Privacy Policy

cardfactory Privacy Statement - Recruitment

The following explains how we at cardfactory intend to use the information you provide in your application, along with your rights, our reasons for requesting that information and who will have access to it.

What information do we collect from you?

We collect information that is specifically provided by you as part of an application process, including:

  • Name, address, and contact information including your email address and telephone number;
  • CV (if applicable);
  • Equal opportunities monitoring information (which includes gender and community background / religion). This information is purely for statistical analysis and monitoring purposes;
  • Answers to application questions;
  • Any other information you wish to provide in support of your application which may include a portfolio of work, an application video, or links to your website.

By submitting your application, you are agreeing to this privacy statement. You are also are allowing us to use your personal data given during the application so that we can assess your suitability for employment with us. This also includes us being able to carry out our statistical analysis (such as complying with our legal obligations to provide annual reports to the Northern Ireland Equality Commission).

Why do we collect this information and who do we share it with?

Details you provide in this application:

  • Will be held on our computer systems and may be downloaded by us;
  • Will be used to process your application;
  • Will be made available to us and our processors (for example, our pension provider);
  • Will be used for communicating with you regarding the vacancy;
  • Will be used to satisfy legal requirements;
  • Will be used for statistical analysis;
  • Will be held and may be used to contact you about other vacancies;
  • May be used to contact you for feedback on the recruitment process.
  • We will store your personal data for 24 months after the vacancy has closed. After this period it will be fully deleted. 

Automated screening

We use some automated screening tools as part of this application process. The answers you provide to one or more of the questions, excluding any equal opportunities questions about your gender, community background or religion, may result in your application being automatically declined. This technology is used to help us manage the high volume of applications we receive and can assure applicants the same outcome would occur if we manually reviewed your application. The reason for the decline will be made available to you in your candidate account. If you wish to challenge the outcome you have received, this can be checked manually.

Recruitment process

Our recruitment process requires that we contact the referees provided by you to ascertain suitability of employment. This would be on offer of employment, and any offer you may receive could be subject to the return of suitable references. The content of the reference will not be shared without the referee’s permission.

We collect your personal data in order to review your suitability for any vacancies for which you apply and for statistical analysis. If you are offered an employment position we will use your data as part of our employee enrolment process and upload this data in to our HR/Payroll system.

How can I access the information you hold about me?

We are dedicated to enabling candidates who wish to review the personal information given when they apply for a position via our website site and correct any inaccuracies it may contain. If you choose to register, you may access your profile, correct and update your details, or withdraw your details at any time. To do this, you can access your personal profile by using the secure login. In all cases we will treat requests to access information or change information in accordance with applicable legal requirements.

You have the following rights in relation to the way in which we deal with your personal data:

  • the right of erasure or to be forgotten;
  • the right to rectification if the information we hold is inaccurate or out of date;
  • the right of data portability (to obtain and reuse your personal data);
  • the right to object to cardfactory and any processors handling of your personal data. cardfactory uses Tribepad as a processer in the recruitment process;
  • the right to withdraw your consent with regards to the handling of your personal data. You have the right to ask for a copy of the information we hold about you, which is known as a Subject Access Request. However, within your candidate account, you can delete your account or update your communication settings without needing to directly contact cardfactory;
  • You have the right to lodge a complaint with a supervisory authority - this is the Information Commissioners' Office (the ICO - in the UK.

Where you exercise your right to object or withdraw your consent, we may process your personal data without your knowledge or consent only when we are permitted to or required by law or regulatory requirements to do so. In such a case, we will not process more personal data than is required under the circumstances.

If you are not satisfied by our actions, you can seek recourse by emailing If you remain dissatisfied, you have the right to refer the matter to the ICO or seek recourse through the courts.

Unsuccessful candidates

If you are unsuccessful in the recruitment process for the role, we may ask if you would like your details retained in our talent pool. If you say yes, we would proactively contact you should any further suitable vacancies arise.