Privacy Policy

Dounreay, a division of Magnox Limited is committed to protecting the privacy and security of your personal information. This privacy notice sets out the standards you can expect from Dounreay, a division of Magnox Limited, when we collect, hold or use your personal information.

We will ensure that we will treat all personal information in accordance with data protection legislation, including the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA).

We are registered as a Data Controller with the Information Commissioner’s Office (ICO). Our registration number is Z7546570. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

It is important that you read this notice, together with any other privacy notice we may provide when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

Our contact details

Data Protection Officer
Magnox Ltd
Oldbury Neate
Thornbury
South Gloucestershire
BS35 1RQ

Email: dpo@magnoxsites.com

Mark correspondence for the attention of ‘Data Protection Officer’

Data protection principles

We will comply with data protection law. This says that the personal information we hold about you must be:

Used lawfully, fairly and in a transparent way
Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
Relevant to the purposes we have told you about and limited only to those purposes
Accurate and kept up to date
Kept only as long as is necessary for the purposes you have been told
Kept securely

What type of information we have

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymised data). There are certain types of more sensitive personal data (special category data) which require a higher level of protection, such as information about a person’s health or criminal convictions. We may collect, store, and use the following categories of personal information about you:

personal contact details such as name, title, addresses, telephone numbers, and personal email addresses
date of birth
gender
marital status and dependents
next of kin and emergency contact information
National Insurance number
bank account details, payroll records and tax status information
salary, annual leave, pension and benefits information
start date and, if different, the date of your continuous employment
leaving date and your reason for leaving
location of employment or workplace
copy of driving license and car insurance
recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process)
employment records (including job titles, work history, working hours, holidays, training records and professional memberships)
CCTV images

Please note, the above list is not exhaustive.

We may also collect, store and use the following more sensitive types of personal data:

information about your race or ethnicity, religious beliefs, sexual orientation and political opinions for equality and diversity monitoring purposes
Trade union membership
information about your health, including any medical condition, health and sickness records etc
details of any absences (other than holidays) from work including time on statutory parental leave and sick leave
information about criminal convictions and offences

How did we get the information and why do we have it?

The most common reasons that we will hold your information are if you:

are a current or previous Dounreay, a division of Magnox Limited, employee or contractor
previously applied or are in the process of applying for work with Dounreay, a division of Magnox Limited
subscribe to Dounreay, a division of Magnox Limited, newsletters or publications
attended a Dounreay, a division of Magnox Limited, hosted event or course
visited Dounreay, a division of Magnox Limited, offices, recently
applied for funding or a bursary
have submitted an information request under the Freedom of Information Act 2000 or Environmental Information Regulations 2004 or make a Subject Access Request under the Data Protection Act

Again, this is not an exhaustive set of circumstances.

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

where we need to perform the contract we have entered into with you
where we need to comply with a legal obligation
where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests

We may also use your personal information in the following situations, which are likely to be rare:

where we need to protect your interests (or someone else’s interests)
where it is needed in the public interest (or for official purposes)

Please see the ‘Your data protection rights’ section for more information on withdrawing your consent

Cookies

Cookies are files saved on your phone, tablet or computer when you visit a website. We use cookies to store information about how you use the Dounreay careers website, such as the pages you visit. It does not store any personal information and will not allow us to identify individual users.

What we do with the information

As previously stated, Dounreay, a division of Magnox Limited, is the data controller of personal information held by Dounreay, a division of Magnox Limited, for the purposes of GDPR. A data controller determines the purposes for which, and the way, any personal data is to be processed (either alone or jointly or in common with others). We therefore have the responsibility for the safety and security of all the data we hold.

We may have originally shared your data with third parties, including data processors who process data on Dounreay, a division of Magnox Limited’s, behalf. We make sure that our data processors comply with all relevant requirements under data protection legislation. This is defined in the contractual arrangements. If this was the case, you can expect a similar degree of protection in respect of your personal information.

Change of purpose

We will only use your personal information for the purposes for which it was collected, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Do we need your consent?

We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations or exercise specific rights in the field of employment law. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent.

How we store your information

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Protection Officer.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

We will only hold onto your personal information for as long as necessary to fulfil the purposes we collected it for. All records are retained and securely destroyed in accordance with our records retention schedule. Details of retention periods for different aspects of your personal information are available upon request. However, your information may be held beyond the specified retention periods where there is the potential for it to fall under the remit of ongoing government independent inquiries.

Your data protection rights

You have several rights in relation to your data. These are:

the right to be informed when data are collected
the right of access to your data
the right to rectification of your data – to correct inaccurate or incomplete data
the right to erasure of your data (except in certain circumstances) – we will delete your data if requested unless there is a legal obligation to process your data
the right to restrict processing – we can retain as much data as is necessary to ensure the restriction is respected in the future
the right to data portability – where we can, where possible, provide your information in a structured, commonly used, machine readable form when asked
the right to object to the processing of data – where you can object to the processing of data for direct marketing or research purposes
rights in relation to automated decision making and profiling, to reduce the risk that a potentially damaging decision is taken without human intervention

You also have a right to withdraw any consent you may have given us to process your data and a right to lodge a complaint with the ICO. More details on these rights can be found below and on the ICO’s website.

How to complain

If you wish to make a complaint to Dounreay, a division of Magnox Limited, about the way in which we have processed your personal information, please get in touch with the Data Protection Officer via the contact details supplied above.

If you remain dissatisfied with the response received, you have the right to lodge a complaint to the Information ICO. The ICO is the UK’s independent body set up to uphold information rights, and they can investigate and adjudicate on any data protection related concerns you raise with them. They can be contacted at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

0303 123 1113

ICO website

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
___utmvc		This cookie is used for the function of Google Analytics. The cookie store the visitor-level custom variable data.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_4006577_3	1 minute	This cookie is set by Google and is used to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
CONSENT	16 years 5 months 12 days 14 hours 18 minutes	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.

Cookie	Duration	Description
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
incap_ses_1184_1808692	session	No description
incap_ses_1319_1808692	session	No description
incap_ses_340_1808692	session	No description
incap_ses_872_1808692	session	No description
incap_ses_9117_1808692	session	No description
incap_ses_9210_1808692	session	No description
incap_ses_9218_1808692	session	No description
visid_incap_1808692	1 year	No description
yt-remote-connected-devices	never	No description available.
yt-remote-device-id	never	No description available.