FAQs

Which documents can I use as proof of ID and proof of address?

We’ve put together a list of all the different types of documents you can use to prove your identity and address. These are the only ones we can accept. You can take a photo of them on your phone and upload them to your application and these will be accepted as long as they are valid and clear – if we can’t see the detail, we can’t accept them.

If you’re not sure about the validity of your documents, or which ones to use as part of your application, please email info@staffvetting.com and we will help you.

  • Please do not email copies of your documents to us – only upload them to your application.

Which documents can I use as proof of career history?

During your screening, we will invite you to provide a number of different documents that evidence your career history.

Usually, this means providing three documents per period of work: one covering the beginning, middle and end of the period. So, for example, if you’ve had one job in the last three years, you could provide your first payslip, a pay slip from around eighteen months after your start date, and your P45.

  • A copy of your NI contributions over that period would also be acceptable.
  • If we don’t receive sufficient evidence and references for any period during your five-year career history check, we’ll let you know and ask you for extra or alternative documents.

These include:

  • NI records
  • Payslips
  • P45 / P60
  • Offer of employment letter
  • Invoices to clients (if self-employed)

We strongly advise you to download your NI records before filling your application form. They are one of the best types of evidence we’re allowed to accept and will save you having to upload copies of lots of different documents for each period of work.

You can apply for your NI records for free at this government webpage: Check your National Insurance record – GOV.UK. This should only take a few minutes and you’ll need your NI Number. Please have these ready to upload to your application.

Help and Support

If you’re not sure about the validity of your documents, or which ones to use as part of your application, please email info@staffvetting.com and we will help you.

  • Never email copies of documents to us – only upload them to your application.

Who does the BS7858 Screening Standard apply to?

The BS7858:2019 Screening Standard applies to organisations who employ individuals in a secure environment to assist with risk assessment and to give a high level of confidence in the recruitment of these individuals.  Some insurers also require BS7858 as part of policy conditions, but they may have different requirements around the length of the employment screening period required.  The Screening Standard applies equally to all levels of employees whether part-time or full-time, temporary or permanent, Sole Traders and to all levels of Senior Management.

Will you actually contact my previous employers and referees?

Yes, if the screening service includes career history (i.e. BS7858, BPSS or the application requires you to enter previous employment history), we will contact all career contacts including previous employers and education departments (unless you have requested us not to) both orally and by written communication to verify the information you have provided us. As an example this may be to confirm a period of employment/unemployment or confirming a gap in the career history. This information may be shared with the referee’s you include in your vetting application form for confirmation.

Who will see my information and final report?

The data submitted by you will be viewed by your employer/sponsor company before they submit your application to us as part of their recruitment or compliance programme. Our Screening Officers will also view your data as this is required as part their screening role. The final report which includes all documents, application form, results, credit report, references etc. is sent to your employer or sponsor.

When a sponsor asks an applicant to go through screening, we appreciate it can be a challenging and intrusive process, and we share your concerns about how your personal data is being used.

It might reassure you to know we carry out the screening checks to the highest standards and everyone in our team has had a DBS check carried out. They have also been vetted to British Standard BS7858. So they have gone through a very extensive screening process, much more extensive than most people ever have to go through.

Hopefully this should reassure you that everyone in our team is trustworthy and reliable and treats your data with the greatest confidentiality. We also provide everyone in our team with extensive training about how to handle personal data and we fully comply with GDPR and the Data Protection Act, both of which govern how data should be handled.

Why am I uploading my consent for the application?

As part of our process we only apply for your checks on your behalf and on behalf of your sponsor with your explicit consent. This consent is used to verify that we have permission to request data from our partners on your behalf.

What if I am unsure about signing my consent form?

Going through vetting can be sometimes stressful however we are not an investigation organisation, we simply verify information you provide to us. If you have any concerns, we recommend you speak to your sponsor organisation, you can also contact us for further information of the process we carry out.  You do not have to sign the consent form, however we will not process your vetting application which may have implications relating to your sponsor. You can always email our support team info@staffvetting.com directly and they will be happy to help.

What is a Subject Access Request (SAR)?

Individuals (e.g. employees) have a right to be informed by an organisation (e.g. their employer) whether or not it is processing personal data that relates to them and, if so, to be told:

  • What personal data it is being processed.
  • The purposes for which the personal data is being processed.
  • Who, if anyone, the personal data is disclosed to.
  • The extent to which it is using the personal data for the purpose of making automated decisions relating to the data subject and, if so, what logic is being used for that purpose.

Employers are required to respond to an SAR by providing, in an intelligible and secure form, copies of the personal data and any information about the sources of the data.

You can raise an SAR at any time e.g. by sending an email to your employer and you do not have to pay for it to be processed or for the results either.

There is currently a 30 calendar day time limit to respond to the request.

How long will you keep my data?

In most cases we usually keep data for six months (subject to our audit and compliance requirements) after the service provision has been completed for that piece of work. At that point, the data will either be deleted or anonymised which removes all but the core data including the client name, applicant name, consent and submission dates.

What is the GDPR?

The General Data Protection Regulation is a European-wide law that replaces the Data Protection Act 1998 in the UK. It places greater obligations on how organisations handle personal data. It came into effect on 25 May 2018. Even though the UK is no longer part of the EU, we are still required to handle data with respect to this legislation.

What is Staffvetting doing regarding GDPR?

Staffvetting has always taken data privacy and security practices very seriously. With the introduction of GDPR we have reviewed our systems, processes and procedures to ensure we were fully compliant by May 25, 2018. For example :

  • we have updated all of our electronic systems increasing data integrity, confidentiality and availability.
  • a new Data Processing Agreement which we and you agree to undertake from May 25, 2018 onwards.
  • updating our Privacy Policy to ensure our compliance in respect of the data we hold about you.
  • reviewing Staffvetting’s functionality to make Staffvetting more efficient for users who are subject to the GDPR.
  • making all our consents clearer and understandible.

What information does the GDPR apply to?

The GDPR applies to ‘personal data’, which means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

What data will you keep relating to me?

We are required to retain certain information for audit, legal and compliance purposes. The data retained will be your name, the customer name and consent data.

Why carry out BS7858 Screening?

This is to allow sufficient information to be obtained to enable organisations to make an informed decision on employing an individual in a secure environment.  It does not cover other processes such as Right to Work status or competency for the role.

Is there a requirement for periodic re-screening?

This would be up to the discretion of each individual Organisation. Someorganisations re-screen annually others re-screen every three years.

Can a Candidate pass their probation period pending the full screening being completed?

If the Candidate’s probationary period was 12 weeks and their full screening had not been completed within this time, they would not be able to continue working.  The decision around their probationary period would be an internal HR issue, but if the screening cannot be completed they would not be fully screened to BS7858 and therefore would not be allowed to continue in employment.

What happens if our Candidate leaves our employment and then returns to us again?

BS7858 Screening would need to be completed in full for the period in between leaving and returning.  The information in the previous screening file could be used, but if the previous screening was to the BS7858:2012 this may not be fully compliant with the changes within the new BS7858:2019 Screening Standard, therefore this would need to be reviewed.

Can our Organisation use a signed Acceptance of Risk as a way of accepting unverified periods in a Candidate’s history where they are unable to provide documentary evidence?

No, an Acceptance of Risk can only be used for the following 4 scenarios:

  • The applicant is an active Director of another Company
  • The applicant has County Court Judgement(s) to the value of over £10,000.00
  • The applicant has a Bankruptcy Order
  • Extending the allowed screening period by a maximum of a further 4 weeks to allow further information to be gathered

The standard of screening we carry out (BS7858:2019) identifies the above as potential ‘risks’ to Employers, and encourages further investigation prior to the offer of conditional employment, with an expectation that the applicant must make representation about the concern.  If an Organisation is satisfied that the applicant’s financial history does not constitute a risk, then an executive of the employing Organisation, having reviewed the documentation, signs to accept the risk.

The reasoning behind the Acceptance of Risk in cases of an active Directorship is to ensure there will be no conflict of interests prior to offer of employment.

With regards to the County Court Judgement found following the Consumer Information Search Staffvetting are made not aware of the circumstances for the CCJ being issued, only the amount of the CCJ and the date of issue.

Are you a Controller or Processor?

It depends. Sometimes we are a Controller e.g. if we work directly with an individual to carry out a screening check for them then we are probably a Controller. Whereas, if we work with a business and carry out screening checks for a number of their employees or prospective employees then we will probably be a Processor.

This is just a general indication though, not a hard and fast rule. The nature of our role changes depending on the purpose and context in which we are handling data, as well as the type of contract we have with a business or individual. You can read more about the roles of Controllers and Processors on the ICO’s website.

What is the Disclosure and Barring Fingerprinting Process?

In certain exceptional and rare cases, it may be necessary for an Applicant to provide fingerprints as proof of their ID.

If this is the case, the Client and Applicant are both consulted. Any letters the Disclosure and Barring Service (DBS) issues to an Applicant requesting fingerprints have the process provided on them. This covers all aspects and what to expect. This information is also provided on the cover letter the DBS issues to Registered Bodies (in this case Staff Vetting Ltd.) to advise when they have requested consent from an Applicant.

Fingerprints are requested due to information found on a Police National Computer record that holds similar identity details to the Applicant’s. If the Applicant knows of any offences they have that this information pertains to then they can contact the DBS and provide this information over the phone, or alternatively they can complete and return the Voluntary Disclosure Form included.

The DBS asks that the consent form is also returned even if an Applicant believes the offence does not relate to them, this is because we may not be able to fully confirm if the record belongs to the Applicant or not. If it does not then the DBS would still require the Applicant to provide fingerprints and by having the completed consent form they can limit any further delay to the Applicant.

Upon receipt of the consent form and photos, the DBS issues this to the Applicant’s Local Police Force (LPF) who will then contact the Applicant to arrange a convenient time and location to attend fingerprinting.

The fingerprints are then analysed and the results returned to the DBS. Once these are received, they will then progress the application. The Applicant’s fingerprints are destroyed after analysis unless required in connection with the investigation of an offence. They are not retained by the DBS or entered onto the Police National Fingerprint Database.

More information about this process is also available on the .GOV website: https://www.gov.uk/government/publications/dbs-certificate-disputes-and-fingerprint-consent-forms-and-guidance-af14-af15/dbs-certificate-disputes-and-fingerprint-consent-guidance

///