Candidate Privacy Notice

We are committed to protecting the privacy and security of candidates' personal data. This privacy notice describes how we collect and use your personal data during and after the recruitment process, in accordance with Data Protection Laws.

1. Shawbrook Bank is a "controller" of personal information, this is because we decide what data we collect, how we hold and use it, how we store it and when we delete it. Data protection principles

We will comply with the data protection l principles, which means that your data will be:

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purposes we have told you about.
  • Kept securely.

2. The kind of information we collect and hold about you

Personal data means any information about an individual from which that person can be identified. There are ‘special categories' of more sensitive personal data which require a high level of protection. If you make an application for work with us, we will collect, store, and use the following types of personal information about you:

  • Information you, an employment agency or other third party acting on your behalf have provided to us in your curriculum vitae and covering letter. This will include your name, contact details, education history, qualifications and career history.
  • Information you have provided on our application form. This will include your name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications, details of any languages you speak and referee details etc.
  • Any information that you provide in order to evidence your proof of right to work in the UK. This will include visa information and photocopies of any identification documentation you provide such as passport, driving license, etc or proof of address documentation.
  • Any information you provide to us during an interview or telephone conversation or video call to discuss your application.
  • Any information relating to tests required as part of the application process including psychometric tests.
  • Evaluative notes and decisions from interviews.
  • Preferences relating to job location and salary.
  • Details of any secondary employment, conflict of interest declarations (including where related to family networks).
  • Image or photographs as may be required for identification or security purposes.

We may also collect, store and use the following ‘special categories' of more sensitive personal information:

  • Personal information including your date or birth, gender and details of any reasonable adjustments you require for the hiring process.
  • Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions.
  • Information about your health, including any medical condition, health and sickness records.
  • Information revealed by criminal record checks, fraud checks, social media checks, credit reference agency checks, financial services regulatory checks, companies house checks, qualification checks, standard and regulatory reference checks (in each case as relevant to the role for which you have applied)

3. How is your personal information collected?

We collect personal information about candidates from the following sources:

  • You, the candidate. Data might be collected through application forms, your CV, from correspondence with you, or through interviews, meetings or other assessments.
  • From Cielo, our Recruitment Provider onsite, and their partners from which we collect the types of information mentioned above in section
  • Results from pre-employment checks (SAFE Screening). Further information on Pre-Employment Screening checks and the relevant data sources can be found in Appendix 1 of this privacy notice). These are carried out on our behalf in order to satisfy the Bank's regulatory obligations. The checks themselves will involve the collation by SAFE of data relating to criminal record checks, credit checks, fraud checks and (if you perform certain senior roles) social media checks. In addition, they include financial services regulatory checks, companies house checks, qualification checks, regulatory reference checks, performance evaluation checks (in each case as relevant to your role/the role for which you have applied.
  • We may collect personal data about you from third parties.
  • Your named referees, from whom we collect the following categories of data: qualifications and career history.
  • Information from third parties that is publicly accessible such as Linkedin or other professional profile platforms.)

4. How we will use information about you

We need to process your data to enter into an employee contract with you and to meet the contract's obligations. For example, we need to process your data in order to pay you and to administer your entitlements, such as benefits and pensions.

We may also have a legitimate interest to process personal data (including sensitive personal data) before, during and after the end of the employment relationship. We also need to process your personal information to decide whether to enter into a contract of employment with you or contract for services with the third party or agency acting in your interests.

Having received your CV and covering letter and any initial test results (where the role requires a preliminary tests), we will then process that information to decide whether you meet the basic requirements to be shortlisted for the role. If you do, we will decide whether your application is strong enough to invite you for an interview. If we decide to call you for an interview, we will use the information you provide to us at the interview to decide whether to offer you the role. If we decide to offer you the role, we will then carry out any pre employment checks in accordance with the section 7 of this privacy notice before confirming your appointment.)

We will use your particularly sensitive personal data in the following ways:

  • We will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during a test or interview.
  • We will use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.
  • We will collect information about your criminal convictions history if we would like to offer you the role (conditional on checks and any other conditions, such as references, being satisfactory). We are required to carry out a criminal records check in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the role.
  • Should investigations identify fraud or the commission of any other criminal offences by the individual when applying for, or during the course of employment with Shawbrook Bank, Shawbrook Bank will record the details of this on the relevant fraud prevention databases. This information may be accessed from the UK and other countries and used by law enforcement agencies and by Shawbrook Bank and other organisations to prevent fraud.
  • We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data.
  • Further information on Pre-Employment Screening checks and the relevant data sources can be found in Appendix 1 of this privacy notice.

We may also need to process your personal data to ensure we are complying with its legal obligations. For example we are required to check that you are entitled to work in the UK, to deduct tax, to comply with health and safety laws and to enable employees to take periods of holiday leave.

5. What if you do not provide us with all necessary personal data?

If you do not provide the information, we may not be able to take your application further. Where the provision of information is voluntary, we will make sure you are aware.

6. Why might we share your personal information with third parties?

We will only share your personal information with the following third parties for the purposes of processing your application:

  • Our recruitment agency, Cielo, and their partners
  • SAFE/GIANT, to complete pre-employment screening. Associated parties involved in pre-employment screening are listed in Appendix 1. All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies.

7. How will we protect your personal data?

We know how much data security matters to you. With this in mind, we will treat your data with the utmost care and have put in place appropriate security measures to protect it. We limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.)

8. How long will you use my information for?

We will not hold your personal data longer than we need it. If your application is unsuccessful, we will retain your personal information for a period of 12 months after we have communicated to you our decision.

If we retain your personal information on file, on the basis that a further opportunity may arise in future and we may wish to consider you for that, we will write to you separately, seeking your explicit consent to retain your personal information for a fixed period on that basis.)

We retain your personal information so that we can show, that we have not discriminated against candidates and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal information.

If you are successful in your application, information collected as part of the recruitment process will be transferred to your personnel file and retained during your employment.

9. Automated decision-making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

10. Your rights in connection with personal information

Under certain circumstance you have the following rights to::

  • Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it.
  • Object to processing of your personal information. Where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party. This enables you to obtain and reuse your personal data. It only applies to the personal data you have provided.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us

11. How to contact us

If you have any questions about this privacy notice or how we handle your personal information, you can contact our Data Protection Officer by email at or by writing to Shawbrook Bank Limited, Lutea House, Warley Hill Business Park, The Drive, Great Warley, Brentwood, Essex, CM13 3BE. If we cannot resolve a complaint about the way we have handled your personal information to your satisfaction you can contact the ICO at or by telephoning 0303 123 113.


Appendix 1: Pre-Employment Screening Checks

a. Background

As a banking organisation regulated by the Financial Conduct Authority (FCA), Shawbrook Bank carries out pre-employment checks for all new joiners.

For regulated employees, particular regard shall be had to the assessment of the requirements of the FCA's fit and proper test (FIT) and competence requirements including assessing an applicant's suitability in respect of his/her competence and capability as well as his/her honesty, integrity, reputation and financial soundness.

Shawbrook Bank aims to support business success by maintaining a corporate culture of honesty and trust; selecting the most suitable candidates based on genuine qualification and experience; and sending a clear message that Shawbrook Bank is alert to security threats.

The highest standards of integrity are essential to the commercial success and reputation of Shawbrook Bank and as such, we exercise a duty of care to our employees and customers alike.  An example of this is pre-employment screening, which is integral to our resourcing process.

New joiners on Shawbrook contracts whether temporary or permanent will undergo the full screening package (including the appropriate level of DBS checks) as detailed below.  All pre-employment screening for new Shawbrook staff is carried out by SAFE, whereas temporary staff employed through a recruitment agency will have pre-employment screening carried out by the recruitment agency through which they are sourced and contractors will have their pre-employment screening completed by Giant.

SAFE Pre-employment checks include:

  • UK Electoral Roll & Credit Check
  • UK Identity Verification (MRZ) passport check
  • Career Gap
  • DBS checks appropriate to the role
  • Employment Verification for the past 5 years (6 years in the case of Certified roles)
  • Verification of professional and all qualifications
  • Right to work in the UK
  • CIFAS National Fraud Database
  • Social media checks (for certified roles only)

b. Process

As part of Shawbrook Bank's offer of employment, new joiners must provide the screening company with their written consent to carry out the pre-employment checks and complete the on-line pre-screening application within approximately one week of receiving their log on details.  It is the responsibility of all new joiners to provide accurate and up to date information to SAFE, as any discrepancies relating to the information they provide could delay or even adversely affect their offer of employment being confirmed.  New joiners are also responsible for submitting documentary evidence directly to SAFE, as without this, certain checks cannot be performed.

Once all pre-screening checks have been carried out, Shawbrook Bank receive confirmation from SAFE as to whether the reference checks have been satisfactorily completed.  Should SAFE  identify any issues, HR will speak to the candidate in order to clarify specific details.  If it is deemed that references cannot be obtained to Shawbrook Bank's satisfaction, the employee's offer of employment may be withdrawn or employment may be terminated without pay.

Shawbrook Bank reserves the right to withdraw any offer of employment or consideration of employment, or discharge an employee, upon finding falsification, misrepresentation or omissions of fact on an employment application, CV, other attachments, or investment statements, regardless of what is discovered.

No Shawbrook employees will be able to start work before satisfactory evidence of right to work in the UK and clear credit and CRB checks have been received, unless sign off is obtained from the Head of HR Service Delivery and Change.  Such sign off will be given only in very exceptional circumstances.  All references need to be completed to Shawbrook Bank's satisfaction before an employee's probation will be passed.

The Equal Opportunities Policy is directly relevant to the pre-employment screening process and employees should therefore make themselves aware of its content.

c. Declarations

Any persons wishing to make a statement in advance of any checks being carried out or declare any possible adverse findings that may arise from these checks should make a self-disclosure statement can do so in writing to within 3 working days of completing this the SAFE checks questionnaire.


Can't find the job you're looking for?

We're always on the lookout for new talent. Join our talent community and if a position becomes available that we think will suit you, we'll be in touch!