Legal notices
NFU MUTUAL RECRUITMENT PRIVACY POLICY
NFU Mutual understands that the information you trust us with is important to you, and we are committed to protecting and respecting your privacy.
This Policy explains how, when and why we collect your personal information throughout the recruitment process, under what circumstances we may disclose your personal information to others, and how we keep it secure.
1. WHAT INFORMATION DO WE COLLECT ABOUT YOU?
We only collect personal information about you where it is necessary, or you have provided it voluntarily (e.g. diversity monitoring). The information we gather is limited to what is required for the stage you are at within the recruitment process. This may include details for your application, screening, or interviews, depending on how far you progress. We will only collect data that is relevant and required for these steps.
As part of our recruitment process we may ask you to provide personal data which is described as being “special category” such as medical history and disability, your religious beliefs, ethnic origin or other characteristics protected under the Equality Act 2010.
Some of the personal data fields are mandatory, however disclosing the information is voluntary, therefore if you do not want to share, you should select ‘Prefer not to say’ where available.
To help protect against fraud and financial crime, we also collect details such as criminal history, court proceedings, and credit checks.
2. HOW WILL WE USE THE INFORMATION ABOUT YOU?
The personal information that you provide to us as part of your application and any subsequent activities relating to your application will be used by NFU Mutual and other parts of the Group (depending on the role you have applied for) for the purpose of assessing your suitability for employment within the Group.
If you progress to interview stage or offer, you should be aware that we undertake screening for all prospective employees which includes criminal records. (Please be aware that some spent criminal offences may be considered if you are applying for a post where exemptions apply under the Rehabilitation of Offenders Act). We also undertake financial checks, which may remain on your record.
In the event of adverse findings, we reserve the right withdraw offers of employment.
We may use AI and automated decisions in our recruitment process. If this technology is used, it will be done in a way that is responsible, fair, secure and transparent. Where an automated process results in a decision that may significantly affect you, we ensure that the outcome is reviewed by a trained member of our team. You can request human involvement using the contact details in section 10.
We may use profiling tools in the recruitment process to understand your personality preferences and behaviours.
We may also use your personal information to ensure we comply with legal and regulatory requirements. This includes internal audits, monitoring and assurance activities to examine and evaluate the systems and controls within NFU Mutual.
We record calls for quality control and training purposes. How long we keep recordings depends on our retention policy (see Section 7), unless NFU Mutual has a legitimate interest to keep recordings longer (as reasonably necessary), including for fraud detection and financial crime investigation purposes.
3. WHY WE USE THE INFORMATION ABOUT YOU
To process your information, we rely mainly on the following legal bases:
| Legal Basis | Examples |
| Performance of a contract | The use of your information is necessary to take the required steps prior to entering into a contract of employment with you. |
|
Legitimate interests |
We may use your information for our legitimate interests, such as analysis, or to ensure equality of opportunity or treatment in line with our Equality and Diversity Strategy. |
|
Consent |
We may rely on your consent to use your personal information for certain activities, for example maintaining your information on our Talent Database, connecting on LinkedIn and sending you SMS messages relating to your job application and recruitment process. You may withdraw your consent at any time by contacting us at the address provided at the end of this policy. |
|
Legal obligation |
Some of the information we collect from you is collected in order to meet any legal obligations we are subjected to. This may include complying with employment law, tax requirements or immigration laws. |
Where we process sensitive data (E.g., Health Information, Convictions, Ethnicity/Race), we need to have an additional legal basis. The below lists the additional lawful bases we rely on to process your sensitive data:
The table below shows the additional legal basis we are relying upon with examples:
| Legal Basis |
Examples |
| Substantial public interest |
For the detection and prevention of fraud. To ensure equality of opportunity or treatment in line with our Diversity & Inclusion Strategy. |
4. INFORMATION THAT WE SHARE
Where necessary within the recruitment process, we may share your personal information with other companies in the Group, the farming unions (NFU England and Wales, Ulster Farming Union and NFU Scotland) and with third-party service providers.
The following examples demonstrate why, and with whom your information may be shared:
- Providers of psychometric testing, video interviews, assessments, reference and fiduciary screening, and health screening.
- Where it is required by law, we will share your information with third parties such as law enforcement agencies and companies tasked with fraud/criminal activity detection. Where fraud is detected, this may affect your ability to obtain products, services or employment. For more information, please contact us using the information in section 10.
- We will share your information with third party IT providers who support us in hosting, transferring, processing, testing and problem resolving. This enables us to provide the services you need.
- We may also share information with third party audit companies providing expertise and assurance over our processes and controls.
- Where we share personal information with those suppliers, we have the appropriate contracts or controls in place, which will assess the security of their processing arrangements.
5. YOUR INDIVIDUAL RIGHTS
You have a number of rights with regards to the personal information that we hold about you, which you will have provided as part of the application process.
|
Your Right |
Explanation |
|
Right to Access |
You have the right to request a copy of the information that we hold about you. We will provide you with this information within one month of receiving your request and verifying your identity. If the request is complex, we may extend the response time. We will inform you if this is the case and explain why. |
|
Right to Rectification |
We want to make sure that your personal information is accurate and up to date. You may ask us to correct, update or remove information you think is inaccurate or incomplete, and we ask that you inform us promptly of any changes to your circumstances. |
|
Right to Erasure |
You may also ask us to erase your personal information from our systems, in certain circumstances. There are some specific circumstances where the right to erasure does not apply, and we are permitted to hold your data. We will explain the reason for this at the time, should this occur. |
|
Right to Data Portability |
You may also ask us to move, or ‘port’, your personal information to another organisation electronically. We will only port personal information you have provided to us, that we have processed based on your consent or performance of a contract, or that has been processed automatically. We will port your personal information without charge and within one month, where technically feasible. |
|
Right to Restricting Processing |
You have a right to request that we restrict the processing of your personal data in certain circumstances. We will inform our third parties to whom we have disclosed your personal data that they must also restrict processing. We will inform you when the restriction on processing your personal data ends. |
|
Right to Object |
Where we are relying on legitimate interests, you have the Right to Object to the processing of your personal data. |
|
Rights regarding Automated Decision Making, including Profiling |
You have a right not to be subject to a significant decision based solely on automated processing, including profiling, and can request a human review of the decision. |
|
Right to be Informed |
You have the right to request further information about how and why your personal data is processed. |
If you would like to exercise these rights, please write to us, using the details provided at the end of this Policy outlining your specific request.
6. INFORMATION SECURITY
We work hard to keep your data safe. We use an appropriate combination of technical and organisational measures to ensure, as far as reasonably possible, the confidentiality, integrity and availability of your information at all times. If you have a security-related concern, please contact us using the details provided at the end of this Policy.
7. RETAINING YOUR DATA
NFU Mutual, and the information we collect about you, are subject to various regulatory and legislative requirements. In addition, we will endeavour not to keep your personal information for longer than we have to for us to fulfil our obligations to you. Where it is not possible for us to delete your data, we will ensure the appropriate security and organisational measures are put in place to protect the use of your information.
8. COMPLAINTS
We work hard to ensure that your personal information is treated safely and securely. However, if you have a complaint, write to us using the details provided at the end of this Policy. You also have the right to complain to the Information Commissioner’s Office.
9. CHANGES TO OUR PRIVACY POLICY
We review our Privacy Policy regularly and will place any updates on this webpage.
10. WHO TO CONTACT IN RELATION TO PROCESSING OF PERSONAL INFORMATION AT NFU MUTUAL
National Farmers Union Mutual Insurance Society Limited controls the processing of personal data on its systems. If you would like to discuss anything in relation to this Policy or how we handle your personal information, you can reach the Data Protection Officer for NFU Mutual by writing to: Data Protection Officer, NFU Mutual, Tiddington Road, Stratford-Upon-Avon, CV37 7BJ.
You can also talk to a member of the team.
If you’d like this document in large print, braille or audio, just contact us at the address above.
Last updated November 2025