Candidate Privacy Notice
This webpage explains how we collect, use and store personal information when you apply for a role with us.
We want you to be confident about how we use personal information. As a regulated company and data controller, we take the responsibilities for the security and management of personal information seriously. That’s why we invest in our systems and processes to ensure that the way we collect, use, share, and store the information meets both the regulatory and our own high standards.
We’re committed to being transparent about how we collect and use personal information and to meeting our data protection obligations in line with data protection law.
Who we are and whose personal information we collect
This policy applies to candidates applying for vacancies within LV General Insurance Group.
Liverpool Victoria Insurance Company Limited is part of Liverpool Victoria General Insurance Group (LVGIG), and LVGIG is part of the Allianz Group. More information can be found at www.lv.com/insurance/terms/lv-companies.
If you are applying for a role within LVGIG then Allianz Management Services Ltd. will be the data controller in relation to your personal information.
When we refer to “we”, “us” and “our” in this notice it encompasses one or more of the trading companies of Allianz Holdings plc that operate in the United Kingdom (UK), including LVGIG as part of the Allianz Group.
When we say, “you” and “your” in this notice, we mean anyone whose personal information we may collect, including:
- candidates who participate in the recruitment process
- prospective employees as part of the job offer process
- permanent and temporary employees, directors and non-executive directors
- consultants and interns.
We collect and process personal information about candidates to manage the recruitment process relationship and also for the purposes of potential post-employment matters (for example the provision of references) as further described in this statement.
You can contact the recruitment team by emailing ResourcingGI@lv.co.uk
You can also contact our Data Protection Officer: Data Protection Officer, 57 Ladymead, Guildford, Surrey, GU1 1DB, or via email at GIdataprotection@LV.co.uk
What personal information do we collect?
We collect and process the following types of personal information about you to allow us to complete the activities in the Why do we process your personal information section below. We may utilise a different legal basis for processing your data; a Legal Obligation (LO), a Contractual Obligation (CO) or Legitimate interest (LI). The reasons we will process each type of data is shown in brackets below:
- basic personal details, such as your name, address and contact details, including email address and telephone number, date of birth and gender; (LO/CO/LI)
- family, lifestyle and social circumstances, such as your marital status, next of kin, dependants and emergency contact details; (LO/CO/LI)
- employment information, such as national insurance number and details of any gaps in employment including redundancy; (LO/CO/LI)
- details of any dismissals and employment investigations in which you have been involved; (LO/CO/LI)
- information about your remuneration, including entitlement to benefits such as pensions or insurance cover; (LO/CO/LI)
- details of your training and qualifications, skills, experience and employment history, including start and end dates with us and any previous employers and details of professional membership numbers or similar; (CO/LI)
- evidence of your right to work in the UK, such as your nationality and visa status; (LO/CO/LI)
- fraud database and counter-terrorism checks, including CIFAS and SIRA; (LO/CO/LI)
- identification documents, such as passport, birth certificate or any other associated documentation; (LI/LO)
- photographs and video, such as security passes and onsite CCTV; (CO/LI)
- if you are in an FCA/PRA Regulated role such as Material Risk Taker, Solvency II, Key Function Holder or Non-Executive Director role we may process additional information for regulatory purposes; and details of professional membership numbers or similar. (LO/CO/LI)
In certain circumstances, we may request and/or receive special category or sensitive information about you. We would only collect this information if it is relevant to your employment or potential employment or where it is necessary for a legal obligation:
- equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health and religion or belief; (LO/CO/LI)
- information about medical or health conditions, including whether or not you have a disability including information on whether we need to make reasonable adjustments; (LO/CO/LI)
- criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions, bankruptcies and other financial sanctions such as County Court Judgements) (LO/CO/LI)
Where we collect personal information
We collect personal information from you, your representatives, the electronic systems you use to communicate with us. Personal information may be collected in a variety of ways:
- application forms, CVs or resumes;
- your passport or other identity documents, such as your driving licence;
- forms completed by you at the start of or during employment, such as benefit nomination forms;
- correspondence with you, including emails and phone calls; interviews, meetings or other assessments.
In some instances, personal information about you may be captured inadvertently through the wider operations which allow our business to function including, but not limited to, security CCTV footage, emails and recorded phone calls. Where this information is captured, it will be processed in line with our wider business policies and only used in relation to recruitment and employment. In certain circumstances, it may be used if we need to investigate matters which may have a serious impact on you as an individual, our customer or our business.
We may also ask for personal information about you as a result of responses to employment surveys that may be carried out from time-to-time, although we will take steps to minimise the amount of personal information collected.
Personal information will be stored electronically and in certain HR records.
We also collect personal information from other persons, organisations and systems, for example:
- screening agencies, credit reference and fraud prevention agencies, criminal records agencies, counter-terrorism agencies and sanctions lists, education or professional bodies and previous employers
- Her Majesty’s Revenue and Customs (HMRC), the Child Support Agency (CSA), the Department for Work and Pensions (DWP), Her Majesty’s Courts and Tribunals Service (the courts), Tax and international assignment advisors and HM Treasury
- occupational health providers and other medical professionals
- pension providers and trustees and employee benefits provider
- professional and accredited bodies such as the Chartered Insurance Institute (CII), Society of Operations Engineers (SOE) and Bureau of Engineer Surveyors (BES).
Why do we process your personal information?
We may need to process your personal information to enter into and fulfil our obligations under your potential employment contract.
In some cases, we need to process your personal information to ensure that we are complying with our legal obligations. For example, we are required to check candidates’ entitlement to work in the UK, and comply with health and safety laws.
In other cases, we have a legitimate interest in processing your personal information, during the recruitment process and processing candidates’ personal information allows us to:
- run recruitment and promotion processes;
- maintain accurate and up-to-date employment records and contact details (including details of who to contact in the event of an emergency), and records of employee contractual and statutory rights;
- operate and keep a record of other types of leave (including maternity, paternity, adoption, parental and shared parental leave);
- operate effective access control procedures using access control cards and lanyards to ensure that only authorised people enter our premises in accordance with their role and responsibilities;
- ensure effective general HR and business administration;
- obtain references on request for candidates, including FCA/PRA Regulated persons, Solvency II, Material Risk Taker or Non-Executive Director references to adhere with regulatory obligations;
- comply with regulatory obligations, including for the purposes of continuing assessments of whether candidates applying for are ‘fit and proper’, the provision of regulated references, the reporting of notifiable conduct breaches and communicating with the FCA/PRA where required;
- comply with fraud database conduct requirements, including the provision to and uploading of fraudulent activity to the CIFAS and SIRA databases;
- respond to and defend or bring legal claims; and
- maintain and promote equality in the workplace (some of this information is likely to be a special category of information – see below).
Some special categories of personal information, such as information about health or medical conditions, are processed in order to carry out legal obligations (such as those in relation to candidates and employees with disabilities).
In some instances, we process other special categories of personal information, including but not limited to; ethnic origin, sexual orientation, health or religion or belief or Trade Union membership. In some cases, this will be done for the purposes of equal opportunities monitoring.
In other cases (and in particular in relation to health information or when information is supplied as part of a grievance complaint) we will process the information because it is necessary for the purposes of our or your rights or obligations under UK employment law. For example, to obtain occupational health advice and other medical evidence, to ensure that we comply with duties in relation to individuals with disabilities, meet our obligations under health and safety law, fulfil our duty of care.
We may also collect information relating to individuals under the age of 18 if they apply for vacancies and supply their information.
The personal information we collect from you may be shared with SIRA and CIFAS who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. If any of these are detected you could be refused certain services or employment.
Your personal information will also be used to verify your identity.
Further details of how your information will be used by us and CIFAS, and your data protection rights, can be found by writing to us at GI FC (Policy and Standards), LV=, Frizzell House, County Gates, Bournemouth, BH1 2AT.
Who has access to your personal information?
We may share your personal information with:
- other internal departments (within LVGIG and Allianz), including with members of the HR and recruitment team and Hiring manager within the relevant business area.
- third parties in order to obtain pre-employment references from other employers, obtain employment background checks from third-party providers and obtain necessary criminal records checks from the Disclosure and Barring Service.
- third parties in the context of a sale of some or all of our business. In those circumstances the personal information will be subject to confidentiality arrangements.
- fraud databases to meet the requirements of our membership. This would include, but is not limited to, SIRA and CIFAS;
Transferring personal information outside the UK
We process your personal information both inside and outside the UK within the Allianz Group. The Allianz Group may use servers located in the European Union (EU) to store your information, where it is protected by laws equivalent to those in the UK. We may transfer your information to other members of the global Allianz Group to manage your employment; this could be inside or outside the EU. We have established a set of Binding Corporate Rules (BCR’s) which are our commitment to the same high level of protection for your personal information regardless of where it is processed. These rules align with those required by the European Information Protection authorities. If you would like more information about the BCR’s please contact our Data Protection Officer.
Some of our suppliers have servers outside the EU. Our contracts with these suppliers require them to provide equivalent levels of protection for your personal information.
How do we protect your personal information?
We take the security of your personal information seriously; we have internal policies and controls in place to ensure that your personal information is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties.
Where we engage third parties to process personal information on our behalf, we do so by complying with all applicable data protection laws; and comply with the obligation to implement appropriate security measures and process the information only for the purposes set out in our agreement with the third party.
For how long do we keep employee personal information?
We will hold your personal information for the duration of and as long as we need it beyond the termination of your employment and we have a Retention and Destruction policy which details the retention of key employee data.
Retention periods
- Unsuccessful candidates – CVs, application forms and interview notes will be destroyed after 12 months from the end of the recruitment process or from the last time there was activity on the candidate's recruitment account;
- Unsuccessful candidates: Fraud check data – 0 years (if candidate withdraws before fraud check data returned), 7 years after leaving (if LV= withdraws offer)
- Employees (Permanent and Fixed Term Contracts) – personal files which hold new starter information, contract changes and other employment information are destroyed 7 years after leaving;
- In line with regulatory accountability requirements for specific roles who are either a Senior Manager or a Certified post holder under the FCA/PRA Senior Manager and Certification Regime – destroyed 10 years after leaving;
- Industrial Disease – occupational health records will be destroyed 40 years after leaving.
What if you do not provide personal information?
Certain personal information, such as contact details, your right to work in the UK, information about dismissals, criminal record including CCJ, bankruptcy and other directorships or employment must be provided to enable the organisation to enter a contract of employment with you. If you do not provide other personal information, this will hinder the organisation's ability to administer the rights and obligations arising as a result of the employment and recruitment relationship efficiently.
What rights do I have for my personal information?
Any individual whose personal information we hold has a number of rights in relation to how that information is processed by us. You have the right to:
- access a copy of your personal information on request;
- request that we change incorrect or incomplete personal information;
- request that we delete your personal information, under certain circumstances;
- request that we restrict us processing your personal information, under certain circumstances;
- request personal information in a portable format. This only applies to information you have provided to us;
- object to the processing of your personal information, including where we are relying on our legitimate interests as the legal ground for processing;
- not to be subject to a decision based solely on automated processing, including profiling – please note that employment decisions are not based solely on automated decision-making.
If you would like to exercise any of these rights, please contact HR Support.
If you have any questions or concerns about the way we process your personal information please contact us at GIdataprotection@LV.co.uk.
If you’re not satisfied with the outcome of your query, you can contact the Information Commissioner’s Office on 0303 123 1113 or visit ico.org.uk/concerns, although we would prefer to resolve any concerns you have directly with you and there may be some circumstances in which our grievance procedure offers an opportunity to do that.
Changes to our Privacy Notice
This notice was last updated in August 2022.
We may change this information from time to time and any changes will be made available on our website at the earliest opportunity.