Privacy Policy
CANDIDATE PRIVACY NOTICE
Sodexo Ltd is a “Data Controller”.
Address One Southampton Row, London WC1B 5HA.
This means that we are responsible for deciding how we hold and use personal information about you.
Sodexo is part of the Sodexo Group of companies. Sodexo was founded in France and has developed into an international company operating in 80 countries worldwide. Sodexo Ltd assists our subsidiary companies ( and on occasion subsidiaries of our parent company) in recruiting staff.
In the UK or Ireland, your personal data may be shared with Sodexo entities within the UK or EEA where joint services are provided, for example, HR, payroll, legal and IT. You can find out more about the Sodexo Group by visiting our website www.sodexo.com and in the sharing section below.
If you have any data protection queries our local contact is dataprotection.ukandie@sodexo.com
Our Group DPO can be contacted on dpo.group@sodexo.com
Or you can write to the address provided above.
1. DATA PROTECTION PRINCIPLES
We will comply with data protection law and principles, which means that your data will be:
- They are used lawfully, fairly and in a transparent way.
- It is collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
WE HAVE SET OUT BELOW THE KIND OF INFORMATION WE EXPECT TO HOLD AND USE ABOUT YOU AND WHY.
Kind of Data |
Why |
Lawful Ground |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2. IF YOU FAIL TO PROVIDE INFORMATION
If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully.
3. AUTOMATED DECISION-MAKING
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.
4. DATA SHARING
We will only share your personal information with third parties to process your application, for example if the role is carried out at one of client's premises or your application was sent by a recruitment agency, or where it is required for further background checks which would be specified to you.
If you are applying on the Sodexo portal for a role with Sodexo Ireland, Sodexo Remote Services Scotland Ltd Centerplate, Heritage Portfolio, a CRC, AIP group companies, Tillery Valley Foods or Good Eating Company (other Sodexo Companies), we assist them with their recruitment process. They can be contacted directly for privacy information.
Otherwise, Personal data may be shared within the Sodexo Group of Companies only where necessary and where joint services are provided. Data is not shared outside of the EEA without an adequacy ground which will usually be the use of EU model contractual clauses
5. DATA SECURITY
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
6. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
If you are unsuccessful in your application, the records are kept for up to 12 months.
If you registered with us, then your information on the site will be retained and accessible to you while you are registered. If the registration is inactive for 12 months, we have a closure process.
Where offers of employment are made, contractual information is retained for approximately 6 years after employment ends under statutory limitation periods. We only keep personal data for as long as necessary for the purposes for which it is processed, or if required for legal obligation or legal claims.
7. YOUR RIGHTS
Sodexo is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights:
Right of access |
Right to be forgotten |
Right to restriction of processing |
Right to data portability |
Right to object to processing, including Direct Marketing ** |
Withdraw consent to the processing |
Right not to be subject to automated decisions *
|
Right to Restriction |
Right to Rectification |
* without human intervention which have significant legal effects, unless this is based on consent or contract. If Automated decision making is used in the recruitment process, you will be advised and have a right to challenge the decision, make a comment or ask for human intervention.
** You can unsubscribe to marketing emails if you signed up to marketing at any time, by clicking the unsubscribe link or contacting DSAR.UKandIE@sodexo.com
You can use this webform to make a request, please click here :One Trust Form
This electronic system allows you to log in and see the progress of your request, see and send messages and review your documents securely. This system is called One Trust, and after making the request, you will be sent details about how to log on. Alternatively, you can also send your request by email to DSAR.UKandIE@sodexo.com, in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information.
You can also raise queries or complaints to the UK and Ireland Data Protection Special Point of Contact, by email to DataProtection.UKandIE@Sodexo.com or by post to 310 Broadway, Salford, M50 2UE.
Queries and complaints can be escalated to the Group Data Protection Officer, by email to DPO.Group@Sodexo.com.
Right to lodge a complaint to the competent Supervisory Authority
You can choose to lodge a complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. The Supervisory Authority is the Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, ico.org.uk.
You also have the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence.