DrPA Recruitment – Privacy Policy
Effective Date: October 2024
This Policy is effective as of this date and supersedes any previous versions. Last
Updated: October 2024
Review Date:October 2025
Introduction
At DrPA Recruitment, we are committed to protecting the privacy and security of our candidates, clients, healthcare practitioners, and other users. As a UK-based healthcare recruitment agency, we comply with the General Data Protection Regulation (GDPR) and UK data protection laws. This Privacy Policy explains how we collect, use, store, and disclose your personal data.
1. Who We Are
DrPA Recruitment is a healthcare recruitment agency providing adhoc, temporary, contract and permanent staff to healthcare establishments both in the NHS and private sector.
2. Data We Collect
- We collect and process personal data to deliver our services effectively. This includes:
- Personal Identifying Information: Full name, date of birth, address, and contact information (email, phone).
- Professional Data: CV details, job titles, work experience, qualifications, and employment history.
- Health Information: Medical history, where necessary, to comply with legal obligations or as part of employment health checks.
- Compliance Data: Proof of right to work in the UK, DBS checks, and records required to comply with NHS and private contracts.
- Financial Data: Bank account details, payroll information, and tax details (for employees and self-employed contractors).
3. How We Use Your Data
- We process your data to:
- Fulfill Contractual Obligations: Provide healthcare professionals (including GPs) to secure establishments under our contracts with NHS and private providers.
- Manage Employment and Contracts: Handle employment or self-employed contracts, timesheets, payroll, and pension obligations.
- Legal Compliance: Ensure compliance with CQC requirements, NHS Trust protocols, and legal obligations such as safeguarding.
- Communication: Keep you informed about work placements, updates to services, or other business-related communications.
4. Legal Basis for Processing
- We process your data under several lawful bases, including:
- Performance of a Contract: To place you in employment or to provide healthcare services.
- Legal Obligation: To comply with laws such as safeguarding, right to work, and tax legislation.
- Legitimate Interests: To provide healthcare solutions to secure establishments, ensure the security of our business, and maintain relationships with NHS Trusts and private providers.
5. Sharing Your Information
- We may share your personal information with:
- Healthcare Facilities: The prisons, immigration centres, and other institutions where you are placed to provide medical services.
- NHS Trusts and Private Healthcare Providers: As part of our contractual obligations.
- Regulatory Bodies: The CQC and other regulatory organizations to ensure compliance with healthcare standards.
- Third-Party Service Providers: To support operations such as payroll, background checks (e.g., DBS), or legal compliance.
- Legal Authorities: Where required by law or to protect our business from fraud or other legal claims.
6. Data Security
We implement physical, electronic, and procedural safeguards to protect your personal information. All data is stored securely on our systems, and access is restricted to authorized personnel only. While we take all necessary precautions, the transmission of information via the internet is not completely secure, and we cannot guarantee the security of data during transmission.
7. Retention of Data
We will retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. Typically, we retain employment data for 6 years after the end of a contract or placement, to comply with tax, NHS, and legal requirements.
8. Your Rights
- Under the UK GDPR, you have the following rights concerning your personal data:
- Right to Access: Request access to the data we hold about you.
- Right to Rectification: Request that we correct any inaccurate or incomplete information.
- Right to Erasure: Request that we delete your personal data where applicable.
- Right to Restrict Processing: Request a restriction on processing under certain conditions.
- Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Object: Object to the processing of your data under certain circumstances, including for direct marketing.
To exercise any of these rights, please contact us at admin@drparecruitment.co.uk
9. Cookies and Website Usage
We may collect technical information about your use of our website, including your IP address, browser type, and pages visited. This data is used to enhance the functionality of our website and improve user experience. Cookies may also be used for these purposes. For more details, please see our Cookie Policy.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business operations or legal obligations. Any significant changes will be posted on our website, and you will be notified where appropriate.
11. Contact Us
- For any questions or concerns about this Privacy Policy or your data, please contact:
DrPA Secure
Email: admin@drpasecure.co.uk
Address: 42 Kew Court Richmond Road, Kingston Upon Thames, Surrey, KT2 5BF.
For more information about your rights or to make a complaint, you can contact the UK Information Commissioner’s Office at www.ico.org.uk or call 0303 123 1113 or Email: Casework@ico.org.uk (please ensure you Include your contact number)
12. Jurisdiction
This Privacy Policy is governed by the laws of England. Any disputes arising out of this policy will be subject to the jurisdiction of the courts of England and Wales.
13. Approval
Approved by:
Farwa Pasha
Executive Business Manager
October 2024
NOTE: This privacy policy is tailored to Dr PA Secure and is designed to ensure compliance with UK GDPR and healthcare-related regulations within the secure environments we operate in.
