By clicking "Accept" you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
PreferencesDenyAccept
cookie

Privacy

Introduction

We are the Labour Party and we are a century old political organisation, borne out of the trade union movement and built on equality, social justice and compassion. We are committed to placing the rights of individuals at the centre of how we collect, hold and use personal data.

In all privacy notices you will find on our website we often refer to ourselves as “Labour”, “we”, “us”, “our”, or the “Party”, so when you see these you know it is still the Labour Party that we are referring to.

The Labour Party is registered with the Information Commissioner’s Office (ICO) for data protection purposes (registration number Z5487928). For all uses of personal data you read about in our privacy notices, we are the data controller.

Where your personal data is shared with an MP, their offices or a governmental department, they will have their own ICO registration and separate Privacy Notices for the uses of your personal information (also known as Personal Data) upon your appointment.

This privacy notice should be read in conjunction with:

1. The Labour Party in Government Privacy Notice

2. The Labour Party Recruitment Privacy Notice

3. The Labour Party Website Visitors Privacy Notice

If you have any questions about any aspect of any of this privacy notice you can contact us by emailing us at dataprotection@labour.org.uk.

What personal data do we collect?

Where you have applied for a job, work experience, fixed term contract, secondment or internship with us we will collect the following. This list is non-exclusive:

  • Contact details such as name, preferred name, title, addresses, telephone numbers, and personal email addresses;
  • Preferred method of contact;
  • Copies of driving licence, passport, birth certificates and proof of current address, such as bank statements and council tax bills;
  • Notice period, preferred start date;
  • Evidence of how you meet the requirements of the job, such as application forms (physical and digital), CVs, covering letters, references, assessment outputs, employment history, academic qualifications/history, professional training/certifications, skills, and work experience or internships;
  • Evidence of your current and/or future work eligibility status, immigration status, including visa type, and visa expiry date;
  • Diversity and equal opportunities monitoring information – this can include information about your race or ethnicity, religious beliefs, sexual orientation, disability and other ‘special category data’ information about your health, including any medical needs or conditions;
  • Other unforeseen information required for some applications;
  • If you contact us regarding your application, a record of that correspondence including, but not limited to, the content and attachments of emails;
  • Details of your use of our recruitment tools and services, such as your candidate profile, the source of your application, the date/time, the role(s) you applied for, salary history/expectations, alerts for vacancies, the status of your application and updates on how it moves forward;
  • Derived data about you, that is, data that includes our staff’s opinion of you such as, but not limited, to the stages you complete of the recruitment process and those you do not, records of interviews, interview notes/feedback, assessment feedback, rejection stage, rejection reason, and job offer details;
  • Language and behaviour of yourself within the public domain such as social media posts (X, Meta platforms, YouTube etc.);
  • Further information you provide us in online application forms (e.g. why you want to work for an MP? Etc.), interviews, conversations and communications with us which may or may not be recorded;
  • Information about the device used to access our website, your visits and use of the website including your IP address, internet log information, location, browser type and version, referrer and activity, and details of visitor behaviour patterns;
  • We record your activity and preferences when visiting our website through the use of cookies (see our Cookie Notice by clicking here); and
  • IP address, operating system and browser information.

We may also collect, store and use the “special categories” of more sensitive personal information including, but not limited to:

  • Information about your physical or mental health, or disability status;
  • Information about your health and medical conditions for health and safety reporting purposes;
  • Criminal records information;
  • Personal information related to the Equality Act 2010 inclusive of data known as ‘Protected Characteristics’ (age, disability, gender reassignment, marriage or civil partnership (in employment only), pregnancy and maternity, race, religion or belief, sex, sexual orientation); and
  • Personal information related to our internal equality and diversity monitoring policy (geographical location, organisation, socio-economic class, caring responsibilities, educational background).

Where do we get your personal data?

We may collect personal data in a variety of ways and at a variety of times throughout our interactions with you. We refer to “direct data collection” when data is collected directly from you and we refer to “indirect data collection” when the data is not collected directly from you. Here is the list of ways we will collect your personal data from you:

  • From yourself where you have responded to an advert on our website, completed our contact us page on our website or sent an unsolicited prospective email to us (direct data collection);
  • From yourself via a recruitment web advert we have developed which may also mean we have received your personal data via a recruitment platform or website which you have filled in (direct data collection);
  • From a recruiter, recruitment agency or other applicant tracking system or recruitment website (indirect data collection);
  • We also use platforms such as LinkedIn, Indeed, CV Library and others where we may have identified you as a potential candidate for employment, work experience or internship (indirect data collection);
  • Via publicly available sources such as social media, where we have identified you as an individual we would like to approach as a good fit for employment, work experience or internship (indirect data collection);
  • From a reference of a sectoral relevant individual where they have gained permission from you to be introduced to us (indirect data collection);
  • From a Higher Education Provider (HEP) such as a college or University who has recommended you to us (indirect data collection);
  • From a current or former employee where they hold a previously established relationship with you and sharing your personal information with us would not be unexpected (indirect data collection);
  • From yourself when you have participated in a survey, questionnaire, poll or related web-form as a research participant and expressed an interest, in any free-text fields, of being a potential candidate for employment, work experience or internship (indirect data collection);
  • From publicly available websites and social media platforms when we think you may have an interest in a role that we have open for people to apply for (indirect data collection);
  • From former employers and people named by candidates as references (indirect data collection);
  • Where relevant, the Disclosure and Barring Service (DBS) and/or police records (indirect data collection);
  • If relevant to the role, internal and/or Government departments or other relevant and related institutions (indirect data collection);
  • From the device you are using to access this website (indirect data collection);
  • From third-party website analytics services such as Google Analytics and cookies (see our Cookie Notice by clicking here) when you visit this website [Note: We do not make, and do not allow our Google Analytics settings to make, any attempt to find out the identities of those visiting our website].

What do we use your personal data for and what is our lawfulbasis for using it?

We will use your personal data for the following purposes and on the following lawful bases.

Purpose for using personal data Lawful basis for using
Processing your data is necessary to move your application forward before signing a contract of work. This concerns employment or pre-employment checks The lawful basis we shall be relying in accordance with UK GDPR Article 6.1(b) where the use your personal data is necessary in the performance of a contract which you have agreed to or where we are working to enter into a contract with you.
To ensure compliance with employment law. Compliance with a legal obligation under UK GDPR Article 6.1(c). The legal obligation is The Employment Rights Act 1996.
To reply and communicate with you about the position you have applied for or inquired about. The lawful basis we shall be relying on is the legitimate interest of the Data Controller in accordance with UK GDPR Article 6.1(f).
To approach you as a good fit for employment, work experience or internship in accordance with an application you have made.
To allow an MP’s office, their staff, which may also mean staff within governmental department, review your applicability to the role you have applied for, or a role you may be suitable for. Your recruitment information will be shared with them.
To move your application forward including making changes in applicant tracking systems or dedicated recruitment-based software and websites, or with agencies.
To inform you about the status of your application.
To check you are the right candidate for the role.
To receive a reference from a sectoral relevant individual where they have gained permission from you to be introduced to us
To send you notifications for other job, work experience or internship vacancies. This will also be relevant where you may have been unsuccessful and we feel you may be suitable for another role we would like to contact you about.
To invite you to participate in relevant surveys, questionnaires, and/or employment polls regarding your recruitment experience so we can improve our processes.
To monitor, improve and update this website and this recruitment process whilst also maintaining IT security and administrative practices.
With permission, retain your personal information for longer statutory requirements where you have not been successful but would like the opportunity to invite you to apply again in the future. The consent you have provided us for this use of your personal data in accordance with UK GDPR Article 6.1(a).
To add you to digital communications activities lists and send you content where you have indicated your consent for us to do so.
There are a number of reasons for the Labour Party’s use of cookies which can be found on our Cookie Policy and you can access by clicking here.
To identify personal data and take relevant action upon submission of a data subject rights request.  Compliance with a legal obligation under UK GDPR Article 6.1(c). The legal obligation is the UK General Data Protection Regulation to uphold your data protection rights.

Special categories of personal data used for the purpose of Substantial Public Interest (Preventing or detecting unlawful acts; Protecting the public; Regulatory requirements) under UK GDPR Article 9.2(g).
To be able to assess any impact on individuals of a data breach involving personal data held on Labour Party systems or on third party systems.
To help protect an individual from neglect or physical, mental or emotional harm, or protect the physical, mental or emotional well-being of an individual. Use of the personal data is necessary to protect the vital interests of an individual or individuals in accordance with UK GDPR Article 6.1(d).

Special categories of personal data used for the purpose of Substantial Public Interest (Preventing or detecting unlawful acts; Protecting the public; Regulatory requirements) under UK GDPR Article 9.2(g).
To deal with legal claims and ongoing litigation cases. Compliance with a legal obligation under UK GDPR Article 6.1(c). The legal obligation is the UK General Data Protection Regulation to uphold your data protection rights.

Special categories of personal data used for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity under UK GDPR Article 9.2(f).

We maintain a reserve list of candidates who met our requirements but were not successful in securing the specific post they applied for. We’ll ask for your permission to be added to this list. We will refer to the list when other roles are advertised and will contact you if you match the role.

If you are successfully recruited, we will upload your details to our HR system. We will also share your data for statistical analysis (it will be anonymised first) if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.

For the purposes of reporting on and improving the effectiveness and efficiency of our recruitment systems and processes, we may retain a handful of personal data points about you (the source of your application, the stage you reached in the process, and the overall reason you were rejected), however, none of these data points are personally traceable to you.

When we carry out National Security vetting for some roles, we have to process personal data to perform a task that’s is of a substantial public interest depending on the sensitivity of the role.

If we offer you the opportunity to participate in our optional recruiting programs or if we collect sensitive personal data (for legally permitted purposes other than compliance with our legal obligations regarding public health and workplace safety), we will ask for consent from you, where you are not successful in an application, to retain your data for any future opportunities which are unrelated to this website.

NOTE: This notice is specific to the use of the website you are currently on and not relevant to any other Labour platforms which may be accessible via this website or any other website of a similar name.

If you have interacted with Labour in a different way and if you expected to see something different to the list above, you can access all of our privacy notices by clicking here. If it is still not there, feel free to get in touch as mentioned below.

Who do we share your personal data with?

Any data shared with the below categories of recipients is the minimum necessary for the task they have been instructed to carry out on our behalf or in conjunction with us. Each category of recipient is subject to review by the Data Protection Team to make sure they have the right methods in place for keeping your personal data secure.

Where the sharing of personal data is within the context of a product or service being supplied under contract to Labour, a Data Processing Agreement, in accordance with GDPR Article 28 is put in place. This makes sure the supplier cannot use your personal data outside of the list of uses above.

Within the purposes of using your personal data, as listed above, we will share your personal data with the following:

  1. Only if relevant to the role(s), MPs and their office staff which may also include staff within a government department (therefore meaning your personal data will be shared with relevant government departments);
  2. Relevant third-party recruiters, recruitment process management companies and relevant recruitment website developers (for this website);
  3. Pre-approved digital Applicant Tracking Software platform(s);
  4. Pre-approved digital Human Resources Management platform provider(s);
  5. Pre-approved digital communications and storage providers;
  6. Pre-approved online survey/web-form platform providers;
  7. Pre-approved website and analytics services and hosting service providers; and
  8. Pre-approved cloud services and IT security services providers that manage, monitor and track all website uses including all data captured from this website.


Please be reassured that the Labour Party limits access to your recruitment personal data to those who have a genuine need to access it, including:

  • The recruiting manager(s) and stakeholders for the role(s) in question;
  • Interviewers/assessment reviewers for the role(s) in question;
  • The director of the team where the role(s) may sit; and
  • Other approvals managers or reviewers including internal or external auditors conducting an audit or investigation of our processes.

There may be scenarios where we are subject to a legal obligation to disclose or share your personal data, such as with law enforcement agencies, regulatory bodies or public authorities in order to prevent or detect crime, or prove we have adhered to their request. We will only ever disclose your personal data to these third parties to the extent we are required to do so by law.

Data sharing with a third-party organisation that is not a supplier of a product or service to the Labour Party does not occur unless there is a legal obligation or sound lawful purpose for such sharing.

In all circumstances, the unlawful and unauthorised sharing of copies of personal data in which the Labour Party is the data controller is expressly prohibited. Any unauthorised sharing of Labour Party data is classified as a data breach which we will record and report to the ICO as required.

Transferring your personal data outside of the UK

It is unlikely that we’ll ever share your personal data outside the UK or the EU. If, however, it becomes necessary we will only share it with organisations in countries:

  1. Where the UK or European Commission have said the country is ‘adequate’ (this means countries that have a similar level of data protection law as we have in the UK) – the UK and EU are ‘adequate’ for each other;
  2. On the basis of an International Data transfer Agreement (IDTA) or European Commission Standard Contractual Clauses (SCCs) with an addendum required by the UK (both of these are contracts which require the organisation to use and protect your personal data to the standard we expect within the UK); or
  3. On the basis of a supplier sharing data to another of their offices located outside the UK and EU and they have implemented contractual arrangements call ‘Binding Corporate Rules’. (These need to be verified by data protection regulators and do not allow an organisation to share data outside of their contracted network of suppliers and their own offices).

All suppliers that use personal data on our behalf have an agreement in place with us no matter where the data is going. This is known as a Data Processing Agreement.

How long will we keep your personal data?

We will only keep personal information for as long as it is needed to fulfil the purpose for which it was collected.

We will store your information for the duration of the recruitment process. Where you have not been successful, we shall retain your personal data for up to 6 months in accordance with the UK Limitation Act 1980. We will only retain your personal data longer than 6 months where we have gained your permission to do so.

If you have been successful in the recruitment process, you will provided with an employee Privacy Notice relevant to the office and data controller acting as your employer which may or may not be the Labour Party.

Depending on your reason for visiting the website and how you decide to interact with our website will determine the amount of time we retain your personal information outlined above.

How do we protect your personal data?

We implement appropriate technical, organisational and contractual security measures to protect the personal data we hold about you. This is to protect it from unauthorised disclosure, use, alteration or destruction. We will always keep these under review to make sure that the measures we have implemented remain appropriate.

Data protection risk assessments, often called Data Protection Impact Assessments (DPIAs) are conducted where we find there could be a high risk in how we propose to use your personal data. These are conducted at the point they can be most effective so we can design security protections into everything we do with any personal data, especially where we use people’s political opinion.

All Labour Party staff are required to attend or undertake data protection training at least once every two years and all new starters are required to attend a live data protection training session as part of their induction.

We regularly run internal security exercises and each supplier we use must demonstrate proficiency in security measures and controls to us.

The Labour Party maintains a set of data protection & information security policies and our technical security estate is continually improving with state of the art technology for monitoring, threat detection and prevention purposes.

This website has security measures in place to protect against the loss, misuse or alteration of the information under our control.

If you think your, or anyone else’s personal data has been unlawfully disclosed or shared and may be part of a ‘data incident’ you can report this by emailing dataprotection@labour.org.uk. The Data Protection Team review all data incident reports and will be able to pass this information on to the Data Protection Officer or the Director of Information Security & Technology as necessary.

What are your rights and how can you express them?

To understand your data privacy rights and to submit a rights request, the best way to do so is by visiting the ‘YOUR RIGHTS’ page on our website which you can get to by clicking here.

How can you complain about our use your personal data?

The best way to make a complaint is by visiting our page on ‘HOW TO MAKE A DATA PROTECTION COMPLAINT’ which you can access by clicking here.

How can you contact us about this privacy notice?

If you have any questions about the information in this privacy notice, then you can contact the Data Protection Team via email using dataprotection@labour.org.uk or by post within a letter to:

Labour Statutory Data Protection Officer

The Labour Party, Southworks, 20 Rushworth Street, United Kingdom, SE1 0SS

When was this privacy notice last updated?

We may update this notice (and any supplemental privacy notice), from time to time as shown below. We will notify you of the changes where required by applicable law to do so. Last modified: 08 July 2024.