Privacy Notice

We would like to assure you that we, Guernsey Employment Trust (GET), take our responsibilities as a Controller seriously and are committed to using your personal data that we hold in accordance with The Data Protection (Bailiwick of Guernsey) Law, 2017 (“the law”). Your privacy is important to us and it is essential that we advise you of how your data is processed.  (Reference in this privacy notice to “you” or “your” refers to our clients, whether that be for prospective, current or previous clients.)

The Seven Data Protection Principles

We will comply with the law. Organisations, such as GET, who handle (or ‘process’) your personal information must adhere to these principles:

  1. Lawfulness, fairness and transparency- we will have a valid legal reason for processing your information, will obtain it without deceiving you and will make it clear to you exactly how we are going to use it.
  2. Purpose limitation- we will only use your information for the reason (or reasons) we have told you.
  3. Minimisation- we will only ask for a minimum amount of information about you that will allow us to assist you.
  4. Accuracy- we will ensure that any information held about you is accurate and up to date.
  5. Storage limitation- we will not keep your information for longer than we need.
  6. Integrity and confidentiality- we will keep your information safe so that it doesn’t get accidentally deleted or changed, or seen by someone who is not allowed to see it.
  7. Accountability- we will take responsibility for how we look after your information.

Why do we process your data?

‘Processing’ includes collecting, storing, deleting and making decisions based on your data.  We use your data:

  • to make decisions on your suitability for our service
  • to support your employment opportunities
  • to monitor and report on your progress in terms of gaining and retaining employment
  • to provide appropriate support
  • to assess the quality of our services
  • to comply with the law regarding data sharing

What is our legal basis for processing?

We collect and use your information under the law, for one or more of the following purposes:

  • processing is necessary for the performance of a Supported Employment Service to which you are a party or in order to take steps at the request of a party prior to entering into a contract;
  • you have given consent to the processing of your personal data for one or more specific purposes;
  • processing is necessary for compliance with a legal obligation to which GET is subject;
  • processing is necessary in order to protect your vital interests of those of another person;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in GET;
  • the information contained in your personal data has been deliberately made public by you;
  • processing is necessary for reasons of public health.

To better explain the purposes for which we use your personal data, we have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. 

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity

Type of data

Lawful basis for processing 

To register you as a new or potential client

Your personal information, characteristics data, relevant medical information, criminal record information, specialist support needs information and behavioural information

Consent

Performance of a contract with you (Supported Employment Service) 

To support you throughout the supported employment journey, from preparing, to securing, to maintaining employment

Your personal information, characteristics data, relevant medical information, attendance information, criminal record information, specialist support needs information and behavioural information

Performance of a contract with you (Supported Employment Service) 

To share your data with third party organisations e.g. 

  1. HR providers, recruiters and potential employers
  2. Payroll providers;
  3. Employment and Social Security;
  4. Revenue Services, formally Income Tax and Contributions;
  5. Occupational health providers;
  6. Health and wellbeing services and; 
  7. named individuals where appropriate/requested 
  1. For example, your CV, covering letter, job application form etc. to secure a job role
  2. For example, your hours of work, SI and Tax information etc. to ensure payment of your salary
  3. For example, any change in circumstance, such as paid work, which may impact on your benefits
  4. For example, relevant information regarding your earnings to assist with your financial circumstances
  5. For example, information regarding your health and disability to support your job application or ongoing maintenance of your job role
  6. For example, States of Guernsey, private providers and charitable sector to support me to access other services if required
  7. For example, to provide you with additional support

For all the examples listed we request your Explicit consent and it is to allow the Performance of a contract with you (Supported Employment Service)

In addition, for 3), 4) and 6) the following may apply:

•Compliance with a legal obligation to which GET is subject

•In order to protect your vital interests of those of another person

•Performance of a task carried out in the public interest or in the exercise of official authority vested in GET

•Information contained in your personal data has been deliberately made public by you

•Reasons of public health.

To follow public health guidelines

Your personal information and attendance information

Reasons of public health

To ensure the health, wellbeing, safety or safeguarding of you or other members of the public

Your personal information and where appropriate your characteristics data, relevant medical information, attendance information, criminal record information, specialist support needs information and behavioural information

Compliance with a legal obligation to which GET is subject

In order to protect your vital interests of those of another person

To provide statistical data to key stakeholders, potential investors, auditors to analyse the effectiveness of our service

Anonymised/generic data, NOT your personal data

Performance of a task carried out in the public interest or in the exercise of official authority vested in GET

Marketing, social media or training purposes

Your photograph, video, story and testimonial

Explicit consent

Legitimate Interests or third party

Legitimate interests are different to the other lawful bases as it is not centred around a particular purpose (e.g. performing a contract with the individual, complying with a legal obligation, protecting vital interests or carrying out a public task), and it is not processing that you have specifically agreed to (consent). Legitimate interests are more flexible and could in principle apply to any type of processing for any reasonable purpose.  We use the legal bases outlined above and therefore do not rely on the legitimate interests of GET or any third party.

Processing for limited purposes

From the point of collection, your personal data may be processed for the purpose of providing you with a supported employment service or for any other purposes specifically permitted by the law. This means that personal data must not be collected for one purpose and then used for another. If it becomes necessary to change the purpose for which the data is processed (for example including your story for marketing purposes), we will inform you of the new purpose before any processing occurs, unless the new purpose is related to complying with another law.

The kind of information we hold about you

Personal data, or personal information, means any information relating to an identified or identifiable individual, whether it be fact or opinion.

There are “special categories” of personal data which require a higher level of protection (Special Category Data). Special Category Data means personal data revealing a person’s racial or ethnic origin, political opinion, religious or philosophical belief, trade union membership, genetics, biometrics, physical or mental health or wellbeing, sexual life or sexual orientation, criminal proceedings or convictions.

The categories of your information that we may collect, hold and share include:

  • Personal information (such as name, age, gender, date of birth, address, social security and population management numbers)
  • Characteristics data (such as language, nationality and country of birth)
  • Attendance information (such as sessions/meetings attended, number of absences and absence reasons)
  • Relevant medical information including information about your disability
  • Criminal record information
  • Specialist support needs information
  • Behavioural information
  • Your photograph or video (only with your explicit consent and if required for marketing, social media or training purposes)

We will take reasonable steps to ensure that personal data that we hold about you is accurate and updated as required. In order that we may do so, please inform us if your circumstances change as soon as possible.

The source of your personal data

Whilst the majority of information about you is provided to us, by you, on a voluntary basis, we may need to collect some information from other sources.  This could be to determine your eligibility for our services (such as data relating to your health, criminal convictions, population management status or social insurance data), to provide you with appropriate support during your supported employment journey, to request additional support and to assist with signposting you to other services.  It may be that your personal data is required from another source to comply with another law, such as criminal convictions information. 

How we use particularly special category data

Special Category Data requires a higher level of protection. We need to have further justification for collecting, storing, using this type of personal information. We may process special categories of personal information in the following circumstances:

  • With your explicit written consent
  • Where we need to carry out our legal obligations and in line with our data protection policy
  • Where it is needed in the public interest, such as for equal opportunities monitoring, and in line with our data protection policy
  • Where it is needed to assess your working capacity on health grounds, subject to appropriate confidentiality safe guards.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

Data sharing or recipients of your personal data

It may sometimes be necessary to share your personal data with third party organisations. It is our responsibility to ensure that the data we share is processed correctly and shared in a safe manner. We do not share information about you with anyone without consent unless the law and our policies allow us to do so.

To provide a supported employment service, we routinely share your information with:

  • HR providers, recruiters and potential employers (e.g. your CV, covering letter, job application form etc.)
  • Payroll providers (e.g. your hours of work, SI and Tax information etc. to ensure payment of your salary)
  • Employment and Social Security (e.g. any change in circumstance, such as paid work, which may impact on your benefits)
  • Revenue Services, formally Income Tax and Contributions (e.g. relevant information regarding earnings to assist with your financial circumstances)
  • Occupational health providers (e.g. information regarding your health and disability to support your job application or ongoing maintenance of your job role)
  • Health and wellbeing services- States of Guernsey, private providers and charitable sector (e.g. to support you to access other services if required)

To operate our services, we have contracted trusted local agencies to assist with processing your data.  These services include:

  • IT 
  • Accounting, bookkeeping and payroll
  • Marketing
  • Database management and hosting

GET may share information about you with Employment and Social Security and other private investors, who provide funding for the service.  If it is for these purposes, information will be anonymised. This is for:

  • conducting research or analysis
  • producing statistics
  • providing information, advice or guidance

GET has robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data. Decisions on whether GET releases data to third parties are subject to strict approval and based on a detailed assessment of:

  • who is requesting the data
  • the purpose for which it is required
  • the level and sensitivity of data requested: and
  • the arrangements in place to store and handle the data

We require third parties to respect the security of your data and to treat it in accordance with the law.

Data Transfers

To provide a supported employment service, we routinely share your information with other third-party organisations for the reasons stated above.  On most of these occasions, your data is shared with organisations within the Bailiwick of Guernsey.  However, there may be rare occasions where your data is shared and therefore transferred to another authorised jurisdiction, or very rarely an unauthorised jurisdiction, if the third-party is based off island.  For example, we may support you to gain employment at an organisation with a base in Guernsey but their head office may be located in Jersey, or their HR representative may be based in the UK or USA.  Or we may be supporting you with health issues at work and may be required by you or your employer to liaise with an appointed Occupational Health provider which is based off-island.

If we do transfer your data, you can expect a similar degree of protection in respect of your personal information and we would only send information that is relevant.

Data retention

Your details will be retained by us for as long as you are involved in our service and for a period up to six years after we have closed your case.  This is to save time and resources if you chose to return to us within this time frame, to support you if you need to justify to other statutory or third sector services why we are no longer working with you, or to protect the interests of GET or its staff.  If you make an enquiry to use our service (and share data with us) to start the process of applying, we will hold onto your data for six months after communication has ceased or after a decision has been made to not progress your case.

Change of Purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose (e.g. for marketing/promotional purposes), we will notify you and we will explain the legal basis which allows us to do so.

Data security

We must ensure that appropriate security measures are taken against unlawful or unauthorised processing of your personal data, and against the accidental loss of, or damage to, personal data. You may apply to the courts for compensation if you have suffered damage from such a loss.

Your rights as a data subject

You have the following ten rights under the law:

  1. Right to information about why personal data is collected from you
  2. Right of access- entitles you to ask what data an organisation holds about you and why by submitting a ‘subject access request’
  3. Right to object to processing for direct marketing purposes
  4. Right to object to processing on the grounds of public interest- you have a right to ask organisations (including the States of Guernsey) to stop processing your data but they can refuse your request if they can prove their reasons outweigh your reasons.
  5. Right to object to processing for historical or scientific purposes
  6. Right to rectification- if an organisation holds information about you that is factually incorrect you have the right to have it corrected
  7. Right to erasure- or the right to be forgotten/deleted
  8. Right to restriction of processing- in certain circumstances you have the right to tell an organisation that they can use your information for a specific purpose, or purposes
  9. Right to not be subject to decisions based on automated decision making
  10. Right of data portability- the right to ask for your data in a machine-readable format so that it can be transferred to another organisation’s IT system 

Your right to withdraw consent and consequences of failing to provide personal data

GET have many legal bases for processing your personal data with the main one being it is necessary for the performance of a Supported Employment Service (contract).  We may require specific personal or special category data, or may need to share your personal or special category data with other agencies and to do this we may request your explicit consent.  You have the right to withdraw your consent or not provide your data but this may limit the quality of the service we can offer you and under some circumstances may result in us being unable to offer you a service altogether.

No Automated decision making

Under the law, we are required to inform you about the existence of any automated decision making.  GET has informal eligibility criteria that are used to help guide decisions regarding your suitability, before using our services or during your supported employment journey.  We consider and discuss each person on a case by case basis and therefore do not use any method of automated decision making.

Requesting access to your personal data

Under the law, you have the right to request access to information that we hold about you (‘subject access request’). To make a request for your personal information, or be given access to records, contact the Controller (details below).  We will endeavour to respond to your request within a month and if this isn’t possible we will let you know.

No fee required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). 

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and will provide you with a new privacy notice when we make substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

Further information about the Controller and how to make contact

The Controller of your personal data is Guernsey Employment Trust (GET).

If you have a concern about the way we are collecting or using your personal data, or would like to discuss anything in this privacy notice, please contact us on 247999 or email info@get.org.gg

Complaints and Appeals

If you feel that we have not used your personal data appropriately you have the right to complain or appeal to The Office of the Data Protection Authority (ODPA) on 742074 or email enquiries@odpa.gg