We are part of Org Group. To learn more about our group offering, click here.

Find Talent Find a Job
Back

Data Protection Statement

Date of last update: January 7th 2024

Candidate - Data Protection Statement

Expand all

We want to explain clearly how we process Candidate personal data in the provision of our services.

For ease of use, we have split our Data Protection Statements into sections so you can easily find the information that you need:

  • Our Candidate - Data Protection Statement (this statement) provides specific information about active/potential job seekers, and candidates supplied on assignment, whose personal data we process as part of our business
  • Our Client - Data Protection Statement provides specific information about our processing activities relevant to business clients, whose personal data we process as part of our business activities
  • Our Other Contact - Data Protection Statement is relevant to all other data subjects whose personal data we process who are not considered Candidates or Clients. This includes but is not limited to personal data of vendors, agencies, partners, referees, emergency contacts, website users and members of the public
  • Our Group Information Statement provides information about the companies in the Group including relevant contact details. This information is relevant to all data subjects
  • The Data Protection Rights Statement is relevant to all data subjects and provides information about your rights and what you should do if you want to raise a concern

For further information about our group of companies please see group information.

References to “we”, “us” and “Company” shall apply to the company in the group that is processing your personal data.

This Data Protection Statement applies to Candidates

For the purposes of this Candidate – Data Protection Statement, a Candidate includes:

  • an active job seeker, who registers with us with the purpose of us helping them to find a job, or applies to a Client role that we have advertised;
  • someone who we have placed with a Client whether on a permanent or contract basis;
  • someone we identify as a potential job seeker; or
  • someone supplied on assignment paid by us and working with Clients.

We have a variety of sources of Candidate personal data. We will only ever source personal data that is necessary to provide our services and in a way that would be generally expected.

We receive personal data about Candidates from a variety of sources. Usually a Candidate will register their interest with us or we will approach them through publicly available channels. We may also receive personal data about a Candidate when:

  • the Candidate applies to a position advertised on a third party jobs website;
  • the Candidate may be sourced from publicly accessible platforms such as LinkedIn;
  • the Candidate may be sourced from third party CV providers such as jobs websites that provide CV search facilities, where users have made their CV data available to registered customers of these sites;
  • the Candidate may be referred to us from a third party recruitment business which is a supplier to us;
  • the Candidate’s nominated referees or other individuals may provide us with personal data relating to the Candidate; or
  • the Candidate may be referred to us by the Client.

This section describes the lawful basis we may use to process Candidate personal data.

We process all personal data lawfully and in accordance with the requirements of the Data Protection Laws. In the EU, the GDPR sets out the legal grounds available for processing personal data.

When we process personal data any one of the following legal grounds will generally apply.

CONTRACT
We will process personal data where necessary to perform our obligations relating to or in accordance with any contract that we may have with you or to take steps at your request prior to entering into that contract.

CONSENT
For certain processing activities we may rely on your consent.

Where we are unable to collect consent for a particular processing activity, we will only process the personal data if we have another lawful basis for doing so.

You can withdraw consent provided by you at any time by contacting us at privacy@morganmckinley.com

LEGITIMATE INTEREST
At times we will need to process your personal data to pursue our legitimate interests, for example for administrative purposes, to collect debts owing to us, to provide information to you, to operate, evaluate, maintain, develop and improve our websites and services or to maintain their security and protect intellectual property rights.

We will not process your personal data on a legitimate interest basis where the impact of the processing on your interests or fundamental rights and freedoms outweigh our legitimate interests.
You may object to any processing we undertake on this basis. If you do not want us to process your personal data on the basis of our legitimate interests, contact us at privacy@morganmckinley.com and we will review our processing activities.

LEGAL OBLIGATION
If we have a legal obligation to process personal data we will process personal data on this legal ground.

DEFENCE OF LEGAL CLAIMS
In limited circumstances and in accordance with the law we may use personal data in the defence of legal claims or enforcing legal rights.

This section describes the personal data that we collect about Candidates. We only collect the personal data that we require in order to provide and deliver the services that you expect. We have described here the personal data that we use in order to provide our services.

The table below sets out the general categories of personal data that we may collect in relation to Candidates. For each personal data category we have included an example of the personal data types that may be included in the relevant category. We will always seek to minimise the personal data we process and the relevant personal data types will only be collected where relevant for the purpose.

Personal Data Category Description
Application Data may include information provided when applying for a role such as, CV Data, Financial Data, Position Data, Media Data, and details of visa or eligibility to work. This may include Registration Data where the Candidate is not already registered.
Communications Data may include communications with us over email, text, phone or letter
Contact Data may include a person’s name, email address, phone number, postal address, other communication details including social media links (e.g. Linkedin)
CCTV Data may include images recorded on CCTV footage
CV Data may include Contact Data, Identification Data, Professional Data, Education Data and information about achievements and hobbies
Education Data may include educational history such as degrees, certificates and diplomas awarded, languages and qualifications
Financial Data may include payment and bank details, tax information, payroll information, professional fee rate expectations, Limited/Umbrella company details
Health Data may include health information including information about any disability or illness.
Identification Data may include a person’s date of birth, driver’s licence, national tax identification number and passport information
Marketing Data may include Contact Data and any preferences in receiving marketing from us and your communication preferences
Media Data may include photographs, video data and recordings from any interview with the Candidate including, Contact Data, Professional Data, Education Data, Health Data, Registration Data and Communications Data
Position Data may include information relevant to a position such as rate of pay, working hours, reporting lines, job description and performance
Professional Data may include information about previous professional experience such as profession, company, department, employment history, skills/experience, membership of professional bodies
Registration Data includes personal data provided when registering as a Candidate and any notes or observations made on the Candidate record. This may include Contact Data, Identification Data, Professional Data and Education Data. It may also include system assigned identifiers, date record added, Work Finding Services Agreement (in relevant locations), Candidate registration form, Candidate Terms and Conditions
Special Category Data may include diversity data such as gender, religion, racial or ethnic origin, sexual orientation, trade union membership or Health Data.
Web Data may include information provided on any forms completed by a Candidate on our website and, to the extent that it includes personal data, information on the type of device being used, its IP address, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.

We have set out in the table below, the general purpose of processing, the categories of personal data processed and the related lawful basis for processing.

The table below sets out the personal data we collect, the purpose for which we collect it and our lawful basis for doing so.

Purpose/Activity Personal Data Category Lawful basis for processing
Candidate Sourcing and applications
  • to facilitate engagement through our website
  • to agree any contract between us and the Candidate for the provision of professional services to Clients
  • to process Candidate applications
  • to create a record/file for the Candidate on our system and to link all notes and tracking throughout the engagement process including, interview, placement, onboarding and contracting process
  • screening and identification of Candidates for assignments
  • to receive and review Candidate enquiries
  • to understand Candidate current and expected remuneration requirements, notice periods and availability, current and required locations
  • Application Data
  • Communications Data
  • Contact Data
  • CV Data
  • Financial Data
  • Identification Data
  • Marketing Data
  • Position Data
  • Professional Data
  • Registration Data
  • Contract
  • Legitimate interest in sourcing the right Candidates
  • Consent
Candidate Registration
  • to register Candidates on our database
  • responding to Candidate queries
  • receiving and reviewing Candidate registrations
  • communications with Candidates re registration
  • setting up meetings with Candidates
  • engaging with Clients in relation to the Candidates.
  • Contact Data
  • CV Data
  • Communications Data
  • Identification Data
  • Registration Data
  • Contract
  • Legitimate Interest in administering the registration process
Ongoing Candidate Relationship Management
  • to keep up to date information about Candidates in relation to their requirements, in order to assess their suitability for current or future project opportunities.
  • to maintain our Candidate database
  • to communicate with Candidates about assignments that might be of interest to them
  • to tailor our products and services to better identify the right Candidates for upcoming engagements with Clients
  • to undertake profiling for the purposes of semi-automated or manual decision making about Candidates
  • Communications Data
  • Contact Data
  • CV Data
  • Financial Data
  • Identification Data
  • Marketing Data
  • Position Data
  • Professional Data
  • Registration Data
  • Consent
  • Contract
  • Legitimate Interest in managing Candidate relationships
Candidate Meetings
  • to arrange and undertake Candidate meetings
  • recording notes of Candidate meeting
  • to communicate with the Candidate following meeting
  • Contact Data
  • Communications Data
  • CV Data
  • Legitimate Interest in meeting with Candidates
  • Contract
Candidate Assignment Management
  • for performance management activities
  • Mobilisation
  • Retention
  • Assignment extension
  • Contact Data
  • Communications Data
  • Position Data
  • Contract
  • Legitimate interest in candidate engagement
Candidate Finance Activities
  • to ensure remuneration expectations are met
  • to undertake financial audits
  • to communicate professional fee arrangements between Client and Candidate
  • to pay referral fees
  • to make an offer of professional fees to a Candidate on behalf of a Client in relation to a specific engagement;
  • to generate placement activity on our central systems in order to invoice a Client
  • to benchmark remuneration expectations for Candidates with similar experience or for companies with similar vacancies
  • to communicate invoice and other financial information to Candidates, any third party intermediaries of Candidates and Client
  • to process payroll and manage payments
  • Contact Data
  • Financial Data
  • Identification Data
  • Contract
  • Legitimate Interest in maintaining accounts
Candidate Service Development
  • to facilitate insights into activities and develop new services
  • to make improvements and develop efficiencies in the services
  • to undertake surveys
  • Contact Data
  • Communications Data
  • Education Data
  • Identification Data
  • Professional Data
  • Marketing Data
  • Contract
  • Legitimate Interest in developing our services
Website Delivery
  • to respond to web forms completed by you
  • to promote our products and services
  • to administer the Website
  • for internal operations, including support, troubleshooting, data analysis, testing, research, statistical and survey purposes
  • to ensure the safety and security of our website and our services
  • Contact Data
  • Web Data
  • Consent
  • Legitimate Interest in administering our website
Marketing activities
  • to register you on our marketing database
  • to respond to any requests from you
  • to send newsletters and other information that may be of interest
  • to inform you of events or webinars that might be of interest
  • to deliver and organise our conferences, seminars, events
  • to develop relationships with Candidates
  • to tailor our products and services to better identify the right Candidates and present the right opportunities at the right time and meet the Candidate’s needs more effectively
  • to personalise and make the marketing information sent as relevant as possible
  • to ask for your help in relation to sharing information about opportunities we may have, with your network
  • to aggregate data used as part of surveys or to produce market insights
  • to segment and distribute targeted marketing
  • to follow up with attendees of our events/webinars or to contact attendees about current or future opportunities
  • to ask for your opinion about our products or services
  • to produce aggregated models to predict trends and produce market insights
  • Marketing Data
  • Contact Data
  • Web Data
  • Consent
  • Legitimate Interest in promoting and building our business
Legal and Compliance Activities
  • to meet equal opportunity and diversity requirements
  • to meet health and safety requirements
  • to capture consent/contract acceptance on paper or electronic registration forms, terms & conditions or forms
  • to comply with our legal obligations in respect of: the collection of taxes, levies, contributions; the detection of crime; labour standards; anti-bribery legislation; and industry specific legislation
  • to comply with Client requests relating to their employment practices
  • to comply with the law in certain jurisdictions
  • to fulfil contractual obligations with Clients and vendors, for example, in relation to the enforcement of intellectual property rights.
  • for the purposes of legal claims and compliance activities including insurance.
  • Contact Data
  • Health Data
  • Identification Data
  • Special Category personal data
  • Financial data
  • Marketing data
  • Registration data
  • Communications data
  • Consent
  • Contract
  • Legitimate interest in providing legal opinion
  • Assessment of Working Capacity
  • Carrying out obligations under employment or social protection law
  • Defence of legal claim
Prevention of fraud and ensuring security
  • CCTV Data
  • Legitimate Interest in ensuring security in our operations

Our mission is to build lasting relationships with Candidates, not just for one assignment but for the purposes of building a partnership over many years.

Our aim is to build lasting relationships with our Candidates and thus to contribute to long term career success and development.

Our goal is to continue to engage and interact with Candidates even after they have secured a new position - for example to keep them informed of market developments, invite them to topical seminars and networking events, and to be on hand to offer advice about career planning.

The Group will retain your personal data for as long as we need to fulfil the purpose, we collected it for, which may be an ongoing purpose. We recognise that the level of engagement we have with Candidates may vary and we manage our retention activities carefully to reflect this. In some circumstances we will determine the appropriate retention period where the purpose of that retention can be justified, for example, for accounting, tax, legal and compliance purposes.
Examples of the activities that we would consider evidence of our ongoing engagement with a Candidate and thus a reason to continue to retain their personal data include:

  • the Candidate engaging with our Services
  • the Candidate meeting one of our consultants, to register for new opportunities, or for example to update on their situation and seek professional advice or some other professional input
  • us sending a Candidate's profile (with their approval) to a Client for consideration for an assignment
  • us arranging a business meeting with the Candidate or between the Candidate and a Client
  • us exchanging email correspondence or having telephone conversations with the Candidate
  • the Candidate interacting with our marketing communications for example, clicking to open our market insights, newsletters, surveys etc.

If a Candidate unsubscribes to marketing communications, no further marketing communications will be sent.

We may need to share your personal data in order to deliver our services. We will always ensure that any disclosure of personal data is undertaken in compliance with Data Protection Law and ensure that appropriate technical and organisational measures are undertaken to protect and secure any personal data that is transferred.

Candidate Personal Data is shared in certain circumstances as follows:

  • between the companies identified in this Data Protection Statement and in particular in our Group Information Statement for the purposes of administration, marketing and provision of our services
  • to business partners and third party service providers for the purposes of delivering services to or on behalf of our company and administration of our business, including email, chat, ticketing, Customer Relationship Management, Applicant Tracking System, payment processors, data aggregators, hosting service providers, external consultants, accountants, auditors, IT consultants and lawyers
  • if a company in the group or substantially all of its assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets
  • if we are under a duty to disclose or share personal data in order to comply with any legal obligation (including tax, audit or other authorities), or in order to enforce or apply any contracts that we have
  • to official authorities to protect our rights, property, or safety, or those of other persons (including you)
  • to payment service partners for the processing of payments to and from our business,
  • to protect our rights, property, or safety, or that of our customers or others. This may include exchanging information with other companies and organisations for the purposes of fraud protection
  • to analytics and search engine providers that assist us in the improvement and optimisation of our Website. This consists of information relating to the web pages visited on the Website and tracking codes from service providers like LinkedIn and Google
  • to insurance brokers and providers where required for administering claims
  • to our email distribution partner and service providers in the case of marketing and newsletters
  • to Clients and potential Clients of our services for the purposes of consideration of the Candidate

We are not responsible for the processing activities of Clients once a Candidate’s personal data has been shared. Please refer to the Data Protection Statement of the relevant Client.

In some circumstances we may need to transfer personal data outside of the country where it was originally collected. We will always undertake such transfers in accordance with data protection laws.

We may transfer Personal Data outside of your home country; however, we will always ensure that this is done in compliance with the relevant laws of your country.

We will normally use and share personal data outside of your country for the following reasons:

  • to carry out corporate oversight of our global business organisation
  • to provide shared services in certain functions such as HR, Finance, Marketing, Legal, Privacy and IT
  • to deploy certain tools and resources across the global organisation
  • to facilitate interactions between our employees across our global locations
  • to work with our group companies to identify Candidates/Clients

We monitor for and do everything that we can to protect personal data and prevent security breaches.

We will take all steps reasonably necessary to ensure that all personal data is treated securely in accordance with this Data Protection Statement and the Data Protection Laws. In particular, we employ appropriate technical and organisational procedures to safeguard and secure the personal data we process to prevent unauthorised access.

We monitor for and do everything we can to prevent security breaches of the personal data that we process. Once we have received your personal data, we will use strict procedures and security features for the purpose of preventing unauthorised access and ensuring that only those who need to have access to your personal data can access it.

We also use secure connections to protect personal data during its transmission. Where you have been given (or where you have chosen) a password which enables you to access services, you are responsible for keeping this password confidential. Please do not share your password with anyone.

If you think that there has been any loss or unauthorised access to personal data of any individual, please let us know immediately.

It is important to be careful when visiting third party websites and when providing personal data to third parties. We have no control over third party websites that you may access.

Websites that you access via a link on our website or otherwise, are outside our control and are not covered by this Data Protection Statement. If you access other websites using the links provided, the operators of these websites may collect personal data from you, which will be used by them in accordance with their own Data Protection Statements, which may differ from ours. Please check the Data Protection Statements on those websites before you submit any personal data to them.

Please see our separate Cookie Notice available at https://www.morganmckinley.com/hk/cookies-policy for further information.

We will update the date on this Data Protection Statement when we make changes to it.

We will post any changes to this Data Protection Statement on the Website and when doing so will change the effective date at the top of this Data Protection Statement.

In some cases, we may provide you with additional notice of changes to this Data Protection Statement, such as via email. We will always provide you with any notice in advance of the changes taking effect where we consider the changes to be material.

Please contact us if you have any questions or concerns about how your personal data is being used by us.

Premier Recruitment International UC is available as your central point of contact for all queries at:

Data Protection Officer
Penrose Dock Two, Alfred St,
Victorian Quarter,
Cork, T23 YY09

Email: privacy@morganmckinley.com

Please see our Data Protection Rights Statement for further information about your rights

If we are unable to resolve your concerns, you have the right to contact the supervisory authority in the country where you live or work, or where you consider that the data protection rules have been breached.

Please see section 2 of our Data Protection Rights Statement “Queries and Supervisory Authority Contact Details” for further information about relevant Data Protection Authority contact details.

Back to top