At ChapmanCG, we value your trust and respect your privacy. This is why we are fully committed to ensuring that all personal data collected is managed responsibly and in accordance with data protection laws, as well as our obligations of confidentiality.
2. What personal data do we collect?
ChapmanCG collects personal information about you, such as your name, company, email address and physical address, when you provide it to us.
For example you may submit a resume, respond to employment opportunities, participate in online courseware, register for ChapmanCG networking meetings or webinars, or provide information about yourself to our employees via e-mail or telephone.
We also collect personal information about you from third parties, including through:
- reference checks
- when someone recommends that we consider you for a position
- other sources such as public databases, joint marketing partners and publicly accessible data online such as social media platforms.
In the course of our services, we also may collect the following personal information about potential candidates:
- name and company details
- contact details including address, telephone number, e-mail address
- resume information such as your employment history, education, professional credentials, memberships in professional organisations, skills
- other information you or others may provide as part of our work, such as remuneration information and expectations, referrals and recommendations
We may also use photos of you that you provide to us or that you make publicly available (e.g. LinkedIn website) for internal reference purposes only.
Photos taken of attendees at our HR leaders meetings are posted on social media platforms.
If you submit any personal information relating to other people to us, you represent that you have the authority to do so and to permit us to use the information in accordance with this Policy.
3. Why do we need your personal data?
We collect your personal data so that we can:
- provide our services to our clients and candidates
- manage your requests, enquiries, or complaints
- provide our assessment for our client for the positions we are seeking to fill on their behalf
- maintain and promote our business or employer-employee relationships
- inform you of possible work opportunities, relevant candidates, and/or other events that are of relevance to you, such as our HR networking sessions
- inform you of global HR updates, insights and market trends. Global HR updates will be sent to the ChapmanCG HR community unless individuals have unsubscribed or opted out
- pay you (should you be engaged as an employee or contractor)
- fulfil any applicable contractual, legislative, filing and/or reporting obligations.
We will notify you of the purposes of holding your data at point of collection based on contact information available at that time.
We only collect a limited amount of information about you that is necessary for providing our services.
4. How we collect personal data?
Generally, ChapmanCG collects your personal data directly from you. For example, when you:
- deal with us in person, by phone, letter, email, via our website, or any other forms of communication
- supply us with your resume
- connect via publicly accessible channels, such as social media, networking groups & sites, published sites and papers, etc.
ChapmanCG may from time to time send emails, articles, white papers, proposals, engagement letters, surveys and other information regarding our services.
Occasionally, and with your consent, we may use your information in company announcements and direct marketing materials.
For reporting purposes, we may aggregate or de-identify personal information in such a manner that the end-product does not personally identify you or any other individual, for example, to generate norms by industry, geography, level etc.
6. How do we keep your personal data accurate and up-to-date?
ChapmanCG will take all reasonable steps to ensure that the personal data we hold and disclose is accurate, up-to-date, and complete. As such, we may contact you from time to time to check that your personal data is still correct. However, please inform us of any changes to your personal data as soon as you can so that we can maintain the accuracy of your information.
7. How do we protect your personal data?
All information is kept on secure platforms and technical as well as organisational security measures have been put in place to protect the data from misuse, loss, unauthorised access, modification, or disclosure. Such safeguards include:
- transmission of data to and from our platform database is always encrypted
- login and password is required to assess our database
- access to our database is restricted to authorised personnel only
- only strong passwords are accepted and all users are required to change their passwords regularly
- all staff are trained to handle personal data with the utmost care. Any breach of privacy will result in disciplinary action being taken, depending on the severity
- all staff are bound by a confidentiality agreement regarding our company and customer information
- we have appointed a Data Protection Officer to ensure that all personal data is managed in accordance with Personal Data Protection Regulations and this policy
- we do not sell your data.
8. How long will we keep your personal data for?
In accordance with our internal Data Retention Policy and any legal obligations, ChapmanCG will not keep your personal data longer than necessary. We will destroy your personal data in a secure manner when it is no longer required, or upon your request for us to do so.
9. Who has access to your personal data?
In the course of our recruitment process, the following parties will have access to candidate personal data.
- We disclose candidate personal data to our client, an organisation with whom you are seeking employment.
- ChapmanCG employees, who are part of the recruitment process and require access in order to perform our service. All employees undergo data protection training and have signed confidentiality agreements.
- In certain countries we partner with intermediaries to provide a seamless service to you and our clients. All relevant information security requirements are established and agreed upon with any intermediary that may access personal data. You can obtain a list of our intermediary partners by contacting email@example.com.
- We may also disclose personal data to comply with a legal obligation or to respond to inquiries, requests or orders from public or government authorities, including those outside of your country of residence. In these circumstances, all requests will be legally reviewed to ensure the validity of the requests and the candidate(s) affected by such request be notified wherein we’re able to legally do so based on the request.
- We cannot and do not assume any responsibility for the actions or omissions of third parties, such as clients, including the way they use Personal Information received either from ChapmanCG or from other independent sources.
If you have been invited to or registered for one of our HR Leaders Meetings, we may share your name, company and title with our partner or host.
10. Do we send your personal data overseas?
ChapmanCG is a global company utilising cloud-based platforms. The nature of our business requires us to transfer or have your information accessed by our clients, candidates, and/or employees who may be based in other countries including, but not limited to, Australia, China, Germany, Japan, Hong Kong, Singapore, Switzerland, the United Kingdom, and the United States of America. When we do so, we shall take reasonable steps to ensure that the overseas recipient complies with Personal Data Protection Regulation and this policy.
11. How to contact us?
You can contact our Data Protection Officer at firstname.lastname@example.org for any of the following matters:
- to request access to the personal data that we hold about you
- to request that we update or make changes to your personal data
- to request that we remove and delete your personal data
- to withdraw your consent to the use and disclosure of your personal data
- to withdraw your consent to us contacting you
- to request to be removed from our mailing lists
We aim to acknowledge receipt of your request within a maximum of 30 working days after your email has been received. We aim to comply and deliver on any request within a timely manner and expectations and timelines will be communicated with you throughout the process. There will be no fee for these services, unless your request is unusually complex.
For complaints, please provide us with sufficient details as well as any supporting evidence and/or information. We will contact you if we require any additional information and will notify you in writing on the outcome of our investigation.
If you are not satisfied with our response to your complaint, you may contact us to discuss your concerns, or contact the relevant Data Protection Regulators, e.g. the Singapore Personal Data Protection Commissioner or your EU supervisory authority.