Privacy Notice

This privacy notice tells you what to expect when the Tay Road Bridge Joint Board collects personal information. It applies to information we collect about:
•    visitors to our websites;
•    complainants and other individuals in relation to a data protection or freedom of information complaint or enquiry;
•    people who use our “Contact Us” page requesting information or providing comment and suggestions for service improvement about the Tay Road Bridge  
•    people who notify under data protection laws;
•    job applicants and our current and former employees.


Visitors to our websites

When someone visits www.tayroadbridge.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Use of cookies by the Tay Road Bridge Joint Board
You can read more about how we use cookies on our Cookies page.

Search engine

Our website search is powered by a built-in search engine, which is integral to the website content management system. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected.

Security and performance

The Tay Road Bridge Joint Board uses a third party service to help maintain the security and performance of the Tay Road Bridge  website. To deliver this service it processes the IP addresses of visitors to the Tay Road Bridge website website.
People who contact us via social media
We use Twitter to provide up-to-date information about traffic conditions on the Tay Road Bridge and to share information about our organisation.
If you send us a private or direct message via social media the message will be stored by Twitter.


People who email us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.


People who make a complaint to us

When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We may compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files for 6 years. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.


Service providers reporting a breach

Public electronic communications service providers are required by law to report any security breaches involving personal data to the ICO.
The ICO provide an online form for this purpose, hosted by Egress. The ICO use the data collected by the form to record the breach, to make decisions about the action we may take, and as relevant in order to carry out those actions. The ICO retain personal information only for as long as necessary to carry out these functions, and in line with their retention schedule. This means that logs and breach reports will be retained for two years from receipt, and longer where this information leads to regulatory action being taken. The ICO retain de-personalised information about organisations for as long as is necessary to help inform future actions, but no individuals are identifiable from that data.
The ICO and Egress have measures in place to ensure the security of data collected and transferred to the ICO via this form. Egress is a data processor for the ICO and only processes personal information in line with ICO instructions.

Job applicants, current and former Tay Road Bridge Joint Board employees

The Tay Road Bridge Joint Board is the data controller for the information you provide during the process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us at Tay Road Bridge Joint Board, Marine Parade, Dundee, DD1 3JB.


What will we do with the information you provide to us?

All of the information you provide during the process will only be used for the purpose of progressing your job application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.


What information do we ask for, and why?

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.
The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your job application if you don’t.


Application stage

If you use our online application system, this will be collected by a data processor on our behalf (please see below).
We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.
You will also be asked to provide equal opportunities information. This is not mandatory information – if you don’t provide it, it will not affect your application. This information will not be made available to any staff outside of our recruitment team, including hiring managers, in a way which can identify you. Any information you do provide, will be used only to produce and monitor equal opportunities statistics. Job Application details are held for 6 months.


Shortlisting

Our hiring managers shortlist applications for interview. They will not be provided with your name or contact details or with your equal opportunities information if you have provided it.


Assessments

We might ask you to attend an interview. Information will be generated by you and by us. For example, we might take interview notes. This information will be destroyed after an Appointment is made.


Conditional offer

If we make a conditional offer of employment we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.
You will therefore be required to provide:
•    Proof of your identity – you will be asked to attend our office with original documents, we will take copies.
•    Proof of your qualifications – you will be asked to attend our office with original documents, we will take copies.
•    You will be asked to complete a criminal records declaration to declare any unspent convictions.
•    We will contact your referees, using the details you provide in your application, directly to obtain references
•    We will also ask you to complete a questionnaire about your health. This is to establish your fitness to work. This is done through a data processor (please see below).
If we make a final offer, we will also ask you for the following:
•    Bank details – to process salary payments
•    Emergency contact details – so we know who to contact in case you have an emergency at work
•    Membership of a Local Government Pension Scheme.


Use of data processors

Data processors are third parties who provide elements of our recruitment service for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.


Myjobscotland

If you use our online application system, you will provide the requested information to Myjobscotland who provide this online service for us. Once you click ‘apply now’ you will be taken to Myjobscotland website and they will hold the information you submit but the Tay Road Bridge will have access to it.
Here is a link to their Privacy Notice.
https://www.myjobscotland.gov.uk/privacy-and-cookies


Dundee City Council Services

If you are employed by the  Tay Road Bridge Joint Board, relevant details about you will be provided to Dundee City Council who provide payroll services to the Tay Road Bridge Joint Board. This will include your name, bank details, address, date of birth, National Insurance Number and salary.


Tayside Pension Fund (Local Government Pension Scheme)

Your details will be provided to Tayside Pension Fund who are the administrators of the Local Government Pension Scheme, of which the  Tay Road Bridge is a member organisation. You will be auto-enrolled into the pension scheme and details provided to Tayside Pension Fund will be your name, date of birth, National Insurance number and salary. Your bank details will not be passed to Tayside Pension Fund at this time.


Health Management

People Asset Management (PAM) provide our Occupational Health service. If we make you a conditional offer, we will ask that you complete a questionnaire which will help to determine if you are fit to undertake the work that you have been offered, or advise us if any adjustments are needed to the work environment or systems so that you may work effectively.
We will send you a link to the questionnaire which will take you to Health Management’s website. The information you provide will be held by Health Management who will provide us with a fit to work certificate or a report with recommendations. You are able to request to see the report before it is sent to us. If you decline for us to see it, then this could affect your job offer. If an occupational health assessment is required, this is likely to be carried out by Health Management.
Here is a link to their website where the Privacy Notice can be downloaded.
https://www.pamgroup.co.uk/Your rights
Under data protection laws, you have rights as an individual which you can exercise in relation to the information we hold about you.
You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/


Complaints or queries

The Tay Road Bridge Joint Board tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This Privacy notice does not provide exhaustive detail of all aspects of the Tay Road Bridge Joint Board’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
If you want to make a complaint about the way we have processed your personal information, you can contact us in our capacity as the statutory body which oversees data protection law.


Access to personal information

The Tay Road Bridge Joint Board tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under data protection laws. If we do hold information about you we will:
•    give you a description of it;
•    tell you why we are holding it;
•    tell you who it could be disclosed to; and
•    let you have a copy of the information in an intelligible form.

To make a request to the Tay Road Bridge Joint Board for any personal information we may hold you need to put the request in writing addressing it to the Bridge Manager, or writing to the address provided below.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting the Bridge Manager.


Disclosure of personal information

In many circumstances we will disclose personal data without consent and will be shared as required by law. However when we investigate a complaint, for example, we will need to share personal information with the organisation / person concerned and with other relevant bodies. Further information is available in the ICO Information Charter about the factors we shall consider when deciding whether information should be disclosed.


Links to other websites

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.


Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 24 May 2018.


How to contact us

If you want to request information about our privacy policy you can email us or write to:
Tay Road Bridge Joint Board
Administration Office
Marine Parade
Dundee
DD1 3JB