General Data Protection Regulation (EU)

Charteris Group Privacy and Compliance Statement Last Updated: May 20, 2018

We believe you have the right to access and control your information.

This fundamental belief shapes our Privacy Policy.

We will be clear about the data we collect and why.

We do not and will not sell your data to third parties.

Our primary purpose in collecting your data is to be able to advise you on recruitment strategies.

This Privacy Policy applies to Charteris Group websites and services and describes how Charteris Group collects, uses, shares and secures your personal information.

It also describes your choices regarding the use, access and correction of your personal information.

If you have any questions or suggestions, please don't hesitate to contact our Data Protection Officer at

When do we collect your information?

We may collect your information either : (1), when you communicate with us by email, telephone, in person or otherwise ("Dialogue Collection").


We collect your information when you communicate with us

What information do we collect?

We may collect basic personal information. that is either expressly provided by you, such as your name, or information that can be used either alone or in combination with other information to personally identify you, such as your email address or phone number.

We may collect the following personal information from you: Contact Information (such as name, email address, mailing address, or phone number); Information about your business (such as company name, company size, business type)

Non-personal information is all information that is not personal information or is information that was personal information but which we modify and/or aggregate with other data in order to make it Non-personal information. As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate, and anonymously generated device identifiers and administer the site.


There are two types of information we collect: personal and non-personal.

How do we collect your information?


Some information you provide to us directly.


We collect your information when you give it to us.

How do we use personal information

Other than with respect to the exceptions below, we do not share personal information with third parties.


With few exceptions listed here, we don't share your personal information with a third party.

Third-Party Service Providers

We may engage third-party service providers to administer and provide our services. We require such third parties to agree not to disclose your personal information or use your personal information for any other purpose.


Exception #2: If we give your information to a partner company, they won't use your information outside of our business relationship.

Business Transactions

Information that we collect from users, including personal information, is considered a business asset. Accordingly, if we go out of business or enter bankruptcy, or if we are acquired, e.g., as a result of a transaction such as a merger, acquisition, or asset sale, your personal information may be disclosed or transferred to the third-party acquirer in connection with the transaction. You will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and the choices you may have regarding your personal information.


Exception #3: If someone buys us, the business is otherwise sold or we go bankrupt, your information may be transferred to someone else.

Governmental; Law Enforcement

We may disclose personal information to government agencies, law enforcement officials, and private parties as we, in our sole discretion, believe necessary: (1) to satisfy or comply with any applicable law, regulation or legal process; (2) to respond to lawful requests, including subpoenas, warrants or court orders; (3) to protect our property, rights and safety and the rights, property and safety of third parties or the public in general; and (4) to prevent or stop activity we consider to be illegal or unethical.
In certain situations, Charteris Group may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.


Exception #4: If the government asks for your information, we may comply.


We may share your personal information with a third-party but only if you have expressly authorised us to do so.


We share your personal information only with your explicit consent.

The Legal Basis for Using Personal Information

The General Data Protection Regulation (EU) 2016/679 ("GDPR") is effective May 25, 2018. The GDPR requires that a valid legal basis be used to process personal data. In certain countries, there are different legal bases that we rely on to use your personal information, namely:
Performance of a contract
The use of your personal information may be necessary to perform the agreement you have with us.
Legitimate interests
We may use your personal information for our legitimate interests.
Legal obligation
We may use your personal information to comply with legal requirements, as further described in Exception 4, above.


We may at times, request your consent to conduct certain actions with your personal information. When requesting your consent, we are transparent in ensuring you know what you are consenting to.


These are the legal bases we use for processing data subject to the GDPR.


We take commercially reasonable measures to protect personal information from unauthorized access, use, and disclosure. However, no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of your personal information.


We do what we reasonably can to protect your information.


We will retain your personal information as needed to fulfill the purposes for which it was collected. We will retain and use your personal information as necessary to comply with our business requirements, legal obligations, resolve disputes, protect our assets, and enforce our agreements. Because these needs can vary for different data types in the context of different services provided, actual retention periods can vary significantly.

Our retention periods differ for each type of personal information, but we only retain such information to fulfill the purposes for which it was collected.


Our website may contain links to other websites and services. Any information that you provide on or to a third-party website or service is provided directly to the owner of the website or service and is subject to that party's privacy policy. Our Privacy Policy does not apply to such websites or services and we are not responsible for the content, privacy, or security practices and policies of those websites or services.


Our privacy policy doesn't apply when you visit sites we link to.

Update or Delete your personal information

Upon request, Charteris Group will provide you with information about whether we hold any of your personal information. You may access, modify or delete (subject to applicable law) the personal information associated with your use of our services. At any time you may contact us at If you want us to delete your personal information, please contact us at with your request. We will respond to your requests within a reasonable timeframe. We will delete your information as soon as possible; however, some information may remain in archived/backup copies for our records or as otherwise required by law. We may retain your information for as long as needed to provide you our services, comply with our legal obligations, resolve disputes and enforce our agreements.


Subject to applicable laws, we'll delete or modify your information if you ask us to.


Your personal information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside of the United States and choose to provide your personal information to us, we may transfer your personal information to the United States and process it there.
Charteris Group participates in and is certifying its compliance with the EU-U.S. Privacy Shield Framework. Charteris Group is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List.
Charteris Group is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Charteris Group complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Charteris Group is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Charteris Group may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.


If you're not in the U.S., we may transfer your information to the U.S. We participate in the EU-U.S. Privacy Shield Framework.


Our services are not directed to individuals under eighteen, and we do not knowingly collect personal information from children under thirteen. If we learn that we have collected personal information of a child under thirteen we will delete such information from our files as soon as possible, provided, however, that some information may remain in archived/backup copies for our records or as otherwise required by law.


We don't knowingly collect information on children, and delete it if we inadvertently do collect it.


We may modify and revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we will notify you of such changes by posting them on our website or by sending you an email or other notification prior to the change becoming effective.


We'll let you know if we revise our privacy policy. If we make a material change, we will let you know before the change takes place.

© Charteris Group Ltd