The Grand Hotel Birmingham logo

Privacy Notice - Applicants

Introduction

We, The Grand Hotel Birmingham, are committed to protecting your privacy and personal data.

When you apply for a job with us we collect information from and about you. Some of the information we collect may be classed as personal data under data protection legislation, that is, “any information relating to an identified or identifiable natural person”. This Privacy Statement explains how and why we collect personal information about our candidates (“you”). It also explains how and why we use it, the conditions under which we may disclose it to others and how we keep it safe.

Who we are

For the purposes of the EU General Data Protection Regulation (“GDPR”) the data controller is The Grand Hotel Birmingham, The Inspire, Hornbeam Park, Harrogate, HG2 8PA.

Any questions regarding this Privacy Statement and our privacy practices should be sent by email to gdpr@thegrandhotelbirmingham.co.uk. This email address will be monitored and responses managed by the central Talent Team based at the Head Office in Harrogate.

What type of information we collect:

The personal information we collect, store and use may include:

We may sometimes collect your special categories of data, including:

How we collect information about you

How your information is used

We may collect and process your personal information in order to fulfil our vacancies and for our legitimate business interests. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

We have a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment processes, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.

We may use your information to:

Whenever we process data for these purposes we will act with the highest regard to your privacy rights. You have the right to object to this processing if you wish. Should you wish to do so please contact us.

Please bear in mind that if you object, this may affect our ability to carry out the tasks above for your benefit.

Please also be aware that if you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require a credit check or references for this role and you fail to provide us with relevant details, we will not be able to take your application further.

Who may have access to your information:

We will not sell or trade in your information, and we will not share your information with third parties for marketing purposes. Our data is stored on a proprietary database, hosted by a third party; email and documents are stored on servers located within the European Union (“EU”).

Your information will be shared internally for the purpose of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.

We may share your personal data as follows:

In all cases, we will take steps with the aim of ensuring that your privacy rights continue to be protected, for example, that appropriate agreements are in place. All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

How we store your data:

We will store your data in as few places as practicable to ensure the data is efficiently managed and to minimise security risks. Your data may be stored on our proprietary database, email and company servers or on paper. We will not use your data for any purpose other than the recruitment exercise for which you have applied as described in this Privacy Statement.

If your application for employment is unsuccessful, we will hold your data on file for 365 days after the end of the relevant recruitment process. If you agree to allow us to keep your personal data on file, we will hold your data on file for a further 365 days, or such other period as may be required by law, for consideration for future employment opportunities. At the end of that period, or once you withdraw consent, your data is deleted or destroyed. We may ask for your consent before keeping your data and you are free to withdraw your consent at any time.

Your choices and rights

Under certain circumstances, you have the right to:

If we have shared your information with a third party, we will inform them of your request so that they may make suitable amendments to their records.

Should you wish to contact us for any of the above reasons, please do so in writing by email at gdpr@thegrandhotelbirmingham.co.uk or by post, to The Talent Team, The Grand Hotel Birmingham, The Inspire, Hornbeam Park, Harrogate, HG2 8PA, providing us with your name and address, how to contact you and brief details of the reason: for example, the information you would like a copy of, or which you would like to be changed. If you are not satisfied with our response or believe we are not processing your personal data in line with the law, you can make a complaint to the UK supervisory authority, the Information Commissioner’s Office.

How we protect your personal information:

When we collect and process your personal information, we take steps to ensure that it is treated securely. We believe that we have appropriate policies, procedures and technical measures to help prevent any unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss in relation to personal information under our control. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Communications over the internet, such as emails, are not secure unless they have been encrypted, and may route through a number of countries before being delivered. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

All of our employees who have access to, and are associated with, the processing of your personal information are required to treat it confidentially and with utmost consideration to your privacy rights.

Use of ‘cookies’

Our website uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. For more information on how we use cookies, please visit our cookie policy https://www.thegrandhotelbirmingham.co.uk/cookie-policy/

This Privacy Statement applies only to our website. We recommend that you read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you have accessed these using links from our website.

Children

We do not envisage any circumstances where we would collect personal information from or about children aged 16 or under.

Profiling

We do not use personal data for the purposes of any automated decision-making including profiling.

Transferring your information outside of Europe

On rare occasions, information which you provide to us may be transferred to countries outside the European Union. By way of example, this may happen if email traffic crosses international borders outside the EU. If we transfer your information outside of the EU, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected.

Review of this Privacy Statement

We may change this Privacy Statement from time to time to make sure it is still up to date and we will notify you if we make any material updates. We may also notify you in other ways from time to time about the processing of your personal information.

We keep this Privacy Statement under regular review.

This Privacy Statement was last updated in June 2023