Privacy Policy and the Careers In Group Privacy, Data Protection & Cookie Policy (the Privacy Policy)

Last updated 8th May 2024


This Privacy Policy (together with our Website Terms of Use (available here sets out the basis on which any personal data we collect from you, or that you provide to us (as defined below), will be held and processed by us and any third parties.

Please read the following carefully to understand our practices regarding your personal data and how we will treat it. If you do not agree with use of your personal data as set out in this Privacy Policy, you should not submit your personal information to us. If you have any queries about the policy, please email us and we will do our best to answer your questions.


1. About this Policy

This Policy outlines how Ltd and the Careers In Group handles your personal information. This includes the data collected, how and why we collect it, how we use it and how it is protected.

We are committed to protecting your privacy. We collect the minimum amount of information about you to be able to provide you with a satisfactory service. This Policy indicates the type of processes that may result in data being collected about you.

By using our services, you agree to the use of the data that we collect in accordance with this Privacy Policy.


2. Changes to this Policy

Any changes to our Privacy Policy will be placed here and will supersede the previous version of our Policy. We will take reasonable steps to draw your attention to any changes in our Policy if you are on our mailing list. However, to be on the safe side, you should read this document each time you use the website to ensure that it still meets with your approval.


3. Who We Are

The websites available at,,,, and (the “Websites”) are owned and operated by Limited (“the Group”, “we”, “our, “us”), a company registered in England and Wales under company number 05521948 with our registered office at Waverley House, 9 Noel Street, London, W1F 8GQ, United Kingdom.

For the purpose of the Data Protection Act 1998 ("the Act"), we are a data controller in respect of the user data we collect. Our data protection number is Z9221299.

Further information regarding and the Careers In Group can be found on our About Us page.


4. The Websites – An Overview

We are an independent provider of a gateway service to those seeking or offering careers in the audit, risk, compliance, cyber security and governance sectors. If you wish to register with the websites as a Jobseeker, you may create a personal account which will allow you to create a public profile and to store details of your career on the websites. If you do not wish to register, you may still use the websites to search for jobs that match your search criteria. Applying for a job will create a user account, which can be removed if required.

Recruiters, employers and other advertisers can access our candidate database (subject to a fee). As a Jobseeker, you have two options regarding the level of access you wish to grant recruiters and employers to view your public profile:

  1. Fully Viewable: this option will allow all recruitment companies and advertisers who have subscribed to the candidate database service to view your public profile and CV and to contact you directly;
  2. Hidden: this option will prevent recruitment companies and advertisers that have subscribed to the websites from viewing your details.

You must review your public profile to ensure you are satisfied with how your profile will appear.

On registration as a user of the websites, and from time to time you will be offered the choice of receiving email alerts from us. You must to "opt in" to this service if you wish to receive such emails. You may change your preference at any time through the "edit preferences” section of your account or contact us. We do not pass your information to third parties for marketing purposes.

Use of the Job Platforms: The websites may from time to time include chat rooms, forums, message boards, and/or news groups on which you can post information. Any information that you post in these areas becomes public information and you should always be careful when deciding to disclose your personal details as part of that information.


5. Personal Information – Collection & Use

5.1 Information collected

We may collect any or all of the information that you give us depending on the type of transaction you enter into, including your name, address, telephone number and email address, together with data about your use of our websites. Other information that may be needed from time to time to process a request may also be collected as indicated on the websites.

5.2 Information use

We use the information collected primarily to process the task for which you visited the website. Data collected in the UK is held in accordance with the Data Protection Act and the General Data Protection Regulation. All reasonable precautions are taken to prevent unauthorised access to this information. This safeguard may require you to provide additional forms of identity should you wish to obtain information about your account details.

We use the information we collect;

  1. to improve the user experience and better understand our users;
  2. to generate reports to make the site more user friendly and to determine which types of content are most appealing for our users;
  3. to administer the websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  4. to allow you to participate in interactive features of our service, when you choose to do so;
  5. as part of our efforts to keep our websites safe and secure;
  6. to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
  7. to make suggestions and recommendations to you and other users of our Websites about products or services that may interest you or them.

We use the information you give to us;

  1. for the purposes of making it available to prospective employers or prospective employees (as the case may be) via the internet in relation to our services, and for assisting in the recruitment process and related administration (subject to the level of access you have granted to your public profile;
  2. to verify your identity; administer your account(s) with us; carry out marketing analysis and obtain your views or comments on the services we provide;
  3. to contact you with any information we think you might be interested in, such as a monthly newsletter, job offers, new services, or training events. We will not sell your information, trade it with any other company, or use it for any other purpose other than to communicate to you offers about our own service offerings, or closely related events or opportunities we would reasonably consider you to have an interest in based on your initial or any subsequent requests;
  4. to send you information about our products and services, including third party job opportunities and services which we think may be of interest to you. You can ask us to stop this at any time;
  5. to make general improvements to the websites and to ensure that content from the websites is presented in the most effective manner for you and for your computer;
  6. to aggregate your information on an anonymised basis to create statistics for our own purposes.

5.3 Types of Personal Information we collect, how and why

The following types of personal data are collected and stored for processing for the normal use by the Careers In Group sites and services.

Data Type How it is collected Why it is collected


Provided by data subject

To personalise any communications

Email address

Provided by data subject

For communication, job updates, service updates and for a unique identifier for user authentication


Provided by data subject

For user authentication

Profile information

Provided by data subject

For candidate search, candidate view by recruiters/ employers and CMS job target filtering for tailored job communication purposes

CV / Resume

Provided by data subject

For candidate search, view and download by recruiters/ employers. For job applications

Usage data (jobs applied, jobs posted, job searches)

We collect in providing the service

For site statistics used for service improvements

Evidence of opt-ins/contact permissions and other privacy consents/unsubscribe requests

We collect in providing the service

Data subject opt-in permissions which may be used for filtering purposes and for identification. Maintained for auditing evidence in the event of an incident investigation

IP address

We collect in providing the service

For security reasons and analytical research purposes

Standard details of end user’s browser and operating system

We collect in providing the service

For analytical research and service improvements

Date and session of visit/s to website

We collect in providing the service

For session activity relating to usage data described above


6. How we use your Personal Information

We process data primarily to facilitate the task of advertising your job vacancies to our candidate base, to provide you with candidate CVs for employment purposes. Personal data is strictly limited to this task and will not be used for any other. We use your information to provide you with a quality job platform advertising and employment service.

1. Jobseekers

  • We use your personal information to assist in finding you a job
  • To enable you to apply for job vacancies on the sites.

2. Advertisers

  • We use your personal information to help you advertise your job vacancies
  • To allow you to receive job applications.

6.1 Our legal basis for processing the personal data

  1. Contractual Obligation
  2. Legitimate Business Interest

6.2 Legitimate interests pursued by us, or third parties we use

  1. Advertising job vacancies for employers and recruiters to individuals/jobseekers in order to fill the vacancies and provide employment for the said individuals/jobseekers.
  2. Maintaining a database of candidate CVs at their consent to be accessed by employers/recruiters to help fill their job vacancies and provide employment for the said candidates.


7. Sharing your Personal Information

7.1 Disclosure of your information

We do not disclose any personal information obtained about you from this website to third parties, except within the parameters of our business, e.g. sharing your CV with employers. We may also use the information to keep in contact with you and inform you of developments associated with our business. You will be given the opportunity to remove yourself from any mailing list or similar device. If at any time in the future we should wish to disclose information collected on this website to any third party, it would only be with your knowledge and consent. We may from time to time provide information of a general nature to third parties, for example, the number of individuals visiting our website or uploading their CVs, but we will not use any information that could identify those individuals.

We will not pass on your personal data to third parties without first obtaining your consent. We do not share your contact information with any third parties for marketing purposes. The following third parties will receive your personal data for the following purpose(s) as part of the processing activities and to ensure we provide you with a quality service.

Our job websites are hosted by Madgex, who manage all of our data on,,,, and When you set up an account, sign up for Email Job Alerts, upload you CV, apply for a role or post a job, Madgex collects the data. They will hold the information that you submit. will also have access to some of the information.
Madgex privacy policy:

Mailing Manager
We use Mailing Manager as an email marketing service to keep you updated with the very latest jobs and service updates. As such Mailing Manager have access to names and email addresses that we have on our database. They hold the information that you submit. will also have access to the information.
Mailing Manager privacy policy:  

We maintain our company client database on HubSpot, in order to provide you with the most relevant and up to date information. We hold company data on here as well as contact information. This is hosted on HubSpot, and accessible by staff at
HubSpot privacy policy:

Outlook Office 365
We use Outlook as an email and storage service. All emails are monitored in order to ensure that no sensitive information is shared or stored without prior notification.
Here is a link to their GDPR terms:

Data in relation to credit card payments is processed by via Stripe. does not store any credit card information or have access to it.
Stripe privacy policy:

Google Analytics
Google Analytics is used by the Careers In Group to monitor website visitor traffic and provide you with the very best service. This includes collecting website visit data from our users. You can opt out from the collection of Google’s data by installing a browser add-on from the following link:
Google Analytics privacy policy:

Our accounting service is hosted with Xero where client and supplier information is stored to enable invoices to be raised and supplier payments to be made.
Xero privacy policy: h


7.2 How do we ensure security and data protection of your information with the third party?

Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure this happens. For more information, please get in touch with us today. All of our suppliers and third party data hosts also have stringent data policies that adhere fully to the General Data Protection Regulation otherwise we would not work with them.

7.3 Transferring information outside of the EU

When we share data, it may be transferred to, and processed in, countries other than the country in which you live. Where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected. All of our suppliers and third party data hosts also have stringent data policies that adhere fully to the General Data Protection Regulation. We do not share your contact information with any third parties for marketing purposes.

7.4 Storing Your Personal Data

Our main host­ing data cen­tres are locat­ed in the EEA, cur­rent­ly in Lon­don (UK) and oth­er host­ing regions.

Trans­fers to third coun­tries and safeguards

We are an inter­na­tion­al busi­ness with a glob­al cus­tomer base. We may need to trans­fer per­son­al infor­ma­tion between any of the coun­tries we oper­ate in and to our sup­pli­ers and sub­con­trac­tors in oth­er coun­tries. We do not trans­fer any data to third coun­ties or inter­na­tion­al organ­i­sa­tions unless they are deemed by applic­a­ble law to have ade­quate pri­va­cy pro­tec­tion or rec­og­nized legal mech­a­nisms are in place to ensure ade­quate pro­tec­tion of your infor­ma­tion (e.g. EU Mod­el Con­tract Claus­es or EU-US / Swiss-US Pri­va­cy Shield frameworks).

Any inter­na­tion­al trans­fers of your per­son­al infor­ma­tion will also be sub­ject to bind­ing pri­va­cy and con­fi­den­tial­i­ty terms enabling us to ensure com­pli­ance with this Pri­va­cy Policy.

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA) that may not have the same level of protection as countries within the EEA. By way of example, this may happen where a recruitment company or client company is situated outside the EEA. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps that we consider are reasonably necessary in the interests of your data being processed securely and in accordance with this Privacy Policy when transferred outside the EEA. By submitting your information to the website, you expressly consent to such transfer of your information.

We have implemented technology and policies to safeguard your privacy from unauthorised access and improper use of any personal information you need to input before it is sent to us. Unfortunately, however, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.


8. Retaining and Deleting your Personal Data

Personal data will not be kept for longer than is necessary to provide you with the service for which you have signed up. We will keep your data all the time you have a current subscription or contract with us, unless you ask us to delete it or we have not heard from you for the duration of our data retention periods.

Our web platforms include automated data cleansing functionality for the removal of personal data relating to job applications, user profiles and CV / resume documents. If your candidate account is not updated for 3 years, your account and data will be automatically deleted. Clients, we will hold your contact information for 7 years before deleting it, unless you have asked us to delete it before this.

8.1 Data Retention Periods

Personal Data Retention period

 Candidate job application data

5 years

 CV / resume / candidate profile information

5 years

 Candidate email and contact information

5 years

 Website visitor information

50 months

 Client contact information

7 years


9. Your Rights as a Data Subject

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  1. Right of access – you have the right to request a copy of the information that we hold about you.
  2. Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  3. Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  4. Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  5. Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  6. Right to object – you have the right to object to certain types of processing such as direct marketing.
  7. Right to object to automated processing – you have the right to be subject to the legal effects of automated processing.
  8. Right to judicial review – in the event that refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below. All of the above requests will be forwarded on should there be a third party involved (as stated above) in the processing of your personal data.


10. Complaining to the Regulator

You have the right to complain to your local data protection regulator (the Information Commissioners Office (ICO) in the UK) if you have any concerns about the way that your personal information is being processed. You can contact the ICO here:

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or exercise another of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

If you have any concerns about how your data is being used, please get in touch with our Data Protection Officers at who will be happy to assist. Contact details are at the end of this page.


11. Your Consent

By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified. Consent is required for Ltd to process all types of personal data, but it must be explicitly given. You may withdraw consent at any time by contacting our Data Protection Officer. Further contact details are below should you wish to get in touch about the data we hold.


12. Cookies

12.1 About Cookies

Our website uses cookies to help provide you with the very best experience we can.

A cookie is a small piece of information in a text file that is placed onto your computer or mobile device when you visit a website. It allows the website owner to learn things about your behaviour on the website. Cookies can make websites easier and quicker to use by storing information about your preferences.

There three types of cookies dropped and collected by websites. With some exceptions (i.e. websites that fundamentally require cookies in order for website functionality – see below) from 26th May 2012, all cookies must be consented to by a site’s users.

Cookie Types:
Moderately intrusive: Embedded third-party content and social media-plugins, advertising campaign optimisation.
Minimally intrusive: Web analytics / metrics, personalised content / interface.
Website Functionality (exempt from changes to privacy regulations): Stop multiple form submissions, load balancing, transaction specific.

The Careers In Group websites collect various anonymous cookies for tracking purposes. Please see below for a full list of the cookies used on the Careers In Group websites.

12.2 Cookies we use

Madgex web platform: Used on,,,, and

Name System Purpose/Data Held Expiry
DoubleSubmit_SITENAME_ResponsiveJobSeeker JobSeeker Used to defend against cross site request forgery Session
LoginCookieCheck JobSeeker This is used during the login process to to check that user has cookies enabled Session
Logon_CandidateCVServices JobSeeker This is a session identifier for the current logged on user - GUID Session
Logon_WebSite JobSeeker/RecruiterServices This is a session identifier for the current logged on user - GUID User Session
User_CandidateCVServices JobSeeker This is a unique userID for the logged in user - GUID Session
User_WebSite JobSeeker/RecruiterServices This is a unique userID for the logged in user - GUID User Session
AnonymousUserId JobSeeker Unique id of logged out user - GUID 2 years
BrowserSession JobSeeker Multiple values uinquely identifying browser session 30 minutes
cookie-message JobSeeker To determine whether a visitor has seen the cookie banner/widget notification before (either true or false) Persistent
FixedFacetDefaults JobSeeker Search defaults, used by javascript to display facets Session
JobListing JobSeeker Used on the search pages to remember settings like Compact when they choose Less Detail etc. 1 month
JobSearchCriteria JobSeeker Previous search saved to cookie Session
Remember_MeWebSite JobSeeker base64 userId 1 month
RememberMeActivated_Website JobSeeker base64 true/false 1 month
WebSite_LatestJobSearchCount JobSeeker The count of the number of jobs found on the last page of search results 1 month
WebSite_LatestJobSearchID JobSeeker A unique reference to the search ID peformed on the jobsite. Value increments every time a search is carried out on the jobsite. 1 month
WebSite_LatestJobSearchItems JobSeeker A CSV list of the job ids displayed on the last jobs search listing page 1 month
WebSite_LatestJobSearchListingPage JobSeeker The search page number of the current list of jobs (e.g. Page 4 of 10) 1 month
WebSite_LatestJobSearchOrder JobSeeker The display order that the jobs are listed in (0=relevence,1=Date,2=Salary) 1 month
WebSite_LatestJobSearchPageSize JobSeeker The max number of jobs displayed on the job search page listing 1 month
WebSite_LatestSearchFirstJobID JobSeeker If the first job in the search is shown on the current search page, then this is it's ID. Otherwise -1. 1 month
WebSite_LatestSearchLastJobID JobSeeker If the last job in the search is shown on the current search page then this is it's ID. Otherwise -1 will be used. 1 month
WebSite_LatestSearchRecruiterID JobSeeker If the search can be linked to a recruiter then this is the recruiter ID 1 month
WebSite_SearchPageLink JobSeeker The Browse URL used to reach this search page on the jobsite. 1 month
AWSELB JobSeeker/RecruiterServices Used for AWS load balancing 15 minutes
CampaignClickThroughID JobSeeker If the user clicks on a campaign email this value will contain the Guid of that campaign. Session
iPhoneClickThroughJobID JobSeeker The jobid the user clicked on when viewing a job in the iphone app. Session
JBEClickThroughID JobSeeker The JBEID of the JBE the user clicked on Session
JBEClickThroughJobID JobSeeker The jobid the user clicked on inside the JBE. Session
JSMRI JobSeeker Insights - count of sessions and the date of the current and last sessions Persistent
RSSClickThroughJobID JobSeeker The jobid the user clicked on when viewing the RSS feed. Session
Session_CandidateCVServices JobSeeker This is used to track a candidate cv services session Session
Session_Jobseeker JobSeeker This is used to track a jobseeker session - note only initiated when a jobseeker action takes place (e.g. Search) or a user logs in Session
WidgetClickThroughDomain JobSeeker The domain the user was referred from when clicking on a widget job link. Session
WidgetClickThroughJobID JobSeeker The jobid the user clicked on when viewing the job widget. Session
RSAnonymousUserId RecruiterServices Unique id of logged out user - GUID 2 years
RSBrowserSession RecruiterServices Multiple values uinquely identifying browser session 30 minutes
RSMRI RecruiterServices Insights - count of sessions and the date of the current and last sessions Persistent


12.3 Third Party Cookies

Users of the site who wish to share the Careers In Group website content socially using Facebook, Twitter, LinkedIn, Pinterest or Reddit (the platforms which are currently enabled on the website to allow this function) may have cookies stored on their computers from these third party websites. Cookies are collected from third party sites so that you can be logged in to your account on their site and share our content simply and easily.

For more information on the cookie policies of these third party sites, please visit their websites. You will be able to control the way cookies are used when you are signed into your accounts on these sites through the privacy settings they have made available to you.

Facebook Privacy Policy (  
LinkedIn Privacy Policy (
Twitter Privacy Policy (  
Pinterest Privacy Policy (
Reddit Privacy Policy (


12.4 Managing Cookies

Some people find the idea of a website storing information on their computer or mobile device intrusive. If preferred, it is possible to block some or all cookies or even delete cookies but, as we’ve explained above, the cookies that we use help you get the most from our website services. Blocking or removing cookies may negatively impact your user experience of the site. If you do wish to disable cookies, please follow the following instructions:


13. Online Privacy Statement – Q&A

What is Personal Data?

Under the EU’s General Data Protection Regulation (GDPR), personal data is defined as:

“Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

How do you use my personal data?

This privacy notice explains in detail you how we, and the Careers In Group, will collect and use your personal data for cookies, recommended jobs, subscriptions and job applications. Should you have any further questions, please feel free to get in touch.

Why does need to collect and store personal data?

In order for us to provide you with jobs, we need to collect personal data for correspondence purposes and/or detailed service provision. This enables us to let you know about relevant roles, offers and updates. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.

Will share my personal data with anyone else?

We may pass your personal data on to third-party service providers contracted to in the course of dealing with you. Any third parties with whom we share your data are obliged to keep your information securely, and to use it only to fulfil the service they provide to you on our behalf. When they no longer need your data to fulfil this service, they will dispose of the information in line with the procedures. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.

How will use the personal data it collects about me? will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary to provide you with the service to which you have signed up. is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.

Under what circumstances will contact me?

Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions or send you information that is not relevant to you or your job search. The information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.

Can I find out the personal data that holds about me?, at your request, can confirm what information we hold about you and how it is processed. If does hold personal data about you, you can request the following information:

  • The identity and the contact details of the person or organisation that has determined how and why to process your data. In some cases, this will be a representative in the EU.
  • Contact details of the data protection officer, where applicable.
  • The purpose of the processing as well as the legal basis for processing.
  • If the processing is based on the legitimate interests of or a third party, information about those interests.
  • The categories of personal data collected, stored and processed.
  • Recipient(s) or categories of recipients to whom that the data is/will be disclosed.
  • If we intend to transfer the personal data outside of the EU, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
  • How long the data will be stored.
  • Details of your rights to correct, erase, restrict or object to such processing.
  • Information about your right to withdraw consent at any time.
  • How to lodge a complaint with the supervisory authority.
  • Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
  • The source of personal data if it wasn’t collected directly from you.
  • Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.

What forms of ID will I need to provide in order to access this? accepts the following forms of ID when information on your personal data is requested:

Passport, driving licence, birth certificate, utility bill (from last 3 months) or bank statement (from last 3 months).

We will respond to all requests within 28 days.


View our GDPR Company Statement here

View how we prepared for the GDPR in our GDPR Compliance Statement here


14. Our Details

This website is provided by Ltd, company number 05521948. Registered address:

Waverley House
9 Noel Street
United Kingdom

Tel: +44 (0)207 553 6350
Data Protection Email Address


15. Data Protection Officers & Contact

Data Protection Officer

Stephanie Oram 
Waverley House
9 Noel Street
United Kingdom

Tel: +44 (0)207 553 6350
Email Stephanie 


GDPR Owner

Simon Wright
Waverley House
9 Noel Street
United Kingdom

Tel: +44 (0)207 553 6350
Email Simon



If at any time you would like to contact us with your views about our privacy practices, or with any enquiry relating to your personal information, you can do so by sending us an email.