Employee Privacy Policy

In this Privacy Statement the terms, ‘we’ or ‘us’ is Campions Solicitors & Estate Agents.
Your privacy is important to us, and we are committed to keeping your information secure and managing it in accordance with our legal responsibilities under applicable data protection laws. We are registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number ZA198358.
This Privacy Statement sets out the basis upon which we will process personal information we collect from you when you apply for a job with us or through your employment with us.
If you are applying for a job and do not agree with any part of this Privacy Statement, you should not continue with your application.

What Information We Collect

We process information which:
• You give us when you apply for a job with us.
• We obtain from a recruitment agency when they arrange an application for you.
• We receive from third parties such as credit reference agencies and fraud prevention agencies, former employers etc.
• You give us during your employment relating to your performance, development and training.

What personal information we process

This includes your name, address including address history, telephone number, email address, date of birth, National Insurance number, employment history, passport information, bank details, results from your DBS check, information regarding your emergency contacts, qualifications, training and competency records, identifiers assigned to your computer or other internet connected device including your IP addresses, information linked to your mobile telephone number.
We will collect special categories of personal data (e.g. health information regarding a disability, illness or impairment) (See section of Special Categories of Personal Data below for further details).

Use of Your Information

Your information will be used by us for the following reasons:




To manage job applications and assess candidates for vacancies
  • Legitimate interests for recruitment purposes
To conduct background checks, including verifying identity and address, validating education, certificates and qualifications, obtaining references, credit reference and criminal records checks and evidence of gaps in employment
  • Legitimate interests to manage and control employee risk
To obtain evidence of eligibility to work in the UK
  • To comply with legal obligations in the Immigration Act
To assess suitability and capability of candidates, including psychometric assessments for certain roles
  • Legitimate interests for recruitment purposes
  • If special categories of personal data are processed – necessary for the purpose of preventative or occupational medicine for the assessment of working capacity
To document the interview process and assess candidate competence
  • Legitimate interests for recruitment purposes
  • If special categories of personal data are processed – necessary for the purpose of carrying out obligations and exercising specific employment rights or for preventative or occupational medicine for the assessment of working capacity

During Employment

To process payroll and pay out of pocket expenses, a record is kept of employees’ bank details, National Insurance numbers and taxation records
  • Necessary to perform the contract of employment
To manage absence, both planned and unplanned and validate fitness and ability to return to work
  • Legitimate interests for absence management
  • Necessary for the purpose of carrying out obligations and exercising employment rights or for preventative or occupational medicine for the assessment of working capacity
For training purposes and to enhance or review performance
  • Legitimate interests for performance management
  • To comply with statutory obligations for certain roles and other professional bodies’ requirements
To provide flexible benefits as part of the employee benefits package
  • Necessary to perform the contract for the optional benefits selected
To provide hotel accommodation, company or hire cars
  • Legitimate interests to facilitate travel for business purposes
To maintain governance records, including conflicts of interest register, gifts and hospitality log, confidential information lists, staff share dealing disclosures, and lists of persons discharging material responsibility
  • To comply with corporate governance requirements


To monitor access to the office and restricted areas, and to monitor IT systems and applications
  • Legitimate interests to manage and control information security risk
  • To comply with legal obligations for prevention of financial crime
For contacting employees in the event of an emergency or as part of annual testing
  • Legitimate interests for business continuity

Complying with Legal Obligations

To prevent, investigate and prosecute crime, fraud and money laundering
  • To comply with legal obligations for prevention of financial crime and money laundering
For auditing purposes
  • To comply with legal obligations to conduct audits
If we are obliged to disclose information by reason of any law, regulation or court order
  • To comply with legal obligations


To transfer information to any entity which may acquire rights in us
  • Legitimate interests for commercial interests
For any other purpose to which you agree
  • With your consent


Where we or third parties (see below) process your personal information, it will be processed:
• Because we or they need to do so as a direct consequence of fulfilling your request (for example, to check your identity in order to consider you for a job);
• To comply with applicable laws or regulations, or as permitted by applicable law; or
• On the basis that we or they have a legitimate interest (for example, managing our risk or preventing crime, fraud and money laundering), and in order to protect our business.

How We Might Share Your Information

The third parties with whom we may need to share personal information to help us provide employment to you are:

• Providers who need to know the information in order to provide us or you with a service.
• Third party service providers who process information on our behalf to help run some of our internal business operations including background checks, surveys and assessments, training, email distribution, storage of documentation.
• Reference agencies to check your identity and obtain a basic disclosure check.
• Regulators or law enforcement bodies in order to comply with any statutory, regulatory or legal obligation or court order.
• Entities who may or do acquire any rights in us for the purpose of a business sale or reorganisation.
• Our advisors, for the purpose of assisting us to better manage, support or develop our employees and comply with our legal and regulatory obligations.

These parties may be located in the UK, other countries in the European Economic Area (EEA) or elsewhere in the world. Whenever we or service providers transfer your personal information outside of the EEA, we or they will impose the standard contractual obligations on the recipients of that information to protect your personal information to the standard required in the EEA.

Retention of Your Personal Information

The personal information that you provide will be retained by us in accordance with applicable laws as follows:

Type of personal information

Retention period

Recruitment personal data including CVsUnsuccessful applicants for 6 months from interview

Successful applicants for the relevant period detailed below as part of your employment file.

Normal personal data 6 years after the end of employment
Special categories of personal data: data regarding health6 years after the end of employment
Personal identity6 years after the end of employment
Personal financial Bank account details are erased 3 months after the end of employment.

Records of salary and taxation are retained for the relevant statutory period.

Personal locationAttendance records for training 6 years after the end of employment


Special categories of Personal Data

Special categories of personal data include information about an individual’s health and other categories of personal information which are closely protected (e.g. ethnicity or biometrics). We do not generally process such information, unless you have voluntarily provided that information to us (for example, where you have notified us of a medical issue to allow for reasonable adjustments to be made).


Emails sent via the internet can be subject to interception, loss or possible alteration, therefore we cannot guarantee their security. Although we will do our best to protect your personal information, we cannot guarantee the security of your data sent by email and therefore will have no liability to you for any damages or other costs in relation to emails sent by you to us via the internet. If you would like to contact us, please see the section below or use our contact page.

Information Security

We invest appropriate resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control.


We will keep this Privacy Policy under review and make updates from time to time. Any changes to this will be posted on this page, so please review the Website periodically for changes.

Your Rights

You have the right to request copies of your personal information we hold. If you think any of the personal information we hold about you is inaccurate, you may request it is corrected or erased. You also have a right, in certain circumstances, to object to our processing of your personal information, to require us to stop processing your personal information and/or to withdraw your agreement to processing based on ‘consent’. For further information please write to us at the address below.

Complaints Process

If you have a complaint about how we have handled your personal information, please contact us using the details below and we will investigate your complaint. You also have the right to complain to the Information Commissioner’s Office – (www.ico.org.uk).

Contact Us

You can contact us by writing to us at our Head Office:

Esther Booth (Data Protection officer)

Campions Solicitors

45-49 Mansfield Road



Telephone queries can be made to: 0115 947 6373