NFU Mutual understands that the information you trust us with is important to you, and we are committed to protecting and respecting your privacy.
This Policy explains how, when and why we collect your personal information during the course of your application, under what circumstances we may disclose your personal information to others, and how we keep it secure.
1. What information do we collect about you?
We only collect personal information about you where it is completely necessary or you have provided it voluntarily (e.g. diversity monitoring). We will ensure that we only collect information we need to process your application, or if separate consent is given, to remain part of our Talent Database and/or to connect on LinkedIn.
As part of our recruitment process we may ask you to provide personal data which is described as being in a “special category” such as medical history, your religious beliefs, ethnic origin or other characteristics protected under the Equality Act 2010. We also collect information about criminal history and court proceedings.
2. How will we use the information about you?
The personal information that you provide to us as part of your application and any subsequent activities relating to your application will be used by NFU Mutual and other parts of the Group (depending on the role you have applied for) for the purpose of assessing your suitability for employment within the Group.
If you progress to interview stage or offer, you should be aware that we undertake screening for all prospective employees which includes criminal records. (Please be aware that some spent criminal offences may be considered if you are applying for a post where exemptions apply under the Rehabilitation of Offenders Act). In some cases we also undertake financial checks, which may remain on your record.
We may also use your personal information to ensure we comply with legal and regulatory requirements. This includes internal audits, monitoring and assurance activities to examine and evaluate the systems and controls within NFU Mutual.
3. Why we use the information about you
To process your information we rely mainly on the following legal bases:
Performance of a contract: The use of your information is necessary to take the required steps prior to entering into a contract of employment with you.
Legal obligations: Some of the information we collect from you is collected in order to meet any legal obligations we are subjected to. This may include complying with employment law, tax requirements or immigration laws.
Legitimate interests: We may use your information for our legitimate interests, such as analysis.
Substantial public interest: For the detection and prevention of fraud, and the monitoring of diversity and equality of opportunity.
Consent: We may rely on your consent to use your personal information for certain activities, for example maintaining your information on our Talent Database and connecting on LinkedIn. You may withdraw your consent at any time by contacting us at the address provided at the end of this Policy.
4. Information that we share
We may have to share your information with other companies in the Group, the farming unions (NFU England and Wales, Ulster Farming Union and NFU Scotland), or to third party service providers in certain circumstances:
• Providers of psychometric testing, reference and fiduciary screening, and health screening.
• Where it is required by law, we will share your information with third parties such as law enforcement agencies and companies tasked with fraud/criminal activity detection. Where fraud is detected, this may affect your ability to obtain products, services or employment. For more information, please contact us using the information in section 10.
• We will share your information with third party IT providers who support us in hosting, transferring, processing, testing and problem resolving. This enables us to provide the services you need.
• We may also share information with third party audit companies providing expertise and assurance over our processes and controls
• Where we share personal information with those suppliers, we have the appropriate contracts or controls in place, which will assess the security of their processing arrangements.
5. Your individual rights
You have a number of rights with regards to the personal information that we hold about you, which you will have provided as part of the application process.
Right of Access: You have the right to request a copy of the information that we hold about you. We will provide you with this information within one month of receiving your request and verifying your identity. If the request is complex, we may extend the response time. We will inform you if this is the case and explain why.
Right to Rectification: We want to make sure that your personal information is accurate and up to date. You may ask us to correct, update or remove information you think is inaccurate or incomplete, and we ask that you inform us promptly of any changes to your circumstances.
Right to Erasure: You may also ask us to erase your personal information from our systems, in certain circumstances. There are some specific circumstances where the right to erasure does not apply and we are permitted to hold your data. We will explain the reason for this at the time, should this occur.
Right to Data Portability: You may also ask us to move, or ‘port’, your personal information to another organisation electronically. We will only port personal information you have provided to us, that we have processed based on your consent or performance of a contract, or that has been processed automatically. We will port your personal information without charge and within one month, where technically feasible.
Right to Restricting Processing: You have a right to request that we restrict the processing of your personal data in certain circumstances. We will inform our third parties to whom we have disclosed your personal data that they must also restrict processing. We will inform you when the restriction on processing your personal data ends.
Right to Object: Where are relying on substantial public interest and legitimate interest, you have the Right to Object to the processing of your personal data.
If you would like to exercise these rights, please write to us, using the details provided at the end of this Policy outlining your specific request.
6. Information security
We work hard to keep your data safe. We use an appropriate combination of technical and organisational measures to ensure, as far as reasonably possible, the confidentiality, integrity and availability of your information at all times. If you have a security-related concern, please contact us using the details provided at the end of this Policy.
7. Retaining your data
NFU Mutual, and the information we collect about you, are subject to various regulatory and legislative requirements. In addition, we will endeavour not to keep your personal information for longer than we have to for us to fulfil our obligations to you. Where it is not possible for us to delete your data, we will ensure the appropriate security and organisational measures are put in place to protect the use of your information.
We work hard to ensure that your personal information is treated safely and securely. However, if you have a complaint, write to us using the details provided at the end of this Policy. You also have the right to complain to the Information Commissioner’s Office.
10. Who to contact in relation to processing of personal information at NFU Mutual
National Farmers Union Mutual Insurance Society Limited controls the processing of personal data on its systems. If you would like to discuss anything in relation to this Policy or how we handle your personal information, you can reach the Data Protection Officer for NFU Mutual by writing to: Data Protection Officer, NFU Mutual, Tiddington Road, Stratford-Upon-Avon, CV37 7BJ.
You can also talk to a member of the team.
If you’d like this document in large print, braille or audio, just contact us.