Top login menu

Murray Edwards College
University of Cambridge

Data Protection for Job Applicants

Main page content

How we use your personal information


This statement explains how Murray Edwards College (“we” and “our”) handles and uses information we collect about applicants (“you” and “your”) for jobs.

In broad terms, we use your data to manage your application to the College and our subsequent recruitment processes.

The controller for your personal information is Murray Edwards College, University of Cambridge, Huntingdon Road, CB3 0DF.  The person responsible for data protection at the time of issue, and the person who is responsible for monitoring compliance with relevant legislation in relation to the protection of personal information, is the Bursar (Rob Hopwood) -

The legal basis for processing your personal data is that it is necessary either in order for you to enter into an employment contract with us or for us to fulfil our legal obligations should we become your employer.

How your data is used by the College

Your data is used by us in the first instance solely for the purposes of considering your suitability for employment and for us to manage our recruitment processes, including our monitoring of equality and diversity within the College.  If you have concerns or queries about any of these purposes, or how we communicate with you, please contact us at the address given below.

The College holds the following personal data relating to you, in line with the purposes above:

A*  personal details, including name, contact details (phone, email, postal);

B*  evidence of your right to work in the UK (e.g. copies of your passport or birth certificate and any relevant visas)

C   your application form and associated information submitted by you at that time;

D   other data relating to your recruitment (including references we take up as part of the recruitment process, any pre-employment assessment of you, and any assessment of you at an informal or formal interview);

E*  any occupational health assessments and/or medical information you have provided, and related work requirements;

F*  information relating to your age, nationality, gender, disability, religion or beliefs, sexual orientation, gender identification and ethnicity;

G   any correspondence relating to the outcome of the recruitment process (either successful or unsuccessful).

Those marked with an * relate to information provided by you.  Other data and information is generated by us or, where self-evident, provided by a third party.

We will not access personal data about you from social media sites, unless there is a legitimate interest for us to do so (for example, the role you have applied for has a significant public-facing element to it, or is involved with publicity and presenting us to the general public).  Consequently, we do not routinely screen applicants’ social media profiles but, if aspects of your social media profile are brought to our attention and give rise to concerns about your suitability for the role in question, we may need to consider them. 

For certain posts, we may use the Disclosure and Barring Services (DBS) and Disclosure Scotland to help assess your suitability for certain positions of trust.  If this is the case, we will make this clear to you in separate correspondence.  Certificate and status check information is only used for this specific purpose, and we comply fully with the DBS code of Practice regarding the correct use, handling, storage, retention and destruction of certificates and certificate information.  We recognise that it is a criminal offence to pass this information on to anyone who is not entitled to receive it.

Who we share your data with

Information is not shared with other third parties without your written consent. 

If you are successful in your application, the data is subsequently held as part of your employment record with us. Where unsuccessful we retain all data and information for no more than 12 months after the closing date of the application process. 

In either case, where the post has required a “resident market test” (needed if the post is open to applicants from outside the European Union), the College will retain the application records of any shortlisted candidates for the duration of the sponsored post and twelve months thereafter.

Your rights

You have the right: to ask us for access to, rectification or erasure of your data; to restrict processing (pending correction or deletion); and to ask for the transfer of your data electronically to a third party (data portability).  Some of these rights are not automatic, and we reserve the right to discuss with you why we might not comply with a request from you to exercise them.

Failure to provide the information reasonably requested of you may result in an automatic disqualification from the recruitment process.

You retain the right at all times to lodge a complaint about our management of your personal data with the Information Commissioner’s Office.

Last updated: January 2021, Records Manager