Privacy Policy

Your Privacy Matters to Us

At ChapmanCG, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you interact with us whether as a candidate, client, business partner, or visitor to our website.

ChapmanCG operates globally, and we handle personal data transparently, responsibly, securely, and in accordance with applicable data protection laws.

What Information Do We Collect?

We may collect personal data when you communicate with us, use our services, attend our events, or visit our website.

Depending on your relationship with us, this may include:

  • Name, title, and company details
  • Contact information (email, phone, address)
  • Nationality and visa status
  • Professional background (career history, qualifications, skills, education)
  • Recruitment-related information (experience, preferences, expectations, remuneration)
  • Communications and correspondence
  • Event participation details, including photos taken at the session which may be posted online via social media platforms and the company website.

For candidates, we collect information necessary to provide executive search and recruitment services. We may also obtain information from referrals, publicly available sources, and professional networking platforms.

If you submit any personal information relating to other people to us, you represent that you have the authority to do so and to permit us to use the information in accordance with this Policy.

For clients and business contacts, we collect information relevant to managing professional relationships and delivering our services.

How Do We Use Your Information?

We use personal data to:

  • Deliver executive search and recruitment services
  • Assess candidate suitability
  • Manage client and business relationships
  • Respond to enquiries and requests
  • Share relevant industry insights, newsletters and invitations
  • Organise professional networking events
  • Comply with legal and regulatory obligations

We only collect and use information necessary for legitimate business purposes.

Legal Basis for Processing

We process personal data in accordance with applicable laws. Depending on the situation, this may be based on:

  • Your consent
  • Contractual necessity
  • Legitimate business interests
  • Legal obligations

Where we rely on legitimate interests, we ensure your privacy rights are respected.

Collection and Use of Personal Information

As a general principle, ChapmanCG collects personal information directly from you. This may occur when you:

  • communicate with us in person, by telephone, by post, by email, through our website, or via any other communication channels
  • provide your resume or other professional information
  • interact with us through publicly available sources, such as professional networking platforms, social media, published materials, or other publicly accessible channels

From time to time, ChapmanCG may send you communications relating to our services, including emails, articles, white papers, proposals, engagement materials, surveys, and other relevant information.

Where required by applicable law, such communications will be sent with your consent, and you may opt out at any time.

With your consent, we may occasionally use your information in company announcements or marketing materials.

For analytical and reporting purposes, we may aggregate or de-identify personal information so that it no longer identifies you or any individual. For example, this may include generating insights by industry, geography, or professional level.

How Do We Protect Your Information?

ChapmanCG uses appropriate technical and organisational security measures to safeguard personal data. Our information security program is guided by the NIST Cybersecurity Framework and the principles of ISO/IEC 27001.

These measures include:

  • Encryption of data at rest and in transit
  • Access controls, multi factor authentication and identity management
  • Data protection & backup
  • Endpoint security
  • Robust vulnerability management and malware protection
  • Security operations centre to monitor and respond to any threats
  • Information classification and asset management
  • Data input and transfer control
  • Security incident response and business continuity planning
  • Third-party vendors assessment and management

All ChapmanCG personnel and providers are bound by confidentiality obligations and receive data protection awareness training.

We do not share your data without your consent and we do no sell personal data.

Who May Receive Your Information?

Depending on the purpose, personal data may be shared with:

  • ChapmanCG consultants and support team employees
  • Clients (as part of recruitment services)
  • Trusted service providers, intermediaries and technology partners
  • Event partners or hosts
  • Legal or regulatory authorities where required

We ensure appropriate safeguards are in place when sharing personal data.

We do not assume any responsibility for the actions or omissions of third parties, such as clients, including the way they use Personal Information received either from ChapmanCG or from other independent sources.

International Data Transfers

As a global organisation, personal data may be transferred internationally.

Where this occurs, ChapmanCG applies appropriate safeguards to ensure your data remains protected, including recognised contractual and legal protections. We have standard contractual clauses (SCC) in place between all ChapmanCG entities to ensure the lawful and secure transfer of personal data.

How Long Do We Keep Your Data?

We retain personal data only for as long as necessary to fulfil business, legal, and regulatory requirements.

Retention periods depend on the nature of the data and the purpose for which it was collected.

Use of Artificial Intelligence (AI)

ChapmanCG may use Artificial Intelligence (AI) technologies to support certain aspects of our business operations, including recruitment services, research activities, data analysis, workflow optimisation, and communications.

AI technologies are used as supportive tools to enhance efficiency and service delivery. ChapmanCG does not rely solely on automated decision-making processes that produce legal or similarly significant effects, and appropriate human oversight is maintained.

AI technologies are used strictly for legitimate business purposes and in accordance with applicable data protection laws. ChapmanCG does not engage in unlawful profiling or intrusive AI-driven processing practices.

Personal data is not used to train AI models unless explicitly authorised, contractually permitted, or conducted in compliance with applicable legal requirements.

Where AI technologies are provided by third-party vendors, ChapmanCG ensures appropriate contractual and data protection safeguards are in place.

ChapmanCG is committed to responsible and ethical use of AI technologies and takes reasonable steps to minimise risks associated with bias, unfair outcomes, or unintended effects.

Your Rights

Depending on applicable laws, you may have rights including:

  • Access to your personal data
  • Correction of inaccurate information
  • Request for deletion
  • Restriction or objection to processing
  • Withdrawal of consent

To exercise your rights, please contact: privacy@chapmancg.com

Cookies

Information about how we use cookies is available in our Cookie Policy.

Questions or Concerns

If you have questions about this Privacy Policy or how we handle personal data, please contact:
privacy@chapmancg.com

Updates to This Policy

We may update this Privacy Policy periodically to reflect legal, regulatory, or business changes. The latest version will always be available on our website.

This Privacy Policy was last updated in February 2026.

Privacy Policy | ChapmanCG