Privacy Statement

Ensuring your privacy is key to
our business

No surprises

We will tell you clearly how your personal data is used in our business.

YOUR CAREER ALLY

Your data is key to our business, so we'll mind it as if it was our own.

No spam

We will always aim to send you information that is relevant to you.

THE BARE ESSENTIALS

We won’t collect information that we don’t need.

WHEN IT’S NO LONGER NEEDED – IT’S GONE

We won’t hold onto information that we don’t need!

General Privacy Statement

  • ABOUT MORGAN MCKINLEY AND WHAT WE DO

    +

    The Morgan McKinley Group provides recruitment solutions to meet our clients’ needs by connecting specialised talent with leading employers across multiple geographies, industries and disciplines.

    We are a recruitment agency and recruitment business as defined in the applicable employment and industry specific legislation and regulations, including but not limited to, the Employment Agencies and Employment Businesses Regulations 2003 (our business).

    Within the Morgan McKinley Group, we also provide other services as follows: executive search, managed services, and consultancy, acting in the capacity of Processor.

    This Privacy Statement applies to the companies listed in Group Companies & Supervisory Authority (together the “Morgan McKinley Group”).

  • OVERVIEW OF OUR APPROACH TO PRIVACY

    +

    We are a global recruitment business. We connect specialised talent with leading employers across multiple industries and disciplines and we collect personal data in order to provide these services.

    In the Morgan McKinley Group the protection of your personal data is very important to us because we recognise how important it is to you, and quite simply, YOU are OUR business.

    In most cases Morgan McKinley Group is the controller of personal data processed as described in this Privacy Statement for the purposes of the General Data Protection Regulation in Europe (“GDPR”). When providing services under the M3S and Accreate trading names, we act generally as a data processor.

    This Privacy Statement applies to the processing of personal data by the Morgan McKinley Group in its role as controller of personal data under the GDPR. Personal data includes any data about a person that enables them to be identified from that data. This Privacy Statement describes our approach to privacy. It includes detailed information about the type of personal data that we process and how it is used and managed within the Morgan McKinley Group.

  • WHOSE PERSONAL DATA DO WE HAVE?

    +

    This Privacy Statement applies to personal data we process in relation to:

    • Candidates
    • Clients
    • Suppliers
    • Website Users

    As a recruitment business we connect those looking for a job (“Candidates”) with businesses who are looking for Candidates (“Clients”). For the purposes of this Privacy Statement, a Candidate is:

    • an active job seeker;
    • someone we identify as a potential job seeker;
    • a contractor of Morgan McKinley Group.

    Our services include:

    • the placing of Candidates with Clients in permanent and contract positions. A contract position is where the Candidate is supplied to a Client of Morgan McKinley Group and is engaged on a contract of, or for, service, is operating via a personal service or umbrella company, or is an employee;
    • a managed service offering, where bespoke sourcing and managed recruitment solutions are provided to meet the needs of the Client.

    This Privacy Statement is not applicable to employees of Morgan McKinley Group.

  • SHARING OF PERSONAL DATA

    +

    We will need to share your information in order to provide services to you. We will always ensure that any transfer of personal data is undertaken in compliance with the law and ensures that appropriate technical and organisational measures are undertaken by any processor or sub-processor.

    In certain circumstances, we may disclose personal data as follows:

    • between the companies in the Morgan McKinley Group in order to provide services to Candidates and Clients;
    • to business partners and sub-contractors for the performance of any contract relating to services provided for the purposes of servicing our Clients and Candidates, including email, chat, ticketing, CRM, ATS, payment processors, data aggregators, hosting service providers, external consultants, auditors, IT consultants and lawyers;
    • to analytics and search engine providers that assist us in the improvement and optimisation of the Website. This consists of information relating to the web pages visited on the Website and tracking codes from service providers like LinkedIn, Google and Marketo;
    • if a company in the Morgan McKinley Group or substantially all of its assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets;
    • if we are under a duty to disclose or share personal data in order to comply with any legal obligation (including tax, audit or other authorities), or in order to enforce or apply any contracts that we have; and/or
    • to protect our rights, property, or safety, or that of our Clients, Candidates or others. This may include exchanging information with other companies and organisations for the purposes of fraud protection.

    More specifically, we may share Candidate information with the following parties:

    • Clients and potential Clients;
    • third party representatives of our clients;
    • third parties providing verification services (for example, criminal record checks/ pre-employment screening services and assessments);

    We may be required to share references provided by Associate Contacts of Candidates in the event of an access request by the Candidate.

  • HOW DO YOU ACCESS/UPDATE/DELETE YOUR DATA

    +

    You have various rights relating to how your personal data is used including the right:

    • to ask for access to the information we hold on you;
    • to change information you think is inaccurate;
    • to delete information (your right to be forgotten);
    • to ask us to limit what we use your data for;
    • to have your personal data moved to another provider (data portability);
    • to make a complaint.

    You have various rights relating to your personal information and how it is used by Morgan McKinley Group as follows:
    You can ask for access to the information we hold on you. When we receive a request from you in writing, we must give you access to the information you have requested as well as details of the processing, the categories of personal data concerned and the recipients of the personal data. We will provide the first copy of your personal data free of charge but we may charge you a reasonable fee for any additional copies.

    You can ask to change information you think is inaccurate. You should let us know if you want to change the personal data we hold. We may not always be able to change or remove that information, but we will correct factual inaccuracies and may include your comments in the record.

    You can ask to delete information (your right to be forgotten). In some circumstances you can ask for your personal information to be deleted, for example, where:

    • your personal information is no longer needed for the reason that it was collected in the first place;
    • you have removed your consent for us to use your information (where we have no other legal reason us to use it);
    • there is no legal reason for the use of your information;
    • deleting the information is a legal requirement.

    Where your personal information has been shared by the Morgan McKinley Group with others, we will do what we can to make sure those using your personal information on our behalf as processors comply with your request for erasure. Please note that we can’t delete your information where:

    • we are required to have it by law;
    • it is used for freedom of expression;
    • it is used for public health purposes;
    • it is used for scientific or historical research or statistical purposes where deleting the data would make it difficult or impossible to achieve the objectives of the processing; or
    • it is necessary for legal claims.

    We cannot give you access to a copy of your data if this would adversely affect the rights and freedoms of others. For security reasons we will not give you access to credit/debit card details but will delete these from our systems at your request.

    • You can ask us to limit what we use your personal data for

      You have the right to ask us to restrict what we use your personal data for where:

      • you have identified inaccurate information, and have told us of it;
      • where we have no legal reason to use that information but you want us to restrict what we use it for rather than erase the information altogether.

      When personal data is restricted, it can’t be used other than to: securely store the data, with your consent, to handle legal claims and protect others, or where it is for important public interests.

      Where restriction of use has been granted, we will inform you before we carry on using your personal data.

      You have the right to ask us to stop using your personal data for any of our services. Where possible we will seek to comply with your request, but we may need to hold or use data because we are required to by law. You should also be aware that if your request is approved this may cause delays or prevent us delivering that service.

    • You can ask to have your personal data moved to another provider (data portability)

      You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called data portability.This right only applies to data stored in electronic form where we’re using your personal information on the grounds of consent or pursuant to a contract with you. It does not apply where it would adversely affect the rights and freedoms of others.

    • You can make a complaint

      You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law took place.

  • SECURITY MEASURES

    +

    We monitor for and do everything that we can to prevent security breaches.

    We will take all steps reasonably necessary to ensure that all personal data is treated securely in accordance with this Privacy Statement and the relevant law.

    In particular, we have put in place appropriate technical and organisational procedures to safeguard and secure the information we manage and collect.

    To protect the privacy and security of personal data, we will also take reasonable steps to verify your identity before granting access to information as appropriate.

    Once we have received your information, we will use strict procedures and security features for the purpose of preventing unauthorised access.

    We also use secure connections to protect personal data during its transmission. Where you have been given (or where you have chosen) a password which enables you to access services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

    If you think that there has been any loss or unauthorised access to personal data of any individual please let us know immediately.

  • CROSS BORDER DATA TRANSFERS

    +

    We may share personal data outside the EU, however we will always ensure that this is done in compliance with the relevant laws.

    As a global organisation we use and share personal data both inside and outside the EU. We ensure that any transfer of data outside the EU is undertaken using legally compliant transfer mechanisms and in accordance with the GDPR.

    When we transfer personal data outside of the EU, we generally rely on the Standard Contractual Clauses under Article 46.2 of the GDPR adopted by the EU Commission however we may also rely on some of the other legally compliant transfer mechanisms.

  • THIRD PARTY WEBSITES

    +

    We are responsible for our own privacy practices, not those of a third party.

    You may access Morgan McKinley Group services through links to and from third party websites. If you follow a link to any of these websites, please note that these websites may have their own privacy statements. We do not accept any responsibility or liability for these third party websites nor do we provide support for their services. Please undertake the appropriate due diligence before submitting any personal data to these websites.

  • AMENDMENTS TO THIS PRIVACY STATEMENT

    +

    We will update the date on this Privacy Statement when we make changes to it.

    We will post any changes on the website and when doing so will change the updated date at the top of this privacy statement. If you are not happy with any changes that we have made, we understand you may wish to cease using our services

    In some cases we may provide you with additional notice, for example by email, of changes to this Privacy Statement. If we deem the changes to be material, we will provide you with such additional notice well in advance of the changes taking effect.

  • HOW TO CONTACT US

    +

    You can write to us at:

    privacy@morganmckinley.com

    Data Protection Officer

    Morgan McKinley

    Connaught House

    No. 1 Burlington Road

    Dublin 4

    Ireland

    Please contact us if you have any questions about this Privacy Statement or the information we hold about you.

  • Group companies & supervisory authority

    +

    As well as contacting us, you can contact the Data Protection Supervisory Authority relevant to you if you have any concerns about this Privacy Statement, or about the way we are processing your personal data.

    This Privacy Statement applies to the following companies in the Morgan McKinley Group. Please also see the contact details for the Supervisory Authority relevant to you below.

    Morgan McKinley Group Company Relevant Supervisory Authority
    In the United Kingdom: Morgan McKinley Group Limited (trading as “Morgan McKinley”) is a company registered in the UK, company number 03037211 and registered office at 7th floor, 61 Aldwych, London, WC2B 4AE, United Kingdom The Supervisory Authority in the United Kingdom may be contacted at the following postal address if you have any concerns or questions about the processing of your personal data:
    Information Commissioner's Office,Wycliffe House, Water Lane, Wilmslow,Cheshire SK9 5AF, United Kingdom
    In Ireland: Morgan McKinley, La Creme, M3S and Accreate are registered business names of Premier Recruitment International UC. Premier Recruitment Int’l is a company registered in Ireland, company number 131679 and registered office 4th floor, 6 Lapps Quay, Cork, Ireland, T12 XE1V The Supervisory Authority in Ireland may be contacted at info@dataprotection.ie you have any concerns or questions about the processing of your personal data.
    In Australia: Morgan McKinley Pty Limited, a company registered in Australia, company number 124730098 and registered office Level 9, 383 Kent Street, Sydney, NSW 2000 The Supervisory Authority in Ireland may be contacted at info@dataprotection.ie you have any concerns or questions about the processing of your personal data.
    In Singapore: Morgan McKinley Pte Limited, a company registered in Singapore, company number 200503018E and registered office 1 Raffles Place #47-02 One Raffles Place Tower 1 Singapore 048616 The Supervisory Authority in Ireland may be contacted at info@dataprotection.ie you have any concerns or questions about the processing of your personal data.
    In Hong Kong: Morgan McKinley Limited, a company registered in Hong Kong, company number 774413 and registered office Suite 3407, Lippo Centre, Tower II, 89 Queensway, Admiralty, Hong Kong The Supervisory Authority in Ireland may be contacted at info@dataprotection.ie you have any concerns or questions about the processing of your personal data.
    In Japan: Morgan McKinley KK, a company registered in Japan, company number 0104-01-054224 and registered office Holland Hills Mori Tower 17F | 5-11-2 Toranomon Minato-ku | Tokyo 105-0001, Japan The Supervisory Authority in Ireland may be contacted at info@dataprotection.ie you have any concerns or questions about the processing of your personal data.
    In China: Morgan McKinley Job Intermediary (Shanghai) Co. Ltd , and registered office Suite 6106, Tower 1, Plaza 66, No.1266 West Nanjing Road, Shanghai 200040, China The Supervisory Authority in Ireland may be contacted at info@dataprotection.ie you have any concerns or questions about the processing of your personal data.
    In Canada: Morgan McKinley Inc, a company registered in Canada, company number BC1118752 and registered office Suite 400,725 Granville Street, Vancouver, BC, Canada V7Y 1GS The Supervisory Authority in Ireland may be contacted at info@dataprotection.ie you have any concerns or questions about the processing of your personal data.

Candidate Privacy

  • OVERVIEW OF CANDIDATE DATA

    +

    We want to explain clearly how we process the Candidate personal data that we hold.

    In order to provide our recruitment services we need to collect personal data relating to our Candidates. This section of the Privacy Statement provides specific information relating to Candidates.

  • CANDIDATES & ASSOCIATED CONTACTS

    +

    Our Candidates are individuals to whom we provide our services, for example advising them and assisting them to find a new career opportunity.

    As a recruitment business we connect those looking for a job (“Candidates”) with businesses who are looking for Candidates (“Clients”). For the purposes of this Privacy Statement a Candidate includes:

    • an active job seeker who registers with us with the purpose of us helping them to find a job, or applies to a role that we have advertised;
    • someone who we have placed with a Client whether on a permanent or contract basis;
    • someone we identify as a potential job seeker (for more information see Sources of Personal Data);
    • for the purposes of this Privacy Statement a contractor of Morgan McKinley Group is defined as a Candidate.

    An “Associated Contact” of a Candidate means individuals whose contact details are provided to us where, for example:

    • a Candidate may make a referral of another jobseeker;
    • a Candidate may provide the details of their emergency contacts;
    • a Candidate may provide us the details of a referee;
    • A Client Contact with whom Morgan McKinley Group has/had a Candidate on contract assignment, may provide a reference for that Candidate.
  • SOURCES OF PERSONAL DATA

    +

    We have a large variety of sources of Candidate data. We will only ever source data that is necessary to provide services to you and in a way that would be generally expected.

    We receive personal data about Candidates from a variety of sources. The primary source is from our Candidates directly. Examples of the sources of personal data of Candidates are as follows:

    • the Candidate may send their CV to us with the intention of registering with us to be informed of potential job vacancies;
    • the Candidate may apply directly to a position advertised on a Morgan McKinley Group website;
    • the Candidate may apply to a position advertised on a third party jobs website;
    • the Candidate may be sourced from publicly accessible platforms where Morgan McKinley employees are also registered users, for example LinkedIn;
    • the Candidate may be sourced from third party CV providers such as jobs websites who provide CV search facilities and where users have made their CV data available to registered customers of these sites;
    • we receive Candidate information when the Candidate interacts with our communications e.g. websites and advertisements;
    • we may receive personal data about a Candidate from nominated referees of the Candidate or from other Associated Contacts of the Candidate;
    • the Candidate may be referred to us from a Client who wishes us to payroll the Candidate as a contractor;
    • when we are providing a managed services solution to a client, the Candidate may be referred to us from a third party recruitment business which is a supplier to us for that client;
    • when we are providing a managed services solution to a client, the Candidate may be referred to us directly from that client requesting that we process their application on their behalf.
  • LAWFUL PROCESSING

    +

    We have to process personal data legally. If we look for consent we will always ensure that Candidates know what they are consenting to. We may also process personal data without consent but only if that is compliant with the GDPR and/or is in line with the reasonable expectations of Candidates and Associated Contacts.

    Under the GDPR we must have a lawful basis for processing all personal data. The GDPR sets out the grounds where processing of personal data can be undertaken legally. The main grounds used by Morgan McKinley Group to process personal data are as follows:

    Contract
    If we have a contract with a Candidate, such as a contract worker, or where the Candidate has entered into a work finding services agreement for the provision of services, we will process personal data in order to fulfil the requirements of the contract, or to undertake set up requirements prior to entering into the contract.

    Legal Obligation
    If we have a legal obligation to process personal data, such as the payment of taxes, we will process personal data on this legal ground.

    Legitimate Interests
    The GDPR states that we may process personal data “if necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data”. We may use legitimate interests where we do not have GDPR compliant consent, or where the information is collected indirectly about Candidates (see Sources of Personal Data). We have assessed the scenarios where we use legitimate interests as a legal ground for processing and we consider our processing is in line with Candidate expectations and that there is a balance between our interests, and those of Candidates. Candidates may object to any processing undertaken on the grounds of legitimate interests. To find out How do you Access / Update / Delete Your Data, please read that section of our General Privacy Statement.

    Consent
    Consent may be collected when a Candidate applies to a position advertised on our websites, or when a candidate completes our registration process (see Sources of Personal Data). Where we are unable to collect consent for a particular processing activity we will only process personal data if we have another lawful ground.

    Defence of legal claims
    In limited circumstances and in accordance with the law we may use Candidate information in the defence of legal claims or enforcing legal rights, such as IP rights.

    Assessment of employee working capacity
    In certain circumstances, particularly in the case of a contract worker, we may be required to assess the working capacity of that worker and we will operate under this legal ground in relation to any tests or assessments undertaken involving the processing of sensitive personal data.

  • HOW WE USE CANDIDATE PERSONAL DATA

    +

    We want to ensure that the personal data is used for the purposes that you would expect and our ultimate goal is that there should be no surprises for Candidates in the way that personal data is used by Morgan McKinley. Personal Data is used for the following key business activities to ensure that we can deliver the best recruitment services to you:

    • Recruitment Services
    • Marketing
    • Finance
    • IT
    • Legal
    • Equal Opportunities & Diversity

    Recruitment Services
    Our business is to assist and advise Candidates in their search for job opportunities. In providing our services, we may use personal data for the following purposes (we will only ever use the personal data as described here if we have a legal basis for doing so):

    • to keep in contact with Candidates, to inform, update and discuss new relevant job opportunities and any subsequent progression through the job search process, for example about interviews, job offers, onboarding, and in the case of contract workers, the timesheet and payment processes;
    • to keep up to date information about the Candidate in relation to their job search process and their requirements, in order to assess their suitability for current or future vacancies for example based on their previous skills and experience overall, their own statements about career aspirations, professional development, strengths and weaknesses, their level of managerial experience, professional qualifications;
    • to contact referees as part of the recruitment process for permanent roles or as part of the screening process for contract roles;
    • to record emergency contact details for contract workers;
    • to understand the profile of organisations in which Candidates are currently / previously employed;
    • to create a record/file for the Candidate on our internal systems to associate all notes and tracking throughout the job search, interview, placement, onboarding and contracting process;
    • to understand current and expected salary, notice period and available, current and required locations in order to enhance and impact the success of the matching process and ensure the Candidate is provided with the most relevant opportunities;
    • to develop the relationship between Morgan McKinley Group and the Candidate and ensure a more personalised service;
    • to meet the requirements of the Client application process including criminal record and credit checks (where relevant);
    • to verify the information provided by Candidates using evaluations and tests (including functional capability and psychometric testing) at the request of the Client;
    • to pay referral fees;
    • to retain evidential proof of the identity of the Candidate;
    • to share Candidate information with Clients. We are not responsible for the processing activities of Clients once a Candidate’s personal data has been shared. Please refer to the Privacy Statement of the relevant Client;
    • to carry out our obligations under Client contracts;
    • to enable Candidates to participate in our career development services
    • to tailor our products and services to better identify the right Candidates and present the right opportunities at the right time and meet Candidate and Client needs more effectively;
    • to undertake modelling based on demographic, behavioural, geographic data in order to produce lead scores that may predict the jobs, locations and companies Candidates are most likely to be interested in, or to predict which Candidates our Clients are most likely to hire;
    • to undertake profiling for the purposes of semi-automated or manual decision making about Candidates.

    Marketing
    We aim to provide Candidates with information that is relevant and personal to the service that they expect to receive from us. When drafting and sending marketing communications, we may use personal data for the following purposes:

    • to personalise and make the marketing information sent as relevant as possible;
    • to ask for your help in relation to sharing information about opportunities we may have, with your network;
    • to aggregate data used as part of surveys or to produce market insights;
    • to segment and distribute targeted marketing;
    • to follow up with attendees of our events/webinars or to contact attendees about current or future opportunities;
    • to ask for your opinion about our products or services;
    • to produce aggregated models to predict trends and produce market insights.

    Finance
    We may use and create personal data about Candidates for the purposes of making and receiving payments including the following scenarios (we will only ever use the personal data as described here if we have a legal basis):

    • to make an offer of salary and benefits to a Candidate on behalf of a Client in relation to a specific job offer;
    • to generate placement activity on our central systems in order to invoice a Client;
    • to benchmark salaries for Candidates with similar experience or for companies with similar vacancies;
    • to undertake financial audits;
    • to communicate payroll and other financial information to Candidates and Clients.

    IT
    We are continuously developing our software and systems to improve the services that we provide to our Candidates. We use personal data in some cases to facilitate that development including the following (we will only ever use the personal data as described here if we have a legal basis):

    • to gain customer insights to help optimise and develop new products and services for Candidates;
    • to store and backup information;
    • to undertake modelling to identify improvements and efficiencies in the recruitment process.

    Legal
    We may need to process certain personal data as part of our legal obligations, and to ensure our recruitment practices are in line with our diversity programmes. We may use personal data for the following purposes (we will only ever use the personal data as described here if we have a legal basis):

    • to capture consent/contract acceptance on paper or electronic registration forms, terms & conditions or forms;
    • to comply with our legal obligations in respect of: the collection of taxes, levies, contributions; the detection of crime; labour standards; anti-bribery legislation; and industry specific legislation;
    • to comply with Client requests relating to their employment practices;
    • to comply with the law in certain jurisdictions;
    • to fulfil contractual obligations with Clients and vendors, for example, in relation to the enforcement of intellectual property rights.

    Equal Opportunities & Diversity
    We may process certain personal data as part of our commitment to Equal Opportunities & Diversity, for example to ensure our recruitment practices are in line with our diversity programmes. We may use personal data for the following purposes (we will only ever use the personal data as described here if we have a legal basis):

    • to promote diversity or inclusion in the workplace.

    A Candidate’s personal data relating to diversity is held anonymously and used for statistical purposes only.

  • THE PERSONAL DATA WE HAVE

    +

    This section describes the personal data that we collect about Candidates. We only collect the personal data that we require in order to provide the best service to you and deliver the services that you expect. We have described here in as much detail as possible the personal data that we use in order to provide our services and the purposes for which it is used. For further information on the purposes click here.

    Depending on the scope of the relationship that we have with you as a Candidate (described here) we may collect some or all of the following personal data. The personal data collected will also depend on the country where the information is being collected and local laws. We use the personal data as described in How we Use Personal Data and we have outlined the relevant purposes in the table below:

    Examples of Personal Data Purpose for collection
    Associated Contact information including phone number, email address, social media links, home address, email marketing permissions, SMS permissions.
    • Recruitment Services
    • Marketing
    • Marketing
    • IT
    • Legal
    • Finance
    Candidate CV including date of birth, employment history, skills/ experience, languages, educational history, qualifications, membership of professional associations, contact details of employer references/character references, licenses held, interests and hobbies.
    • Recruitment Services
    • Marketing
    • Finance
    • IT
    • Legal
    • Equal Opportunities & Diversity
    Candidate special categories of personal data including diversity data such as gender, religion, ethnic origin, sexual orientation, but we will only source this data with the direct consent of Candidates.
    • IT (data storage)
    • Legal
    • Equal Opportunities & Diversity
    Candidate registration data including systems assigned identifiers (like ID, Morgan McKinley Office, Morgan McKinley Group Brand, Morgan McKinley Consultant), date record added, Work Finding Services Agreement (in relevant locations), Candidate registration form (with Associated Contact Data), Candidate Terms and Conditions.
    • Recruitment Services
    • Marketing
    • Finance
    • IT
    • Legal
    • Equal Opportunities & Diversity
    Candidate application data including salary, notice period, details of visa or eligibility to work, photographic images, video applications if available, desired salary, CV received date, ‘referred by’.
    • Recruitment Services
    • Marketing
    • Finance
    Candidate metadata from candidate including summary of recency, frequency and timeline of email engagement from Candidate emails / marketing interaction.
    • Recruitment Services
    • IT
    Candidate compensation data including salary and benefits offered to the Candidate by Client.
    • Finance
    • IT
    Candidate contractor’s payroll data including bank details, tax information and documentation, social security information, National Insurance/Social Security Number, payment information, Limited / Umbrella Company details.
    • Finance
    • IT
    Candidate Career and Event Management Registration Data including Name, Contact Email Address, Account Information, Unsubscribe details, subscription preferences, Web metadata.
    • IT
    Associated Contact Referees including Name, Phone Number, Email Address and reference details.
    • Recruitment Services
    • IT
    Associated Contact Emergency Contact including Name, Phone Number, Email Address and relationship to Candidate.
    • Recruitment Services
    • IT
  • RETENTION OF CANDIDATE INFORMATION

    +

    Our aim is to build lasting relationships with our Candidates and thus to contribute to long term career success and development. So our goal is to continue to engage and interact with Candidates even after they have secured a new position - for example to keep them informed of market developments, invite them to topical seminars and networking events, and to be on hand to offer advice about career planning. But, we recognise that the level of engagement we have with different Candidates will vary and so our retention policy is designed to reflect this. If we lose touch with a Candidate we recognise that the personal data we collected is no longer needed for the purpose for which it was collected and we won't retain it any longer.

    Examples of the activities that we would consider evidence of our ongoing engagement with a Candidate and thus a reason to continue holding their data include:

    • the Candidate meeting one of our consultants, to register for new opportunities, or for example to update on their situation and seek career advice or some other professional input;
    • us sending a Candidate’s CV to a Client for consideration for a role;
    • us arranging an interview between the Candidate and a Client;
    • us exchanging email correspondence or having telephone conversations with the Candidate;
    • the Candidate interacting with us in other ways for example, clicking to open our market insights, newsletters, surveys etc.

    Specifically in relation to marketing, personal data will be retained for (i) a period of twelve months following the date of the last engagement by a Candidate with a marketing communication or (ii) the date the Candidate unsubscribes from marketing communications, whichever is earlier.

    Specifically in relation to Recruitment Services, IT, Finance, Legal, Equal Opportunities & Diversity, personal data will be retained in accordance with the above statements unless we are required to keep it for legal reasons. It will then only be retained for the period required by law and will not be further processed for any other purpose.

Client & Supplier Privacy

  • OVERVIEW OF CLIENT CONTACT & SUPPLIER CONTACT DATA

    +

    We want to explain clearly how we process the Client Contact and Supplier Contact personal data that we hold.

    In order to provide our recruitment services we need to collect personal data relating to Client Contacts and Supplier Contacts and this section of the Privacy Statement provides specific information relating to the information collected.

  • CLIENT CONTACTS

    +

    Client Contacts include individuals working for businesses who employ the types of Candidates that we specialise in sourcing.

    For the purposes of this Privacy Statement, a Client Contact includes members of Client staff, whose contact details we hold, and members of staff of a company who we deem a potential Client of ours, and whose contact details we hold.

  • SUPPLIER CONTACTS

    +

    Supplier Contacts include individuals working for businesses who may provide services to us.

    For the purposes of this Privacy Statement, Supplier Contacts include anyone working in a business that is a supplier or potential supplier of services to us.

  • SOURCES OF PERSONAL DATA

    +

    We source Client Contact and Supplier Contact information in order to serve the business relationship. We will only ever source personal data that is necessary and in a way that would be generally expected.

    We receive personal data about Client Contacts and Supplier Contacts from a variety of sources, as follows:

    • the information is often provided by the Client Contact or Supplier Contact, or created by Morgan McKinley Group as part of the business relationship;
    • the information may be collected from public sources;
    • the information may be collected indirectly from another person within the Client or Supplier Business;
    • the information may be collected through our website as part of registration;
    • the information may be collected indirectly from a website or from a third party.

  • LAWFUL PROCESSING

    +

    We have to process personal data legally. We will process Client Contact or Supplier Contact personal data in a manner that is compliant with the GDPR and in line with reasonable expectations.

    We have to have a lawful basis for processing all personal data. The GDPR sets out the grounds where processing of personal data can be undertaken lawfully. The main lawful grounds used by Morgan McKinley Group to process personal data of Client Contacts and Supplier Contacts are as follows:

    Legal Obligation
    If we have a legal obligation to process personal data, such as the payment of taxes to revenue.

    Legitimate Interests
    The GDPR states that we may process personal data “if necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data”. It is considered reasonable to use Client Contact and Supplier Contact personal data for our legitimate interests for our business relationship or potential relationship with Clients and Suppliers.

    Client Contacts and Supplier Contacts may object to any processing undertaken on the grounds of legitimate interests. To find out How do you Access / Update / Delete Your Data, please read that section of our General Privacy Statement.

    Defence of legal claims
    In limited circumstances and in accordance with the law we may use Client Contact and Supplier Contact information in the defence of legal claims.

  • HOW WE USE PERSONAL DATA

    +

    We want to ensure that the personal data is used for the purposes that you would expect and our ultimate goal is that there should be no surprises for Client Contacts or Supplier Contacts in the way that personal data is used by Morgan McKinley. To ensure that we can have a good business relationship with our Clients and our Suppliers, Personal Data is used for the following key business activities:

    • Client Recruitment Services
    • Marketing
    • Finance
    • IT

    Client Recruitment Services
    Our business is to find the right Candidates for our Clients and also the right Clients for our Candidates. We use Client Contact personal data as part of that business for the following purposes:

    • to keep in contact with Client Contacts to discuss and review their hiring needs and requirements;
    • to inform, update and discuss Candidates that might be of interest to the Client;
    • to organise and schedule interviews with Candidates;
    • to inform the Client about progression of a Candidate through the recruitment process, to discuss the placement and on-boarding of a Candidate, and communication relating to the payment process;
    • to discuss any reference or other pre-screening information provided for a Candidate;
    • to understand the type of Candidates required by the Client, and build up knowledge and understanding of the Client organisation and its structure;
    • to create a record/file for the Client on our internal systems to associate all notes and tracking throughout the job search, interview, placement, on-boarding and contracting process;
    • to develop the relationship between Morgan McKinley Group and the Client and ensure a more personalised service;
    • to send Client Contact information to Candidates in relation to the interview and on-boarding process; and
    • to carry out our obligations under our contract with the Client.

    Marketing
    We aim to provide Client Contacts and Supplier Contacts with information that is relevant and personal to the service that they expect to receive from us. We may use their personal data as follows:

    • to personalise the marketing information that we send;
    • to provide relevant information that we consider may be of interest;
    • to aggregate data used as part of surveys or to produce market insights;
    • to segment and distribute targeted marketing;
    • to follow up with attendees of our events/webinars; and to ask for opinions about our products or services.

    Finance
    We use personal data about Client Contacts and Supplier Contacts for the purposes of making and receiving payments as follows:

    • to generate placement activity on our central systems in order to invoice the Client; and
    • to communicate payroll and other financial information to Clients and Suppliers.

    IT and Analytics
    We are continuously developing our software and systems to improve the services that we provide to our Clients and Suppliers. We use Client Contact and Supplier Contact personal data in some cases to facilitate that development as follows:

    • to gain insights to help optimise products, and to develop new products and services for Candidates and Clients;
    • to tailor our products and services to better identify the right opportunities at the right time and meet Client needs more effectively;
    • to produce aggregated models to predict trends and produce market insights;
    • to undertake modelling to produce lead scores in order to predict which Candidates our Clients are most likely to hire;
    • to undertake modelling to identify improvements in efficiencies in the recruitment process; and
    • to store and backup information.

  • THE PERSONAL DATA WE HAVE

    +

    Morgan McKinley Group collects and processes very limited information about Client Contacts and Supplier Contacts. We only collect the personal data that we require in order to ensure we can have a productive business relationship with Clients and Suppliers.

    Client Contact Personal Data Purpose
    The types of data we process include: name, phone number, email address, marketing permissions, company, job title, reporting line, Candidate feedback, last contact details and timeline communications.
    • Client Recruitment Services
    • Marketing
    • Finance
    • IT
    Supplier Contact Personal Data Purpose
    The types of data we process include: name, phone number, email address, marketing permissions, company, job title.
    • Marketing
    • Finance
    • IT
  • RETENTION

    +

    Our mission is to build lasting relationships with Clients for the purposes of finding the Client the right people for the Client business.

    We only retain Client Contact and Supplier Contact personal data for as long as it is needed for the purpose for which it was collected. After that it is deleted from our systems.

Website Users Privacy

  • OVERVIEW OF WEBSITE USERS

    +

    We want to explain clearly how we process the Website User personal data that we hold.

    For the purposes of this Privacy Statement a Website User is any individual who accesses any of the Morgan McKinley Group websites (the “Website”).

    We collect personal data relating to Website Users and this section of the Privacy Statement provides specific information relating to the information collected.

  • SOURCES OF PERSONAL DATA

    +

    We source Website User information in order to improve our services and develop the Website.

    We receive personal data about Website Users who access our advertisements or our Website regardless of whether they interact or register with the Website.

  • LAWFUL PROCESSING

    +

    We have to process personal data legally. If we look for consent we will always ensure that Website Users know what they are consenting to. We may also process personal data without consent but only if that is compliant with the GDPR and is in line with the Website User’s reasonable expectations.

    We have to have a lawful basis for processing any personal data. The GDPR sets out the grounds where processing of personal data can be undertaken lawfully. The main lawful grounds used by Morgan McKinley Group to process personal data of Website Users is on the grounds of consent or because we believe that it is in the legitimate interests of the Website User and us.

  • HOW WE USE PERSONAL DATA

    +

    We want to ensure that the personal data is used for the purposes that you would expect and our ultimate goal is that there should be no surprises for Website Users in the way that personal data is used by Morgan McKinley Group.

    We have described here the purposes for which Website User information is used by Morgan McKinley Group.

    We generally use Website User data for Website performance analytics and to improve the service that we provide to each Website User. We try to present the information that might be of interest to Website Users based on their browsing history.

    If you would like to know more about cookies please click here.

  • THE PERSONAL DATA WE HAVE

    +

    Morgan McKinley Group collects and processes very limited information about Website Users. We only collect the personal data that we require in order to deliver and improve the services we provide.

    Types of Website User Personal Data include:

    • Information that identifies you as an individual or relates to an identifiable individual, including: CV, name, title, company name, job function, expertise, postal address, telephone number, or email address.
    • Information that does not reveal your specific identity or does not directly relate to an identifiable individual. This might include, for instance, browser and device information; App usage data; information collected through cookies, pixel tags, and other technologies; demographic information and other information provided by you; or aggregated information. We use this information to facilitate our operation of the Sites and for delivering our service and marketing our service to you.

  • RETENTION

    Our mission is to build lasting relationships with our customers.

    +

    We will only retain personal data for as long as it is needed for the purpose for which it was collected. After that it is deleted from our systems.