
2.2 The term “process” means any activity relating to personal data, including, by way of example, collection, storage, use, consultation and transmission.
2.3 Renishaw Ireland Limited and Renishaw plc are "controllers" of your personal data. This is a legal term – it means that we make decisions about how and why we process your personal data and, because of this, we are responsible for making sure it is used in accordance with data protection laws.
3. What types of personal data do we collect and where do we get it from?
3.1 We collect different types of personal data about you for various reasons. We cannot administer your application for employment or engagement without your personal data. Where we don't need your personal data, we will make this clear, for instance we will explain if any data fields in our application processes are optional and can be left blank.
3.2 Further details of the personal data we collect, where we get it from and what we do with it are set out in Schedule 1.
3.3 You provide us with personal data directly when you apply for a job with us. We also create some personal data ourselves and obtain some personal data from other sources. We obtain it from other people and organisations, including recruitment agents, some public sources, such as publicly available directories and online resources, your emergency contacts, and former employers. You can read more about the sources of personal data in the more detailed information set out in as explained in Schedule 1.
3.4 If any of the personal information you have given to us changes, such as your contact details, please inform us without delay by contacting the HR Department.
4. What do we do with your personal data, and why?
4.1 We process your personal data for particular purposes in connection with your application for employment or engagement with us, and the management and administration of our business.
4.2 We are required by law to always have a permitted reason or justification (called a “lawful basis”) for processing your personal data. There are six such permitted lawful bases for processing personal data. The table at Schedule 2 sets out the different purposes for which we process your personal data and the relevant lawful basis on which we rely for that processing.
4.3 Please note that where we have indicated in the table at Schedule 2 that our processing of your personal data is either:
4.3.1 necessary for us to comply with a legal obligation; or
4.3.2 necessary for us to take steps, at your request, to potentially enter into an employment contract with you, or to perform it
and you choose not to provide the relevant personal data to us, we may not be able to enter into a contract of employment or engagement with you.
4.4 We may also convert your personal data into statistical or aggregated form to better protect your privacy, or so that you are not identified or identifiable from it. Anonymised data cannot be linked back to you. We may use it to conduct research and analysis, including to produce statistical research and reports. For example, to help us understand how many of our total workforce number are on secondments at any given time.
5. Special category personal data (including criminal data)
5.1 We are required by law to treat certain categories of personal data with even more care than usual. These are called sensitive or special categories of personal data and different lawful bases apply to them. The table at Schedule 3 sets out the different purposes for which we process your special category personal data and the relevant lawful basis on which we rely for that processing. For some processing activities, we consider that more than one lawful basis may be relevant – depending on the circumstances.
6. Who do we share your personal data with, and why?
6.1 Sometimes we need to disclose your personal data to other people.
Inside the Renishaw group
6.2 We are part of the Renishaw group of companies. Therefore, we may need to share your personal data with, or it may be visible to, other companies in the Renishaw group for our general business and workforce management purposes, for line management purposes, authorisations/approvals with relevant decision makers, parental reporting and where systems and services are provided on a shared basis.
6.3 Access rights between members of the Renishaw group are limited and granted only on a need to know basis, depending on job functions and roles.
6.4 Where any Renishaw group companies process your personal data on our behalf (as our processor), we will make sure that they have appropriate security standards in place to make sure your personal data is protected and we will enter into a written contract imposing appropriate security standards on them.
Outside the Renishaw group
6.5 From time to time we ask third parties to carry out certain business functions for us, such as recruitment agencies, cloud data storage and IT support. These third parties will process your personal data on our behalf (as our processor or joint controller). We will disclose your personal data to these parties so that they can perform those functions. Before we disclose your personal data to other people, we will make sure that they have appropriate security standards in place to make sure your personal data is protected and we will enter into a written contract imposing appropriate security standards on them.
6.6 We have set out below a list of the categories of recipients with whom we are likely to share your personal data:
6.6.1 consultants and professional advisors including legal advisors and accountants;
6.6.2 medical screening and occupational health provision;
6.6.3 background check providers; and
6.6.4 governmental departments, statutory and regulatory bodies including the Pensions Authority, the Data Protection Commission, the Gardaí and the Revenue Commissioners, and any other governmental or regulatory body having jurisdiction over Renishaw such as but not limited to the Information Commissioner's Office in the United Kingdom.
We may also share your personal data with third parties, as directed by you.
7. Where in the world is your personal data transferred to?
7.1 If any of our processing activities require your personal data to be transferred outside the European Economic Area, we will only make that transfer if:
7.1.1 the country to which the personal data is to be transferred ensures an adequate level of protection for personal data;
7.1.2 we have put in place appropriate safeguards to protect your personal data, such as an appropriate contract with the recipient;
7.1.3 the transfer is necessary for one of the reasons specified in data protection legislation, such as the performance of a contract between us and you; or
7.1.4 you explicitly consent to the transfer.
8. How do we keep your personal data secure?
We will take specific steps (as required by applicable data protection laws) to protect your personal data from unlawful or unauthorised processing and accidental loss, destruction or damage.
9. How long do we keep your personal data for?
9.1 We will keep your personal data for as long as is necessary in connection with both our and your legal rights and obligations. This may mean that we keep some types of personal data for longer than others.
9.2 We will only retain your personal data for a limited period of time. This will depend on a number of factors, including:
9.2.1 any laws or regulations that we are required to follow;
9.2.2 whether we are in a legal or other type of dispute with each other or any third party;
9.2.3 the type of information that we hold about you; and
9.2.4 whether we are asked by you or a regulatory authority to keep your personal data for a valid reason.
9.3 If your application is unsuccessful, your personal data will normally be held for 12 months from the date of the decision not to offer you the role in question, unless we are legally required to hold it for longer, or you have asked us to retain your details to allow us to notify you of any similar vacancies in the future.
9.4 If you are successful in your application, the retention provisions set out in our Staff Privacy Notice will apply to your personal data.
10. What are your rights in relation to your personal data and how can you exercise them?
10.1 You have certain legal rights, which are briefly summarised at Schedule 4, in relation to any personal data about you which we hold.
10.2 Where our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. If you do decide to withdraw your consent we will stop processing your personal data for that purpose, unless there is another lawful basis we can rely on – in which case, we will let you know. Your withdrawal of your consent won't impact any of our processing up to that point.
10.3 Where our processing of your personal data is necessary for our legitimate interests, you can object to this processing at any time. If you do this, we will need to show either a compelling reason why our processing should continue, which overrides your interests, rights and freedoms or that the processing is necessary for us to establish, exercise or defend a legal claim.
10.4 If you wish to exercise any of your rights please contact dataprotection@renishaw.com in the first instance.
10.5 You also have the right to lodge a complaint with the Data Protection Commission, which is the Irish data protection regulator. More information can be found on the Data Protection Commission's website at https://dataprotection.ie.
11. Updates to this notice
We may update this notice from time to time to reflect changes to the type of personal data that we process and/or the way in which it is processed. We will update you on material changes to this notice by email. We also encourage you to check this notice on a regular basis.
12. Where can you find out more?
12.1 If you want more information about any of the subjects covered in this privacy notice or if you would like to discuss any issues or concerns with us, you can contact us at dataprotection@renishaw.com.
Schedules
-
Renishaw Ireland Applicant Privacy Notice - Schedules
Schedule tables explaining the purposes and lawful basis for processing personal and special category personal data, in addition to your rights in relation to your data.