Employee Privacy Notice.

Introduction

As an employer, the MoneyPlus Holdings group of companies (including MoneyPlus Group, MoneyPlus Insolvency, MoneyPlus Legal, MoneyPlus Telecoms, MoneyPlus Mortgages, MoneyPlus Energy and Richardson Mail) collects and processes information about its employees and employment applicants.

We want to be as transparent as possible about the data we use. This Privacy Notice explains what information we collect and why, so that you understand your rights.

Who Collects Your Data?

The Data Controller is the company who is ultimately responsible for your personal data, including making sure it is held securely and confidentially. Your Data Controller is the company named in your employment contract, as per the list below. MoneyPlus Group is the central data controller for all HR matters.

 

MoneyPlus Group Limited

(Data Protection Registration – Z2422578)

 MoneyPlus Energy Limited

(Data Protection Registration – ZA472595)
MoneyPlus Legal Limited

(Data Protection Registration – Z9567194)

 MoneyPlus Telecoms Limited

(Data Protection Registration – ZA473714)
MoneyPlus Insolvency Limited

(Data Protection Registration – ZA399385)

 

 MoneyPlus Mortgages Limited

(Data Protection Registration – ZA513060)

How do we collect your data?

We receive most information directly from you. We may receive some information from our employment screening searches and monitoring of performance. We may receive information from external agencies, such as those who process financial or criminal record checks or previous employers via references. We may receive information from HMRC. We may also be given limited information about our staff from third party sources, such as medical professionals. This usually only happens with your prior consent and knowledge but if we receive information like this that you would not reasonably have expected, we will let you know.

What personal information do we collect, and how long do we keep it?

We have to collect a range of information in order to meet our obligations to you under your employment contract and to meet our regulatory requirements. All information we collect is held securely and confidentially. We keep this for the full duration of your employment plus a further six years but some types of information (such as pension or tax records) will need to be kept for longer.

The vast majority of information we collect is essential for how we work. For example, we can’t pay you for your work if we don’t hold your bank details. Some information is optional and we’ve made sure to explain the difference in the table below.

 

Type of Data Why we collect this and how it is used
Personal Descriptors

e.g. Name, date of birth, MPG employee reference

 We require this information to identify you, maintain your personal records, and stay in contact with you.

You cannot refuse to provide this information
Lifestyle Information

e.g. marital status, number and age of dependents, contact details of your emergency contact

 We need this to meet our duty of care obligations, such as emergency contacts, arranging childcare vouchers or recording Parental Leave (these records are kept until the child is 18). We may also collect data for benefit schemes like Perkbox or Medicash. We may collect some lifestyle data (such as ethnicity or sexuality) for diversity statistics, but only with your consent and only where this is anonymised.

You cannot refuse to provide required information, but you can choose not to take up employee benefit schemes
Financial Information

e.g. bank account details, credit checks, details of CCJs

 We require this information to pay you directly. We also use this type of data for employee vetting and ensuring staff meet fit and proper requirements, including credit checks. We are required to keep HMRC and Inland Revenue records permanently.
You cannot refuse to provide this information
Legal Information

e.g. copy of Passport or birth certificate, credit checks, criminal records

 We need this for our legal obligations, primarily checking staff have the right to work in the UK. We also use this data for regular fitness and propriety checks. You have the right to refuse credit or criminal record checks when we request them, but please be aware that this could result in the termination of your employment depending on your contract.

You cannot refuse to provide proof of identity, but you can refuse certain vetting checks
General Employment Information

 

e.g. job title, pay dates, role requirements

 We require this information to meet our obligations to you as an employer, including the creation of your role profile and ensuring the correct tax code is applied by the HMRC.

This information is generated by MoneyPlus and is not supplied by you
MPG Employee Specific Data

 

e.g. disciplinary action, call monitoring, pension

 We generate information about you as an employee by monitoring your performance at work, conducting appraisals or taking disciplinary action. We also keep records of the work-place pension we setup for you and must keep these for at least 12 years after any benefit payable under the policy ends.

This information is generated by MoneyPlus and is not supplied by you
Sensitive / Special Category Data

 

e.g. medical conditions, medication /prescriptions, sick notes, DBS criminal record checks

 Under our duty of care, we ideally need to know about your health and any adjustments you may need to be able to do your work. We also generate data about your sick days and corresponding pay. If you are involved in an accident or health & safety incident at work, we have to keep a permanent record of it and what we did about it. We also require details of unspent criminal convictions as part of our fitness & propriety vetting. You can refuse to provide criminal records but this could lead to the termination of your employment.

You cannot refuse to provide this information, but you may not be required to go into specific detail
Biometric Data

 

e.g. fingerprint scans, photo in the company phonebook, CCTV recordings

 We use this information to provide cash-free payment facilities in the on-site café through fingerprint recognition, and to maintain the company phonebook (photographs). Your image may also be recorded by CCTV cameras within the office complex, which the building managers (Bruntwood) may also have access to.

You are under no obligation to provide your fingerprint or photograph as part of your employment, but CCTV coverage cannot be refused
Marketing Preferences

 

e.g. documented consent, unsubscribe updates

 We use your details to provide certain marketing or promotional material to you, such as free samples provided to the business, special offers obtained as employee benefits, or discount employee rates for services provided by other MoneyPlus companies.

You are under no obligation to receive marketing or promotional material

 

How do we use your information?

Our primary basis for processing your data is ‘contractual’, meaning that we need to use this information in line with our employment contract with you. Collection or use of special category data (e.g. health conditions), criminal convictions, or biometric data (e.g. fingerprints) will only occur with your explicit and informed consent.

As an employer, we have to share some data with third parties. For example, providing your personal information with HMRC to arrange your salary and tax/national insurance contributions. We are also legally required to share information with law enforcement, government agencies or regulatory bodies where it is requested. If you are in a senior manager or certified role, we must also provide regular updates about you to the Financial Conduct Authority which can be included on a public register.

In rare cases, we may need to share information to protect your vital interests, such as giving your details to the ambulance service in the event of an accident or medical emergency.

From time to time, we may also use your personal data to meet our public and/or legal disclosure requirements, such as gender pay gap reporting. Where this happens, we anonymise all data so you cannot be identified from it and it is used to generate statistics on the general characteristics of our staff, such as the number of women over 30 or salary bandings by gender.

How we transfer and share your information.

As above, there are some circumstances where we must share your personal information as part of our employer obligations. This includes our contractual and legal requirements in arranging your workplace pension, tax/national insurance contributions, and health and safety arrangements. We may also share information about you within the MoneyPlus group of companies to facilitate the performance of our obligations as your employer.

With your explicit consent, we may conduct verification or vetting checks using third party services including credit checks which leave a ‘soft search’ on your credit file. This credit check is conducted through Experian. You can obtain a copy of your credit report from various credit reference providers, or to find out more about what this check involves, please visit www.experian.co.uk

We conduct a criminal records check on all new staff. All checks are notified to you in advance and are conducted through the Disclosure and Barring Service (DBS), a government department. Any information received through a check is held securely and confidentially, and will only include unspent convictions. For more information on criminal record checks, please visit www.gov.uk/government/organisations/disclosure-and-barring-service/about

MoneyPlus offers employees a number of benefits. These include (but are not limited to) discount services and vouchers through Perkbox, a cash-benefit service for reclaiming medical costs through Medicash, and a Cycle-to-Work scheme. We also share information with a Death in Service provider including salary and health information, inclusive of disabilities, but you can opt out of this. Basic personal information is shared with these firms to verify you are a MoneyPlus employee but you are under no obligation to use these additional services.

As this forms part of our standard employee benefit package, you cannot opt out of us sharing your information with these firms. However, you can request that they delete your details if you choose not to utilise their services. If you would like to make such a request, please contact HR for the current contact details of these providers.

From time to time, we may use the services of external consultants, legal specialists, or outsource certain aspects of our monitoring processes to other organisations, some of whom may be located outside of the European Union or European Economic Area.

We keep outsourcing activity to a minimum but on occasion, these organisations may assist us with activities such as call quality monitoring, scanning, identity verification, audits, record-keeping, or printing. All outsourced service providers are carefully vetted and monitored, and subject to strict confidentiality requirements to ensure the safeguarding of your information and our customers.

Your individual rights.

You have a number of rights in how we use/hold your data as your employer. To exercise any of these rights, please contact the HR Department directly and we will respond within one month. If your request is complex or if you make a number of requests in a short period, we may extend our response period by two months.

  • You have the right to access your information at any point, and can check what information we hold and process about you. You have the right to copies of the data we hold about you and this will be provided free of charge in most circumstances. If your request is particularly excessive or repetitive, MoneyPlus reserves the right to charge an administration fee of £10.00 in advance of providing the information.
  • You have the right to rectify any information you believe is incorrect. MoneyPlus regularly refreshes the information held about your work performance, but we are reliant on you to ensure that your personal information (such as your contact or bank details) remains accurate. If you believe any details are incorrect, you can request this is amended or removed.
  • You have the right to request the erasure of your information. Due to our legal obligations, we may be unable to accommodate this as we have to hold your records for at least six years after your employment ends. However, we will always investigate your request and respond with our answer within one month.
  • You have the right to restrict the processing of your data in certain circumstance. For example, if you contest the accuracy of the information we hold or while we are investigating an erasure request.
  • You have the right to data portability, which means that you can request that certain personal information is given to you in a structured, commonly used and machine-readable format free of charge. If you require, MoneyPlus Group can supply this information directly to another company if it is technically feasible.
  • You have the right to understand and control any automated decision-making, including profiling. MoneyPlus does not use any automated decision-making or automated profiling in our role as your employer. If this changes in the future, you will be notified in advance and be provided with the opportunity to opt-out of this process and require human intervention instead.
  • You have the right to withdraw your consent. Your consent covers anything additional to your contract, such as using fingerprints for your café payments or receiving certain marketing. You can withdraw (or opt-in) at any time. This does not cover any data we process in relation to our primary obligations as your employer.

How we secure and retain your information.

We retain your information for the full duration of our contractual relationship as your employer. At the end of your service, we are required to keep your information for another six years to comply with our legal and regulatory requirements, unless indicated in the Personal Details table. All information outside of the retention period or no longer required is securely destroyed and deleted.

All personal information we hold is securely stored, generally in computer systems. We conduct regular testing of our cyber and physical security procedures to ensure this is maintained. In some cases, we may store physical documents that include your personal information in the office or in off-site storage facilities. We conduct regular testing of such facilities to ensure agreed security and safeguards are maintained. If at any time we believe there has been a breach of your personal data, we will inform you immediately.

You are responsible for keeping your personal passwords – such as NI Number for access to digital payslips – or similar security credentials private. You must also ensure that any loss of your personal security pass is reported to MoneyPlus immediately to help us keep our offices, and your information, secure.

If you ever have concerns about how we have handled, protected or shared your personal information, we would hope that you speak to your line manager or the HR Department about this. You can also escalate your concerns to the UK’s data protection regulator – the Information Commissioner’s Office (ICO) – and you can find out more information at www.ico.org.uk

Marketing preferences.

We may need to contact our staff from time to time to make them aware of changes to our employee benefit schemes or news related to the business and our facilities. This is not promotional material and you cannot opt-out of receiving this information.

We are part of a business-wide promotional scheme provided by Gemsatwork as an employee benefit. In this scheme, free samples of various products are provided to the business and emails will be sent to staff to let them know how to partake in these. These emails are sent by MoneyPlus Group and Gemsatwork are not provided with any of your personal information.

MoneyPlus may also secure certain discounts or free services with third party firms from time to time. If this occurs, MoneyPlus Group will send an email to all staff to let them know and explain how to claim this benefit. At no point is any personal information about you shared with these third party firms by MoneyPlus.

If you do not wish to receive Gemsatwork or direct MoneyPlus promotional emails, please contact the HR Department who will ensure you do not receive future correspondence. You have the right to opt back in to these emails at a later date.

Changes to our privacy notice.

If we change how we plan to process your information in the future, we will give you a minimum of 14 days’ notice of this. You have the right to refuse any such changes but if this refusal affects our ability to meet our legal or contractual obligations as your employer, this may have an impact on the terms of your employment contract. If this is a possibility, you will be notified in advance.

A copy of our employee Privacy Notice is available at all times through the HR System and the Compliance section of the MoneyPlus Group intranet. If you have any questions about this Privacy Notice or the information we hold about you, please contact the HR Department.