Our Commitment to Privacy
GRIT Search Pte Ltd referred herein as “GRIT”, are committed to protecting the privacy of our users and clients and your privacy is important to us. This Privacy Notice is intended to inform you how we gather, define and utilise your information. This policy applies to all information provided by you or collected by us on our website, or in any other way (such as by email, telephone or social media). We will process your personal information in accordance with the applicable data protection law and in accordance with this notice.
What information we collect about you
When you visit GRIT’s website or contact us by email or telephone you may choose to provide us with personal information, for example your name, address, company name, private and corporate email address and phone number, financial information, compliance documentation and references verifying your qualifications and experience and your right to work in relevant locations, curriculum vitae and photograph, links to your professional profiles available in the public domain e.g. LinkedIn or corporate website. This includes information you provide when you register to use our site, enter our database, apply for a job vacancy, subscribe to our services, register for our events, participate in discussion boards, roundtable events or other social media functions on our site, for example, participate in a survey. If you communicate with us by email we may retain the content of your email messages together with your email address and our responses.
GRIT may take photos and videos at relevant events. These images may be used by GRIT to share news about and publicise past, current and future events. Images may be used in press releases, printed publicity, social media and published on GRIT’s website and/or social media feeds. They will be stored securely, and deleted after they are no longer needed for publicity purposes. If you would prefer not to be photographed or filmed, please contact email@example.com.
When you visit our website, we may also automatically collect additional information such as the server your computer is logged onto and your browser type. We use such information only to assist us in providing an effective service (e.g. to adapt our website to the needs of your end user device or to allow you to log in to our website).
- date and time of your visit
- how many people are visiting our website
- how people are using our website
- which page has the most or least views
We use this information to help us continually improve our website and there is no way we can use it to identify anyone or their browsing activities. If you do not wish to accept cookies, please change your browser settings appropriately.
How we use your personal information and the legal basis for processing
As a recruitment organisation we introduce candidates to clients for permanent employment, temporary working engagements or independent professional contracts. The exchange of personal information of our candidates and our client contacts is a fundamental, essential part of this process.
We maintain a database of relevant personal information of prospective and engaged candidates and clients containing historical information as well as current resourcing requirements, in order to:
- support candidates’ career aspirations throughout their career and support our clients’ talent acquisition needs and strategies
- carry out our obligations arising from any contracts we intend to enter into or have entered into between you and us and to provide you with the information, products and services that you request from us or we think will be of interest to you because it is relevant to your career or to your organisation.
- provide you with information about other goods and services we offer that are similar to those that you have already purchased, been provided with or may have enquired about.
Our legal basis for the processing of personal information is our legitimate business interests pursuant to Art. 6 (1) sent.1, lit. f GDPR, described in more detail above, although we will also rely on contract pursuant to Art. 6 (1), sent. 1 lit. b GDPR, legal obligation pursuant to Art. 6 (1), sent. 1 lit. c and consent for specific uses of data pursuant to Art. 6 (1), sent. 1 lit. a GDPR.
GRIT processes your data when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights.
Our legitimate interests include but are not limited to:
- ensuring we provide you with a recruitment and consulting service
- understanding your requirements and matching your skills to relevant jobs
- meeting our legal obligations
On some occasions, GRIT processes your data with your consent. The processing is necessary to fulfil a contract: GRIT may process your data when we need to do this to fulfil a contract with you, such as to send your Curriculum Vitae to one of GRIT’s clients or to a prospective employer for a specific job application.
Should you apply for a job with GRIT or for one of our clients via a job advert we have placed, you may provide us with information about yourself, including educational and employment background; job or career interest data; benefit choices; and other information by answering questions or providing profile information about your career. Job applications are supported and managed using third party services that are also connected to our website and database.
The personal information automatically collected while visiting our website is necessary for us to provide the website, Art. 6 (1) sent- 1 lit. b GDPR.
Just so you are aware our online recruitment systems do not use Automated Decision Making tools to assess the suitability of applicants. We utilise the skills and experience of our consultants to assess your capability and experience.
However, we ask that you do not send us or disclose any sensitive personal information (for example, social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through our websites or via any other means.
This website is not intended for children under the age of 16 years and we do not knowingly collect data relating to children. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please email firstname.lastname@example.org.
We do not collect or compile personal information for distribution or sale to outside parties for consumer marketing purposes, or host mailings on behalf of third parties.
Data Controller and Contact Information
GRIT is the data controller of any personal information collected through the GRIT web site.
If you have any questions, concerns or issues around how we use and manage your personal information, please email email@example.com
Disclosure of your personal information
We may disclose your personal information to third party service partners and clients, or to government bodies and law enforcement agencies where we are legally required to do so. Although and as a result your personal information may be transferred by them to countries outside the EEA and countries that do not have laws that provide specific protection for personal information. We will seek to mitigate this risk wherever possible by ensuring relevant third party business partners are bound by formal data processing agreements.
The carefully selected third parties we partner with include:
- clients for the purpose of introducing candidates to them. In this case, any data transfer of your personal information is based on your consent, Art. 6 (1) sent. 1 lit. a GDPR;
- clients, business partners, suppliers and sub-contractors for the performance and compliance obligations of any contract we enter into with them or you. Depending on our relationship with those parties any processing and transfer to them is either based on Art. 6 (1) sent. 1 lit. a GDPR or Art. 28 GDPR in conjunction with a data processing agreement;
- subcontractors including email marketing specialists, event organisers, payment and other financial service providers. Any processing and transfer to them is based on Art. 28 GDPR in conjunction with a data processing agreement;
- analytics and search engine providers that assist us in the improvement and optimisation of our site Any processing and transfer to them is based on Art. 28 GDPR in conjunction with a data processing agreement;
- potentially credit reference agencies, our insurance broker, compliance partners and other sub-contractors for the purpose of assessing your suitability for a role where this is a condition of us entering into a contract with you. Any processing and transfer to them is based on Art. 28 GDPR in conjunction with a data processing agreement.
Other possible reasons for disclosure of your personal information may include:
- In the event that GRIT is to be acquired in whole or part by a third party we may disclose your personal information to the prospective acquirer of such business or assets where permitted by the applicable law.
- If we are under a duty to disclose or share your personal information in order to comply with any legal obligation. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. Any processing and transfer in those cases is either based on Art. 6 (1) sent. 1 lit. c GDPR or Art. 6 (1) sent. 1 lit f GDPR.
To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have implemented generally accepted standards of physical, electronic and operational procedures to safeguard and secure the information we collect. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.
Third Party Sites
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Retention of your data
We understand our legal duty to retain accurate data and only retain personal information for as long as it is required for carrying out the data processing activities mentioned above. Accordingly, we have a data retention policy and run data routines to remove data that we no longer have a legitimate business interest in maintaining.
We will keep in touch with you regularly and will contact you via email to confirm all the information we hold is accurate and up to date and you still wish for us to hold your data, you can ask us at any stage to remove your information. Prior to making any introduction to our client we will check with you that we have the most up to date and accurate information.
We segregate our data so that we keep different types of data for different time periods. The criteria we use to determine whether we should retain your personal information includes:
- the nature of the personal information;
- its perceived accuracy;
- our legal obligations;
- whether an interview or placement has been arranged; and
- our recruitment expertise and knowledge of the industry by country, sector and job role.
We may archive part or all of your personal information or retain it on our financial systems only, deleting all or part of it from our main Customer Relationship Management (CRM) system. We may pseudonymise parts of your data, particularly following a request for suppression or deletion of your data, to ensure that we do not re-enter your personal information on to our database, unless requested to do so. For your information, Pseudonymised Data is created by taking identifying fields within a database and replacing them with artificial identifiers, or pseudonyms.
For more information on this please contact firstname.lastname@example.org
You have a number of legal rights regarding your personal information and we will respect these at all times. Specifically, depending on the individual case, you may have the right to:
- Request (i) information whether your personal information is retained and (ii) access to and/or (iii) duplicates of your personal information retained, including the purposes of the processing, the categories of information concerned, and the recipients or categories of recipients to whom the information is disclosed and where possible, the envisaged period for which the personal information will be stored, or, if not possible, the criteria used to determine that period.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal information or present you our compelling legitimate grounds for an ongoing processing. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Refuse to provide and withdraw consent to processing of your personal information at any time without impact to data processing activities that have taken place before such withdrawal.
- Request to receive the personal information, which you provided to us, in a structured, commonly used and machine-readable format and to transmit those information to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal information transmitted directly from us to another controller.
- Require not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose if assessing several personal aspects) which produce legal affects on you or affects you with similar significance.
Further information and advice about your rights can be obtained from the relevant data protection regulator in your country.
Please submit all requests or enquiries to email@example.com, whereby you may be required to verify your identity. The information you provide when contacting us (e.g. e-mail address, name) will be processed to handle your request and will be erased when your request was completed. Alternatively, we will restrict the processing of the respective information in accordance with statutory retention requirements.
If you have a serious concern about how we handle your information, or would like to lodge a complaint, you may do so by contacting the appropriate supervisory body, including:
- The Personal Data Protection Commission (Singapore)
Changes to our privacy notice
We reserve the right to change this Policy from time to time by updating our website respectively. Any changes we make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice. This policy was last updated on 21 Aug 2019.