This Recruitment Privacy Policy governs the collection, storage, and use of personal information collected by us, OPEN Health Communications LLP (“OPEN Health”) during the recruitment process. It provides details about the personal information that we collect from you and our recruitment partners, how we use your personal information and your rights regarding the personal information that we hold about you.
This policy only applies to the personal data of job applicants, potential candidates for employment or partnership, and those who participate in our recruiting programs and events.
OPEN Health Communications LLP (whose registered address is at C/O Corporation Service Company (UK) Limited, 25 Canada Square, 37th Floor, Canary Wharf, London E14 5LQ, United Kingdom and registered number OC360224) together with its subsidiary entities (details available here) operate in the healthcare and digital sector providing communications, market access, consultancy, public relations, meetings and events, medical education, data analytics, and health economic modelling services. This recruitment privacy policy is issued on behalf of the OPEN Health Group, so when we mention “OPEN Health,” “we,” “us,” or “our” in this privacy policy, we are referring to the relevant company in the OPEN Health Group responsible for processing your data.
We are a “controller” in relation to the personal data we collect as part of the recruitment process. This means that we are responsible for deciding how we hold and use personal information about you.
This policy has been drafted based on the principles of GDPR and other recognised privacy legislation in the territories in which we operate. However, the fundamental principles of data protection, confidentiality, and security of data apply throughout our business. Consequently, this policy is intended to apply to our personal information-processing activities globally. However, we have highlighted where some obligations are applicable to specific territories in this policy.
We will comply with data protection law and principles, which means that your data will be:
In connection with your application for work with us, we may collect, store, and use the following categories of personal information about you:
For roles based in the USA, if we make you an offer of employment, we will also complete a background check or instruct a third party to do so on our behalf. Background checks will only be done where permitted by law applicable to the location where the position is located and to the extent necessary and proportionate to the role that you are being offered. A background check will only involve criminal background data to the extent permitted in your specific jurisdiction.
We collect information about you for use during recruitment from a variety of sources:
We will use the personal information we collect about you to:
In the UK, we may ask our applicants if they have any disabilities to enable us to make reasonable adjustments for candidates who have a disability.
We have a legitimate interest in processing personal data during the recruitment process and for keeping records of the process since it is in our legitimate interests to decide whether to appoint you to work at OPEN Health. Processing data from job applicants allows us to manage the recruitment process, assess and confirm a candidate’s suitability for employment, and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.
In some cases, we need to process data to ensure that we are complying with our legal obligations, such as checking a successful applicant’s eligibility to work in the country in which the role will be based before employment starts.
If your application is unsuccessful, OPEN Health may keep your personal data on file in case there are future employment opportunities for which you may be suited. Please see “How long we keep your personal data” below.
Your information may be shared internally for the purposes of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy, and members of the OPEN Health senior or executive teams, as well as IT staff if access to the data is necessary for the performance of their roles.
We will only share your personal information with the following third parties for the purposes of processing your application: Job Adder and Applicant Stack. All our third-party service providers and other entities in the OPEN Health Group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
For candidates based in the UK or EEA (meaning the EU, Switzerland, and Norway), we may transfer your personal data outside the EEA to members of the OPEN Health Group where this is necessary for the recruitment process. If we transfer your data to the OPEN Health Group or third parties outside the UK and/or EEA, we have entered into an agreement ensuring appropriate and suitable safeguards with our OPEN Health Group members and third parties using terms adopted by the Information Commissioner and approved by the Commission (EU Model Clauses). For further details, see European Commission: Model contracts for the transfer of Personal Data to third countries.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need-to-know. If we share your personal data with our agents, contractors, and other third parties, we require they adhere to our Supplier Privacy and Security Requirements, which are available at www.openhealthgroup.com/legal.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
If your application for employment is unsuccessful, we will hold your data on file for no more than 12 months after the end of the relevant recruitment process. However, if there is no further communication between us, we will delete the data 6 months after the end of the relevant recruitment process.
If you have consented for us to keep your personal data on file for consideration for future employment opportunities, then we will hold your data on file for a further 5 years. At the end of that period, or once you withdraw your consent, your data will be deleted or destroyed.
You may withdraw your consent at any time by contacting us via candidateprivacy@openhealthgroup.com.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained in accordance with our employee data-retention policy.
Recruitment processes are not based solely on automated decision-making; however, we may ask you to complete a psychometric test that will be considered as part of the process. No decision will be made solely on the results of any psychometric tests.
As you interact with our website, we may automatically collect technical data (including internet protocol [IP] address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our websites) about your equipment, browsing actions, and patterns. We collect personal data by using cookies, server logs, and other similar technologies. Please see our Cookie Policy for further details.
Some of our online recruiting activities are hosted by third parties. When you access sites operated by these third parties, they may place their own cookies or other tracking technologies on your device.
As a data subject, you have a number of rights. You can:
If you would like to exercise any of these rights, please use the contact details below.
As required under the CCPA, we have provided the metrics regarding the consumer rights requests we received from California residents from January 1, 2020 to December 31, 2020 in the following table:
Request Type |
Received | Granted (in whole or in part) | Denied | Mean Days to Respond |
Requests to Know | Nil | Nil | Nil | Nil |
Requests to Delete | Nil | Nil | Nil | Nil |
You are under no statutory or contractual obligation to provide data to us during the recruitment process. However, if you do not provide the information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we may not be able to process your application properly or at all.
In processing your personal data for the purposes of recruitment, we act as data controller if you provided your details to us directly. If you provided your details via a recruitment agency, we will be joint data controllers with that recruitment agency.
For privacy queries please contact EvalianDPO@openhealthgroup.com. For queries related to your job application please contact careers@openhealthgroup.com.
For candidates based in the UK or EEA, if you believe that we have not complied with your data protection rights, you have the right to make a complaint at any time to the following: