- The Moneff entities listed in Schedule 1 (Moneff entities) provide this Privacy Notice for Candidates because you are applying for positions at Moneff.
- This Privacy Notice reflects how we process your personal data. Please read the Privacy Notice carefully in order to understand how we process your personal data so that you understand what we do with your personal data, why we use your personal data, who we share your personal data with, the circumstances in which we will share it, the steps we will take to keep it secure, the options available to you and your rights.
- Moneff, us, we or our each means Moneff Entities listed in the Schedule 1.
- ‘You’ or ‘your’ means a candidate who is applying to positions at Moneff.
- Personal data is the information that can be used to uniquely identify an individual;
- Processing of data means the carrying out of any operation or set of operations in relation to personal data, including recording, holding, organization, adaption or alteration, retrieval, combination, transmission and erasure or destruction.
- Non-personal data is information that will not allow a specific individual to be identified;
- Data denotes personal data and/or non-personal data.
- Data controller is Moneff, and as the data controller we determine the purposes and the means of processing personal and non-personal data and is subject to applicable data protection laws.
3. Personal data we collect and process
- Personal data you give us
- You give us your personal data by filling an online application form and correspondence with us through a third party, for example a recruitment agency.
- Personal data we collect from you
- Full name;
- Phone number and email address;
- Date of birth;
- Education history;
- Professional experience;
- Work status;
- Marital Status;
- National Insurance number;
- Emergency Contact person and number;
- HMRC Starter form to fill out for payroll;
- Other information given in your submitted CV.
- Personal data provided by third parties
- We may collect your personal data from third parties and some of the personal data may be provided to us by third parties (for example recruitment agencies, fraud prevention agencies, screening providers, etc.).
- We may collect some information relevant to you, such as qualification and experience, from publicly available sources, such as LinkedIn, Facebook and other social networking sites.
- We will take reasonable steps to ensure that data which you provide to us is:
- accurate, complete, and current;
- adequate and relevant;
- limited to what is necessary in relation to the purposes for which they are processed;
- kept in a form which permits your identification for no longer than is necessary for the purposes for which the data is processed, unless a longer retention is required or allowed under applicable law;
- If you find that data is not accurate, you have the right to correct it. You can read about your rights below.
4. Risk assessment
- We take reasonable steps to ensure that data is accurate, complete and current, adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- We may make automated decisions by using technology that can assess your circumstances and other factors to predict and evaluate associated risks. We do this to comply with our regulatory obligations. Risk assessment also allows us to run our business efficiently and to ensure our decisions are informed and consistent. Where the automated assessment cannot be completed, we evaluate your data manually.
6. How we use of your personal data
- We use your personal data explicitly for the following non exhaustive list of purposes:
- to enter into an employment agreement with you or to carry out our obligations we owe to you where it is applicable;
- to pursue our legitimate interests in providing and marketing our products and services to you;
- to comply with applicable legal and/or regulatory requirements;
- to process your job application and consider your suitability for position;
- to adhere to government regulations or guidance or to pursue any legitimate business interest;
- as may be required or requested by any judicial process or governmental agency having or claiming jurisdiction over Moneff or Moneff’s affiliates;
- to follow up with you after correspondence (online or mobile application live chat, email), answer your questions or resolve queries;
- to prepare internal reports for use by Moneff or any of Moneff’s affiliates, staff, management, and consultants for the purposes of operating, evaluating, and managing Moneff’s business;
- to manage risk exposures and protect data subjects against or prevent actual or potential fraud, unauthorised transactions, claims, or other liability including to third parties providing these services;
- to combine data we receive from other sources with the data you give to us. We may use such data or the combined data for the purposes set out above (depending on the types of data we receive).
- If you wish to change how we use your data, please refer to section ‘Your rights’ below.
- If you choose not to share your data with us, or refuse certain contact permissions, we might not be able to process recruitment.
7. Disclosure of data
- Based on the relevant adequacy decisions (Commission Implementing Decision of 28.6.2021 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate protection of personal data by the UK), we may share your data within Moneff group of companies (Safenetpay Services Company Limited, UK).
- We may share your personal data with professional advisors, legal and regulatory authority, taxation authority.
- We will not sell, trade, or otherwise transfer your data to third parties unless we act on a valid legal or contractual basis and provide you with an advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business or serving our customers, so long as those parties agree to keep this data confidential or are under regulatory obligations to protect your data.
- We may further disclose your data to third parties:
- affiliates, business partners, suppliers (suppliers who provide us with IT, payment and delivery services, our banking and financial services partners and payments networks, etc) and subcontractors for the performance and execution of any contract we enter into with you;
- data can be disclosed to auditors and tax authorities and be also provided in the course of audit by or reporting to data protection authorities;
- if we are under a duty to disclose or share your data in order to comply with any legal or regulatory obligation, reporting requirements;
- to assist us in conducting or co-operating in investigations of fraud or other illegal activity where we believe it is reasonable and appropriate to do so to check your identity, protect against fraud, keep to anti-money laundering regulations and confirm that you are eligible candidate;
- to prevent and detect fraud or other illegal activity.
- where you have asked us to share your data based on a specific consent.
8. Retention period of data
- The periods for which we retain your data are determined based on the purposes for which Moneff processes the data. The data will be retained as long as the purpose for which the data is lawfully processed exists. If the processing is based on consent the retention will follow the specific retention period in the given consent.
9. Storing and transfer of your personal data
- We store your data on our secure servers located in the UK and the European Union.
- We may transfer your data outside the European Economic Area (EEA) based on any lawful data transfer mechanism that provides an adequate level of protection under the EU/EEA data protection legislation.
- We comply with mandatory standards pertaining to the storage, safeguarding, transmission of your personal data.
- Unfortunately, the transmission of personal data through the internet is not completely secure. However, we will take all reasonable steps to make sure that your data is handled securely and any transmission is at your own risk. If we reasonably believe that an unauthorised person accessed or may have accessed the account, then we will take necessary measures to notify you in writing.
- Please note that we can realistically achieve the secure transmission of data via the Internet based on secure login as well as security in the transport layer and higher host layers only as envisaged by the OSI (Open System Interconnection) model (ISO 35.100).
- Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access, loss or damage.
10. How do we protect your personal data
- We use regular malware scanning for security breaches and known vulnerabilities in order to make your visit to our website as safe as possible.
- The data is contained behind secured networks.
- We limit access to your data to those employees who need to have access in order to perform their job duties and who are required to keep the data confidential.
- Communication over the internet between you and us is encrypted using strong asymmetric encryption. The provided data is encrypted via Secure Socket Layer (SSL) technology.
- We implement security measures and update our servers regularly in order to maintain their effectiveness when users place an order, enter, submit, or access their data.
- We periodically conduct the training on the significance of confidentiality and privacy of the data we collect.
11. Your rights
You have certain rights under the data protection legislation, including the following:
- Right to view information (right of access)
You have the right to gain insight into the information we process about you and to request access to all copies of your data that we hold and we will provide you with further details on the use we make of your data.
- Right to rectification (correction)
You have the right to have incorrect information about yourself corrected if it is inaccurate or that we complete data if it is incomplete;
- Right to erasure
In special cases, you have the right to have information about you deleted before the time of our general deletion occurs. Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and legal and regulatory requirements. For example: we may not be able to agree to your request to delete data.
As a regulated financial services provider, in certain cases such as to comply with anti-money laundering requirements, we must keep your data even when you ask us to delete it. We will let you know if we cannot delete your data.
For security reasons, we cannot deal with your request if we are not sure of your identity, so we may ask you for proof of your ID.
- Right to restriction of processing
- We will only use your information for the lawful purposes for which it was collected.
- In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, we may in future only process the data – except for storage – with your consent, or for the purpose of establishing, asserting, or defending legal claims, or to protect a person or important public interests.
- Right to object
In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You can also object to the processing of your data for direct marketing purposes
- Right to transmit information (data portability)
In certain cases, you have the right to receive the personal data you have provided yourself in a structured, commonly used, and machine-readable format and to have this personal data transferred from one controller to another without hindrance.
- Use of automated decision-making, including profiling
We develop and implement appropriate procedures for handling your requests to exercise your rights of (a) access, (b) rectification, (c) erasure, (d) portability, (e) restriction, (f) objection, and (g) not being subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.
- This notice may be amended at any time in our sole and absolute discretion. You can always find the latest version on our website.
- If we wish to change the way we process your personal data that we already hold or contemplate using such data for a purpose which you have not agreed to, we will update this Policy and, if appropriate, let you know through our website or other means.
13. Third-party links
- Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If we indicate a link to any of these websites, please note that (1) these websites have their own privacy policies and we do not accept any responsibility or liability for these policies and (2) third-party products or services are not included for the purposes to offer them on our website.
If you feel that we have not addressed your questions or concerns adequately, or you believe that your data protection or privacy rights have been infringed, you can contact us in the first instance through submission of your complaint to us in the first instance by contacting us through the address reflected in the Schedule 1.
We are required to verify the identity in order to process the request and may ask to provide valid identification documents to allow Moneff to do so.
You can also complain to the relevant data protection state authority at any time about our processing of your personal data. However, we encourage you to first contact us if you believe that we have processed your personal data in violation of the personal data regulation. That way you can get our explanation of the matter.
Schedule 1 - Moneff entities
Denmark and EU/EEA
address: Vesterbrogade 74, 1620, Copenhagen;
email: [email protected]
Safenetpay Services Company Limited
address: Sierra Quebec Bravo, 77 Marsh Wall, London;
email: [email protected]