This statement applies where we are acting as a data controller with respect to your information as a prospective employee of Janus Henderson; in other words, where we determine the purpose and means of the processing of that information. This statement sets out the basis on which your information is collected, stored and used by us.
In this statement, "we", "us", and "our" means Janus Henderson Group plc (reg. 101484) and its subsidiaries.
If you have any questions or concerns regarding our Recruitment Privacy Statement, or how we process your information, please contact us via email at firstname.lastname@example.org or by postal service at:
Janus Henderson Investors
Data Privacy Office
London EC2M 3AE
1. Personal data that we collect about you
By "personal data" we mean all of the personal and financial information about you that we collect, use, share and store. Most of the information collected by us is information which you have provided to us directly, from you applying for a job with us.
We will collect and process the following personal data about you:
- Information that you provide to us or one of our affiliates. This includes information about you that you give to us by filling in forms or by communicating with us, whether face-to-face, by phone, e-mail or otherwise through the recruitment process with us. This information may include:
- your full name, previous names, date of birth, national insurance number, nationality, gender, ethnicity, education and qualification details, curriculum vitae, references, marital status, home address and home telephone number, email address, mobile telephone number, next of kin, emergency contact details, bank account details for the transfer of your salary and other benefits, tax details and your date of hire; and
- Information we collect or generate about you. This includes:
- Passport details, visa (if applicable), photograph, birth certificate to carry out right to work checks;
- work-related details such as your job position, interview notes, contact details, service history,
- results of psychometric tests,
- gender, religion, sexual orientation, marital status, age, disability, ethnicity data to conduct diversity and inclusion studies across our firm.
- Information we obtain from other sources.
- applicant information from Recruitment Agencies or our other affiliates
- personal data from pre-employment checks
2. Uses of your personal data
Your personal data may be stored and processed by us in the following ways and for the following purposes:
- to meet our legal obligations as an employer, and perform our obligations and exercise our rights under your contract of employment with us. For example, we use your personal data to conduct pre-employment checks;
- we will ask for your consent to provide us with religion, sexual orientation, disability, and ethnicity data in order to help us perform diversity and inclusion evaluations which helps inform our equals opportunity policy; and
- the information you provide us during the recruitment process will only be used for the purpose of assessing your application, or to fulfil legal or regulatory requirements if necessary. We will not share any of the information you provide with any third parties for marketing purposes. We will use the contact details you provide to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
We are entitled to use your personal data in these ways because:
- we may need to in order to take decisions regarding your fitness for work;
- we have legal and regulatory obligations that we have to discharge;
- we may need to in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings; or
- the use of your personal data as described may be necessary for our legitimate business interests (or the legitimate interests of one or more of our affiliates), such as:
- allowing us to effectively and efficiently administer and manage the operation of our business;
- ensuring a consistent approach to the management of our job candidates and the job candidates of our affiliate companies worldwide;
- maintaining compliance with internal policies and procedures; or
- in certain circumstances you will have given your consent to us to use your personal data.
3. Disclosure of your information to third parties
We may disclose your personal data to our affiliates for the purposes of:
- the management and administration of our business and our affiliates’ business;
- complying with the functions that each of them may perform relating to regional or global HR decisions;
- assessing compliance with applicable laws, rules and regulations. We will take steps to ensure that the personal data is accessed only by employees of our affiliates that have a need to do so for the purposes described in this statement.
We may also share your personal data to third parties outside of our corporate group for the following purposes:
- if we sell any of our business or assets, in which case we may disclose your personal data to the prospective buyer for due diligence purposes;
- if we are acquired by a third party, in which case personal data held by us about you will be disclosed to the third party buyer;
- to comply with regulatory obligations we may share your details with local regulators;
- to third parties that help us conduct pre-employment screenings; and
- to the extent required by law, for example if we are under a duty to disclose your personal data in order to comply with any legal obligation, establish, exercise or defend our legal rights.
4. Transfers of personal data outside the European Economic Area
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by individuals operating outside of the EEA who work for our affiliates or for one of our suppliers.
Where we transfer your personal data outside the EEA, we will ensure that it is protected in a manner that is consistent with how your personal data will be protected by us in the EEA. This can be done in a number of ways, for instance:
- the country that we send the data to might be approved by the European Commission as offering a sufficient level of protection;
- the country that we send the information to may subscribe to an “international framework” intended to enable secure data sharing
- the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal data; or
- where the recipient is located in the US, it might be a certified member of the EU-US Privacy Shield scheme.
In other circumstances the law may permit us to otherwise transfer your personal data outside the EEA. In all cases, however, we will ensure that any transfer of your personal data is compliant with data protection law.
You can obtain more details about the protection given to your personal data when it is transferred outside the EEA (including a copy of the standard data protection clauses which we have entered into with recipients of your personal data) by contacting us in accordance with the “Contacting us” section below.
5. Retention of personal data
How long we hold your personal data for will vary. The retention period will be determined by the following criteria:
- the purpose for which we are using your personal data – we will need to keep the data for as long as is necessary for that purpose;
- legal obligations – laws or regulation may set a minimum period for which we have to keep your personal data; and
- resolve disputes, protect our assets, and enforce our agreements.
6. Your rights
You have a number of legal rights in relation to the personal data that we hold about you. These rights include to:
- be informed about the processing of your information;
- have your information corrected if it is inaccurate and to have incomplete information completed;
- object to or restrict processing of your information. Please note that there may be circumstances where you object to, or ask us to restrict our processing of your information but we are legally entitled to refuse that request;
- withdraw your consent to processing of your information at any time. Please note, however, that we may still be entitled to process your information if we have another legitimate reason for doing so (e.g. we may need to retain information to comply with a legal obligation);
- have your information erased in certain circumstances. Please note that there may be circumstances where you ask us to erase your information but we are legally entitled to retain it;
- request access to your information and to obtain information about how we process it;
- move, copy or transfer your information;
- receive some information in a structured commonly used and machine-readable format and/or request that we transmit that data to a third party where technically feasible. Please note that this right only applies to information which you have provided directly to Janus Henderson and may not always apply;
- lodge a complaint with the relevant data protection regulator if you think any of your rights have been infringed by us; and
- be informed how your information is used in relation to automated decision making which has a legal effect on or otherwise significantly affects you.
You can exercise your rights by contacting us using the details set out in the “Contacting us” section below.
7. Security measures
We have physical, administrative, procedural and technical safeguards in place to protect your information from unauthorised access, use or disclosure. We also contractually require that our third party service providers protect such information to the standard required in the EEA. We regularly adapt these controls to respond to changing requirements and advances in technology.
8. Contacting us
If you would like further information on the collection, use, disclosure, transfer or processing of your personal data or the exercise of any of the rights listed above, please address questions, comments and requests by contacting us via email at email@example.com or by postal service at:
Data Privacy Office
London EC2M 3AE