Privacy Policy – Showsec App
Privacy Notice
Permanent Employees and Casual Workforce
Your contact for this document is: Name: Data Compliance Team Phone: 0116 204 3333
Email: datacompliance@showsec.co.uk
Published date: Dec 2022 Review Frequency: Annually
Privacy Notice – Staff (Permanent and Casual)
Showsec International Ltd (“we”, “us” or “our” herein referred to as Showsec) has issued this Privacy Notice to describe how we handle personal information that we hold about our staff and job applicants (collectively referred to as “you“). The term “staff member” includes those who work on a permanent and non-permanent basis, including contract for the provisions of services workers, subcontractors, secondees and work experience
We respect the privacy rights of individuals and are committed to handling personal information responsibly and in accordance with applicable law. This Notice sets out the personal information that we collect and process about you, the purposes of the processing and the rights that you have in connection with it.
If you are in any doubt regarding the applicable standards, or have any comments or questions about this Notice, see contact details section below.
If we make any changes to this notice we will notify you by E Mail, on the Staff Portal and in the company newsletter
Showsec will be the Data Controller of the personal data you provide to us. By Data Controller, this means that Showsec determine the purpose and way in which any personal data will be processed
What Information we collect when you apply to Showsec
During your time at Showsec, or when making an application for employment, we may process personal information about you and your dependents, beneficiaries and other individuals whose personal information has been provided to us.
The types of personal information we may process include, but are not limited to:
Identification data – such as your name, gender, photograph, date of birth, staff member IDs.
Contact details – such as home and business address, telephone/email addresses and those who are nominated as emergency contacts
Details – such as job title/position, office location, contract, performance and disciplinary records, complaint or grievance procedures, sickness/holiday records.
Background information – such as academic/professional qualifications, education, CV/résumé, criminal records data, references, work history (for vetting purposes to BS7858 standards where applicable and in accordance with applicable law).
National identifiers – such as national ID/passport, immigration/visa status.
Spouse & dependents information, marital status.
Financial information – such as banking details, tax information, withholdings, rate of pay, benefits, expenses, and company allowances
IT information – information required to provide access to company IT systems and networks such as IP addresses, log files and login information.
If you are a subcontractor, the type of personal information we process is limited to that needed to manage your particular work at an event with us.
Sensitive personal information includes any information that reveals your racial or ethnic origin, religious, political, or philosophical beliefs, genetic data, trade union membership, or information about your health (“Sensitive Personal Information“). As a rule, we try not to collect or process any Sensitive Personal Information about you, unless authorised by law or where necessary to comply with applicable laws. However, in some circumstances, we may need to collect, or request on a voluntary disclosure basis, some Sensitive Personal Information for legitimate employment-related purposes. For example, information about your racial/ethnic origin, gender, and disabilities for the purposes of equal opportunities monitoring, to comply with anti-discrimination laws and for government reporting obligations; or information about your physical or mental condition to provide work- related accommodations, health and insurance benefits to you and your dependents, or to manage absences from work.
Information obtained from third party sources
To the extent permitted by law we may conduct screening checks using publicly available registers, such as business-related information available on the internet, criminal record bureaus and credit reference agencies. When we perform these checks, we may receive personal information about you from these third-party sources. We do not perform these checks in every case but will do so where we consider it proportionate given the role you have applied for or are performing. If we perform these checks, we will provide will tell about the personal information being collected about you at the time these checks are performed.
When you work on site your image maybe collected as part of the CCTV surveillance system used by clients and Body worn video footage
How we use your information
Recruitment purposes
If you are applying for a role at Showsec, then we collect and use this personal information primarily for right to work – in particular, to determine your qualifications and to reach a hiring decision. This includes assessing your skills, qualifications, and background for a particular role, verifying your information, carrying our reference checks or background checks (where applicable) and to generally manage the hiring process and communicate with you about it.
If you are accepted for a role at Showsec, the information collected during the recruitment process will form part of your ongoing staff member record.
If you are not successful, we will keep your application for a further 6 months to allow us to consider you for other suitable openings with us in the future.
Employment or work-related purposes
Once you become a staff member, we collect and use this personal information for the purpose of managing our employment or working relationship with you. For example, your work history and contract information so we can manage our employment relationship with you, your bank account and salary details so we can pay you, and details of your spouse and dependents for emergency contact.
We process our staff members’ personal information through Smartg8, which is a tool that helps us to administer HR information, which also allows staff members to manage their own personal information in some cases.
Other legitimate business purposes
We may also collect and use personal information when it is necessary for other legitimate purposes, such as to help us conduct our business more effectively and efficiently. For example, for general HR resourcing on a global level, IT security/management, accounting purposes, or financial planning. We may also process your personal information to investigate violations of law or breaches of our own internal policies.
Law-related purposes
We also may use your personal information where we consider it necessary for complying with laws and regulations, including collecting and disclosing staff member personal information as required by law (e.g. for tax, health and safety, anti-discrimination laws), under judicial authorisation, or to exercise or defend the legal rights of our company.
Who we share information with and Why?
We take care to allow access to personal information only to those who require such access to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the information is used in a manner consistent with this Notice and that the security and confidentiality of the information is maintained.
Transfers to other group companies
As mentioned above, we may share your personal information with other members of our global group of companies to administer human resources, as well as for other legitimate business purposes such as IT services/security, tax and accounting, and general business management.
Transfers to third party service providers
In addition, we make certain personal information available to third parties who provide services to us. We do so on a “need to know basis” and in accordance with applicable data privacy law.
For example, some personal information will be available to our third-party service providers who provide us with payroll, tax and travel management services.
Transfers to other third parties
We may also disclose personal information to third parties on other lawful grounds, including:
To comply with our legal obligations, including where necessary to abide by law, regulation or contract, or to respond to a court order, administrative or judicial process, including, but not limited to, a subpoena, government audit or search warrant.
In response to lawful requests by public authorities (including for national security or law enforcement purposes);
As necessary to establish, exercise or defend against potential, threatened or actual litigation.
Where necessary to protect the vital interests of another person.
In connection with the sale, assignment or other transfer of all or part of our business; and with your consent.
Transfer of personal information abroad
We may need to transfer personal information to countries other than the ones in which the information was originally collected within the EEA (European Economic Area). When we export your personal information, we will take steps to ensure that such data exports comply with applicable UK GDPR laws.
When transferring information in this way, there are strict rules in place to ensure your data is still protected to a high standard. Where we do this, we will ensure that appropriate safeguards are put in place. Where your information is transferred outside of the European Economic Area, we will use one of the mechanisms listed below.
Standard Contractual Clauses approved by the European Commission
Binding Corporate Rules
Binding Corporate Processor Rule
For more information, or to get a copy of the relevant documentation, please contact us using the contact details below
Data retention periods
Personal information will be stored in accordance with applicable laws and kept as long as needed to carry out the purposes described in this Notice or as otherwise required by applicable law. Generally, this means your personal information will be retained until the end or your employment, employment application, or work relationship with us plus a reasonable period of time thereafter to respond to employment or work-related inquiries or to deal with any legal matters (e.g. judicial or disciplinary actions), document the proper termination of your employment or work relationship (e.g. to tax authorities), or to provide you with ongoing pensions or other benefits.
Your data privacy rights
You may exercise the rights available to you under applicable data protection laws as follows:
If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided in the last section below.
In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided in the contact Section.
If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please see https://ico.org.uk/for-the-public/.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws within one calendar month
To exercise any of the above rights please contact us at datacompliance@showsec.co.uk Please note that whilst we will carefully assess every request we receive; your rights may differ according to your place of residence and we may not always have to comply. When this happens, we will explain why.
Data Breaches
Potential data security incidents include:
Viruses, worms, Trojan Horse infections
Hacker attempts (e.g. Denial of Service
Loss or theft of data / hardware (e.g. stolen computer, mobile or storage device)
Improper data disclosure – accidental or deliberate – (i.e. accidentally sending a file with confidential data)
Unauthorized infrastructure devices (e.g. unauthorised access points)
Breach of personal employee or customer data (e.g. theft, loss or unauthorised disclosure of customer/employee data, including credit card number and social security numbers (US)) or company confidential information (e.g. strategic plans or non-disclosed financial results)
Any suspicion that Showsec or LNE systems were used in an unauthorised manner
Security incidents also include suspected inappropriate behaviour or activity. For example:
Unrecognised personnel working in Showsec offices and those based within venues without being able to show a Showsec identification card
Suspicion that an employee is stealing sensitive information e.g. to provide to a competitor
An unknown email or phone call from a person claiming to be in IT and/or other asking for certain sensitive and confidential information (such as a password) without proper identification (i.e. social engineering).
Updates to this Notice
This Notice may be updated periodically to reflect any necessary changes in our privacy practices. We will inform you of material changes to this Notice. We will indicate at the top of the Notice when it was most recently updated. We encourage you to check back at this website periodically in order to be aware of the most recent version of this Notice.
Contact details
Our group data protection officer can be contacted at privacy@livenation.co.uk.
Please address any questions or requests or concerns relating to this Notice to your line manager, and/or datacompliance@showsec.co.uk.