Skip to main content

Staff Privacy Notice

During the course of its employment activities, The Welsh Ambulance Service, collects, stores and processes personal information about prospective, current and former staff.

This Privacy Notice includes applications, employees (and former employees), workers (including agency, casual and contracted staff), volunteers, trainees and those carrying out work experience.

We recognise the need to treat staff personal and sensitive data in a fair and lawful manner. No personal information held by us will be processed unless the requirements for fair and lawful processing can be met.

What types of data do we handle?

In order to carry out our activities and obligations as an employer we handle data in relation to:

  • Personal demographics (including gender, race, ethnicity, sexual orientation, religion)
  • Contact details such as names, addresses, telephone numbers and Emergency contact(s)
  • Employment records (including professional membership, references and proof of eligibility to work in the UK and security checks)
  • Bank details
  • Pension details
  • Medical information including physical health or mental condition (occupational health information)
  • Information relating to health and safety
  • Trade union membership
  • Offences (including alleged offences), criminal proceedings, outcomes and sentences
  • Employment Tribunal application, complaints, accidents and incident details.

Our staff are trained to handle your information correctly and protect your confidentiality and privacy.

We aim to maintain high standards, adopt best practice for our records keeping and regularly check and report on how we are doing. Your information is never collected or sold for direct marketing purposes.

We may use outsourced providers or data processors that are based outside of the UK. Should your data be transferred outside of the UK, we will ensure in accordance with Data Protection legislation that the data will only be transferred where there is an adequacy regulation or other appropriate safeguard in place.

What is the purpose of processing data?

  • Staff administration and management (including payroll and performance)
  • Pensions administration
  • Business management and planning
  • Accounting and Auditing
  • Accounts and records
  • Crime prevention and persecution of offenders
  • Education
  • Health administration and services
  • Information and databank administration
  • Sharing and matching of personal information for national fraud initiative

We have a legal basis to process this as part of your contract of employment (either permanent or temporary) or as part of our recruitment process following data protection and employment legislation)

Sharing your information

  • Our obligations to comply with legislation
  • Our duty to comply any Court Orders which may be imposed

Any disclosures of personal data are always made on a case-by-case basis, using the minimum personal data necessary for the specific purpose and circumstances and with the appropriate security controls in place. Information is only shared with those agencies and bodies who have a “need to know” or where you have consented to the disclosure of your personal data to such persons.

Use of Third Party Companies

To enable effective staff administration The Welsh Ambulance Service NHS Trust may share your information with external companies to process your data on our behalf in order to comply with our obligations as an employer.

Employee Records; Contracts Administration

The information which you provide during the course of your employment (including the recruitment process) will be shared with the NHS Shared Services for maintaining your employment records, held on the national NHS Electronic Staff Record (ESR) system.

Prevention and Detection of Crime and Fraud

We may use the information we hold about you to detect and prevent crime or fraud. We may also share this information with other bodies that inspect and manage public funds.

We will not routinely disclose any information about you without your express permission. However there are circumstances where we must or can share information about you owing to a legal/statutory obligation.

Individual Rights

Data Protection laws give individuals rights in respect of the personal information that we hold about you. These are:

  • To be informed why, where and how we use your information
  • To ask for access to your information.
  • To ask for your information to be corrected if it is inaccurate or incomplete
  • To ask for your information to be deleted or removed where there is no need for us to continue processing it.
  • To ask us to restrict the use of your information.
  • To ask us to copy or transfer your information from one IT system to another in a safe and secure way, without impacting the quality of the information.
  • To object to how your information is used.
  • To challenge any decisions made without human intervention (automated decision making)

The Welsh Ambulance Services NHS Trust is open and transparent about how your personal data is used and shared. Should you have any queries or concerns, please contact the Data Protection Officer at:

Data Protection Officer, Welsh Ambulance Services NHS Trust, Tŷ Elwy, Richard Davies Road, St Asaph, Denbighshire, LL17 0LJ
Email: amb.infogov@wales.nhs.uk

If you are still unhappy with the outcome of your enquiry you can write to:

The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 01625 545700