This privacy notice will inform you, our employees, of the types of data we process about you. This notice applies to current and former employees, workers and contractors.

This page should be read in conjunction with the information on the main EEF privacy notice page which covers information relevant to anyone whose data is used by EEF including your rights.

We keep several categories of personal data on our employees in order to carry out effective and efficient processes. We keep this data in a personnel file relating to each employee and we also hold the data within our computer systems, for example, our holiday booking system.

Specifically, we hold the following types of data:

• a) personal details such as name, address, phone numbers
• b) name and contact details of your next of kin
• c) your photograph
• d) your gender, marital status, information of any disability you have or other medical information
• e) right to work documentation
• f) information for equality monitoring purposes, such as race and religion.
• g) information gathered via the recruitment process such as that entered into a CV or included in a CV cover letter
• h) references from former employers
• i) details on your education and employment history etc
• j) National Insurance numbers
• k) bank account details
• l) tax codes
• m) driving licence
• n) criminal convictions
• o) information relating to your employment with us, including:
  • job title and job description
  • your salary
  • your wider terms and conditions of employment
  • details of formal and informal proceedings involving you such as letters of concern, disciplinary and grievance proceedings, your annual leave records, appraisal and performance information
  • internal and external training modules undertaken
  • information on time off from work including sickness absence, family related leave etc
• p) CCTV footage
• q) building access card records
  
• r) IT equipment use including telephones and internet access
• s) information about staff wellbeing for the purposes of providing support
• t) occupational health records

You provide several pieces of data to us directly during the recruitment period and subsequently upon the start of your employment.

In some cases, we will collect data about you from third parties, such as employment agencies, former employers when gathering references or credit reference agencies.

Personal data is kept in files or within the Company’s HR and IT systems.

Employees within our company who have responsibility for recruitment, administration of payment and contractual benefits and the carrying out performance related procedures will have access to your data which is relevant to their function. All employees with such responsibility have been trained in ensuring data is processing in line with GDPR.

Data is shared with the following third party recipients:

1. A payroll service provider (at the time of writing, RSM payroll)
   
2. A HR provider who advises us on HR matters and manages our HR documents and system online (at the time of writing, Peninsula)
3. Your pension provider (at the time of writing, Aviva)
4. Our pension advisers (at the time of writing, Secondsight)
5. A company that provides life insurance in the event of death in service (at the time of writing, Canada Life)
6. The HMRC for tax purposes; with our accounting software for accounting of net pay (at the time of writing, Quickbooks Online (Intuit))
7. Our bank for payment details (at the time of writing, CAF Bank)
8. Our auditors (including the DfE)
9. The Disclosure and Barring Service for the purpose of DBS background checks (at the time of writing, completed through PeopleCheck in partnership with Yoti)
10. Our annual staff survey provider (at the time of writing, The People Experience Hub)
11. A provider of right to work checks (at the time of writing, completed through PeopleCheck in partnership with Yoti)
12. Our online signing platform (at time of writing, Docusign)
13. An e‑learning platform (at time of writing, Kallidus)
14. The UK visa sponsorship management system for visa application administration

We may also share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us. We have a data processing agreement in place with such third parties to ensure data is not compromised. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

Data stored within Quickbooks Online (Intuit) is shared with bodies outside of the European Economic Area. These countries are the United States and the reason for sharing with these countries is that we use Quickbooks Online (Intuit) as our accounting software package, who store our data in the USA. We have put the following measures in place to ensure that your data is transferred securely and that the bodies who receive the data that we have transferred process it in a way required by EU and UK data protection laws: The data transfer mechanism used by Quickbooks Online (Intuit) is standard contractual clauses. For more details about how Quickbooks Online (Intuit) use the data, please visit https://quickbooks.intuit.com/uk/privacy-policy/.

We otherwise do not share your data with bodies outside of the European Economic Area.

You will have been notified in EEF’s privacy notice for job applicants that we use the Webrecruit system for recruitment.

We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such.

Where we are processing your personal data under consent or for our legitimate interests as stated above, you have the right to object to our processing of your personal data. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

For more information on your rights, please see​‘Your rights’​on our privacy notice main page.