Privacy Policy

Valid From: December 2024

Data Protection & Privacy Statement for The SR Group

1. Who are we?

    The SR Group is a global professional, specialist recruitment organisation which focuses on Legal, Compliance, HR, Tax, Treasury, Marketing, IT, Executive Search and other markets trading under the names Brewer Morris, Carter Murray, Frazer Jones, Keller West and Taylor Root. We provide permanent and temporary recruitment services to clients looking to recruit talent for their businesses.

    The SR Group means our subsidiaries, our ultimate holding company and its subsidiaries, our associated companies. A list of our relevant legal entities is set out at the end of this Policy. For the purposes of data protection legislation in force from time to time, the data controller will be the legal entity of The SR Group in the jurisdiction in which you are resident (or, if different, the legal entity with whom you are in contact or have a contract in place with).

    The SR Group aims to comply with best practice and local privacy legislation in all jurisdictions in which it has operations. The application of The SR Group’s global Privacy Policy may be subject to some minor amendments in accordance with local law requirements in the different jurisdictions in which The SR Group operates and The SR Group may also issue a country specific data collection statement detailing its practices in that jurisdiction.

    The SR Group Privacy Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and to make sure it remains appropriate to the changing environment. Any information we hold will be governed by the most current version of the Privacy Policy. If you have any specific queries relating to The SR Group’s Privacy Policy in your local jurisdiction, please contact us using the details at the end of this Policy.

    Please read this Privacy Policy carefully.

    2. What does this Policy cover?

        We at The SR Group take your personal data seriously. This Policy:

        3. What personal data do we collect about you?

          We collect the information necessary to be able to find available opportunities and further information needed so our recruiters can assess your eligibility through the different stages of recruitment. This relates to our business which is recruitment but also applications to work for The SR Group. This information includes your name, private and corporate email address, postal address and telephone number; financial information; curriculum vitae; work history; your educational records and training, work performance and right to work; compliance and identity documentation; references and links to your professional profiles available in the public domain e.g. LinkedIn, business Facebook or corporate website.

          Depending on the nature of the role you are being considered for, and also depending upon the applicable jurisdiction, we may need to collect and process special categories of personal data about you which may include information about your health (including details of any sick leave taken during your previous roles), details of any disability, details of any offences you have committed or are alleged to have committed and whether you are a member of any professional or trade associations. Please see section 9 below for the legal basis for such processing.

          Depending on the applicable jurisdiction, and in any case only with your consent, your image and/or voice may be recorded where you are presenting or part of a panel discussion on, for example, a webinar or at an event or where you are part of a video interview.  Depending on the laws and regulations in the relevant jurisdiction, we may also listen to or record your voice on telephone calls that you have with our recruitment consultants for training or operational purposes. Our systems may also identify your telephone number and record the fact that you called us, what number you called and the duration of the call.

          In addition, as part of our commitment to equality of opportunity and to monitor compliance with our equal opportunity policy, we may ask you to complete an equality monitoring form. Where you are asked to complete an equality monitoring form, information is provided voluntarily and on an anonymous basis for statistical analysis. It is not stored with your other personal records.

          We may also collect information such as your name, email address and telephone number if:

          We may collect your IP address and other information set out in Section 5 of this Privacy Policy.

          4. Where do we collect personal data about you from?

          The following are the different sources we may collect personal data about you from:

          Where we collect your information through publicly available sources as set out above, we may do this with the aid of software programmes. These programmes are given parameters on the requirements of a role and search through publicly available sources, where there is a reasonable expectation that such information may be collected and processed by recruiters, to find candidates for particular job roles.

          5. How and why do we use your personal data?

          We use your personal data so that we can provide our services to you, including to:

          6. How do we process your data using Artificial Intelligence?

          We do not carry out any automated decision making in relation to any data subject whose data we hold. There is human intervention in all our processing of personal data. We do not score or profile our data subjects.

          We use Artificial Intelligence to carry out the following limited activities.

          Your data is ringfenced within our systems and is not:

          We use the following tools and further information about the tools can be found at the links below:

          Bullhorn Co-Pilot: Bullhorn Responsible AI Statement | Bullhorn

          Microsoft Azure OpenAI:  Responsible AI Solutions | Microsoft Azure

          7. How long do we keep your personal data for?

          We only retain your information for as long as is necessary for us to use your information as described above or to comply with our legal obligations. However, please be advised that we may retain some of your information after you cease to use our services, for instance if this is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes.

          When determining the relevant retention periods, we will take into account factors including:
          a.    our contractual obligations and rights in relation to the information involved;
          b.    legal obligation(s) under applicable law to retain data for a certain period of time;
          c.    our legitimate interest where we have carried out a balancing test (see section 9 below);
          d.    statute of limitations under applicable law(s);
          e.    (potential) disputes;
          f.    if you have made a request to have your information deleted; and
          g.    guidelines issued by relevant data protection authorities.

          Otherwise, we securely erase your information once it is no longer needed.

          8. Who do we share your personal data with?

          Your personal data may be shared with certain third parties who will be subject to contractual obligations of confidentiality and compliance with relevant laws, including:

          if required to do so by law, a court order or by a regulatory authority of competent jurisdiction or if we believe that such action is necessary to protect, defend or enforce the rights of The SR Group.

          our clients who have a position to fill, in order to determine with the client whether you are a good fit for the available position. Our clients are global and cover various sectors including Legal, Compliance, HR, Tax, Treasury, Marketing, Executive Search and other markets;

          the end client who you may be placed with through an intermediary such as an RPO;

          our employees or other parts of our group globally (including our subsidiaries and our ultimate holding company);

          suppliers, contractors and agents who may perform services for us, such as: professional advisors (for example, accountants or lawyers); IT software and service companies; research and mailing houses; event organisers and function co-ordinators; event co-hosts, payroll and other financial service providers; analytics and search engine providers that assist us in the improvement and optimisation of our site; credit reference agencies; insurance brokers; compliance partners and other sub-contractors for the purpose of assessing your suitability for a role (such as psychometric testing and reference/qualification checking);

          third parties relating to any business sale, merger, liquidation, receivership or transfer of assets provided that they agree only to use your personal data for the purposes that you have provided it to us;

          prospective partners, clients and other reputable third parties to disclose aggregate statistics about our site visitors and candidates in order to describe our services and for other lawful purposes – in such cases these statistics will include no personal identifying information; and

          if required to do so by law, a court order or by a regulatory authority of competent jurisdiction or if we believe that such action is necessary to protect, defend or enforce the rights of The SR Group.

          For candidates, contractors, referees and clients as well as applicants to work for The SR Group, our processing is necessary for our legitimate interests. As a recruitment business and recruitment agency we introduce candidates to clients for permanent employment, temporary worker placements or independent professional contracts.  The exchange of personal data of our candidates and our client contacts is a fundamental, essential part of this process as we need the information in order to be able to assess suitability for potential roles, to find potential candidates and to contact clients and referees. In order to support our candidates’ career aspirations and our clients’ resourcing needs we require a database of candidate and client personal data containing historical information as well as current resourcing requirements. To maintain, expand and develop our business we need to record the personal data of prospective candidates and client contacts.

          We need to attract suitably qualified and experienced staff to ensure that we can maintain, expand and develop our business and comply with our legal and contractual obligations to clients, candidates and temporary workers that we place with clients. The recording and exchange of personal data of prospective employees is a fundamental, essential part of this process as we need the information in order to be able to assess suitability for potential roles and to contact referees.  

          We carry out a ‘balancing test’ to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing. We keep a record of these balancing tests. You have a right to and can find out more about the information in these balancing tests by contacting us using the details below.

          We will rely on contract if we are negotiating or have entered into a placement agreement with you or your organisation or any other contract to provide services to you or receive services from you or your organisation.

          We will rely on legal obligation if we are legally required to hold information on you to fulfil our legal and regulatory obligations, such as disclosure to public authorities, regulators and investigations.

          If you are interviewed and submitted as a candidate, then this may involve the processing of more detailed personal data including sensitive data such as health information that you or others provide about you. Such information may be required to perform/qualify for a certain function for which you want to apply based on national laws, which may provide the legal basis to process these data.

          In cases where there is no legal basis (to process personal data and/or sensitive personal data), we will ask for your express consent orally, by email or by an online process for the specific activity we require consent for and record your response. Where consent is the lawful basis for our processing you have the right to withdraw your consent to this particular processing at any time (as set out in Section 15 below).

          10. What happens if you do not provide us with the information we request or ask that we stop processing your information?

          If you do not provide the personal data necessary, object to or withdraw your consent (where applicable) for the processing of your personal data, we may in individual cases not be able to match you with available job opportunities.

          11. Do we transfer your data across international borders?

          To better match your employee profile with current opportunities, for the purposes of business development, systems development and testing, where required in order for our suppliers to provide a service to us or as necessary in order to perform our contract with you, your personal data may be transferred to clients and partners in countries across international borders as well as our global offices listed at the end of this Policy.

          These countries’ privacy laws may be different from those in your home country. Where we transfer data to a country which has not been deemed to provide adequate data protection standards we comply with applicable privacy laws and have security measures and, where applicable, contracts in place to protect your personal data.

          To find out more about how we safeguard your information as related to transfers please contact us on dataprotection@thesrgroup.com or using the details below.

          12. Security and storage of your data

          Safeguarding personal data and respecting confidentiality of your information is important to The SR Group.

          All information you provide to us is stored securely and we take necessary steps, including putting in place appropriate technical and organisational measures, to protect your personal data. While we have security measures in place designed to protect against the loss, misuse and alteration of personal data under our control we cannot guarantee that loss, misuse or alteration of personal data will not occur.

          Safeguarding personal data and respecting confidentiality of your information is important to The SR Group.

          All information you provide to us is stored securely and we take necessary steps, including putting in place appropriate technical and organisational measures, to protect your personal data. While we have security measures in place designed to protect against the loss, misuse and alteration of personal data under our control we cannot guarantee that loss, misuse or alteration of personal data will not occur.

          13. Using our websites – internet-based transfers

          Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features designed to prevent unauthorised access.

          Our websites may include links to external websites operated by other organisations which may collect personal data about you when you visit them. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for the privacy practices of any third-party websites. Please check these policies before you submit any personal data to these websites.

          14. Do we use Cookies to collect personal data on you?

          To provide better service to you on our websites, we use cookies which may collect your personal data when you browse. See our Cookie Policy for more details.

          15. What rights do you have in relation to the data we hold on you?

          By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from us using the contact details at the end of this Policy or the data protection regulator in your country.

          RightsWhat does this mean?
          1. The right to be informedYou have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.
          2. The right of accessYou have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you are aware and can check that we are using your information in accordance with data protection law.
          3. The right to rectificationYou are entitled to have your information corrected if it’s inaccurate or incomplete.
          4. The right to erasureThis is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
          5. The right to restrict processingYou have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
          6. The right to data portabilityYou have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
          7. The right to object to processingYou have the right to object to certain types of processing, including processing for direct marketing or if you no longer want to be contacted with potential opportunities.
          8. The right to lodge a complaintYou have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
          9. The right to withdraw consentIf you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw any consent to us using your personal data for marketing purposes.

          We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:

          Alternatively, we may be entitled to refuse to act on the request.
          Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.

          16. Keeping our records accurate and up to date

          The SR Group will review the personal data it processes to ensure that it is up to date and accurate. Your co-operation in helping us to keep your personal data accurate by informing us of any change of name or change of address is an important part of this. If you would like to review or change the details you have supplied us with, you may do so at any time by notifying us in writing.

          17. Changes to our Privacy Policy

          This Privacy Policy was last updated in December 2024. The SR Group may change this Privacy Policy from time to time. If we change our Privacy Policy, we will post the changes on our website and, where appropriate, notify you by email. The date of issue will be indicated. We recommend that you check the terms of this Privacy Policy periodically to keep up to date with any changes.

          19. How will we contact you?

          We may contact you by phone, email or social media. If you prefer a particular contact means over another, please just let us know.

          20. How can you contact us?

          If you are unhappy with how we’ve handled your information or have further questions on the processing of your personal data, contact us here: dataprotection@thesrgroup.com or +44 20 7415 0050 or address your query to the relevant office:

          London Office
          Anthony Davies – The Data Protection Officer
          The SR Group (UK) Limited
          See our address here.

          Birmingham Office
          Anthony Davies – The Data Protection Officer
          The SR Group (UK) Limited
          See our address here.

          Dublin Office
          Anthony Davies – The Data Protection Officer
          The SRG Recruitment Group (Ireland) Limited
          See our address here.

          Amsterdam Office (for permanent and interim recruitment engaged directly by our clients)
          Anthony Davies – The Data Protection Officer
          The SR Group (Netherlands) B.V
          See our address here.

          Amsterdam Office (for temporary recruitment)
          Anthony Davies – The Data Protection Officer
          The SR Projects (Netherlands) BV
          See our address here.

          Düsseldorf and Frankfurt Offices (for permanent and interim recruitment engaged directly by our clients)
          Anthony Davies – The Data Protection Officer
          The SR Group (Germany) GmbH
          See our address here.

          Düsseldorf and Frankfurt Offices (for temporary recruitment)
          Anthony Davies – The Data Protection Officer
          The SR Projects (Germany) GmbH
          See our address here.

          Milan Office
          Anthony Davies – The Data Protection Officer
          The SR Group (Italy) S.r.l.
          Via Appiuani 12 Milan 20121

          Dubai Office
          Anthony Davies – The Data Protection Officer and Shane Morton – Partner
          The SR Group (Dubai) Limited
          See our address here.

          Hong Kong Office
          The Data Protection Team
          The SR Group (Hong Kong) Limited
          See our address here.

          Singapore Office
          Anthony Davies – The Data Protection Officer
          The SR Group (Singapore) Pte. Ltd
          See our address here.

          Sydney Office
          The Data Protection Team
          The Specialist Recruitment Group Pty Ltd
          See our address here.

          Melbourne Office
          The Data Protection Team
          The Specialist Recruitment Group Pty Ltd
          See our address here.

          New York Office
          The Data Protection Team
          The SR Group (US) Inc.
          See our address here.

          Other UK group companies:

          Anthony Davies – The Data Protection Officer
          The SR Group Holding Company Limited
          5 Fleet Place, London EC4M 7RD

          Anthony Davies – The Data Protection Officer
          The SR Group Investments Limited
          5 Fleet Place, London EC4M 7RD

          Anthony Davies – The Data Protection Officer
          The SR Group Intermediate Holdings Limited
          5 Fleet Place, London EC4M 7RD

          Anthony Davies – The Data Protection Officer
          The SR Group Holdings 2012 Limited
          5 Fleet Place, London EC4M 7RD

          Anthony Davies – The Data Protection Officer
          The SRG (Dubai) Limited
          5 Fleet Place, London EC4M 7RD

          Anthony Davies – The Data Protection Officer
          The SRG (Dubai) Limited
          5 Fleet Place, London EC4M 7RD

          21. Country Specific Information: Australia

          You are able to submit a complaint to the Australian Office of the Information Commissioner about any matter concerning your personal data, at http://www.privacy.gov.au/complaints.