United Kingdom Privacy Policy for Job Candidates United Kingdom Privacy Policy for Job Candidates

United Kingdom Privacy Policy for Job Candidates

This policy was last updated on 16 October 2023

Please read this Privacy Policy carefully as it sets out how DICE Group (“DICE”“we” or “us”) uses personal data pertaining to job candidates (the “Candidates” “you”) i.e. “Candidates’ data”. If you have any questions about this privacy policy, please contact us at help@dice.fm. We may change this policy from time to time so please check our website from time to time for any updates. If we make material changes in the way we use your personal information, we will acknowledge that in this policy or otherwise on our website, or by sending you an email to your email address that we are in possession of.

This Privacy Policy applies to our Candidates who apply for jobs with us. Other privacy policies may apply if we process the same persons’ data in another role. Notably, successful Candidates who get employed with us would become subject to our Employee Privacy Policy. Our general customer privacy policy will apply in addition to this policy where you are using our app or our website.


DICE comprises various group companies, including DICE FM Holdings Ltd and DICE FM UK Ltd (98 De Beauvoir Road, London N1 4EN UK), Boiler Room (UK) Limited, DICE FM, Inc. (US), DICE FM SPAIN S.L.U (Spain), DICE FM SASU (France), DICE FM Italy S.R.L (Italy), DICE FM GmbH (Germany), DICE FM Australia Pty Ltd (Australia), and DICE FM India Private Limited (India) (the “DICE Group”). This Privacy Policy is issued on behalf of the DICE Group so when we mention DICE, we, us or our in this Privacy Policy, we are referring to the relevant company in the DICE Group responsible for processing your data. DICE FM Holdings Ltd is the data controller and responsible for this website.


For the purpose of the EU General Data Protection Regulation (the “GDPR”) (and any other applicable UK laws, such as the UK GDPR), this policy applies to the situations where DICE is the “Data Controller” of Candidates’ data.


3.1 DICE processes Candidates’ data as part of entering into the contract of employment.

3.2 DICE further processes Candidates’ data based on its legitimate interest to assess the Candidates’ job applications, to compare it to other candidates and for recruitment analytics purposes, and to make-/defend against potential claims.

3.3 We may ask for your consent in other cases where we process your data. Such consent can be withdrawn at any time by contacting us at help@dice.fm. Please note that the withdrawal of consent will not affect the lawfulness of processing based on consent before the withdrawal.


4.1 Candidates’ data may be collected directly from the data subjects or via other persons such as recruitment agents. It may further be obtained via open internet sources or legitimate subscription sources.

4.2 The data gathered would typically comprise name, contact details such as physical address, email address and telephone, curriculum vitae information such as past employment, education, and other qualifications, interests, or activities, interview notes and statements, application and circumstances concerning its submission and filing, plus correspondence and decision, including contract terms offered or considered.


We may use the Candidates’ data we collect in order to:

  • Analyse and compare job applications and Candidates;
  • Make a selection;
  • Provide job offers, including employment agreements;
  • Communicate with the Candidates;
  • Perform HR and recruitment analytics;
  • Make-/defend against claims.


Candidates’ data may be shared with third parties such as:

  • Storage providers
  • HR and recruitment services providers
  • Analytics providers
  • Communications providers and web communications tools.


7.1 Candidates’ data may be transferred to, and stored at, destinations outside the European Economic Area (EEA) where the laws on processing personal data may be less stringent than in your country. It may also be processed by staff operating outside the EEA who work for us or for one of our agents or suppliers.

7.2 Presently personal data collected from you is stored in data centres as well as cloud networks which are located or hosted in Ireland.

7.3 When your personal data is transferred to parties located outside of the EEA we shall undertake an assessment and take appropriate measures to ensure such third party will provide adequate security of such personal data and respect your rights to privacy. These safeguards are intended to ensure a similar degree of protection is afforded to your data wherever it may be transferred and may include:

  • only transferring your personal data to countries which have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • entering into specific contractual terms which have been approved by the European Commission and which give personal data the same protection as within the EEA (for example, if transferring your data to the USA).

7.4 For further information on the safeguards used, please contact us at help@dice.fm.


8.1 Although we take all steps reasonably necessary to ensure that your personal data is treated securely, you should be aware that the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data during its transmission.


9.1 We may retain your personal data for as long as we require it for the purposes for which it is processed or as is otherwise required by applicable law. We will always retain your data for at least three months of our decision regarding your application, which is the UK limitation period for discrimination claims. Our actual retention periods may be longer if that is necessary to make-/defend against actual or potential claims.

9.2 We will typically retain data for up to one year for HR and/or recruitment analytics purposes. After that, we will consider anonymising or deleting the data.

9.3 Email correspondence with the Candidates may be kept in line with our general correspondence retention policies, which may be up to six years in line with the general UK claims limitation period.

9.4 When calculating the appropriate retention period for your data, we consider the nature and sensitivity of the data, the purposes for which we are processing the data, and any applicable statutory retention or limitation periods. Once the processing of the data is no longer required, we may securely delete or anonymise your personal data.

9.5 For more details about our retention periods, please contact us at help@dice.fm.


10.1 Under the GDPR and any equivalent rules in the UK, you are entitled to certain rights in relation to our handling of your personal data, as described below.

10.2 You may request details of the personal information that we hold about you under data protection laws. If you would like a copy of the information held about you please write to us at help@dice.fm.

10.3 If you think any information we have about you is incorrect or incomplete, please write to us or email us at help@dice.fm as soon as possible. We will correct or update any information as soon as we can.

10.4 You have the right to erasure of your data. We are not required to delete the information important for the establishment, exercise or defence of legal claims, or that we need to retain in order to comply with the law.

10.5 You have the right of restriction of processing, where the data is wrongfully processed but should not be erased for a reason listed in Article 18 (1) of the GDPR.

10.6 Until a download option has been developed based on universally recognised standards, you may exercise your right of data portability by obtaining your data by sending us an email request.

10.7 If you would like to exercise these rights, please write to us or email us at help@dice.fm.


Should you have any complaints about how we handle your personal information, please contact us at help@dice.fm . Should we be unable to resolve your complaint and you wish to take your complaint further, you may do so by contacting the UK Information Commissioner’s Office.


DICE has appointed a data protection officer for you to contact if you have any questions or concerns about the DICE’s personal data policies or practices. DICE’s data protection officer’s name and contact information are as follows:

Aphaia Ltd

The Brew 

Eagle House

163 City Rd

London EC1V 1NR


Contact email: dpo@aphaia.co.uk

Contact telephone: (+44) (0)20 3917 4158