Contact Us


Terms and Conditions


Privacy Policy


Site Map


  


watch video

apply online
Work in a spa-at-sea >

Back on Board
Renew your contract >

  





The Onboard Spa

PRIVACY POLICY FOR CANDIDATES AND TRAINEES

Last updated May 25, 2018

The Onboard Spa is committed to protecting the privacy and security of your personal information.

This privacy notice describes how we collect and use personal information about you during and after your relationship with us, in accordance with the General Data Protection Regulation (GDPR).

It applies to everyone who:

·         uses our website

·         applies through us for roles with our group companies for work onboard spas at sea

·         is provided with training by us

It may also apply during the course of your employment by one of our group companies as further explained below.

 

Introduction

We are responsible for recruiting staff who want to work onboard in spas operated by our group companies onboard cruise ships and we offer training to successful candidates and in connection with that recruitment process and during any training provided to you we will collect personal information from you. 

If you are a successful candidate and you are offered a role in an onboard spa, your employment will be with one of our group companies, usually OneSpaWorld (Bahamas) Limited, or on occasion with STO Italy Limited and the privacy policy of your respective employer company will then apply to the information they will hold about you in connection with your employment.  This policy will continue to apply to the information you provided to us and to any further personal information you may provide to us from time to time, for instance in connection with any medical matter or application to work on a different vessel where we deal with the process of transferring you to a different vessel.

Who we are

We are The Onboard Spa a company incorporated in England and Wales with company number 00580061 and our registered office is at The Lodge, 92 Uxbridge Road, Harrow Weald, Middlesex, HA3 6DQ.  In this policy The Onboard Spa is referred to as “we”, “us” or “The Onboard Spa”.

Our Contact Details

The Data Protection Officer who has been appointed for the group of which we are a member can be contacted by email at [email protected].

What is the purpose of this document?

The Onboard Spa is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. You are being sent or asked to acknowledge or agree to this policy because you are doing any or all of the following:

·         using our website;

·         applying for work with one of our group companies for whom we act as a recruiter of staff;

·         traveling to our training facilities or to and from vessels;

·         attending training offered by us;

·         joining or debarking a vessel.

This policy makes you aware of how and why your personal data will be used, and how long it will usually be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) (GDPR).

Data protection principles

We will comply with data protection law and principles, which means that your data will be:

·                         Used lawfully, fairly and in a transparent way.

·                         Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.

·                         Relevant to the purposes we have told you about and limited only to those purposes.

·                         Accurate and kept up to date.

·                         Kept only as long as necessary for the purposes we have told you about.

·                         Kept securely.

The kind of information we hold about you

In connection with your browsing of our website or applying online we may collect, store and use usage data including how you use our website

In connection with your application for work with our group, we will collect, store, and use the following categories of personal information about you:

·                         The information you have provided on our application form, including name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications, passport nationality.

·                         Information provided to us by a recruitment agent on your behalf including the information listed above and any curriculum vitae and covering letter.

·                         Any information you provide to us during an interview.

·                         The results of any tests you undertake as part of the application or training process in order to determine the skills that you have

We may also collect, store and use the following "special categories" of more sensitive personal information:

Information about your health, including any medical condition, health and sickness records and in particular the information necessary for undertaking the checks necessary for a Pre Employment Medical Examination Certificate.

·                         Information about criminal convictions and offences.

How is your personal information collected?

We collect personal information about candidates from the following sources:

·                         You, the candidate.

·                         Recruitment agencies where your application is forwarded to us from a recruitment agency.

How we will use information about you

We will use the personal information we collect about you to:

·                         Assess your skills, qualifications, and suitability for a role at an onboard spa with one of our group companies.

·                         Communicate with you about the recruitment process.

·                         To offer and provide training at our training academy to you and to record whether you have successfully fulfilled the training requirements.

·                         Provide your details to our group companies for the purpose of our group companies employing you for a role in one of their onboard spas.

·                         Provide your details to the cruise lines on whose ships our group companies operate to comply with legal or contractual requirements. Those obligations include legal requirements to provide your name, nationality, passport details, and medical information to the cruise lines on whose vessels you will work.

·                         To administer and protect our business and our  website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

·                         To use data analytics to improve our website, services, marketing, candidate relationships and experiences

·                         Comply with legal or regulatory requirements.

It is in our legitimate interests to decide whether to recruit you for the purposes of providing you with training since our business is the recruitment and training of staff for onboard spa roles with our group companies and it is beneficial to our business and that of our group companies for us to train staff who can on successful conclusion of training be employed by our group companies to provide onboard spa services.

Necessary for our legitimate interests (to define types of candidates, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, and in the context of a business reorganisation or group restructuring exercise)

We also need to process your personal information to decide whether to recommend to our group companies that they recruit you and once you are recruited by a group company in order for them to carry out a contract of employment with you it will be necessary for us to provide the personal information that cruise lines require in respect of all staff who work onboard their vessels.

Having received your application form we will then process the information received to decide whether you meet the basic requirements to be invited for an interview. If you are invited for an interview we will use the information you have provided and the results from any aptitude test that you take to decide whether you meet the requirements to be offered training at our training academy. If you are offered and you accept training with us we will use the information you have provided to us to provide you with training, to assess whether you have satisfied the training requirements and to recommend to our group companies whether you should be offered work

If you fail to provide personal information

If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications, medical certificate or work history), we will not be able to process your application successfully. For example, if we require references for this role and you fail to provide us with relevant details, we will not be able to take your application further.  If you fail to provide the information or refuse to let us provide your information to a cruise line on whose vessel you are to work our group company who employs you would be unable to continue your employment as employment is conditional on the cruise line being provided with information it requires from us by law and contract.

How we use particularly sensitive personal information

We will use your particularly sensitive personal information in the following ways:

·                         We will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during a test or interview.

·                         We use information about your health particularly with regard to whether you have been issued with an Employment Medical Examination Certificate or not to determine whether we can offer training to you and if your training commences before you have obtained an Employment Medical Examination Certificate then in order to decide whether you can successfully complete your training on the basis of the requirement to have an Employment Medical Examination Certificate in order to have successfully completed your training

Information about criminal convictions

We envisage that we will process information about criminal convictions as we are required by the cruise lines for who we operate spas to obtain certain information from you in respect of your criminal convictions history to ensure that there is nothing which makes you unsuitable for a role onboard a cruise ship and in order that we can confirm to the cruise line that this is the case.  All information in respect of criminal convictions is treated by us as sensitive personal information and we ensure that the persons in our organisation with access to that information is limited to only those persons who have a need to know it. 

We do not provide the details of your conviction history to the cruise lines where we consider your conviction history will make you unsuitable for a role onboard unless we have warned you we consider you are unlikely to be able to work onboard and we have obtained your agreement to share this information with the cruise line.  The information you provide to us will be used by us to confirm to the cruise line that you meet their requirements for a role onboard.

Additionally we store this information separately to other information we hold in respect of you in order to ensure that we can limit access to this information to only those persons who have a need to know or access it.  We review our storage and retention policies in respect of documents and data from time to time and in doing so we consider and will continue to consider whether the measures we have taken to keep this information secure could be improved.

By agreeing to this policy you are consenting to the processing of information about your criminal convictions as described above.

If you want to check what information we hold with regard to your criminal convictions history or to request we delete the information we hold please contact us at [email protected] 

Automated decision-making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

Data sharing

Sharing of personal information with third parties?

Our group of companies are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

Transfers outside the EEA

Whenever we transfer your personal data out of the EEA including to our group companies, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

·                            We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission

·                            Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

·                            Where we transfer information between different entities in our corporate group we will use data processing agreements which are based on the Standard Contractual Clauses which are clauses which have been approved by the European Commission and by using these we give your personal data the same protection it has in Europe.

·                            Please contact us at [email protected] if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

 

Cookies

Where you are accessing our website you can disable or refuse cookies, but please note that some parts of this website may become inaccessible or not function properly.

 

How to provide or withdraw consent to the installation of cookies

In addition to what is specified in this document, the User can manage preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing Cookies.


Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this website.  Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer.

 

With regard to Cookies installed by third parties, Users can manage their preferences and withdrawal of their consent by clicking the related opt-out link (if provided), by using the means provided in the third party's privacy policy, or by contacting the third party.

 

Data security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

How long will you use my information for if my application/training is unsuccessful?

Where our system declines your application immediately on receipt of your online application your information will be automatically deleted and is not retained by us.

Where your application is declined other than as set out above or if you do not successfully complete your training with us we will retain your personal information for a period of six (6) months after we have communicated to you our decision about whether to accept you as a candidate for training or after we have communicated to you that you have not successfully completed your training.  We retain your personal information for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal information in accordance with our data retention policy.

How long will you use my information for if I am successful?

We will retain your personal information for so long as you remain an employee of a group entity and for further seven (7) years after termination of your employment. We retain your personal information for that period so that we can comply with our regulatory obligations including in respect of Maritime Labour Convention and/or tax laws to which we are subject. After this period, we will securely destroy your personal information in accordance with our data retention policy.

Rights of access, correction, erasure, and restriction

Your rights in connection with personal information

If you are a resident of the European Union (“EU”) or the United Kingdom (“UK”) you may have certain addition rights as detailed below.

Under certain circumstances, by law you have the right to:

·                         Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

·                         Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

·                         Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

·                         Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

·                         Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

·                         Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us at [email protected] in writing.

Data protection officer

The corporate group of which we are a part has appointed a data protection officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO at [email protected] You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

 

 

 

 

 

 

 



Home  |  About Us  |  Working Onboard  |  Global Recruitment  |  Training Academy   |  Apply Online  |  Back on Board  |  Contact
Terms of Use  |  Privacy Policy  |  Site Map
        
© 2019 OneSpaWorld