Privacy Policy - Recruitment

CMS CAMERON MCKENNA NABARRO OLSWANG LLP

RECRUITMENT PRIVACY POLICY

CMS Cameron McKenna Nabarro Olswang LLP (“CMNO”) is committed to protecting and respecting your privacy.

Please read this Recruitment Privacy Policy (“Privacy Policy”) carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data in connection with CMNO’s recruiting processes and programme. It does not apply to our existing employees, members, partners, contractors or clients, or other personal data that CMNO collects for other purposes. This Privacy Policy supplements and should be read in conjunction with the CMS Privacy Policy, which applies to all personal data collected on the website. Please click on the relevant heading below for more information on each of these areas.

By submitting your personal data to us, you acknowledge that:

• You have read and understood this Privacy Policy and agree to the use of your personal data as set out herein.
• Your personal data may be transferred and processed by CMNO Entities, CMS Member Firms and third party service providers in countries inside and outside of the EEA that may not be deemed to provide the same level of data protection as your home country, for the purposes and in the manner specified in this Privacy Policy.
• You are not required to provide any requested information to us, but failing to do so may result in not being able to continue your application for the job for which you have applied.
• All of your representations are true and correct to the best of your knowledge, and you have not knowingly omitted any related information of an adverse nature.
• This Privacy Policy does not form part of any contract of employment offered to candidates hired by CMNO.

1. KEY TERMS

2. WHO IS RESPONSIBLE FOR YOUR PERSONAL DATA?

CMNO, an English limited liability partnership with registration number OC310335, and where applicable, the relevant CMNO Entity will be responsible for your personal data. Specifically, CMNO is the data controller and is registered as such with the Information Commissioner.

3. PERSONAL DATA WE COLLECT ABOUT YOU

We may collect personal data from you when you complete an application form and upload a copy of your CV to our applicant tracking system (ATS) and register a candidate profile with us, either to make an application for an existing vacancy, or so that you are notified of future vacancies.

The personal data about you that we process includes:

• Your name;
• Your address;
• Your email address;
• Your telephone number;
• CV/work history/employment experience and preferences, achievements;
• Details of your qualifications;
• Job preferences including role, geographical areas and salary; and
• Any other work related information you provide, for example, education or training certificates.

If you make an application for a vacancy, you may also be invited to complete online tests, interviews and written assessments and be asked for additional information, including about your immigration status and criminal convictions.

If your application is successful and you accept a role with us, we may collect personal data about you from third parties, such as professional recruiting firms, prior employers, CMNO employees, partners or staff with whom you have interviewed, and employment background check providers, to the extent this is permitted by applicable law.

4. HOW AND WHY WE USE YOUR PERSONAL DATA

We collect and process your personal data for our legitimate interests and business management reasons including:

• identifying and evaluating candidates for potential employment, membership or partnership opportunities, as well as for future roles that may become available;
• record keeping in relation to recruiting and hiring;
• ensuring compliance with legal requirements, including diversity and inclusion requirements and practices;
• conducting criminal history checks as permitted by applicable law;
• protecting our legal rights to the extent authorised or permitted by law; or
• emergency situations where the health or safety of one or more individuals may be endangered.

We may also analyse your personal data or aggregated/pseudonymised data to improve our recruitment and hiring process.

We process your personal data for the purposes described above: when we have your consent to do so; when necessary to enter into an employment contract with you or membership/partnership appointment; when necessary for us to comply with a legal obligation; or when necessary for the purposes of our legitimate interests as an employer operating globally.

If you have made an application for a vacancy, we will use the personal data that we collect from you to help us decide if you are a suitable applicant for the position for which you have applied.

If you register to receive job alerts from us, you may receive notifications of new vacancies that match your profile and registered career interests. You can opt-out from receiving these updates at any time by contacting us at: recruitment@cms-cmno.com.

We will also use your personal data to create anonymous recruitment statistics, from which you cannot be identified.

5. WHO WE SHARE YOUR PERSONAL DATA WITH

We are an international law firm and any information that you provide to us may be shared with and processed by recruiters and interviewers working in another CMNO Entity or CMS Legal Services EEIG and the CMS Member Firms and their connected businesses (the “CMS Member Firms”). A complete list is available on request and on our website at http://cms.law.

Individuals performing administrative functions and IT personnel within CMNO Entities and CMS Member Firms may also have a limited access to your personal data to perform their jobs. We have put in place legal mechanisms designed to ensure adequate data protection of your personal data that is processed by CMNO Entities and CMS Member Firms.

We share your personal data with certain trusted third parties in accordance with contractual arrangements in place with them, including Integreon Inc who provide office support staff in the HR administration and others that assist us in recruiting talent, administering and evaluating pre-employment screening and testing, and improving our recruiting practices. A complete list of these third parties is available on request.

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

If in the future we re-organise or transfer all or part of our business, we may need to transfer your information to new CMS Member Firms or to third parties through which the business of CMNO or the CMNO Entities will be carried out. Usually, information will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

CMNO or the CMNO Entities may use social media sites such as Facebook, LinkedIn and Twitter. If you use these services, you should review their privacy policy for more information on how they deal with your personal data.

6. WHERE YOUR PERSONAL DATA IS HELD

Information may be held at CMNO Entities and those of our CMS Member Firms, third party agencies, service providers, representatives and agents as described above (see ‘Who we share your personal data with’).

Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal data when this occurs, see below: ‘Transferring your personal data out of the EEA’.

7. HOW LONG YOUR PERSONAL DATA WILL BE KEPT

If you accept an offer of employment, membership or partnership by us, any relevant personal data collected during your pre-employment/appointment period will become part of your personnel records and will be retained in accordance with our records management policy. If we do not employ you or you do not join the partnership, we may nevertheless continue to retain and use your personal data for three years after you are notified of rejection to consider you for potential future roles, unless you decide to opt-out prior to such time.

If you have not logged into your account on our ATS for twelve months, we will send you a notification that we hold your personal data and ask you whether you still want us to continue to retain your data for future employment opportunities. These notifications will be sent at twelve, twenty-four and thirty-five months, after which time if we do not hear from you your data will be deleted.

8. TRANSFERRING YOUR PERSONAL DATA OUT OF THE EEA

CMNO is an international firm and a list of our offices, together with relevant contact information, may be found on our website. Irrespective of how we obtain your personal data, it may be shared among all CMNO Entities and CMS Member Firms (both inside and outside the European Economic Area). Our policy requires all CMNO Entities and CMS Member Firms to at all times ensure a level of data protection at least as protective as those mandated by the European Economic Area. We may also need to transfer personal data to third parties, including third parties based outside the European Economic Area, for example (but not limited to) sub-contractors, other counsel and accountants and third parties involved in your matters.

Where we share or transfer your personal data, we will do this in accordance with applicable data protection laws and will take appropriate safeguards to ensure its integrity and protection.

9. COOKIES AND OTHER TRACKING TECHNOLOGIES

We may use first party and third party cookies, web beacons, pixels, clear gifs, and other similar technologies (collectively “Cookies and Other Tracking Technologies”) to identify you and your interests, to remember your preferences, and to track your use of our websites. We also use Cookies and Other Tracking Technologies to control access to certain content on our websites, to protect the websites, and to process any requests that you make of us.

Some of our online recruiting activities are hosted by third parties. When you access sites operated by these third-parties, they may, consistent with our Cookie Policy, place Cookies or Other Tracking Technologies on your device. You can learn more about our use of Cookies and other tracking technologies reading our Privacy Policy and Cookie Policy.

10. YOUR RIGHTS

We take reasonable steps that are designed to keep your personal data accurate, complete, and up-to-date for the purposes for which it is collected and used. We also have implemented measures that are designed to ensure that our processing of your personal data complies with this Privacy Policy and applicable law.

In addition to your rights under applicable data protection legislation and where we are permitted or required by applicable law and regulation and by our professional obligations, we will provide you, upon request, with a copy of your personal data and we will correct any errors identified by you. You may also request that we cease processing your personal data (e.g., if you choose to withdraw from our recruiting program), although note that we may need to retain certain personal data where required or permitted to under applicable law.

We may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your data, and for any additional copies of the personal data you request from us.

All such requests, including any requests to update personal data about you or any questions or comments regarding this policy or our handling of your personal data, should be addressed to privacy@cms-cmno.com.

We do not make recruiting or hiring decisions based solely on automated decision-making.

11. KEEPING YOUR PERSONAL DATA SECURE

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We use a variety of technical and organisational measures to help protect your personal data from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws. Personal data may be kept on our personal data technology systems, those of our contractors or in paper files.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

12. HOW TO COMPLAIN

We hope that we can resolve any query or concern you may raise about our use of your information. You may also have the right to lodge a complaint in relation to our processing of your personal data with a local supervisory authority. We will provide you with details of your relevant regulator upon request.

13. DATA CONTROLLERS

There are a number of entities through which we provide legal services. Most of the firm’s main IT systems are located in the UK and controlled by CMNO. Depending on the location where legal or other services are provided, another CMNO Entity may be the data controller in relation to your personal data. Please visit https://cms.law/en/GBR/Footer-Configuration/Legal-Information for details of the CMNO Entity through which we practise law in each jurisdiction and, where necessary having regard to local applicable data protection or privacy laws, a country-specific privacy policy.

14. HOW TO CONTACT US

Please contact us and/or our Data Protection Lead by post, email or telephone if you have any questions about this Privacy Policy or the information we hold about you.

Our contact details are shown below:

15. UPDATES

This Privacy Policy was updated in May, 2018. We reserve the right to amend this Privacy Policy from time to time to reflect changing legal requirements or our processing practices. Any such changes will be posted on this website and will be effective upon posting.