Candidate Privacy Policy

In order to recruit candidates, Dionach collects and processes personal information about you, the candidate.
Personal information means any information about you from which you can be identified, but it does not include information where your identity has been removed (anonymous data).

As the ‘controller’ of personal information, we are responsible for how that data is managed. The General Data Protection Regulation (GDPR), which applies in the United Kingdom and across the European Union, sets out our obligations to you and your rights in respect of how we manage your personal information.
As the ‘controller’ of your personal information, we will ensure that the personal information we hold about you is:

  • Used lawfully, fairly and in a transparent way
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
  • Relevant to the purposes we have told you about and limited only to those purposes
  • Accurate and kept up to date
  • Kept only as long as necessary for the purposes we have told you about
  • Kept securely

If you have any questions about this privacy policy or would like further explanation as to how your personal information is managed, then please contact us (see how to contact us below).

Personal Data We Process

Dionach may process several different categories of data from candidates during the recruitment and screening process. This data includes: name, contact details (postal address, phone number, email address), age, date of birth, photograph, employment history, employment references, right to work, driving licence number, national insurance number, passport number, and extra information you choose to provide such as CV and cover letter.

Certain information that we process is classed as ‘special category data’. It is sensitive by nature. We have a higher duty of care in how we process this: religion, medical and health information (including sickness details), nationality or ethnicity, criminal cautions or convictions, and motoring convictions.

Purposes of Processing Personal Information

In order to determine suitability for a role at Dionach we will process personal data for the following purposes:

  • Maintain records of recruitment with Dionach
  • Process criminal conviction and caution information, where relevant to your role
  • Regulatory requirements such as right to work
  • To conduct and support internal and external audits

Who Has Access to Your Personal Information

In order to operate our business and run our recruitment we rely on third parties to provide specialist support to us. To provide this support they will have access to, or a duty of care over your personal information. These third parties are credit check agencies, where relevant, and IT service providers such as Microsoft for Office 365.

We will share relevant information within Dionach only where this is necessary, and in line with our purpose for processing. We will not share, sell or trade your personal information with any other third party without your consent, unless there is a legal reason to do so.

Retention of Personal Information

We will retain your personal data for a period of 18 months following the recruitment process decision. Please email us if you wish us to retain your details for longer if you wish to be considered for future opportunities as they arise.

Your Rights

You have the following rights:

  • Request access to a copy your personal information (also known as a “data subject access request”).
  • Request us to correct any mistakes in your information which we hold.
  • Request the erasure of personal information concerning you, in certain situations. Please note that if you ask us to delete any of your personal information
  • which we believe is necessary for us to comply with our contractual or legal obligations, this may affect our ability to provide employment to you.
  • Object to us processing of your personal information or withdraw consent. As with erasure, this may affect our ability to provide employment to you.
  • Otherwise restrict our processing of your personal information in certain circumstances.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the GDPR.

Security of Personal Information

The confidentiality and security of your information is of paramount importance to us. We have appropriate organisational and technical security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to Complain

We hope that we can resolve any query or concern you raise about our use of your information. Our contact details are below.
The GDPR also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at or by phoning 0303 123 1113.

How to Contact Dionach

Please contact us if you wish to exercise one of your privacy rights or to complain by email at [email protected] or by telephone on 01865877830. Our address is Dionach Ltd, Unipart House, Garsington Road, Oxford, OX4 2PG.

Policy Last Updated: 2021-03-01