Skip to content

The University of Chester is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

Data Protection Principles

We will comply with data protection legislation, which says that the personal information we hold about you must be:

  • Used lawfully, fairly and in a transparent way
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
  • Relevant to the purposes we have told you about and limited only to those purposes
  • Accurate and kept up to date
  • Kept only as long as necessary for the purposes we have told you about
  • Kept securely

What information does the University collect?

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are special categories of more sensitive personal data which require a higher level of protection.

The types of information we hold about you include:

  • personal contact details such as your name, title, address, telephone numbers and email address;
  • details of your qualifications, skills, experience and employment history;
  • information about your current earnings;
  • evidence of your nationality and eligibility to work in the UK;

We may also hold the following categories of more sensitive personal information:

  • whether or not you have a disability for which the University needs to make reasonable adjustments during the recruitment process;
  • equality monitoring information such as information about your marital status, ethnic origin, sexual orientation, religion or belief;
  • information about your criminal record.

Most of the information we hold about you will have been provided by you, for example through your application forms, curriculum vitae, identity documents or collected through interviews and other elements of the selection process. The University will also collect data about you from third parties, such as references supplied by previous employers, provided that you have given your consent for us to do so.

Data will be stored in a range of different places, including your application record, the University HR information system and in other IT systems, such as the University’s email system.

Why does the University process personal data?

We will only use your personal information when the law allows us to. The University needs to process data to enter into an employment contract with you. It also needs to process your data in order to comply with legal obligations, for example, checking an applicant’s eligibility to work in the UK.

The University also needs to process personal data to pursue its legitimate business interests. Processing personal data allows the University to operate the recruitment and selection process, assess and confirm a candidate’s suitability for employment and to decide to whom to offer a job. The University may also need to process data from job applicants to defend against legal claims.

Where the University relies on legitimate interests as a reason for processing data, it has considered whether or not those interests are overridden by the rights and freedoms of job applicants and has concluded that they are not.

Where we process special categories of personal information, such as those relating to your ethnicity, religious beliefs, sexual orientation, disability or gender identity, this is done for the purposes of equal opportunities monitoring.

Some special categories of personal data, such as information about health or medical conditions, is processed in order to make reasonable adjustments to the recruitment process for candidates who have a disability. This is to ensure the University complies with its legal obligations.

We will only collect information about criminal convictions if it is appropriate given the nature of the role and where we are legally able to do so. Where appropriate, we will collect information about criminal convictions through a Disclosure and Barring Service check or we may be notified of such information directly by you in the course of your job application.

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

During the initial stage of the online recruitment process the University may utilise automated decision-making. Applicants may be asked specific questions to establish whether they meet one or more of the essential criteria for a role. Where this process is used and the relevant criteria are not met, you will be informed that you do not meet the essential criteria for the role and that you cannot submit an application. Where automated decision-making prevents you continuing your application you may request a review of the decision by contacting hrms.enquiries@chester.ac.uk before the published vacancy closing date.

Who has access to data?

Your information may be shared internally for the purposes of the recruitment and selection process, including with members of HR team, staff involved in the selection process, managers in the relevant Department or Faculty, and IT staff if access to the data is necessary for performing their roles.

The University will not share your data with third parties, except where we request references for shortlisted candidates. Referees will only be contacted where you have provided your consent.

If the University makes you an offer of employment and the nature of the role is such that a criminal records check is required, the University will then share your data with the Disclosure and Barring Service.

We do not send your personal data outside the European Economic Area.

How does the University protect data?

The University takes the security of your data very seriously, and has internal policies and controls in place to try and ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. For more information, please see the University’s Data Protection Policy.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

For how long does the University keep data?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

If your application for employment is unsuccessful, the University will hold your data relating to that specific application on file for 12 months after the closing date of the vacancy. At the end of that period, the data is destroyed.

As part of the online application process, you will have an account which will be accessed by entering your email address and a password. These login details will be retained for a period of 12 months from when you last accessed the account. At the end of that period, your account will be deleted. Should you wish to submit any further job applications after this time then you will need to set up a new account.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

If your application for employment is successful, personal data gathered through the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be explained to you in a new privacy notice.

What if you choose not to provide personal data?

You are under no obligation to provide data to the University during the recruitment process. However, if you do not provide the information, the University may not be able to process your application properly or at all.

You are under no obligation to provide information for equal opportunities monitoring purposes and there are no consequences for your application if you choose not to provide such information.

Your rights

As a data subject, under data protection legislation, you have various rights in relation to your personal data. You can:

  • request access your own data by making an access request – this enables you to receive a copy of the personal information we hold about you and check that we are lawfully processing it;
  • request that we correct any inaccuracies in the data that we hold about you;
  • request that we erase your personal data where we are not entitled by law to process it or it is no longer needed for the purpose it was collected;
  • request that processing of your data is restricted – this enables you to ask us to suspend the processing of personal information about you, for example if you want to establish its accuracy or the reason for processing it;
  • object to processing of your personal information where we are relying on our legitimate interests and there is something about your particular situation which makes you want to object to processing on this ground;
  • request the transfer of your personal information to another party.

If you wish to make an access request or assert any of the rights detailed above, please contact the Data Protection Officer using the contact details below.

You have the right to make a complaint to the Information Commissioner if you believe we have not complied with the requirements of data protection legislation with regard to your personal data. You can do this by contacting the Information Commissioners’ Office directly.  Further details on your rights and contact details are available at www.ico.org.uk

Data Protection Officer

The University’s Data Protection Officer is Mr Rob Dawson, Institutional Compliance Officer, who can be contacted on 01244 511610 or dataprotection@chester.ac.uk

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.