• This Privacy Policy explains what we do with your personal data whilst we are in the process of exploring your suitability for any vacancies that we may have.
  • It describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.
  • This Privacy Policy applies to the personal data of our Website Users, Candidates, Suppliers and other people whom we may contact in order to find out more about you as our candidate.
  • For the purpose of applicable data protection legislation (including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”), the company responsible for your personal data is Bryn Melyn Care ltd.
  • It is important to point out that we may amend this Privacy Policy from time to time. Please just visit this page if you want to stay up to date, as we will post any changes here.
  • If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights and, where relevant, we have described these as well.

What kind of personal data do we collect?

  • CANDIDATE DATA: In order to provide the best possible employment opportunities tailored to you and your experience we need to process certain information about you. We only ask for details that will genuinely help us to assess your suitability for the role and to process any pre-employment checks. Such as your name, age, contact details, education, employment history, emergency contacts, immigration status, financial information (where we need to carry out financial background checks), and National Insurance Number and of course, you may choose to share other relevant information with us. Where appropriate and in accordance with local laws and requirements, in addition, we may collect information related to your health, diversity information or details of any criminal convictions.
  • SUPPLIER DATA:We need a small amount of information from our suppliers to ensure that things run smoothly. We need contact details of relevant individuals at your organisation so that we can communicate with you, details of your insurances and professional registrations so that we are able to ensure safety whilst you are engaged with us and where appropriate, details of your criminal history. We also need other information such as your bank details so that we can pay for the services you provide.  (if this is part of the contractual arrangements between us).
  • PEOPLE WHOSE DATA WE RECEIVE FROM CANDIDATES AND STAFF, SUCH AS REFEREES:In order to provide candidates with suitable employment opportunities safely and securely and to provide for every eventuality, we need some basic background information. We only ask for very basic contact details, either so that we can get in touch with you for a reference or one of our candidates has listed you as an emergency contact.
  • WEBSITE USERS: We collect a limited amount of data from our website users, which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes information such as how you use our website, the frequency with which you access our website, and the times that our website is most popular.

A number of elements of the personal data we collect from you are required to enable us to fulfil our contractual duties to you or to others. Where appropriate, some, for example candidates’ National insurance number and, religious affiliation, are required by statute or other laws. Other items may simply be needed to ensure that our relationship can run smoothly.

Depending on the types of personal data in question and the grounds on which we may be processing it, should you decline to provide us with such data, we may not be able to fulfil our contractual requirements or, in extreme cases, may not be able to continue with our relationship.

How do we collect your personal data?


We collect your personal data in two main ways:

  1. Directly from you; and
  2. From third parties such as agencies, previous employer and statutory bodies


We collect your personal data during the course of our work with you.


We collect your contact details only where a Candidate or a member of our Staff puts you down as their emergency contact or where a Candidate gives them to us in order for you to serve as a referee.


We collect your data automatically via cookies when you visit our website, in line with cookie settings in your browser. We will also collect data from you when you contact us via the website, for example by using the chat function.

How do we use your personal data?


The main reason for using your personal details is to help you find employment. The more information we have about you, your skillset and your ambitions, the more we are able to assess your suitability for any vacancies we have and ultimately make the decision on whether to progress your application to the next stage. Where appropriate and in accordance with local laws and requirements, in addition, we may use your personal data for things like marketing and diversity monitoring. Where appropriate, we will seek your consent to undertake some of these activities.


The main reasons for using your personal data are to ensure that we can properly implement the contractual arrangements between us so that the relationship can run smoothly, and to comply with legal requirements.


We use referees’ personal data to help our Candidates to find employment, which is suited to them. If we are able to verify their details, qualifications, work experiences and any previous safeguarding concerns, we can make sure that they are well matched with prospective roles.


We use your data to help us to improve your experience of using our website, for example by analysing your recent job search criteria to help us to present jobs to you that we think you’ll be interested in.

With whom do we share your personal data?


We may share your data internally with designated individuals who are responsible for assessing your auditability for a vacancy. You data will be shared and stored within an automatic tracking system and may be shared via internal encrypted email systems.


Your data will be shared internally for the purpose of processing payment and ensuring safe working practices.


Your personal data will be shared with professional regulators who are legally required to check our compliance with safer recruitment practices.

There may be circumstances where your data will be shared with third parties for legal reasoning or in the best interests of the protection of vulnerable client groups. This may include but is not limited to, DBS, Police, OFSTED, professional regulators and local safeguarding teams.

How do we safeguard your personal data?

We care about protecting your information. That is why we put in place appropriate measures designed to prevent unauthorised access to, and misuse of, your personal data.

For how long do we keep your personal data?

  • We will securely retain your personal data for a period of 12 months and will contact you annually thereafter to obtain your consent to retain your details. Should you choose not to consent to us retaining your details your personal information will be deleted and replaced with un-identifying details that will be used for reporting and monitoring purposes only, unless we believe in good faith that the law or other regulation requires us to preserve it. For example, because of our obligations to tax authorities or in connection with any anticipated litigation.
  • Should you progress through to interview stage, information will be retrained for a 6 month period and will then be deleted and/or shredded
  • Should you be successful in attaining employment with us then all of your personal data obtained with transfer to your personnel file and will be used throughout the duration of your employment in order for us to process our contractual and legal obligation. Details of this will be provided to you upon commencement of employment.

How can you access, amend or take back the personal data that you have given to us?

Even if we already hold your personal data, you still have various rights in relation to it. To get in touch about these, please contact us. We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of any applicable laws. Please note that we may keep a record of your communications to help us resolve any issues that you raise.

Right to object: If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.

Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, for profiling your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.

Data Subject Access Requests (DSAR): Just so it’s clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or Delete such information. At this point we may comply with your request or, additionally do one of the following:

  • We may ask you to verify your identity, or ask for more information about your request; and
  • Where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.

Right to erasure: In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your personal data but will retain un-identifiable data for reporting purposes. If you would prefer us not to do this, you are free to say so.

Right of data portability: If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.

Who is responsible for processing your personal data on the Bryn Melyn Care website?

  • Bryn Melyn Care controls the processing of personal data on its website(s).
  • Recruitive process candidate data through its web based computer system and when providing us with consent to store your details, your details will be stored within the system.

What are cookies and how do we use them?

A “cookie” is a bite-sized piece of data that is stored on your computer’s hard drive. They are used by nearly all websites and do not harm your system. We use them to track your activity to help ensure you get the smoothest possible experience when visiting our website. We can use the information from cookies to ensure we present you with options tailored to your preferences on your next visit. We can also use cookies to analyse traffic and for advertising purposes.

How to reject cookies

If you don’t want to receive cookies that are not strictly necessary to perform basic features of our site, you may choose to opt-out by changing your browser settings.

Most web browsers will accept cookies but if you would, rather we didn’t collect data in this way you can choose to accept all or some, or reject cookies in your browser’s privacy settings. However, rejecting all cookies means that you may not be able to take full advantage of all our website’s features. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences.

For more information, generally on cookies, including how to disable them, please refer to You will also find details on how to delete cookies from your computer.

Our legal bases for processing your data


  • Article 6(1) (f) of the GDPR is the one that is relevant here. It says that we can process your data where it “is necessary for the purposes of the legitimate interests pursued by [us] or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of [you] which require protection of personal data.”
  • We don’t think that any of the following activities prejudice individuals in any way – in fact, they help us to offer you a efficient service, so everyone’s a winner! However, you do have the right to object to us processing your personal data on this basis.

Please note that in certain of the jurisdictions in which we operate, a different legal basis for data processing might apply in certain cases.