Privacy Notice for Job Applicant

Privacy Notice for Applicants to Roles within Man Group

 

This Privacy Notice is dated 6 December 2021.

At Man Group, we respect your privacy and we are committed to protecting and safeguarding your Personal Data. We have developed policies and processes which are designed to provide for the security and integrity of your Personal Data. We are committed to Processing your Personal Data fairly and lawfully, and being open and transparent about such Processing.

 

1. Purpose of this Privacy Notice

This Privacy Notice explains how Man Group plc, its subsidiaries and its affiliates which are identified as Controllers in the table in Section 9 below (referred to collectively as “Man”, “we”, “us” or “our”), Process Personal Data about individuals who have previously applied for, are currently applying for, or are considering applying for a position within Man Group (together, “you”).

Capitalised terms used in this Privacy Notice are defined in Section 11.

This Privacy Notice may be updated from time to time. Please regularly check this page to review any updates we might make to reflect changes in our practices or changes in applicable law and regulation.

 

2. Processing your Personal Data

A. Collection of Personal Data

The Personal Data that we Process is collected or created from a variety of sources as follows:

When you provide us with your Personal Data For example, you may do this as part of the recruitment process, when you register with us on our website, or when you contact us via email, phone or by any other means.
When we receive your Personal Data from third parties This could, for example, be from your employer or previous employer, employment agencies, background reference checks, or credit reference agencies as part of the recruitment process.
When you have chosen to make your Personal Data public We may collect your Personal Data via social media to the extent that you choose to make your social media profile(s) publicly visible.
When we create Personal Data in the ordinary course of your application process For example, we may create records of our interactions with you and details of your accounts with us or our accounts with you which may constitute Personal Data.
 
B. Types of Personal Data

In order to carry out the Processing activities set out in the table at Section 2(E) below, we Process the types of Personal Data set out in the table below. Please note that not all of the below categories will apply to you, the types of Personal Data we Process about you will depend on the method through which you apply for a position (i.e. whether you apply directly, through an employment agency or following your attendance at a recruitment event), the level or type of role you have applied or are applying for, and the stage of the application process you reach.

Identity Data Your name (and in some cases proof of your name), username or similar identifier, marital status, title, date of birth or age, gender, signature and other similar information
Personal and business contact details Your work or home address (and in some cases proof of address), phone, email, social media profile details and other similar information
Nationality or tax identification data Your nationality, immigration and/or visa status, passport number(s), other government issued national identification number(s), place of birth, Green Card number(s), National Insurance number, tax residency and tax identification information, social security number(s), driving licence number(s), images of passports, driving licences or other proof of identity document(s), and other similar information
Family, life cycle and social circumstances The name and contact details of next of kin, family members, emergency contact details, outside business interests such as hobbies, lifestyle choices that you include as part of your CV or resume or other application process document, dietary preferences and other similar information
Recruitment information Copies of your CV or resume, information contained in a cover letter or as part of the application process, names of current and former employers, references and other similar information
Background reference data Previous employment and/or personal references, employment, qualification and education history checks, results of HMRC employment status checks, employment history, address history, credit reference checks, adverse media searches, sanctions, regulatory and law enforcement list screening, details of your interest in and connection with any intermediary through which your services are supplied and other similar information
Employment information and records Your industry role, job titles, business activities, working hours, holidays, maternity, paternity, adoption and parental leave, training records, professional memberships, start date, date of your continuous employment, performance records, disciplinary and grievance information, leaving date and reason for leaving and other similar information
Compensation information Details of your salary, pension, benefits, bonus, share and fund awards, compensation history and other similar information
Education and qualification data Details of your education, professional and other qualifications, skills, experience and other similar information
Communications data Copies of communications with you, copies of electronic communications and voice records (where relevant) made on our systems and other similar information
Transaction data Details about payments to and from you, travel and other expenses and other similar information
Photos and CCTV images Photographs that you provide or we obtain from publicly available sources, CCTV images from our office locations and other similar information
 
C. Sensitive Personal Data

In addition to the above categories, we may also Process Sensitive Personal Data about your race, national or ethnic origin, religious beliefs, physical and mental health and sexual orientation.

 
D. Criminal Offences Data

We will only Process the following types of Criminal Offences Data where it is appropriate given the nature of the role that you are applying for and to the extent required or permitted by applicable law or regulation. Where appropriate, we will collect information about criminal convictions as part of the recruitment process. This includes Personal Data received by Man from background screening providers, which may include:

  • Personal Data obtained as a result of sanctions, regulatory and law enforcement list screening; and
  • details about any criminal convictions and offences (actual or alleged) that relate to you.
 
E. Purposes for which we may Process Personal Data

We will only Process your Personal Data when the law allows us to. Most commonly, we will Process your Personal Data where it is necessary for our legitimate interests, and your fundamental rights do not override these interests. This means that we Process your Personal Data for purposes such as:

  • for the recruitment of new staff;
  • for managing risks to which our business is exposed;
  • to establish, exercise or defend our legal rights and/or for the purpose of legal proceedings;
  • for the prevention of fraud; and
  • to manage the security of our infrastructure, IT systems and facilities.

Other common circumstances where we use your Personal Data are:

  • where we need to perform our obligations under the contract we have entered into with you; and
  • where we need to comply with a legal or regulatory obligation.

On rare occasions, we may also use your Personal Data in the following situations:

  • where we need to protect your vital interests (or someone else’s interests); and
  • where it is needed in the public interest.

There may be other occasions where we ask you for your consent for the Processing of your Personal Data, on such occasions we will only use your Personal Data for the purposes which we will explain at that time.

More specifically, we may Process your Personal Data in the following situations (please note that not all Processes will be relevant to you and your relationship with Man and some of these purposes may overlap):

Recruitment and onboarding
  • To communicate with candidates about the recruitment process;
  • to enable Man to make a decision about your recruitment;
  • to carry out background and reference checks and (where relevant) perform background screening (see Section 2(D) above);
  • to check you are legally entitled to work in the jurisdiction in which you have applied for a role with Man; and
  • to assess qualifications for a role or task.
Administration of any travel and other expenses
  • To enable Man to pay you any expenses that might have been incurred through your attendance at an event or interview with us (if pre-approved).
Risk management
  • To effectively operate our audit, compliance controls and other risk management functions.
Legal, regulatory and compliance
  • To operate effectively our legal, regulatory and compliance processes.
Investigations
  • To detect, investigate and prevent breaches of legal obligations or internal and regulatory policies; and
  • to detect, investigate and prevent the commission of criminal offences, in each case in accordance with applicable law and regulation.
Fraud prevention
  • To detect, prevent and investigate fraud or potential fraudulent activity.
Legal proceedings
  • To establish, exercise or defend our legal rights.
Security
  • To provide for physical security of our premises and visitors to our premises (including records of such visits and CCTV recordings) and electronic security (including login records and access details, where you access our electronic systems).
Health and safety
  • To perform health and safety assessments and recordkeeping; and
  • to comply with related legal obligations.

Should you require any further information in relation to the purpose for which we Process your Personal Data or our legal basis for doing so, please contact us using the contact details at Section 8 below.

 
F. Purposes for which we Process Sensitive Personal Data

We may Process Sensitive Personal Data where it is needed in the public interest, such as for equal opportunities monitoring.

We will use your Sensitive Personal Data as follows:

  • We will use information about your race, national or ethnic origin, religious beliefs, physical and mental health and sexual orientation to ensure meaningful equal opportunity monitoring and reporting.
  • We will use information about your physical or mental health, or disability status, to ensure your health and safety when you attend our premises (or those of a third party) for an interview, meeting or other recruitment event organised by us.

In limited circumstances, we may approach you for your written consent to allow us to Process certain Sensitive Personal Data. If we do so, we will provide you with full details of the information we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your application to us that you agree to any request for consent from us.

 
G. Purposes for which we Process Criminal Offences Data

We may Process Criminal Offences Data in the following circumstances:

  • Where we need to carry out our legal obligations or exercise rights in connection with law or regulation, including defending legal claims; and
  • where it is needed in the public interest, such as for the purpose of complying with our regulatory requirement to establish whether you have committed or are somehow linked to an unlawful act or dishonest or improper conduct.

We may use your Criminal Offences Data as follows:

  • We will use information about your criminal convictions as part of the recruitment in order to assess your suitability for a role at Man; and
  • we will use information about your criminal convictions and Personal Data obtained as a result of sanctions list and politically exposed persons searches in order to comply with our legal and regulatory obligations.
 

3. Disclosure of Personal Data to third parties

We share your Personal Data with Man Group staff and entities within Man Group for the purposes described above, such as the administration of your application to us.

In addition, we may disclose your Personal Data in accordance with applicable law and regulation to:

  • Governmental, legal, regulatory, tax or similar authorities, ombudsmen, central and/or local government agencies; and/or law enforcement officials (if mandated by law and regulation or if required for the protection of our legitimate interests);
  • anti-fraud services in relation to data on known or suspected fraudulent activity;
  • third party service providers who process Personal Data on behalf of Man in the provision of recruitment services and any third party providers who carry out background screening on our behalf;
  • third parties to whom you request us to send your Personal Data;
  • third party Processors (such as payment services providers and banks);
  • our professional advisers (such as our tax, legal and financial advisers);
  • any relevant party, claimant, law enforcement agency or court, to the extent necessary for the establishment, exercise or defence of legal rights in accordance with applicable law and regulation;
  • any relevant party for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and the prevention of threats to public security in accordance with applicable law and regulation; and
  • any relevant third party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganisation, dissolution or liquidation) or the assets or business of our funds.

We do not share your Personal Data with others for marketing purposes unless you agree to this.

 

4. Transfers of Personal Data outside the European Economic Area, the United Kingdom, Jersey and Guernsey

Due to the international nature of Man Group’s activities and the service providers we use, your Personal Data may be collected, transferred and stored in countries outside the EEA, the United Kingdom, Jersey and Guernsey. Some of these countries may not have been deemed by the relevant data regulators to have the same level of protection as countries in respect of which EEA, the United Kingdom, Jersey or Guernsey data protection law applies.

We ensure that such transfers are protected by appropriate safeguards or are otherwise permitted under applicable law. Where we transfer your Personal Data to a country outside of the EEA, the United Kingdom, Jersey or Guernsey, this can be done in the following ways:

  • The country to which the Personal Data is transferred may be approved under the European Commission’s adequacy decisions;
  • the recipient may have agreed to standard contract clauses that require them to protect the Personal Data;
  • the recipient uses Binding Corporate Rules which are approved by relevant supervisory authorities and require them to protect the Personal Data; or
  • in other circumstances, the law may permit us to otherwise transfer your Personal Data outside of the EEA, the United Kingdom, Jersey or
  • Guernsey.

You may obtain more details of the safeguards in place to protect your Personal Data when it is transferred outside the EEA, the United Kingdom, Jersey or Guernsey, including a copy of such safeguards by contacting us via the details provided in Section 8.

 

5. Data Retention

How long we hold your Personal Data will vary. The retention period will be determined by various criteria, including the purposes for which we are Processing your Personal Data (as it will need to be kept for as long as is necessary for such purpose), legal and regulatory obligations (which may set a minimum period for which we have to keep your Personal Data) and our internal policies, which take into consideration the purpose for which we hold the Personal Data.

 

6. Security of your Personal Data

We have extensive controls in place to maintain the security of our information and information systems. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorised staff. We operate layers of safeguards and defences designed to ensure that Man is able to operate safely. Amongst other things, such controls are designed to detect, respond and recover in case of any adverse events that may arise.

 

7. Your rights

You have a number of legal rights in relation to the Personal Data that is held about you by us, including:

  • You have a right to obtain certain information regarding the Processing of the Personal Data and to access your Personal Data.
  • If your Personal Data is inaccurate or incomplete, you have the right to request corrections to it.
  • In certain circumstances, you have the right to receive some Personal Data in a structured, commonly used and machine-readable format.
  • You have the right to ask us to transfer some of your Personal Data to other organisations, where this is technically feasible. Please note that this right only applies to Personal Data which you have provided to us.
  • You have a right to ask us to erase or “restrict” your Personal Data in some circumstances. Please note that there may be circumstances where you ask Man to erase your Personal Data but we are nevertheless legally entitled to retain it.
  • Where we Process your Personal Data because the Processing is in our, or a third party’s, legitimate interests, then you may object to this Processing. Please note that there may be circumstances where you object to, or ask Man to restrict its Processing of your Personal Data but we are legally entitled to continue Processing your Personal Data or to refuse that request.
  • In the limited circumstances in which we have asked for your consent to Process your Personal Data for a specific purpose, you may withdraw your consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your Personal Data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

These rights may be limited, for example, if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law and regulation to keep or have compelling legitimate interests in keeping.

You also have a right to complain to a supervisory authority for data protection. This may either be the supervisory authority in the place of your habitual residence, your place of work, or the place where you consider that there has been a breach of data protection law.

To exercise any of these rights, please use the contact details provided in Section 8.

 

8. Contact Details

For electronic communications, please contact:

Contact Issue
HRSO@man.com If you would like to update the Personal Data we hold about you.
privacy@man.com If you have any questions, concerns or wish to exercise your rights set out in Section 7.
DPincident@man.com If you believe there is a potential data protection breach and wish to inform us of such breach.

All written communications should be directed to:

Man Group
Data Protection
Riverbank House
2 Swan Lane
London EC4R 3AD
United Kingdom

 

9. Controllers

Controller entity Address
Man Group plc 22 Grenville Street, St Helier, Jersey JE4 8PX, Channel Islands
Man Group Services Limited Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
Man GLG Partners LLP Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
AHL Partners LLP Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
Man (Europe) AG Austrasse 56, 9490 Vaduz, Fuerstentum Liechtenstein
Man Asset Management (Ireland) Limited 70 Sir John Rogerson’s Quay, Dublin 2, Ireland
Man Fund Management UK Limited Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
Man GLG Partners LLP Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
Man Global Private Markets (UK) Limited Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
Man Group Operations Limited Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
Man Group Services Limited Riverbank House, 2 Swan Lane, London EC4R 3AD, United Kingdom
Man Group UK Limited – Bulgarian Branch 22 San Stefano Str., San Stefano Plaza, Commercial Center, Sofia PC 1504, Bulgaria
 

10. EEA, the United Kingdom, Jersey and Guernsey Data Regulators

You can find out more information about your rights by contacting the EEA data regulator in your jurisdiction or the UK’s Information Commissioner’s Office (website at https://ico.org.uk) , the Jersey Office of the Information Commissioner (https://jerseyoic.org) or the Guernsey Office of the Data Protection Commissioner (website at https://dataci.gg).

 

11. Defined Terms

Term Definition
Binding Corporate Rules A set of legally enforceable rules authorising personal data transfers to non-EEA based controllers or processors.
Controller The entity that decides how and why Personal Data is Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.
Criminal Offences Data Information about criminal convictions and offences (actual or alleged), including reports from the Disclosures and Barring Service and other similar information.
Man Group (i) Man Group plc; (ii) any company or other entity which directly or indirectly controls, is controlled by or is under common control with Man Group plc (including any holding company or subsidiary, each within the meaning of section 1159 of the Companies Act 2006); and (iii) any limited partnership or limited liability partnership whose general partner or managing member is an entity in (ii) above, but excluding any investment fund in relation to which Man Group plc or an entity or partnership in (ii) or (iii) above provides investment management, advisory, marketing or related services.
Personal Data Information that is about any individual, or from which any individual is identifiable.
Process or Processed or Processing Anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Processor Any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).
Sensitive Personal Data Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life or orientation, genetic or biometric or any other information that may be deemed to be sensitive under applicable law.