This is a U.S. company currently employing in the UK; I’ve been given to understand that across the pond the practice of scanning a potential employee’s social media is accepted, but never seen such provisions in the Data Privacy terms in the UK before.
These terms were obviously meant to be agreed to before applying. The highlighting is my own.
4. I authorize XXX and its authorized agents to collect and receive information relating to or concerning me (“Personal Information”) for the purposes of assessing my suitability for employment, and verifying the information provided by me in the course of the application for employment with XXX.
5. For the purposes referred to above, I authorize XXX and its authorized agents to collect and receive Personal Information that may include, for example, information obtained directly from me in this application and supporting materials including my resume, information obtained through any interview conducted by XXX, reference information provided by me and verified by XXX, and in some cases, reference information obtained about me from other sources generally in the community.
6. For the purposes referred to above, I further authorize XXX and its authorized agents to collect and receive Personal Information from any or all of the following sources worldwide: international, national, provincial or municipal law enforcement or security agencies, police services, licensing bodies, all government ministries or regulatory agencies, banks, trust companies, brokerage houses, credit bureaus, professional or industry associations or regulators, universities, colleges and other educational certificate granting institutions, former or current employers, publicly available social networking websites, and any other source reasonably related to verifying the information I provided and assessing my suitability for employment.
It’s necessary to add this only if you expect to be discriminating on the basis of what a potential employee has posted via their social media.