Privacy Policy

CANDIDATE PRIVACY NOTICE

Sodexo Ltd is a “Data Controller”.

Address One Southampton Row, London WC1B 5HA.

This means that we are responsible for deciding how we hold and use personal information about you. Sodexo Ltd manages the recruitment process for the following Sodexo companies, which will also be Data Controllers.

 

 

Sodexo Ireland Ltd of Fourth floor, One Grand Parade, Dublin 6, D06 R9X8

 

Sodexo Live UK Limited of One Southampton Row, London, WC1B 5HA

 

Sodexo Remote Sites Scotland Ltd of The Exchange 62 Market Street Aberdeen
AB11 5PJ

 

Sodexo Global Services Ltd of One Southampton Row, London WC1B 5HA

 

Heritage Portfolio Ltd of 49A North Fort Street, Edinburgh, EH6 4HJ

Alliance in Partnership Ltd, (and its subsidiaries ,Class Catering Services Ltd and The Contract Dining Company Ltd) One Southampton Row, London, WC1B 5HA

MTS Health Ltd – One Southampton Row, London, WC1B 5HA

The Good Eating Company Ltd, One Southampton Row, London, WC1B 5HA

Sodexo is part of the Sodexo Group of companies.  Sodexo was founded in France and has developed into an international company operating in 80 countries worldwide. Sodexo Ltd assists our subsidiary companies ( and on occasion subsidiaries of our parent company) in recruiting staff.

In the UK or Ireland, your personal data may be shared with Sodexo entities within the UK or EEA where joint services are provided, for example, HR, payroll, legal and IT. You can find out more about the Sodexo Group by visiting our website www.sodexo.com and in the sharing section below.

Our DPO can be contacted at dataprotection.ukandie@sodexo.com.

1.         DATA PROTECTION PRINCIPLES  

We will comply with data protection law and principles, which means that your data will be:

• They are used lawfully, fairly and in a transparent way.
• It is collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
• Relevant to the purposes we have told you about and limited only to those purposes.
• Accurate and kept up to date.
• Kept only as long as necessary for the purposes we have told you about.
• Kept securely.

WE HAVE SET OUT BELOW THE KIND OF INFORMATION WE EXPECT TO HOLD AND USE ABOUT YOU AND WHY.

 

Kind of Data	Why	Lawful Ground
The information you have provided to us in your curriculum vitae and covering letter or online registration. This will include name, contact details, employment history and qualifications, ID and right to work.	Assess your skills, qualifications, and suitability for the work/ role. Keep records related to our hiring processes. Comply with legal or regulatory requirements	Steps to enter into a contract Legal obligation Legitimate interests to decide whether to recruit
Information from the interview, correspondence and communications during the recruitment process and test/assessment centre results	Assess your skills, qualifications, and suitability for the role. Communicate with you about the recruitment process. Keep records related to our hiring processes. Comply with legal or regulatory requirements	Steps to enter into a contract Legal obligation Legitimate interests to decide whether to recruit
If applicable information from and to agencies involved in your recruitment	As above and including communication with the recruitment agency	Steps to enter into a contract Legal obligation Legitimate interests to decide whether to recruit
Referees and where relevant to the job role, criminal data checks and other background checks	Assess your skills, qualifications, and suitability for the work/role Carry out background and reference checks, where applicable. Keep records related to our hiring processes. Comply with the legal or regulatory requirement	Steps to enter into a contract Legal obligation Legitimate interests to decide whether to recruit and check suitability, for example if the role is to provide services to the healthcare or education sector or requires a high degree of trust and integrity
Information about health conditions that you tell us about	Where relevant to the job role or to provide reasonable adjustments	Legitimate interest and legal obligation of being able to provide adjustments and employment law purposes
Information you have provided to us about your background and personal circumstances, ethnicity, disability, age, religious beliefs, gender and sexual orientation/gender assignment.	Where it is collected for monitoring, promoting and reporting on equal opportunities and diversity	Legitimate interest in reviewing equality and diversity, legal obligation and ensure meaningful equal opportunity monitoring and reporting. You can ask us not to process this information.

 

 

2.         IF YOU FAIL TO PROVIDE INFORMATION

 

If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully.

3.         AUTOMATED DECISION-MAKING  

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

4.         DATA SHARING  

We will only share your personal information with third parties to process your application, for example if the role is carried out at one of client's premises or your application was sent by a recruitment agency, or where it is required for further background checks which would be specified to you.

Otherwise, Personal data may be shared within the Sodexo Group of Companies only where necessary and where joint services are provided. We have implemented appropriate safeguards to ensure an adequate level of protection of your Personal data, even if the Personal data is processed by another Sodexo entity that did not collect your Personal data originally. 

 

Sodexo has implemented the Sodexo’s Binding Corporate Rules (BCRs) within Sodexo Group. Therefore, even if the third countries in which Sodexo entities operate are located outside of the European Economic Area, your Personal data is protected in the same way that they would have been by any entity located within the European Economic Area.  

 

5.         DATA SECURITY  

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.          

6.         HOW LONG DO WE KEEP YOUR PERSONAL DATA?

If you are unsuccessful in your application, the records are kept for up to 12 months.

If you registered with us, then your information on the site will be retained and accessible to you while you are registered. If the registration is inactive for 12 months, we have a closure process.

Where offers of employment are made, contractual information is retained for approximately 6 years after employment ends under statutory limitation periods. We only keep personal data for as long as necessary for the purposes for which it is processed, or if required for legal obligation or legal claims.

7.         YOUR RIGHTS

Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights:

Right of access	Right to be forgotten	Right to restriction of processing
Right to data portability	Right to object to processing, including Direct Marketing **	Withdraw consent to the processing
Right not to be subject to automated decisions *	Right to Restriction	Right to Rectification

 

* without human intervention which have significant legal effects, unless this is based on consent or contract.  If Automated decision making is used in the recruitment process, you will be advised and have a right to challenge the decision, make a comment or ask for human intervention.

** You can unsubscribe to marketing emails if you signed up to marketing at any time, by clicking the unsubscribe link or contacting DSAR.UKandIE@sodexo.com

You can use this webform to make a request, please click here :One Trust Form  

This electronic system allows you to log in and see the progress of your request, see and send messages and review your documents securely. This system is called One Trust, and after making the request, you will be sent details about how to log on. Alternatively, you can also send your request by email to DSAR.UKandIE@sodexo.com, in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.

Third Party beneficiary rights

 

If applicable in your country, you can enforce the third-party beneficiary rights afforded to you by the Sodexo BCRs.

You can also raise queries or complaints to the Data Protection Officer, by email to DataProtection.UKandIE@Sodexo.com or by post to 310 Broadway, Salford, M50 2UE.

Right to lodge a complaint to the competent Supervisory Authority

You can choose to lodge a complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. The Supervisory Authority for the UK is the Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, ico.org.uk. The Supervisory Authority for ROI is the Data Protection Commission, 21 Fitzwilliam Square North, Dublin 2, D02 RD28.

You also have the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence.