This Policy applies if you are applying to join us as an employee, Partner/Member, contractor, consultant, temporary or agency staff, trainee solicitor, apprentice, or applying for work experience. It applies globally and is based on UK and European data protection principles. We will update this Policy from time to time.
WHO WE ARE
DAC Beachcroft is an international legal business which operates through separately constituted and regulated legal entities providing legal and/or claims handling services in accordance with the relevant laws of the jurisdictions in which the different entities operate.
The use of words and/or phrases such as "DAC Beachcroft", "we", "us" or "our" is for convenience only and refers to any of the entities listed on our Legal and Regulatory page, each of which is a separate data controller in their own right.
WHAT DATA DO WE COLLECT AND WHERE DO WE GET IT FROM?
DAC Beachcroft will collect, use and store your personal data for a wide variety of reasons in connection with our application and recruitment process.
The table below sets out the main categories of data that we collect and the sources we collect it from. The table is not exhaustive and there may be other data and other sources which DAC Beachcroft collects, uses and stores in the context of our relationship.
|Type of data
|Source Of Data
|Contact and personal information including your name, home address, personal telephone number(s) and/or personal e-mail address), date of birth and gender.
|You, recruitment agencies and where appropriate existing colleagues
|Work history and other relevant experience including information contained in CV, cover letter and/or job application form
|You, recruitment agencies, former employers, third party referencing and vetting (see further below) and publically available resources such as LinkedIn
|Education information including degrees awarded, transcripts and other information provided in support of the job application
|You, recruitment agencies, third party referencing and vetting (see further below) and publically available resources such as LinkedIn
|You and recruitment agencies
|Interviews including information collected during phone screenings/interviews, interviews virtually and/or interviews in person such as details regarding the type of employment sought, desired salary, willingness to relocate, job preferences, other information related to compensation and/or benefits and information related to previous applications to us or previous employment history with us
|You, our IT and other systems, building access records and CCTV recordings
|Reference information and information received from background checks (where applicable)
|You, former employers, third party referencing and vetting (see further below), official bodies such as regulators or criminal records bureaus
|Right to work, documents evidencing your right to work (including information about your immigration status where relevant)
|You, third party referencing and vetting (see further below) and official bodies such as regulators
Referencing and vetting
As part of our referencing and vetting referred to above, we may contact certain third parties in order to verify your personal information (including personal information that you provide as part of the application and recruitment process). These third parties may include:
- Former employers in order to verify your previous employment history (this may include contacting your current or former accountants where you are or were self-employed or an agency where you were paid through the agency);
- Universities and/or other establishments for higher education that you attended in order to verify your education history;
- Other institutes in order to verify other qualifications (such as CIPD);
- Verification agencies to verify your credit reference, directorships, identification and criminal record checks; and/or
- Professional bodies in order to verify membership.
We will only seek this information in relation to successful candidates that have accepted a conditional offer of employment with us and we will specifically inform such candidates that we will be contacting these third parties in advance of doing so.
Please note that the majority of the data to be provided by you is mandatory in connection with our recruiting activities. Failure to provide mandatory data may affect our ability to accomplish the purposes stated in this Policy, including considering your suitability for employment and/or entering into an employment contract with you.
HOW DO WE USE DATA?
DAC Beachcroft uses your data for a variety of purposes in order to take steps necessary to enter into an employment contract with you, to comply with legal obligations or otherwise in pursuit of our legitimate business interests.
What we use data for
Our reasons / lawful basis
|Corresponding with you or to others (electronically and/or physically (e.g. by letter, fax, telephone (including within any recording or transcription), email, secure sharing portal or SMS), which may include the use of third party suppliers (such as electronic signature providers))
For legitimate interest
Verifying candidate information and carrying out employment, background and reference checks, where applicable and in order to prevent fraud
For a legitimate interest
To identify and evaluate job applicants, including assessing skills, qualifications and experience
For a legitimate interest
Communicating with you about the recruitment process and your application
For a legitimate interest
To comply with our legal, regulatory, or other corporate governance requirements
For a legitimate interest
For the purposes of conducting data analytics to review and better understand the operation of our recruitment processes
For a legitimate interest
To consider you for other roles that may be appropriate for you
For a legitimate interest
Special categories of data
Certain categories of data are considered "special categories of personal data" and are subject to additional safeguards. DAC Beachcroft limits the special categories of data which it processes as follows:
We may process information about a candidate's physical or mental health in compliance with our obligations owed to disabled employees.
We will always treat information about health as confidential and it will only be shared internally where there is a specific and legitimate purpose to do so. We have implemented appropriate physical, technical, and organisational security measures designed to secure your data against accidental loss and unauthorised access, use, alteration, or disclosure.
If a candidate is unsuccessful, any health information obtained as part of recruitment process will be deleted with the rest of the candidate's data within 15 months of their rejection subject to any exceptional circumstances and/or to comply with particular jurisdictional laws and/or regulations and/or business continuity purposes.
Criminal Record Information
Given the nature of our business, we ask successful candidates who have accepted a conditional offer of employment to disclose their criminal record history and we carry out criminal record checks as part of our background vetting process and in compliance with our obligations in connection with employment.
We will always treat criminal record history as confidential and it will only be shared internally where there is a specific and legitimate purpose to do so. We have implemented appropriate physical, technical, and organisational security measures designed to secure your data against accidental loss and unauthorised access, use, alteration, or disclosure.
Criminal record information will be deleted once the recruitment process has been completed, subject to any exceptional circumstances and/or to comply with particular laws or regulations. Criminal record information will be retained in accordance with our information retention and destruction policy, although the outcome of any check will remain on the employee's record. Criminal record information will typically be retained for a maximum of 15 months, although the outcome of any check will remain on the employee's record.
Equal Opportunities Monitoring
DAC Beachcroft is committed to providing equal opportunities for employment and progression to all of its employees and from time to time it will process information relating to ethnic origin, race, nationality, sexual orientation and disability, alongside information relating to gender and age, for the purposes of equal opportunities monitoring.
We have implemented appropriate physical, technical, and organisational security measures designed to secure your data against accidental loss and unauthorised access, use, alteration, or disclosure. In addition, this monitoring will always take place in accordance with appropriate safeguards as required under applicable law, including:
- The provision of information relating to ethnic origin, race, nationality, sexual orientation and disability for the purposes of monitoring will be voluntary and processed for this purpose only with your consent;
- Wherever possible, the monitoring will be conducted on the basis of using anonymised data so individual candidates cannot be identified; and/or
- The information processed for monitoring purposes will be maintained separately from general management and HR records.
WHEN DO WE SHARE DATA?
DAC Beachcroft may share data with the following in certain circumstances and where it is necessary to achieve the purposes detailed above:
- Recruitment agencies;
- Referencing & vetting specialists;
- Occupational health providers;
- HMRC (in the UK), Revenue (in Ireland) and/or any other applicable government body;
- Criminal records bureaus;
- Accountants, lawyers and other professional advisers; and/or
- Our regulators.
The list above is not exhaustive.
Transferring data out of the United Kingdom (UK) and European Economic Area (EEA)
As we are a global employer, data may be transferred outside of the UK and the European Economic Area ('EEA'). For example this may be to share your data with other group companies from time to time for the purposes to set out in this Policy. In particular, DAC Beachcroft may share your data with other group companies for the purposes of support with employee administration and the management of participation in the employee stock plan and related benefits.
Where we transfer your personal data outside the UK or the EEA we do so on the basis of an adequacy decision or (where this is not available) legally-approved standard data protection clauses. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time, we will not transfer your data outside the UK or the EEA unless we can do so on the basis of an alternative mechanism or exception provided by applicable data protection legislation.
HOW DO WE KEEP DATA SECURE?
We have appropriate technical and organisational measures in place to protect data. We limit access to data to those who have a genuine business need to access it. Those processing data will do so only in an authorised manner and are subject to a duty of confidentiality. We continually test our systems and are ISO 27001 and Cyber Essentials PLUS certified, which means we follow industry standards for information security.
We also have procedures to deal with any suspected data breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
HOW LONG WILL WE KEEP DATA?
DAC Beachcroft's policy is to retain data only for as long as needed to fulfil the purpose(s) for which it was collected, or otherwise as required under applicable jurisdictional laws and/or regulations and/or business continuity purposes. Under some circumstances we may anonymise your data so that it can no longer be associated with you. We reserve the right to retain and use such anonymous data for any legitimate business purpose without further notice to you.
For unsuccessful candidates:
- We will typically retain data collected during the recruitment process for a maximum period of 15 months from the end of the process subject to any exceptional circumstances and/or to comply with particular jurisdictional laws and/or regulations and/or business continuity purposes.
- We may retain select data relating to particular candidates on file for a longer period than 15 months in order to follow up with the candidates in relation to future vacancies; if you do not wish for your data to be maintained on file for this purpose, please inform us.
For successful candidates:
WHAT ARE YOUR RIGHTS IN RELATION TO YOUR DATA?
DAC Beachcroft will always seek to process your data in accordance with our obligations, our rights and your rights.
You will not be subject to decisions based solely on automated data processing without your prior consent.
In certain circumstances, you have the right to seek the erasure or correction of your data, to object to particular aspects of how your data is processed, and otherwise to seek the restriction of the processing of your data. You also have the right to request the transfer of your data to another party in a commonly used format.
You have a separate right of access to your data processed by DAC Beachcroft. You may be asked for information to confirm your identity and/or assist DAC Beachcroft to locate the data you are seeking as part of DAC Beachcroft's response to your request. If you wish to exercise your right of access, please contact our Data Protection Enquiry Team (outlined below).
You have the right to raise any concerns or complain about how your data is being processed with:
Data Protection Supervisory Authority
Information Commissioner's Office (ICO)
Commission nationale de l'informatique et des libertés (CNIL)
CNIL’s website: https://www.cnil.fr/ or +33 (0) 1 53 73 22 22
Data Protection Commissioner (DPC)
DPC's website: https://dataprotection.ie/docs/complaints/1592.htm or +353 1800437 737 or email@example.com
Garante per la Protezione dei Dati Personali (GPDP)
GPDP’s website: https://www.garanteprivacy.it/web/garante-privacy-en or +39 06 696771
Spanish Data Protection Agency/Agencia Española de Protección de Datos (AEPD)
AEPD's website: https://www.agpd.es/portalwebAGPD/index-iden-idphp.php or +34 901 100 099 / +34 91 266 35 17
We have elected the DPC as our Lead Supervisory Authority within the EU.
WHERE CAN YOU GET FURTHER INFORMATION?
If you have any questions about this Policy, want to exercise any of your rights in relation to your data as set out above or want to raise any concerns or complain about how your data is being processed, please use our contact details below in the first instance:
Post: Data Protection Enquiry Team
St Paul's House
23 Park Square South
DO YOU NEED EXTRA HELP?
If you would like this Policy in another format (for example audio or large print), please contact us (see ‘Where can you get further information’ above).
Who we are
Why choose DAC Beachcroft?
We’re a broad-based commercial firm serving a wide range of sectors with a strong heritage in insurance,
health and real estate. We combine excellent legal skills and cutting-edge delivery expertise to design
solutions that fit the needs of our clients – often involving clever uses of technology.