what personal data do we collect about you
If you are a candidate, we collect your personal data as reasonably necessary for us to determine your suitability for work with us or through us. Some examples of personal data that we may collect about you as a candidate are:
- your name and contact details, including your address, email address and phone numbers;
- your date of birth;
- your gender;
- information in your cover letter, resume and application forms including your skills, qualifications, work history, references, goals and interests;
- details of your work rights in Hong Kong/other countries;
- your tax file number and related details;
- your current and/or desired salary/remuneration package;
- details of your current and/or previous employment, including the responsibilities undertaken and skills required in your current and/or previous role;
- information documenting your work history with or through us (including bank account details, salary and work performance information);
- aptitude and psychological assessment results;
- the results of background checks;
- information regarding your COVID-19 vaccination status and/or ability to enter the workplace in accordance with the prevailing Government regulations; and
- other information that you, your referees or our clients provide to us, including personal feedback and notes of our interactions with you and/or others in relation to your suitability for work with us or through us.
personal data of referees
The submission of references is essential to the recruitment process as we give critical consideration to any input provided to us by your referees.
In submitting your application, you may be required to submit the names and other personal data of referees you wish us to contact. Before you give us any personal data about your referees, you must notify each referee with the purpose of Randstad's use of their personal data (please read the section on referees) and obtain their permission to disclose to us their data for the purposes of evaluating your candidacy for current or future vacancies that we may engage with you from time to time.
if you do not give us the information we seek
You can refuse to provide us with your personal data. However if you do not give us this information, we may not be able to provide our services to you. For example, if you are a candidate we may be limited in our ability to locate suitable work for you.
jump to a specific privacy page.
why do we need your personal data
Randstad processes your personal data only for the purposes specified below:
- To provide our Services to you (including matching and proposing you to clients, interviews, assessments). For example, we may process your personal data to recommend jobs to you based on your profile and enable our consultants to provide you with tailored job opportunities, career advice, reskilling options, inclusiveness, suggest additional training where necessary and introduce you to hiring managers: The processing of your data and the use of automated systems is necessary to provide you with the matching services, and is therefore based on (pre-) contractual necessity;
- To assess your suitability for a role which may include checking your work rights status, criminal background, credit and reference checks, or any test or assessment that you might be required to undergo;
- Training and updating of systems/statistical purposes. Some of the systems that we use to provide our Services are based on machine learning technology. In order for that technology to function reliably, it needs to be trained and updated on the basis of existing data. We may also process personal data in an aggregated manner for statistical purposes.
- We have implemented mitigating measures to limit the privacy impact, such as de-identification and an easy opt-out in your choices;
- Dispute management and litigation: Processing is necessary for the purpose of the legitimate interests pursued by Randstad, which include the protection of company assets, protecting its legal interests and managing legal claims/disputes;
- Compliance with labor, tax and social security laws and other legal or regulatory requirements (e.g. equal opportunity and workplace diversity requirements);
- Events: Based on our legitimate interest in maintaining a good relationship with our community of candidates and promoting our services by inviting you to our events;
- Facilities, security and contingency planning purposes: Processing is necessary for the purpose of the legitimate interests pursued by Randstad, which include safeguarding and securing our assets, our facilities, our information systems and our people; and
- To conduct corporate transactions (including mergers, acquisitions and divestments): Processing is necessary for the purpose of the legitimate interests pursued by Randstad, which include Randstad’s interest in developing its business through mergers, acquisitions and divestments.
with whom do we share your personal data
candidates & contractors/temporary workers
If you are a candidate and/or contractor/temporary worker, your personal data may be disclosed to:
- potential and actual employers and clients of Randstad;
- with other entities of the Randstad group of companies. We are part of a multinational group of companies and sometimes we may share personal data with other Randstad groups of companies for the purposes of efficient management of business, compliance with legal and regulatory requirements and to provide our Services to you (include as matching) and to our clients. For an overview of these entities, click here.
- with third parties providing HR-related services to use (e.g. payroll service providers).
- with third party providers of IT-related services (e.g. we use an external provider to support our IT-infrastructure; e.g. an important part of our software and databases sit in a cloud-environment which is operated by a third party service provider).
- with third parties providers of marketing-related services (e.g. we may store your personal data in a cloud-based CRM-application that is hosted and provided by a third party service provider; e.g. when we use a third party service provider to organise an event we may share your personal data with that third party in order to invite you to that event).
- with providers of professional services (e.g. to our auditors, our tax advisors, our legal advisors).
- our insurers;
- with banks; (e.g. in order to pay the salaries of our contractors/temporary workers we share some of their personal data with our bank)
- any government department or body (or their agents) to verify your work rights status;
- with public authorities (e.g. pursuant to applicable law Randstad must disclose personal data to the social security authorities and to tax authorities)
- with law enforcement authorities, courts and regulatory authorities (e.g. as part of a criminal investigation police services may require us to disclose personal data to them)
- a designated, registered training provider in relation to training and personal development opportunities;
- any person with a lawful entitlement to obtain the information;
- select third parties including suppliers and sub-contractors for the performance of any contract we enter into with them; and
- (where permitted by law) third party providers of criminal, background or credit checking services.
related purpose disclosures (relevant for candidates, business relations and referees)
We outsource a number of services to contracted service suppliers (CSPs) from time to time. Such CSPs may be located overseas. As part of the outsourcing arrangement with a CSP, they may need access to some of your personal data.
Typically our CSPs would include:
- software solutions providers;
- I.T. contractors and database designers and Internet service suppliers;
- legal and other professional advisors;
- insurance brokers, loss assessors and underwriters;
- background checking and screening agents; and
- talent marketplace platforms.
We take reasonable steps to ensure that terms of service with our CSPs recognise that we are bound by obligations under the PDPO to protect the privacy of your personal data and that they will not do anything that would cause us to breach those obligations.
Once we establish and maintain an employment, staffing or placement relationship with you, we use the data you provided to us, to comply with laws and regulations, including but not limited to employment law, tax and social security and national and international sanctions regulation compliance. For the purposes mentioned above, Randstad may transfer your personal data to other Randstad entities that provide services on behalf of Randstad.
We may also disclose your personal data to third parties:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; or
- if all or a substantial part of our assets are acquired by a third party, in which case the personal data that we hold about you may be one of the transferred assets.
When we share your personal data as described above, your personal data may be transferred to, stored, used and processed in a jurisdiction other than Hong Kong. You understand and consent to the transfer of your Personal Data out of Hong Kong as described herein. Where we transfer your personal data to a country outside of Hong Kong, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPO.
We will only send direct marketing materials to you if you have consented or if you have indicated no objection to receive such direct marketing materials. We cannot use your personal data for direct marketing unless we have received your consent or indication of no objection. In all direct marketing materials, we will give you the option to unsubscribe from receiving further marketing communications.
access & correction
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. If we are unable to respond to your request within forty (40) days after receiving your request, we will inform you in writing days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the Personal Data (Privacy) Ordinance).