This policy applies to Sage Consulting Group LLC.

References in this policy to “we”, “us” or “our” are references to the Sage Consulting Group.

What We Do 

The Sage Consulting Group provides:  

  • Recruitment consultancy services placing candidates on a permanent, contract and interim basis across a range of industries and geographies under the Sage Consulting Group brand (“Recruitment Services”);

  • Business process outsourcing services assisting companies with their permanent recruitment, temporary recruitment, supply chain and labor supply and screening (commonly known as “RPO”, “MSP” and “Service Procurement Desk Services” which for the purpose of this policy are collectively referred to as “Outsourced Services”);

  • Other consultancy and advisory services (“Consultancy Services”).

We operate through a global network of affiliated entities and utilize vendors where needed, to ensure we provide the best solutions to our clients across the countries where we perform services. 

  • Unless we notify you otherwise, we operate as a data controller when processing your personal data for our Recruitment Services and Consultancy Services. If we share your personal data with our clients as part of our Recruitment Services or Consultancy Services, it is likely that our clients will process your personal data as a data controller. Our clients may request additional personal data from you as part of their hiring processes. 

  • Unless we notify you otherwise, we are the data processor and our clients are the data controllers of your personal data processed by us for our Outsourced Services. Where we act as a data processor, the privacy policy of our client will apply.

If you are uncertain about who the data controller of your personal data is, please contact us using our contact information set out in section 13 of this policy.

The purpose of this Global Privacy Policy (“Policy”) is for us to inform you how we collect, use and disclose your personal data. It is important that you read this policy in conjunction with any notices or statements relating to data, data protection, fair processing and/or privacy that we may issue at the time of collecting your personal data where applicable in the jurisdiction. They are not intended to override the policy unless stated otherwise by us in such policy, notice or statement.

1. What personal data do we collect? 

Personal data is any information relating to an identified or identifiable person. 

We will only collect personal data that we are permitted to collect by law on a jurisdictional basis. We have set out below a non-exhaustive list of the types of personal data that we most commonly collect.

Identity data:

  • Your title, first name, last name, maiden name, date of birth, gender, photograph, national insurance number (or equivalent in your country), nationality and other information relating to residency and citizenship which may be required to establish a right to work in a given country, marital status and number of dependents.

Contact data:

  • Your delivery address, email address and telephone numbers, emergency contact details and contact details history.

Historical data:

  • Your educational history and credentials, employment history, criminal background history, social media, skills and qualifications, and results from any other background and disclosure checks in countries where it is lawful to carry out such checks.

Employment-related data:

  • Your current compensation, pension and benefits, what role you are looking for, what work-related areas interest you, third party references (if taken) and interview and assessment feedback created either ourselves or by our client following an interview or assessment.

Verification data:

  • A copy of your driving license, passport, identity card or another form of identification and referee details.

Financial data:

  • Your bank sort code and account number and tax-related information and credit checks.

Diversity data:

  • We may collect diversity data for governmental reporting purposes, which may include racial or ethnic origin, religious or other similar beliefs and physical or mental health, including disability-related information.

Technical data:

  • Your internet protocol (IP) address, MAC address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, mobile phone location data and other technology on the devices you use to access our website and our services.

Usage data:

  • How you use and navigate around our websites and what you browse within them.

Marketing data:

  • Your preferences in receiving marketing from our third parties and us and your communication preferences. 

Visa application data:

  • Your contact and identity information, immigration history (including residency, immigration status and travel history), character disclosures (including offences, disclosures and information relevant to meeting character requirements), health disclosures and information relevant to meeting health criteria. 

Sensitive or special category personal data - during the recruitment process or in the course of the services we operate, we may collect personal data that is considered sensitive or special category in certain countries. We may be required by local privacy laws to obtain your explicit consent to handle this type of personal data. You will be provided with a consent form if your express consent is required. Please contact us if you have not been provided with a consent form and you believe we hold your sensitive or special category personal data.

In respect of candidates and users of Sage Consulting Group websites, we also handle the following types of data:

  • Aggregated Data, such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy; and

  • Anonymized Data, which is data created from your personal data where your identity has been removed and you cannot be traced to it.

The age at which an individual is regarded as a child differs per country. We do not typically collect personal data relating to individuals under 18.

2. How we collect personal data 

We generally collect your personal data directly from you. For example, we collect your personal data when you: 

  • Deal with us in person, by telephone, letter, fax, email or via our websites;

  • Register with us (e.g. at networking events or career fairs);

  • Submit any other information to us, such as a CV;

  • Complete psychometric assessments or other assessments;

  • Subscribe to emails;

  • Attend an event we have organized; and/or

  • Give us feedback.

We may also use the following third party channels to collect your personal data:

  • Pre-employment screening and background checking organizations where permitted in the jurisdiction;

  • Our clients and their third party suppliers;

  • Governmental and regulatory bodies, such as tax and social security authorities;

  • Third party suppliers, including other recruitment and employment agencies, job board providers and job aggregators and our managed service providers who are within our supply chain;

  • Other recruitment agencies;

  • Analytics providers, such as Google Analytics and various job boards

We may also collect your personal data from publicly available sources where permitted in the jurisdiction, including:

  • Your identity and historical data from social media sites, such as LinkedIn, “X” and Facebook;

  • Your identity and contact data from company and commercial registers or electoral registers; and

  • Your identity, from qualification and membership lists of professional bodies.

Cookies are small text data stored on your PC or mobile device and are created by the website's servers. We collect your personal data automatically via cookies when you visit Sage Consulting Group websites, in line with the cookies settings in your browser. You can find out more about these cookies, including how we use them and what choices are available to you, by reading our Cookies Policy. You can find out more about the use of cookies on http://www.allaboutcookies.org/.

3. How we use personal data 

We will only use your personal data when the law permits us to, and the uses set out below will be subject to that requirement.

Candidates 

Your personal data will be collected and handled by us in order to:

  • Provide careers, recruitment and/or related intermediary services to or for you;

  • Match your details against job vacancies which we consider are appropriate for you in order to assess your suitability for them;

  • Allow you to submit your CV, apply for specific jobs or to subscribe to our job alerts so that we can notify you when relevant job vacancies arise;

  • Apply for jobs on your behalf by sending your personal data to clients;

  • Facilitate the recruitment process if a client wishes to progress your application;

  • Fulfill our contractual obligations to our clients;

  • Inform you about any relevant industry developments, events, promotions and competitions, and to communicate any other relevant information;

  • Answer your inquiries or questions;

  • Conduct statistical analysis;

  • Monitor diversity;

  • Comply with our regulatory commitments;

  • Pursue or defend a legal claim;

  • Conduct pre-employment screening;

  • Prevent or detect a crime, where the law requires us to carry out such monitoring; and

  • Provide you with further information which may be of interest to you in regard to the employment market and opportunities.

Business contacts (personnel of our prospective clients, clients, prospective suppliers and suppliers)

Your business information will be collected and processed by us in order to:

  • Provide recruitment and/or related intermediary services to the company you represent that is a client or a prospective client of ours;

  • Facilitate the recruitment process for the company you represent that is a client or a prospective client of ours;

  • Fulfill our contractual obligations with the company you represent that is a client, a prospective client, a supplier or a prospective supplier of ours;

  • Inform you about any relevant industry developments, events, promotions and competitions, and to communicate any other relevant information which we consider may be of interest to you in regard to the employment market and/or our services;

  • Respond to your inquiries or questions;

  • Conduct statistical analyses or surveys as the contact point of prospective clients and clients;

  • Comply with our regulatory commitments;

  • Pursue or defend a legal claim; and

  • Prevent or detect a crime, where the law requires us to carry out such monitoring.

Website users 

Your personal data will be collected and handled by us in order to:

  • Improve our customer service and make the way we operate more useful to you (which includes tailoring our websites to suit your requirements);

  • Let you know about our recruitment services across all areas of our business;

  • Send you communications where you have indicated you are happy to receive such information or have purchased products or services from us, which may include the following:

    • E-newsletters and hard copy newsletters;

    • Emails about the services we offer;

    • Opportunities to participate in market research. 

Depending on the contact preferences you select, we will communicate with you by post, telephone, SMS, email or other electronic means such as via social and digital media. We may use your usage data to help ensure that this messaging is personalized and relevant to you.

Referees:

We will use your personal data purely for the purpose of conducting a reference check on a candidate. 

Visa Applicants: 

Your personal data will be collected and handled by us for the purpose of preparing and processing your visa application and related immigration services. 

4. Who your personal data is shared with 

Subject to local regulations in the jurisdiction, we may disclose your personal data to:

  • Any entities associated with Sage Consulting Group;

  • Prospective employers or engagers;

  • Other recruitment companies or intermediaries involved in managing the supply of personnel;

  • Data processors of the Sage Consulting Group;

  • Pre-employment screening and background checking organizations;

  • Your referees;

  • Your past employers and relevant education institutions;

  • Your professional bodies;

  • Government and regulatory bodies, such as tax and social security authorities;

  • Third party suppliers, including other recruitment and employment agencies, job board providers and job aggregators and our managed service providers who are within our supply chain; and

  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business structure, any new owners may use your personal data in the same way as set out in this policy.

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions, which includes compliance with this policy.

5. Legal grounds 

In certain countries our companies that act as a data controller are required to establish legal grounds as set forth by applicable law to process your personal data. Depending on our relationship with you, if required to do so, we will rely on one or more of the following legal grounds:

Where you have given us consent to use your personal data for one or more permitted purposes. 

For example: 

  • When we are required by law to collect your explicit consent to process your personal data; and  

  • Where you otherwise provide us with your consent. 

Where we need to process your personal data to comply with a legal or regulatory obligation. 

For example:  

  • To perform background checks in accordance with our legal obligations;

  • To comply with our legal and regulatory requirements in relation to taxation and financial compliance; 

  • For equal opportunities monitoring and reporting purposes;

  • To co-operate with our regulators and other public authorities;  

  • To comply with any other obligation to which we are subject under applicable rules and law.  

Where we need to process your personal data to perform the contract, we are able to enter or have entered into with you. 

For example:

  • To employ/engage you if you are applying for a vacancy with us; and 

  • To enter into or perform our agreement with you if you are a supplier or external advisor. 

Where the processing of your personal data is necessary for the pursuit of our legitimate business interests and your interests and fundamental rights do not override those interests. 

For example: 

  • To offer and provide our recruitment services to you and to assess your skills against our vacancies with our clients; 

  • To provide you with marketing material to aid your job search; 

  • To manage complaints and legal claims;  

  • To conduct appropriate background checks if you are to be employed/engaged by us; 

  • Sharing your personal data with the entities that form the Sage Consulting Group;  

  • Sharing your personal data with our third party services providers; and 

  • Sharing your personal data with potential employers and other clients (including our MSP clients) of ours who can offer job opportunities within their organizations.  

If you would like to know what legal grounds we rely upon to process your personal data, please contact us using our contact details in section 13 of this policy. 

6. Retention 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. We view our relationship with you as being one which is to support your career through numerous roles and assignments. Accordingly, we may retain your data for a period of time which is materially greater than simply one placement if we reasonably believe that we will continue to have an ongoing relationship with you. 

We will appropriately and securely dispose of your personal data when it is no longer required.  To determine the appropriate retention period for personal data, we will consider the following factors: 

  • Amount and nature of the personal data;

  • Its sensitivity;

  • The potential risk of harm from unauthorized use or disclosure of the personal data;

  • The purposes for which we handle your personal data;

  • Whether we can achieve those purposes through other means; and

  • Applicable legal requirements.

When we act as a data processor to our clients, the data controllers, we will retain your personal data in accordance with the retention periods prescribed by our clients. 

7. Your rights 

The country you are located in and the applicable privacy laws determine your rights in respect of your personal data. These may include: 

  • Right to be informed about your personal data and details of the handling and processing of that personal data and information, including, as applicable the safeguards used to protect your personal data in the event that we transfer it outside the territory it was collected in;

  • Right of access to your personal data and to obtain information about how we handle and process it;

  • Right to have inaccuracies corrected if your personal data is inaccurate, including to have incomplete personal data completed;

  • Right of erasure of your personal data, which is also known as the “right to be forgotten”. We do not delete personal data from our back-up files that are created for disaster recovery purposes and are not easily accessible; 

  • Right to restrict handling and processing of your personal data, which includes requesting us to suppress your personal data file;

  • Right to move, copy or transfer your personal data to another organization, also known as “data portability”;

  • Right to object to the handling and processing of your personal data for certain purposes, in particular to personal data processed for direct marketing purposes and to personal data that is handled and processed for certain reasons based on our legitimate interests;

  • Right to withdraw consent or permission that you have previously provided to us in relation to our handling and processing of your personal data, such as for the purposes of marketing by electronic means;

  • Rights in relation to automated decision making where such automated decision making has a legal effect on you or otherwise significantly affects you; and 

  • Right to complain to us in relation to the handling of your personal data; or the regulatory body which enforces data protection law in your locality.

Please contact us using our contact details set out in section 13 of this policy if you wish to exercise any of your legal rights.  

Where permitted by law, you may be charged a fee to access your personal data or to exercise any other right that may apply. We will let you know if a fee applies to your request before we complete it. 

We may also request certain information to help us confirm your identity, ensure your right to exercise any of rights in the table above and to prevent your personal data being disclosed to any person who has no right to receive it.  

We will respond to all legitimate requests within any legal timeframes. 

8. Technology

We will always use your personal data fairly. We may on occasion use technological filters to sort through the job applications we receive and to match candidates to specific job vacancies. If we have used technological tools to a significant extent when assessing your job application, we will inform you of this. Please let us know when we contact you if you feel there are other factors that we should consider as part of your job application.

9. Data security

We hold your personal data in a combination of secure computer storage facilities and paper-based files.

We have in place an appropriate level of security around your personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage to it.

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk of harm that might result from unauthorized or unlawful processing, accidental or unlawful loss, destruction or alteration, unauthorized (or disclosure of) access or damage to your personal data including:

  • Locks and security systems;

  • Encryption

  • Usernames and passwords;

  • Virus checking;

  • Auditing procedures and regular data integrity checks; and

  • Recording of file movements.

We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They must only process your personal data on our instructions and subject to the access controls listed above. They are also subject to a duty of confidentiality.

We have agreed on security-related measures with the third parties we share your personal data with to ensure that it is treated by those third parties in a way that is consistent with how we safeguard your personal data.

We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority where we are legally required to do so.

If you suspect any misuse, loss of or unauthorized access to your personal data, please contact us immediately using our contact details in section 13 of this policy.

10.  Personal data storage and transfer

Personal Data originating from the UK or European Economic Area (“UK or EEA Personal Data”) 

  • Due to the global nature of our business we may need to transfer UK and EEA Personal Data outside of the UK and EEA. For example, we may transfer personal data to Sage Consulting Group entities, service providers and government or public authorities in order to perform our recruitment services and comply with our legal obligations. 

  • If we do transfer UK and EEA Personal Data outside of the UK and EEA, we will make sure that appropriate safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply, or we are authorized to do so. If requested, we will provide you with details of the safeguards that we have implemented. 

  • We, our service providers and/or the third parties to whom we may disclose UK and EEA Personal Data may transfer such data outside of the UK and EEA. 

Personal Data originating from outside the UK or EEA (“Non-UK and Non-EEA Personal Data”)  

  • We collect personal data relating to individuals in the following countries outside the UK and EEA: Africa, Australia, Brazil, Canada, Chile, China (including Hong Kong and Taiwan), India, Indonesia, Japan, Malaysia, Mexico, Middle East, New Zealand, Philippines, Singapore, South Africa, South Korea, Switzerland, Thailand, United States of America and Vietnam.  

  • Due to the global nature of our business we may need to transfer Non-UK and Non-EEA Personal Data outside the original territory in which the data was collected (“Original Territory”). For example, we may transfer personal data to Sage Consulting Group entities or potential employers internationally in any of the countries listed above, and to service providers and government or public authorities in order to perform our services and comply with our legal obligations. 

  • If we do transfer Non-UK and Non-EEA Personal Data outside the Original Territory, we will make sure that such transfers are performed in compliance with applicable law. We, our service providers and/or the third parties to whom we may disclose Non-UK and Non-EEA Personal Data may transfer such data outside of the Original Territory.    

 

11. Privacy policies of third parties

This policy explains how the Sage Consulting Group handles your personal data. Please also read the privacy policies of the social media platforms and third party websites through which you arrive at a Sage Consulting Group website. We encourage you to read the privacy policies provided by these sites before giving them your personal data.

12. Changes to this policy

We reserve the right to change this policy from time to time. Changes will be notified on our website seven days before taking effect. We may make emergency changes to this policy when we believe it is reasonable to do so e.g. to comply with legal or regulatory requirements. 

13. How to contact us

If you have questions or comments about our privacy practices, or if you would like to submit a request exercising your privacy rights, please contact us. You can:

  • Email us at info@sage.global