This policy applies to the group of companies that are ultimately owned by Robert Walters plc (company no. 03956083) of 11 Slingsby Place, St Martin's Courtyard, London, WC2E 9AB, United Kingdom, trading under the Robert Walters, Resource Solutions and Walters People brands (collectively referred to as the “Robert Walters Group”).
References in this policy to “we”, “us” or “our” are references to the Robert Walters Group.
The Robert Walters Group provides:
We operate through a global network of affiliated entities and utilise vendors where needed, to ensure we provide the best solutions to our clients across the countries where we perform services.
If you are uncertain about who the data controller of your personal data is, please contact us using our contact information set out in section 13 of this policy.
1. What personal data do we collect?
Personal data is any information relating to an identified or identifiable person.
We will only collect personal data that we are permitted to collect by law on a jurisdictional basis. We have set out below a non-exhaustive list of the types of personal data that we most commonly collect.
|Type of Personal Data
||Description of Personal Data|
|Identity data||Your title, first name, last name, maiden name, date of birth, gender, photograph, national insurance number (or equivalent in your country), nationality and other information relating to residency and citizenship which may be required to establish a right to work in a given country, marital status and number of dependents.|
|Contact data||Your delivery address, email address and telephone numbers, emergency contact details and contact details history.|
|Historical data||Your educational history and credentials, employment history, criminal background history, social media, skills and qualifications, and results from any other background and disclosure checks in countries where it is lawful to carry out such checks.|
|Employment-related data||Your current remuneration, pension and benefits, what role you are looking for, what work-related areas interest you, third party references (if taken) and interview and assessment feedback created either ourselves or by our client following an interview or assessment.|
|Verification data||A copy of your driving licence, passport, identity card or another form of identification and referee details.|
|Financial data||Your bank sort code and account number and tax-related information and credit checks.|
|Diversity data||We may collect diversity data for governmental reporting purposes, which may include racial or ethnic origin, religious or other similar beliefs and physical or mental health, including disability-related information.|
|Profile data||Your usernames applicable to accessing our services, interests in so far as these are applicable to the services we provide to you and other preferences and other insights or determinants that we have gained from our analysis and profiling of you.|
|Marketing data||Your preferences in receiving marketing from our third parties and us and your communication preferences.|
|Visa application data||Your contact and identity information, immigration history (including residency, immigration status and travel history), character disclosures (including offences, disclosures and information relevant to meeting character requirements), health disclosures and information relevant to meeting health criteria.|
|Video||If video surveillance operates in or near our offices we may capture images of you where permitted by law. We may also capture video of you if you attend an event organised by us where you have given your express consent for us to do so.|
Sensitive or special category personal data - during the recruitment process or in the course of the services we operate, we may collect personal data that is considered sensitive or special category in certain countries. We may be required by local privacy laws to obtain your explicit consent to handle this type of personal data. You will be provided with a consent form if your express consent is required. Please contact us if you have not been provided with a consent form and you believe we hold your sensitive or special category personal data.
In respect of candidates and users of Robert Walters Group websites, we also handle the following types of data:
The age at which an individual is regarded as a child differs per country. We do not typically collect personal data relating to individuals under 18.
2. How we collect personal data
We generally collect your personal data directly from you. For example, we collect your personal data when you:
We may also use the following third party channels to collect your personal data:
We may also collect your personal data from publicly available sources where permitted in the jurisdiction, including:
We allow you to sign up or login to a Robert Walters Group account with a LinkedIn, Facebook or Google account (“Social Media Account”) so you can use our online services simply and easily without having to create a specific account with us. If you choose to use this feature, we will process your name and primary email address on your Social Media Account in accordance with this policy.
3. How we use personal data
We will only use your personal data when the law permits us to, and the uses set out below will be subject to that requirement.
Your personal data will be collected and handled by us in order to:
Business contacts (personnel of our prospective clients, clients, prospective suppliers and suppliers)
Your business information will be collected and processed by us in order to:
Your personal data will be collected and handled by us in order to:
Depending on the contact preferences you select, we will communicate with you by post, telephone, SMS, email or other electronic means such as via social and digital media. We may use your usage data to help ensure that this messaging is personalised and relevant to you.
We will use your personal data purely for the purpose of conducting a reference check on a candidate.
Your personal data will be collected and handled by us for the purpose of preparing and processing your visa application and related immigration services.
4. Who your personal data is shared with
Subject to local regulations in the jurisdiction, we may disclose your personal data to:
We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions, which includes compliance with this policy.
5. Legal grounds
In certain countries our companies that act as a data controller are required to establish legal grounds as set forth by applicable law to process your personal data. Depending on our relationship with you, if required to do so, we will rely on one or more of the following legal grounds:
|Legal Ground||Permitted Purpose|
|Where you have given us consent to use your personal data for one or more permitted purposes.||
|Where we need to process your personal data to comply with a legal or regulatory obligation.||
|Where we need to process your personal data to perform the contract, we are able to enter or have entered into with you.||
|Where the processing of your personal data is necessary for the pursuit of our legitimate business interests and your interests and fundamental rights do not override those interests.||
If you would like to know what legal grounds we rely upon to process your personal data, please contact us using our contact details in section 13 of this policy.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. We view our relationship with you as being one which is to support your career through numerous roles and assignments. Accordingly, we may retain your data for a period of time which is materially greater than simply one placement if we reasonably believe that we will continue to have an ongoing relationship with you.
We will appropriately and securely dispose of your personal data when it is no longer required. To determine the appropriate retention period for personal data, we will consider the following factors:
When we act as a data processor to our clients, the data controllers, we will retain your personal data in accordance with the retention periods prescribed by our clients.
7. Your rights
The country you are located in and the applicable privacy laws determine your rights in respect of your personal data. These may include:
|Right||Description of Right|
|Right to be informed||about your personal data and details of the handling and processing of that personal data and information, including, as applicable the safeguards used to protect your personal data in the event that we transfer it outside the territory it was collected in;|
|Right of access||to your personal data and to obtain information about how we handle and process it;|
|Right to have inaccuracies corrected||if your personal data is inaccurate, including to have incomplete personal data completed;|
|Right of erasure||of your personal data, which is also known as the “right to be forgotten”. We do not delete personal data from our back-up files that are created for disaster recovery purposes and are not easily accessible;|
|Right to restrict handling and processing||of your personal data, which includes requesting us to suppress your personal data file;|
|Right to move, copy or transfer||your personal data to another organisation, also known as “data portability”;|
|Right to object||to the handling and processing of your personal data for certain purposes, in particular to personal data processed for direct marketing purposes and to personal data that is handled and processed for certain reasons based on our legitimate interests;|
Right to withdraw consent
or permission that you have previously provided to us in relation to our handling and processing of your personal data, such as for the purposes of marketing by electronic means;
Rights in relation to automated decision making
where such automated decision making has a legal effect on you or otherwise significantly affects you; and
Right to complain
to us in relation to the handling of your personal data; or the regulatory body which enforces data protection law in your locality.
Please contact us using our contact details set out in section 13 of this policy if you wish to exercise any of your legal rights.
Where permitted by law, you may be charged a fee to access your personal data or to exercise any other right that may apply. We will let you know if a fee applies to your request before we complete it.
We may also request certain information to help us confirm your identity, ensure your right to exercise any of rights in the table above and to prevent your personal data being disclosed to any person who has no right to receive it.
We will respond to all legitimate requests within any legal timeframes.
We will always use your personal data fairly. We may on occasion use technological filters to sort through the job applications we receive and to match candidates to specific job vacancies. If we have used technological tools to a significant extent when assessing your job application, we will inform you of this. Please let us know when we contact you if you feel there are other factors that we should consider as part of your job application.
9. Data security
We hold your personal data in a combination of secure computer storage facilities and paper-based files.
We have in place an appropriate level of security around your personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage to it.
We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk of harm that might result from unauthorised or unlawful processing, accidental or unlawful loss, destruction or alteration, unauthorised (or disclosure of) access or damage to your personal data including:
We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They must only process your personal data on our instructions and subject to the access controls listed above. They are also subject to a duty of confidentiality.
We have agreed on security-related measures with the third parties we share your personal data with to ensure that it is treated by those third parties in a way that is consistent with how we safeguard your personal data.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority where we are legally required to do so.
If you suspect any misuse, loss of or unauthorised access to your personal data, please contact us immediately using our contact details in section 13 of this policy.
10. Personal data storage and transfer
Personal Data originating from the UK or European Economic Area (“UK or EEA Personal Data”)
Personal Data originating from outside the UK or EEA (“Non-UK and Non-EEA Personal Data”)
11. Privacy policies of third parties
This policy explains how the Robert Walters Group handles your personal data. Please also read the privacy policies of the social media platforms and third party websites through which you arrive at a Robert Walters Group website. We encourage you to read the privacy policies provided by these sites before giving them your personal data.
12. Changes to this policy
We reserve the right to change this policy from time to time. Changes will be notified on our website seven days before taking effect. We may make emergency changes to this policy when we believe it is reasonable to do so e.g. to comply with legal or regulatory requirements.
13. How to contact us
If you have questions or comments about our privacy practices, or if you would like to submit a request exercising your privacy rights, please contact us. You can:
|Africa and the Middle Eastfirstname.lastname@example.org|
|Australia and New Zealand||ANZPrivacyOfficer@robertwalters.com.au|
|European Economic Area (EEA) and UKemail@example.com or firstname.lastname@example.org|
|Greater China and South East Asia (India, Indonesia, Malaysia, the Philippines, Thailand, Vietnam)||ContactSEAC@robertwalters.com|
|USA and Canadaemail@example.com or firstname.lastname@example.org|
|Brazil, Chile and Mexico||dataprotectionLATAM@robertwalters.com|
Contact our Data Protection Officer (DPO):
Contact our EU representative (RESOURCE SOLUTIONS UK ONLY):
14. Country Specific Information
United States of America, California
The data processing activities we carry out on the personal information of California residents (“California data”) does not currently fall within scope of the California Consumer Privacy Act (CCPA). Should this change over time, we will update this policy accordingly.
Please rest assured that we do and will continue to ensure that we follow best industry practice when processing California data.
Process for lodging a complaint if you believe your personal data has been mishandled by us: