Data that we hold and how we use it
As a potential employee we hold the following data on you:
Contact details, CV, and email correspondence with you. If you are successful in gaining employment with Nivo then you will fall under the Employee Privacy Notice going forward.
We also carry out pre-employment checks, as legally obligated to do so by HMRC and various visa requirement bodies.
Lawful basis for processing
Our lawful basis for processing your data is a combination of Contract, legitimate interest and consent. When you applied for a job it was with a view to entering into an employment contract with us. If we decide not to go forward with your application then we use legitimate interest to retain the data should the chosen candidate not work out or another role become immediately available.
Data Sharing and Transfers
Like most companies, we use a number of other companies as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. We also transfer your data to our lawyers for contracting and to support with the visa sponsorship process if applicable. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield or Standard Contractual Clauses. We do not sell your data to anybody
If you are unsuccessful in your application, we will keep your details on file for 24months after the position is filled, in case there is a new role that we feel you may be suitable for.
Technical and Operational Security
All data is password protected, access controlled by 2factor authentication, backed up securely and encrypted when appropriate. All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects. Data Privacy by Design and Default is an integral part of our development processes. All devices are protected by leading enterprise mobility management technologies. We are ISO 27001 certified.