Privacy Policy for DBS Brighton Limited

Effective Date: 30th June 2025

1. Introduction

DBS Brighton ("we", "us", or "our") is a pre-employment screening company based in the United Kingdom. We are committed to protecting the privacy and security of the personal information we process. This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

2. Who We Are

DBS Brighton provides pre-employment screening services, including but not limited to criminal record checks (DBS checks), right-to-work verification, employment history checks, education references and International checks. We act as a data processor on behalf of our clients (employers or organisations) and, in some cases, as a data controller.

3. Information We Collect

We may collect and process the following types of personal data:

  • Personal Identifiers: Name, date of birth, address, contact details (email, phone number), and national insurance number.
  • Identity Documents: Passport, driving licence, utility bills, or other documents used for identity verification.
  • Employment Information: Employment history, references, qualifications, and professional memberships.
  • Criminal Record Data: Information obtained through DBS checks or other criminal record checks, where legally permitted.
  • Right-to-Work Information: Visa details, work permits, or other documentation proving eligibility to work in the UK.
  • Special Category Data: In limited circumstances, we may process sensitive data, such as health information or criminal record data, where necessary for the screening process and with explicit consent or another lawful basis.

4. How We Collect Information

We collect personal data from:

  • You: When you provide information directly to us as part of the screening process.
  • Our Clients: Employers or organisations who engage us to conduct pre-employment screening.
  • Third Parties: Such as referees, educational institutions, or government agencies.

5. Purposes of Processing

We process personal data for the following purposes:

  • To conduct pre-employment screening checks as requested by our clients.
  • To verify your identity, employment history, qualifications, and right to work in the UK.
  • To comply with legal obligations, including those related to employment and safeguarding.
  • To respond to enquiries or complaints.
  • To improve our services and ensure compliance with industry standards.

6. Legal Basis for Processing

We process personal data on the following legal bases:

  • Consent: Where you have provided explicit consent for specific processing activities.
  • Contractual Necessity: To fulfil our obligations under a contract with our clients.
  • Legal Obligation: To comply with legal requirements, such as conducting right-to-work checks.
  • Legitimate Interest: To provide our services efficiently and securely, where such interests are not overridden by your rights.

7. Data Sharing and Disclosure

We may share your personal data with:

  • Our Clients: Employers or organisations who have requested the screening.
  • Third-Party Service Providers: Such as the Disclosure and Barring Service (DBS), and other background check providers including Ucheck, Icover, TrustID, and HEDD.
  • Government Authorities: Where required by law or to comply with legal obligations.
  • Other Parties: With your consent or as necessary to protect our legal rights.

We ensure that all third parties we work with are compliant with data protection laws and have appropriate safeguards in place.

8. Data Security

We implement technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. These measures include encryption, access controls, and regular security audits.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements. Typically, we retain screening data for 6 months unless otherwise required by law or client agreements.

10. Your Rights

Under UK data protection laws, you have the following rights:

  • Access: To request a copy of the personal data we hold about you.
  • Rectification: To correct inaccurate or incomplete data.
  • Erasure: To request deletion of your data under certain circumstances.
  • Restriction: To restrict processing of your data.
  • Objection: To object to processing based on legitimate interests.
  • Data Portability: To receive your data in a structured, commonly used format.
  • Withdraw Consent: To withdraw consent at any time, where applicable.

To exercise your rights, please contact us using the details below.

11. International Data Transfers

If we transfer personal data outside the UK, we will ensure adequate safeguards are in place, such as standard contractual clauses or adequacy decisions.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website, and the effective date will be updated accordingly.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:

DBS Brighton Limited

E-mail: r.constantino@dbsbrighton.com

Phone: +44 7848 990988

14. Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: https://ico.org.uk

Helpline: 0303 123 1113