Privacy Notice – Staff & Recruitment Candidates

Effective date: 30 January 2023

SilverCloud created this privacy notice to explain how we collect, process and protect your data as a staff member, contractor, intern or recruitment candidate.

In this privacy notice we will tell you how we process your personal data. When we collect or use your data SilverCloud is the “data controller”. This means we decide how and why your data is processed.

If you want to get in touch the contact details for SilverCloud’s Data Protection Officer are listed at the bottom of this notice.

How we collect your personal data

Your data is collected by SilverCloud in a few ways:

  • Data you give directly
  • Data we collect from others
  • Data we collect automatically

What personal data we collect and use

Here is a list of the categories of personal data that are collected and used, with examples.

Contact details

  • Your name, email address, home address, telephone number
  • Next of kin name and contact details

Personal details

  • Your date of birth, gender, marital status

Finance details

  • Bank details: account name, account number, BIC, IBAN, etc.
  • Tax details including PPS number, TIN or other identifier
  • Pension details
  • Salary details and payslips
  • Salary adjustments (e.g. for leave, tax deductions, etc.)

Employee details

  • Your employee ID, department, job title, location, join date, status
  • Leave details
  • Other leave details (may include data concerning health)
  • Performance / training / peer and manager feedback
  • Industrial relations (may include data revealing trade union membership)
  • Disciplinary and grievance records
  • IT accounts and assets
  • Call recordings and transcripts, business contact data and related analytics
  • Exit checklist and interview notes (when leaving the company)

Recruitment candidate details

  • Interview notes
  • Qualifications
  • Employment history / resume / CV
  • References
  • Disability details (data concerning health)

Successful recruitment candidate details

  • Visa details (may include data revealing racial or ethnic origin)
  • Record of eligibility to work
  • Offer letter, job description, contract

Background check

  • Name, date of birth, personal identification number (e.g. SSN, PPSN)
  • Current and past addresses
  • Background check application form
  • Background check results

Travel information

  • Details for bookings: passport number, preferences, loyalty scheme details
  • Trip records

Other

  • Survey responses
  • HR communication with recruitment candidates and employees
  • Data protection request details

How and why we use your personal data

SilverCloud uses your data for the purposes described below

  • Payroll
  • Human resources management, including recruitment and performance management
  • Travel booking
  • Communication, collaboration and administration
  • Legal obligations

In general, SilverCloud processes your data for the purposes of establishing, administering and managing aspects of your employment relationship (including all associated processes) in line with your contract. SilverCloud also processes your data to comply with legal or regulatory requirements.

Lawful basis

The bases for processing your personal data are:

  • Contract (GDPR Art.6(1)(b))
  • Legal obligation (GDPR Art.6(1)(c))
  • Legitimate interests (GDPR Art.6(1)(f))

The conditions for processing your special category personal data are:

  • Employment (GDPR Art.9(2)(b))
  • Legal claims (GDPR Art.9(2)(f))

Understanding your Rights

You have rights regarding your personal data. If you have any questions, please contact SilverCloud using the contact details provided in the Contact section below.

Right to information about processing of your personal details

The aim of this privacy statement is to give you this information.

Right to access your personal data

You have the right to know if your personal data is being held, what categories of data are held, and to receive a copy of all data about you.

Right to change or remove your details

You have the right to correct any inaccurate data, or remove data if it is not necessary for us to hold it.

Right to object to processing

You can object to processing for direct marketing (opt-out), or if it could otherwise affect your rights, freedoms or interests.

Right to data portability

While we do not process your data on the basis of consent, we will provide your data in a portable format.

Right to lodge a complaint

You also have the right to lodge a complaint with a supervisory authority, although we encourage you to contact SilverCloud first.

Contact details for the Data Protection Commission can be found at https://www.dataprotection.ie

Rights in relation to automated decision making: we do not use automated decision making with legal or other significant effects.

Data protection policies

SilverCloud has a set of data protection policies and procedures. All staff can access our Data Protection Policies Overview on SharePoint.

Third parties

SilverCloud uses external service providers and will also share your data in some cases.

Third party Details Location

Payroll

Payroll providers uses your contact, finance and employee details to process the payroll.

EEA / UK / US
as appropriate

HR Information System

SilverCloud uses a HR information system used to store HR records including contact details and appraisals.

 US

Travel Booking

Travel booking services will use your contact and travel information.

 EEA
and as appropriate for service providers such as airlines and hotels

Microsoft

Microsoft provides Office 365 services including email, calendar, contacts, file sharing and other collaboration tools.

 EEA / US

Other IT / Cloud service providers

SilverCloud uses several other IT or cloud service providers for activities including:

  • Company objective management
  • Employee recognition
  • Project management
  • Product management and development
  • Awareness and training
  • Customer relationship management

Your name, email address and username will be shared with the service providers in order to create an account for you and each service provider may process more personal data about you depending on the service.

 EEA / UK / US

Gong

We use Gong to record and transcribe calls with customers and prospects. Calls may be used for employee coaching.

 US

Tax authorities

Personal data will be sent to Revenue Commissioners, HM Revenue & Customs or the appropriate national tax authority for you.

 EEA / UK / US
as appropriate

Background check

Name, data of birth, current and former addresses and other application information will be used by background check provider appropriate for you.

 EEA / UK / US
as appropriate

 

International transfers

SilverCloud may transfer your personal data between its affiliates and service providers, and we may transfer, process, and store your data within and outside of the European Economic Area (EEA). Where your data is transferred outside the EEA SilverCloud will ensure that appropriate legal arrangements are in place to protect it. This includes the use of EU Controller-to-Processor Standard Contractual Clauses (SCCs).

Data security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

All SilverCloud employees are contractually and ethically bound to respect the confidentiality of any personal data held by SilverCloud.

SilverCloud maintains ISO 27001:2013 certification and Cyber Essentials certification.

Retention of Personal Data

Personal Data shall be retained only in accordance with SilverCloud’s Personal Data Retention Policy. As an overview:

  • Most personal data for staff will be held for 6 years post-employment
  • Bank details will be held for 3 years post-employment
  • Pension details (where applicable) will be held for up to 75 years post-employment
  • Details for unsuccessful recruitment candidates will be held for 6 months post-campaign
  • Background check information and IT account data will be held for 1 year post-employment, unless there is a legal obligation to retain longer

Privacy notice changes

We will revise this privacy notice when necessary and we encourage you to check back in future for changes.

  • 16 Mar 2021 Revised third parties and international transfers
  • 21 May 2021 Reformatted and revised third parties and activities
  • 16 September 2022 Update ISO 27001 certification
  • 30 January 2023 Updated third party locations; removed reference to outsourced IT; added third party Gong (call recording)

Contact

If you wish to contact SilverCloud regarding our use of your Personal Data or to exercise your rights, please contact us by email at dataprotection@silvercloudhealth.com or at:

SilverCloud Health
One Stephen Street Upper
Dublin 8
Ireland

SilverCloud's Data Protection Officer (DPO) is BH Consulting:

SilverCloud Health Data Protection Officer
BH Consulting
The LINC Centre
Blanchardstown Road North
Dublin 15
Ireland

+353 1 440 6065

© 2022 SilverCloud® All Rights Reserved. SilverCloud is a registered trademark of American Well Corporation.

Privacy Policy Terms and ConditionsCookie Declaration