At Michael Page, your privacy matters

At Michael Page, your privacy matters

This Privacy Policy explains how we collect and use your personal data, who we share it with, how long we keep it, and the rights you have. We are committed to providing a safe and secure user experience and to complying with our transparency obligations under the General Data Protection Regulation (GDPR).

Who we are and how we process your personal data

Michael Page International Recruitment Limited (company number 4130921) (“MPIRL”, “we”, “us”, or “our”) is part of PageGroup and trades under the brands Michael Page, Page Executive, Page Consulting and Page Outsourcing. We are committed to protecting the privacy of our candidates, clients and users of our website.

Although this website operates under the .ie domain, Michael Page does not have a legal entity established in Ireland. The sole controller for personal data collected via this website is:

Michael Page International Recruitment Limited
Page House, Dashwood Lang Road
Bourne Business Park
Addlestone, Weybridge
Surrey, KT15 2QW
United Kingdom

Personal data collected from Irish users will be processed in the United Kingdom. The UK is currently covered by an EU adequacy decision, renewed to 27 December 2031, which means your data may flow from the EEA to the UK without additional safeguards. Where we transfer your personal data to a country without an adequacy decision, we rely on EU Standard Contractual Clauses and other appropriate safeguards.

We will ensure that the information you submit to us, or which we collect from you through our website, meetings, calls, emails, or any of our global offices, is used only for the purposes set out in this Privacy Policy.

Scope

Protecting your personal data is our priority. This Privacy Policy explains how we process personal data relating to:

  • candidates who register with us for roles we are managing for other employers, or for roles at PageGroup, or through our website, job boards, social media sites or other sources;
  • prospective candidates;
  • business contacts at clients and suppliers; and
  • users of our websites.

(collectively "you" or “your").

It also tells you about your privacy rights including your right to object to our processing. If you would like to contact us, please see the “How to contact us” section of this policy.

Personal data we collect

Candidates

When you register with us as a candidate to provide work finding services to you, you provide and we process your personal data, including but not limited to your name, contact details and information from your CV, current benefits and your expectations for future roles. Where permitted by law, we may also collect information relating to your health (for example, disability information for reasonable work adjustment purposes), diversity information, including race, ethnic origin, sexual orientation and religion (for equal opportunity monitoring purposes) as well as, when permitted by the law, details of any unspent criminal convictions where required by a client or by us if you apply for a role with us. If you use our website, click on links in emails we send to you, open or forward them, or sign up to receive job alerts or other content from us, we also collect personal data from those interactions.

We also obtain personal data about you from third parties, including,

  • referees - when you are offered a job;
  • former employers - to confirm dates of employment;
  • educational institutions - to check your academic qualifications;
  • when permitted by the law, credit reference agencies - if we need to check your financial standing;
  • publicly available sources such as LinkedIn and social media sites to enhance the information we hold about you, in order to help us find more suitable roles for you;
  • clients to whom we have provided your CV and who have engaged with you as part of a job application or who have given feedback on your CV.

Prospective candidates

We collect personal data about you, including your name and contact details and professional biographical details obtained from publicly available sources such as LinkedIn and social media sites, so that we can contact you if we think you may be interested in our work finding services at a future date. We may also obtain your personal data through another candidate or an employer who recommends you as a contact.

Prospective Business Clients

We collect your contact details and data relating to your function or position to establish commercial relationships with your company.

Clients

We collect personal data such as your name, job title and contact details. We also process personal data about what communications we have had with you, including whether you have opened or forwarded any emails, newsletters or other content we have sent to you. We also process feedback that you provide about our candidates.

If you provide information to us about a candidate (for example, if you confirm a candidate has worked with you or if you provide a reference), then we will obtain your details from the candidate and we will keep a record of the personal data that you provide to us about that candidate.

We process personal data about you from public domain sources such as LinkedIn and social networking sites or because you were a delegate at one of our events or at an event where the event organiser is permitted to share delegate details with us.

Website and app users

We collect personal data such as your IP address and other data about your device which we need to provide our online content to you. We also collect data about your engagement with our website or apps such as the pages you view.  If you contact us, we will also collect information about your enquiry. We obtain consent for non-essential cookies, including analytics and marketing cookies, in line with Irish DPC guidance. Our cookie policy tells you more about this.

 

Suppliers

We typically collect your name and contact details as a business contact for your organisation.

Providing your personal data

In some cases, it will be necessary for you to provide personal data to us for us to work together. If you don’t provide us with the personal data we ask for, we may not be able to provide you with our services.

How we use your personal data

Candidates

We use your data to:

  • provide you with recruitment services;
  • communicate with you;
  • enable you to upload your CV and apply for jobs;
  • personalise your experience by creating a candidate profile;
  • monitor equality and diversity (where permitted by law);
  • provide career advice, salary guidance and job alert communications;
  • send you direct marketing for the purposes of informing you about job opportunities, industry reports and insights, events, promotions and competitions, and other content in accordance with your marketing choices;

We also run targeted and relevant banner advertising on our website and within your social networks to present you and people like you with jobs and content that we believe will be of interest. We target these ads based on your previous interactions with our website, emails and through your engagements with our consultants. Your interaction with our ads may be used to measure the effectiveness of our ad campaigns and to improve our marketing strategy. This processing is carried out via Cookies and only if you have previously provided consent.

Prospective candidates and Business Clients

We use your personal data to:

  • determine if you may be interested in our services and how we can assist you;
  • to contact you and find out if you are interested in our services.

Sourcing Candidates via LinkedIn

As part of our recruitment process, we may contact potential candidates through professional networking platforms such as LinkedIn. We rely on legitimate interest as our lawful basis for reaching out to individuals whose experience and profile align with job opportunities we are seeking to fill. If we contact you via LinkedIn InMail and you do not wish to be contacted further, you have the right to opt-out at any time.

For any other inquiries regarding your personal data, you may continue to contact us directly at gdpr@pagegroup.eu

Website or app users

We use your personal data to:

  • improve and personalise your experience when you use our website or apps; and
  • personalise advertising you receive from us.

Clients

We use your personal data:

  • to provide recruitment services to you;
  • to communicate with you;
  • to get feedback from you on our services through client satisfaction surveys, in order to improve our services and to develop new services;
  • to maintain our business relationship with you;
  • to answer your enquiries when you contact us;
  • to fulfil contractual obligations to you;
  • to establish, exercise or defend legal claims; and
  • for direct marketing purposes.

Suppliers

We use your personal data:

  • to communicate with you;
  • to maintain our business relationship with you;
  • to answer your enquiries when you contact us;
  • to fulfil contractual obligations to you;
  • to establish, exercise or defend legal claims; and
  • for direct marketing purposes.

You can unsubscribe from receiving marketing communications from us, using the unsubscribe methods contained in communications we send to you or by contacting us. We have also established a marketing preference centre where you can view and make decisions about your marketing preferences and opt out of receiving marketing from us at any time.

Legal grounds for processing your personal data

Under the GDPR, we rely on the following legal grounds to process your personal data:

(a) Performing a contract - where, in order to perform our obligations under a contract with you or to take steps at your request to enter into a contract with us, it is necessary for us to process your personal data;

(b) Compliance with a legal obligation - where we need to process your personal data to comply with legal or regulatory obligations.

(c) Our legitimate interests or those of a third party - including:

  • providing our services to you;
  • responding to your requests and enquiries (this serves both your legitimate interests and ours, as it helps maintain constant and up-to-date communication with clients and candidates, which is essential to our commercial relationship);
  • optimising the performance of our website and enhancing user experience;
  • informing you about our services including job opportunities, industry reports and insights, events, promotions, and competitions (our legitimate interest is to keep clients and candidates informed about relevant services and products);
  • ensuring our operations are conducted efficiently;
  • providing satisfaction surveys to improve our services; and

  • contacting prospective business clients to establish commercial relationships (our legitimate interest is to maintain and develop business relations with the company where the contact person works).

We have performed a legitimate interest assessment in order to confirm that our interests are not overridden by your interests or fundamental rights and freedoms, you can ask for this assessment using the contact details below.

(d) Consent In certain situations, we will ask for your consent to process your personal data in specific ways, especially to manage your marketing preferences or when conducting talent trends surveys. For example, if you register for a job, we may offer you the option to sign up for similar job alerts.

If we process your personal data based on your consent, you have the right to withdraw it at any time. Simply contact us, if you would like to withdraw your consent.

Special category data and criminal convictions data

Where we process special category data, we rely on GDPR Article 9(2) conditions and apply suitable and specific measures required by section 36 of the Irish Data Protection Act 2018 (e.g., access controls, shorter retention, logging, pseudonymisation).

Where we process criminal convictions data, we do so only where permitted under GDPR Article 10 and section 55 of the Irish Data Protection Act 2018, and retain it only for as long as necessary.

Use of Artificial Intelligence (AI), automated decisions and profiling

We use AI-powered tools in limited ways to enhance recruitment efficiency (e.g., CV/job matching and semantic search). We do not make decisions based solely on automated processing that produce legal or similarly significant effects. All decisions involve human oversight.

Profiling is used only to assist in job matching or relevant advertising. You have the right to object to profiling for direct marketing at any time.

We apply AI or AI-powered tools in the following areas:

  • JobMatch Tool (Website Feature): When you upload your CV through our JobMatch tool, we use a matching algorithm to compare your skills, experience, and aspirations with available roles. This helps recommend suitable job opportunities. Importantly, this profiling does not restrict or exclude access to other positions, it’s simply a support tool to help guide job recommendations.
  • Semantic Search Technology (CV Matching): We use an AI-powered tool that analyses the CVs in our database using semantic search (a form of intelligent keyword recognition). Recruiters can input criteria such as skills, experience level, or field of expertise, and the tool helps identify relevant candidates by ranking CVs based on suitability. This makes the process more efficient but does not replace human judgment, all shortlists are reviewed by a recruiter before any decisions are made.
  • Content Generation and Transcription: AI is used to assist in writing job advertisements, pseudonymising CVs via a third-party vendor using OpenAI technology, and transcribing internal meetings through Microsoft Teams.
  • Content Moderation in Our CRM (Salesforce): Our CRM uses AI to scan for inappropriate or unprofessional content in communications. This is a compliance safeguard and does not impact candidate evaluation.

Some tools are provided by trusted partners like Microsoft or OpenAI. These providers are contractually prohibited from using your data for AI training or unrelated purposes. In rare technical support cases, limited access may be granted under strict controls and confidentiality agreements. If you would like to know more, please contact us.

Who we share your personal data with

In certain circumstances we will share your personal data with:

Other companies within PageGroup

MPIRL is part of the PageGroup of companies which operates globally. Our recruitment experts and key members of the business who run functions such as payroll and IT support are based all around the world. We may share with or give access to your personal data to other companies within PageGroup. Please note that:

  • The MPIRL UK entity acts as the data controller for your personal data, which means your personal data will be regularly accessed and processed in the UK.
  • While the UK is no longer part of the European Union, it currently benefits from an adequacy decision valid until 27 December 2031 issued by the European Commission, which confirms that the UK provides a level of data protection essentially equivalent to EU law.

We may also share your personal data with other MPIRL Group entities in the following contexts

Functions such as IT support, payroll, and commercial operations may be delivered by other PageGroup entities acting as data processors, strictly under the instructions of the UK data controller.

Where roles involve collaboration across jurisdictions (e.g. global executive roles, key account delivery, or remote-first positions), other group entities may act as independent data controllers and process your data in their own capacity.

If you register in multiple countries, a single candidate profile may be created and shared within the group to avoid duplication and ensure up-to-date information.

A full list of PageGroup entities and the countries where they are located is available See list of PageGroup entities and the countries where they are located.

Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place. These include:

The European Commission’s adequacy decision for the UK; and Standard Contractual Clauses (SCCs) for other countries where adequacy has not been granted, as part of our intra-group data transfer agreement.

If you would like a copy of the SCCs or further information on our data transfer mechanisms, please contact us.

The purposes of sharing your personal data within PageGroup companies are:

  1. providing essential services which are centralised in one single entity such as IT, commercial and sales support services, in this case these entities will access and process your personal data as data processors, following the instructions of your data controller,
  2. managing global, regional or senior executive positions, or the development of key accounts, which would require the cooperation of different companies across the group, and
  3. managing positions that can be fulfilled remotely.
     

The applicable lawful basis to these processing activities is the performance of the contract with clients and candidates or to take steps necessary to enter into a contract, and the legitimate interests of PageGroup in delivering its services using internal resources.

Please bear in mind, that if you register as a candidate in a different country than the one in which you originally joined PageGroup, a unique record will be created for you. A single record avoids duplicities and improve accuracy of the personal data. For these purposes, the PageGroup companies involved will share your personal information as independent data controllers.

Third Parties

If you are a candidate, we share your personal data with clients who have vacancies for jobs which you are interested in.

We also share your personal data and, where necessary, special category data with third party service providers who perform services and functions on our behalf, such as:

  • conducting employment reference checks;
  • conducting qualification checks;
  • carrying out criminal convictions checks (as required);
  • verifying details you have provided from third party sources;
  • conducting psychometric evaluations or skills tests;
  • hosting personal data for us;
  • providing professional advice to us;
  • providing data analytics to us;
  • carrying out testing and development work on our business technology systems;
  • administering surveys or competitions on our behalf;
  • assisting us to communicate with you; and
  • providing research and mailing house or other direct marketing services.
  • If you are a candidate, we share your data with clients for roles you apply for or express interest in.

We contractually require minimum standards of confidentiality and data protection from our third-party service providers. If we need to send personal data outside the EEA, we will ensure that adequate safeguards are in place, such as the Model Clauses.

Other disclosures

In addition, we may disclose your personal data:

  • if we are legally required to do so;
  • to law enforcement agencies, regulators or other government officials;
  • to enforce a contract with you; and
  • to the new business owners and their advisers in the event of a re-organisation, merger, sale, joint venture, assignment, or other transfer or disposition of all or any part of our business.

Keeping your personal data secure

We have implemented and maintain appropriate technical and organisational measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Only authorised personnel and third-party service providers are provided with access to personal data on a need-to-know basis, and these employees and service providers are contractually obliged to treat this information as confidential.

How long we hold your personal data for

We retain your data only for as long as needed to fulfil the purpose for which it was collected or to meet legal, regulatory, accounting or reporting requirements. We apply specific retention periods where appropriate and, where not possible, clear criteria to determine retention.

How We Decide How Long to Keep Personal Data

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, or as required by law. When determining how long to retain different types of data, we consider:

  • Whether we have an ongoing relationship with you (for example, when you are an active candidate or client).
  • Whether you have engaged with us recently (e.g., updated your profile, applied for a role, contacted us, or interacted with our communications).
  • The type of service we provide to you, including whether you were placed in a role.
  • Our legal, regulatory and reporting obligations, including statutory limitation periods and obligations under employment, tax, equality, criminal record, or financial regulations.
  • The sensitivity of the data, such as diversity, health or criminal record information.
  • Our need to establish, exercise or defend legal claims.

Based on these criteria, we apply the following general rules:

Data Category

How We Decide the Retention Period

Candidates

We retain candidate records for longer when there has been recent, meaningful contact, or when a placement has occurred, and for shorter periods where there has been no engagement.

Prospective candidates

We retain these records for shorter periods unless you progress to become an active candidate or engage with us.

Clients & prospective clients

We retain client contact details while there is an active business relationship or engagement, and for a period afterwards to meet legal and commercial obligations.

Diversity data (special categories)

We retain only aggregated/pseudonymised data. Any raw identifiable diversity data is deleted shortly after reporting in line with equality monitoring requirements.

Health data (reasonable adjustments)

Retained for a short period after the relevant recruitment process or support is completed, unless required longer for legal or regulatory reasons.

Criminal convictions data

Retained only for as long as necessary to complete the vetting process and to demonstrate compliance with legal and regulatory obligations.

Regulatory correspondence, complaints & legal obligations

Retained for the period necessary to comply with statutory requirements or to establish, exercise or defend legal claims.

Suppliers

Retained while the supplier relationship is active and for a period afterwards for audit, tax and contractual purposes.

Website analytics

Usage and analytics data is kept only for short periods, consistent with cookie expiry periods and our Cookie Policy.

Security logs

Retained for a limited period to ensure system security, detect incidents, and meet audit requirements.

Marketing data

Retained until you withdraw consent or object. We keep a suppression record to ensure we honour opt‑outs.

For more detailed information

If you would like more information about how long we keep any specific category of personal data, you can contact us using the details in the “How to contact us” section.

Your rights in relation to personal data we hold about you

You have several rights under EU data protection laws. These rights include the right to ask us for a copy of your personal data, to correct, delete or restrict processing of your personal data; to obtain the personal data you provide to us for a contract or with your consent in a structured, machine-readable format, and to ask us to share (port) this data to another controller.

In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process your personal data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).

These rights may be limited, for example, if complying with your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests for keeping. We will inform you of any relevant exemptions we are relying on when we respond to your request.

Cookies

We use essential and non-essential cookies.
Non-essential cookies (analytics/marketing) are used only with your consent. Our cookie banner provides equal choices to accept or reject cookies, and you may change your settings at any time. Full details are in our Cookie Policy.

How to contact us

Exercise your rights

You may submit a rights request using our gdpr request form.

 

EU contact email (EU Service Centre)

gdpr@pagegroup.eu

Data Protection Officer (DPO)

Bird & Bird DPO Services SRL
Avenue Louise 235 box 1
1050 Brussels
Belgium
Email: dpo@page.com

EU Service Centre (Spain)

PageGroup Compliance Department
Plaza Europa 21–23
08908 L’Hospitalet de Llobregat
Barcelona, Spain

UK Controller (corporate contact)

Michael Page International Recruitment Limited
Page House, Dashwood Lang Road
Bourne Business Park
Addlestone, Weybridge
Surrey, KT15 2QW
United Kingdom

UK correspondence address

Data Protection Team

80 Strand
London
WC2R 0DT
United Kingdom

Complaints to supervisory authorities

If you live in Ireland, you may lodge a complaint with the Data Protection Commission:
https://www.dataprotection.ie

You may also contact the UK Information Commissioner’s Office:
https://ico.org.uk

Changes to this Privacy Policy

We may update this policy from time to time. Significant changes will be posted on this website