Data Protection for Staff and Job Applicants

Upward Mobility (Upmo) is committed to protect the rights and freedoms of individuals with respect to the processing and retention of their personal data. Please refer to the organisation’s Data Protection Policy for more information on this.

What information will be collected?
Upmo may collect the following types of data from prospective or existing staff members:

  • Names

  • Addresses

  • Phone numbers

  • Email addresses

  • Date of birth

  • Emergency contact details

  • Banking details

  • National Insurance numbers

  • Rates of pay/salary

  • Sickness and absence details/occupational health information

  • Disciplinary information

  • Existing annual leave requests

  • Qualifications

  • Disclosure Scotland information

  • Photo (taken once in post, to be used on ID badge)

In addition, Upmo will process the following information as part of complying with Safer Recruitment Guidelines:

  • Driver’s license information

  • Work permit information

  • Passport details

  • Utility bills

  • Work history

  • References

  • Special category information such as gender, race, ethnicity, religion, health, sexual orientation and criminal convictions

How will Upmo collect the information?
Information will be collected in person from prospective staff members during completion of job application forms, Disclosure Scotland applications and from references submitted by previous employers.

Information collected can be in electronic form, or paper copy form. Upmo will store all electronic forms of data securely on Upmo’s internal server and encrypted network. Paper copies of all data will be kept securely in lockable filing cabinets in line with organisational and legislative procedures. More information on how Upmo stores information, can be found in the organisation’s Data Protection Policy, as well as well as the Standard Operating Procedure for Confidentiality and Open-Access.

Who will the information be shared with?
Upmo is legally required/may be required to share personal information with a number of third parties:

  • Scottish Social Services Council (SSSC)

  • Care Inspectorate

  • Disclosure Scotland

  • Police Scotland (upon request)

  • HMRC

  • Now Pensions

  • Chiene and Tate (external auditors)

  • Peopleplanner (Care Management Software program)

  • Xero (the business and accounting software used for invoicing)

  • Academia (the information technology company managing the Upmo server)

How does Upmo ensure and maintain confidentiality of records?
Upmo adheres to the Data Protection Act 1998 and the General Data Protection Regulation 2018 with regards to ensuring and maintaining confidentiality of all records. Upmo also has a robust Data Protection Policy, as well as the Standard Operating Procedure for Confidentiality and Open Access governing organisational practice.

All information kept by Upmo is accessed only by those who are required to manage the information, and awareness of data protection is raised through various means such as training, visual aids, etc. Upmo will not keep information for longer than needed, and all information is kept in line with its Data Retention Schedule.

Rights regarding how data is used
Under the General Data Protection Regulation 2018, all individuals have certain rights with regards to how their data is used.

  • Right to erasure

  • Right to object

Detailed information on these rights can be found in Upmo’s Data Protection Policy and Upmo’s Privacy Policy.