24th May 2018
1. About this Policy
This Policy outlines how CareersinAudit.com Ltd and the CareersinAudit Group handles your personal information. This includes the data collected, how and why we collect it, how we use it and how it is protected.
We are committed to protecting your privacy. We collect the minimum amount of information about you to be able to provide you with a satisfactory service. This Policy indicates the type of processes that may result in data being collected about you.
This policy was last updated on 24th May 2018.
2. Changes to this Policy
3. Who We Are
The websites available at www.careersinaudit.com, www.careersinrisk.com, www.careersincompliance.co.uk, www.careersincyber.com and www.careersinaudit.asia (the “Websites”) are owned and operated by CareersinAudit.com Limited (“the Group”, “we”, “our, “us”), a company registered in England and Wales under company number 05521948 with our registered office at 12 Hammersmith Grove, London, W6 7AP, United Kingdom.
For the purpose of the Data Protection Act 1998 ("the Act"), we are a data controller in respect of the user data we collect. Our data protection number is Z9221299.
Further information regarding CareersinAudit.com and the CareersinAudit Group can be found on our About Us page.
4. The Websites – An Overview
We are an independent provider of a gateway service to those seeking or offering careers in the audit, risk, compliance, cyber security and governance sectors. If you wish to register with the websites, you may create a personal account which will allow you to create a public profile and to store details of your career on the websites. If you do not wish to register, you may still use the websites to search for jobs that match your search criteria. Applying for a job will create a user account, which can be removed if required.
Recruiters, employers and other advertisers can access our candidate database (subject to a fee). You have two options regarding the level of access you wish to grant recruiters and employers to view your public profile:
- Fully Viewable: this option will allow all recruitment companies and advertisers who have subscribed to the candidate database service to view your public profile and CV and to contact you directly;
- Hidden: this option will prevent recruitment companies and advertisers that have subscribed to the websites from viewing your details.
You must review your public profile to ensure you are satisfied with how your profile will appear.
On registration as a user of the websites, and from time to time you will be offered the choice of receiving email alerts from us. You must to "opt in" to this service if you wish to receive such emails. You may change your preference at any time through the "edit preferences” section of your account or contact us. We do not pass your information to third parties for marketing purposes.
Use of the Job Boards: The websites may from time to time include chat rooms, forums, message boards, and/or news groups on which you can post information. Any information that you post in these areas becomes public information and you should always be careful when deciding to disclose your personal details as part of that information.
5. Personal Information – Collection & Use
5.1 Information collected
We may collect any or all of the information that you give us depending on the type of transaction you enter into, including your name, address, telephone number and email address, together with data about your use of our websites. Other information that may be needed from time to time to process a request may also be collected as indicated on the websites.
5.2 Information use
We use the information collected primarily to process the task for which you visited the website. Data collected in the UK is held in accordance with the Data Protection Act and the General Data Protection Regulation. All reasonable precautions are taken to prevent unauthorised access to this information. This safeguard may require you to provide additional forms of identity should you wish to obtain information about your account details.
We use the information we collect;
- to improve the user experience and better understand our users;
- to generate reports to make the site more user friendly and to determine which types of content are most appealing for our users;
- to administer the websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our websites safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- to make suggestions and recommendations to you and other users of our Websites about products or services that may interest you or them.
We use the information you give to us;
- for the purposes of making it available to prospective employers or prospective employees (as the case may be) via the internet in relation to our services, and for assisting in the recruitment process and related administration (subject to the level of access you have granted to your public profile;
- to verify your identity; administer your account(s) with us; carry out marketing analysis and obtain your views or comments on the services we provide;
- to contact you with any information we think you might be interested in, such as a monthly newsletter, job offers, new services, or training events. We will not sell your information, trade it with any other company, or use it for any other purpose other than to communicate to you offers about our own service offerings, or closely related events or opportunities we would reasonably consider you to have an interest in based on your initial or any subsequent requests;
- to send you information about our products and services, including third party job opportunities and services which we think may be of interest to you. You can ask us to stop this at any time;
- to make general improvements to the websites and to ensure that content from the websites is presented in the most effective manner for you and for your computer;
- to aggregate your information on an anonymised basis to create statistics for our own purposes.
5.3 Types of Personal Information we collect, how and why
The following types of personal data are collected and stored for processing for the normal use by the CareersinAudit Group sites and services.
|Data Type||How it is collected||Why it is collected|
Provided by data subject
To personalise any communications
Provided by data subject
For communication, job updates, service updates and for a unique identifier for user authentication
Provided by data subject
For user authentication
Provided by data subject
For candidate search, candidate view by recruiters/ employers and CMS job target filtering for tailored job communication purposes
CV / Resume
Provided by data subject
For candidate search, view and download by recruiters/ employers. For job applications
Usage data (jobs applied, jobs posted, job searches)
We collect in providing the service
For site statistics used for service improvements
Evidence of opt-ins/contact permissions and other privacy consents/unsubscribe requests
We collect in providing the service
Data subject opt-in permissions which may be used for filtering purposes and for identification. Maintained for auditing evidence in the event of an incident investigation
We collect in providing the service
For security reasons and analytical research purposes
Standard details of end user’s browser and operating system
We collect in providing the service
For analytical research and service improvements
Date and session of visit/s to website
We collect in providing the service
For session activity relating to usage data described above
6. How we use your Personal Information
We use your information to provide you with a quality job board advertising and employment service.
- We use your personal information to assist in finding you a job
- To enable you to apply for job vacancies on the sites.
- We use your personal information to help you advertise your job vacancies
- To allow you to receive job applications.
6.1 Our legal basis for processing the personal data
- Contractual Obligation
- Legitimate Business Interest
6.2 Legitimate interests pursued by us, or third parties we use
- Advertising job vacancies for employers and recruiters to individuals/jobseekers in order to fill the vacancies and provide employment for the said individuals/jobseekers.
- Maintaining a database of candidate CVs at their consent to be accessed by employers/recruiters to help fill their job vacancies and provide employment for the said candidates.
7. Sharing your Personal Information
7.1 Disclosure of your information
We do not disclose any personal information obtained about you from this website to third parties, except within the parameters of our business, e.g. sharing your CV with employers. We may also use the information to keep in contact with you and inform you of developments associated with our business. You will be given the opportunity to remove yourself from any mailing list or similar device. If at any time in the future we should wish to disclose information collected on this website to any third party, it would only be with your knowledge and consent. We may from time to time provide information of a general nature to third parties, for example, the number of individuals visiting our website or uploading their CVs, but we will not use any information that could identify those individuals.
We will not pass on your personal data to third parties without first obtaining your consent. We do not share your contact information with any third parties for marketing purposes. The following third parties will receive your personal data for the following purpose(s) as part of the processing activities and to ensure we provide you with a quality service.
Four of our job websites are hosted by Madgex, who manage all of our data on CareersinAudit.com, CareersinRisk.com, CareersinCyber.com, CareersinCompliance.co.uk and CareersinAudit.asia. When you set up an account, sign up for Email Job Alerts, upload you CV, apply for a role or post a job, Madgex collects the data. They will hold the information that you submit. CareersinAudit.com will also have access to some of the information.
We use Mailing Manager as an email marketing service to keep you updated with the very latest jobs and service updates. As such Mailing Manager have access to names and email addresses that we have on our database. They hold the information that you submit. CareersinAudit.com will also have access to the information.
We maintain our company client database on Zoho, in order to provide you with the most relevant and up to date information. We hold company data on here as well as contact information. This is hosted on Zoho, and accessible by staff at CareersinAudit.com.
Outlook Office 365
We use Outlook as an email and storage service. All emails are monitored in order to ensure that no sensitive information is shared or stored without prior notification.
Here is a link to their GDPR terms:
Data in relation to credit card payments is processed by CareersinAudit.com via Pay360. CareersinAudit.com does not store any credit card information or have access to it.
Google Analytics is used by the CareersinAudit Group to monitor website visitor traffic and provide you with the very best service. This includes collecting website visit data from our users. You can opt out from the collection of Google’s data by installing a browser add-on from the following link: https://tools.google.com/dlpage/gaoptout.
Our accounting service is hosted with Xero where client and supplier information is stored to enable invoices to be raised and supplier payments to be made.
7.2 How do we ensure security and data protection of your information with the third party?
Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure this happens. For more information, please get in touch with us today. All of our suppliers and third party data hosts also have stringent data policies that adhere fully to the General Data Protection Regulation otherwise we would not work with them.
7.3 Transferring information outside of the EU
When we share data, it may be transferred to, and processed in, countries other than the country in which you live. Where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected. All of our suppliers and third party data hosts also have stringent data policies that adhere fully to the General Data Protection Regulation. We do not share your contact information with any third parties for marketing purposes.
7.4 Storing Your Personal Data
We have implemented technology and policies to safeguard your privacy from unauthorised access and improper use of any personal information you need to input before it is sent to us. Unfortunately, however, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
8. Retaining and Deleting your Personal Data
Personal data will not be kept for longer than is necessary to provide you with the service for which you have signed up. We will keep your data all the time you have a current subscription or contract with us, unless you ask us to delete it or we have not heard from you for the duration of our data retention periods.
Our web platforms include automated data cleansing functionality for the removal of personal data relating to job applications, user profiles and CV / resume documents. If your candidate account is not updated for 3 years, your account and data will be automatically deleted. Clients, we will hold your contact information for 7 years before deleting it, unless you have asked us to delete it before this.
8.1 Data Retention Periods
|Personal Data||Retention period|
Candidate job application data
CV / resume / candidate profile information
Candidate email and contact information
Website visitor information
Client contact information
9. Your Rights as a Data Subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing – you have the right to be subject to the legal effects of automated processing.
- Right to judicial review – in the event that CareersinAudit.com refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below. All of the above requests will be forwarded on should there be a third party involved (as stated above) in the processing of your personal data.
10. Complaining to the Regulator
You have the right to complain to your local data protection regulator (the Information Commissioners Office (ICO) in the UK) if you have any concerns about the way that your personal information is being processed. You can contact the ICO here: https://ico.org.uk/
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or exercise another of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
If you have any concerns about how your data is being used, please get in touch with our Data Protection Officers at CareersinAudit.com who will be happy to assist. Contact details are at the end of this page.
11. Your Consent
By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified. Consent is required for CareersinAudit.com Ltd to process all types of personal data, but it must be explicitly given. You may withdraw consent at any time by contacting our Data Protection Officer (firstname.lastname@example.org). Further contact details are below should you wish to get in touch about the data we hold.
12.1 About Cookies
A cookie is a small piece of information in a text file that is placed onto your computer or mobile device when you visit a website. It allows the website owner to learn things about your behaviour on the website. Cookies can make websites easier and quicker to use by storing information about your preferences.
There three types of cookies dropped and collected by websites. With some exceptions (i.e. websites that fundamentally require cookies in order for website functionality – see below) from 26th May 2012, all cookies must be consented to by a site’s users.
Moderately intrusive: Embedded third-party content and social media-plugins, advertising campaign optimisation.
Minimally intrusive: Web analytics / metrics, personalised content / interface.
Website Functionality (exempt from changes to privacy regulations): Stop multiple form submissions, load balancing, transaction specific.
The CareersinAudit Group websites collect various anonymous cookies for tracking purposes. Please see below for a full list of the cookies used on the CareersinAudit Group websites.
12.2 Cookies we use
Madgex web platform 1:
Used on CareersinAudit.com, CareersinRisk.com, CareersinCompliance.co.uk & CareersinAudit.asia.
|DoubleSubmit_SITENAME_ResponsiveJobSeeker||JobSeeker||Used to defend against cross site request forgery||Session|
|LoginCookieCheck||JobSeeker||This is used during the login process to to check that user has cookies enabled||Session|
|Logon_CandidateCVServices||JobSeeker||This is a session identifier for the current logged on user - GUID||Session|
|Logon_WebSite||JobSeeker/RecruiterServices||This is a session identifier for the current logged on user - GUID||User Session|
|User_CandidateCVServices||JobSeeker||This is a unique userID for the logged in user - GUID||Session|
|User_WebSite||JobSeeker/RecruiterServices||This is a unique userID for the logged in user - GUID||User Session|
|AnonymousUserId||JobSeeker||Unique id of logged out user - GUID||2 years|
|BrowserSession||JobSeeker||Multiple values uinquely identifying browser session||30 minutes|
|cookie-message||JobSeeker||To determine whether a visitor has seen the cookie banner/widget notification before (either true or false)||Persistent|
|JobListing||JobSeeker||Used on the search pages to remember settings like Compact when they choose Less Detail etc.||1 month|
|JobSearchCriteria||JobSeeker||Previous search saved to cookie||Session|
|Remember_MeWebSite||JobSeeker||base64 userId||1 month|
|RememberMeActivated_Website||JobSeeker||base64 true/false||1 month|
|WebSite_LatestJobSearchCount||JobSeeker||The count of the number of jobs found on the last page of search results||1 month|
|WebSite_LatestJobSearchID||JobSeeker||A unique reference to the search ID peformed on the jobsite. Value increments every time a search is carried out on the jobsite.||1 month|
|WebSite_LatestJobSearchItems||JobSeeker||A CSV list of the job ids displayed on the last jobs search listing page||1 month|
|WebSite_LatestJobSearchListingPage||JobSeeker||The search page number of the current list of jobs (e.g. Page 4 of 10)||1 month|
|WebSite_LatestJobSearchOrder||JobSeeker||The display order that the jobs are listed in (0=relevence,1=Date,2=Salary)||1 month|
|WebSite_LatestJobSearchPageSize||JobSeeker||The max number of jobs displayed on the job search page listing||1 month|
|WebSite_LatestSearchFirstJobID||JobSeeker||If the first job in the search is shown on the current search page, then this is it's ID. Otherwise -1.||1 month|
|WebSite_LatestSearchLastJobID||JobSeeker||If the last job in the search is shown on the current search page then this is it's ID. Otherwise -1 will be used.||1 month|
|WebSite_LatestSearchRecruiterID||JobSeeker||If the search can be linked to a recruiter then this is the recruiter ID||1 month|
|WebSite_SearchPageLink||JobSeeker||The Browse URL used to reach this search page on the jobsite.||1 month|
|AWSELB||JobSeeker/RecruiterServices||Used for AWS load balancing||15 minutes|
|CampaignClickThroughID||JobSeeker||If the user clicks on a campaign email this value will contain the Guid of that campaign.||Session|
|iPhoneClickThroughJobID||JobSeeker||The jobid the user clicked on when viewing a job in the iphone app.||Session|
|JBEClickThroughID||JobSeeker||The JBEID of the JBE the user clicked on||Session|
|JBEClickThroughJobID||JobSeeker||The jobid the user clicked on inside the JBE.||Session|
|JSMRI||JobSeeker||Insights - count of sessions and the date of the current and last sessions||Persistent|
|RSSClickThroughJobID||JobSeeker||The jobid the user clicked on when viewing the RSS feed.||Session|
|Session_CandidateCVServices||JobSeeker||This is used to track a candidate cv services session||Session|
|Session_Jobseeker||JobSeeker||This is used to track a jobseeker session - note only initiated when a jobseeker action takes place (e.g. Search) or a user logs in||Session|
|WidgetClickThroughDomain||JobSeeker||The domain the user was referred from when clicking on a widget job link.||Session|
|WidgetClickThroughJobID||JobSeeker||The jobid the user clicked on when viewing the job widget.||Session|
|RSAnonymousUserId||RecruiterServices||Unique id of logged out user - GUID||2 years|
|RSBrowserSession||RecruiterServices||Multiple values uinquely identifying browser session||30 minutes|
|RSMRI||RecruiterServices||Insights - count of sessions and the date of the current and last sessions||Persistent|
Madgex web platform 2:
Used on CareersinCyber.com.
|SITENAME_JobSeekerSiteSession||JobSeeker||Unique id of logged out user. GUID.||Session|
|AnonId||JobSeeker/RecruiterServices||Unique id of logged out user. GUID.||2 years|
|_ga||JobSeeker/RecruiterServices||Google Analytics data. String.||2 years|
|_gat||JobSeeker/RecruiterServices||Google Analytics data. Integer.||24 hours|
|_gid||JobSeeker/RecruiterServices||Google Analytics data. String.||1 minute|
|_dc_gtm_GACODE||JobSeeker/RecruiterServices||Google Analytics data. String.|
|ljs-lang||JobSeeker||Stores the current culture value, e.g. 'en'. String.||Session|
|bab_locale||JobSeeker||Stores the current culture value, e.g. 'en'. String.||Session|
|bab_original||JobSeeker||Stores the current culture value, e.g. 'en'. String.||Session|
|oidc_st||JobSeeker||OpenID state. String.||3 minutes|
|lts_js_SITENAME||JobSeeker||Timestamp cookie to store authorised user data (authorisation, session and remember me). String.||Session|
|l_js_SITENAME||JobSeeker||Logon cookie to store authorised user data (authorisation, session and remember me). String.||Session|
|AWSALB||JobSeeker/RecruiterServices||AWS information. String.|
|AWSELB||JobSeeker/RecruiterServices||AWS information. String.|
|SITENAME_RecruiterSiteSession||RecruiterServices||Unique id of logged out user. GUID.||Session|
|l_rs_SITENAME||RecruiterServices||Logon cookie to store authorised user data (authorisation, session and remember me). String.||Session|
|lts_rs_SITENAME||RecruiterServices||Timestamp cookie to store authorised user data (authorisation, session and remember me). String.||Session|
|rsp_SITENAME||RecruiterServices||Stores selectable product information. String.||Session|
12.3 Third Party Cookies
Users of the site who wish to share the CareersinAudit Group website content socially using Facebook, Twitter, LinkedIn, Pinterest or Reddit (the platforms which are currently enabled on the website to allow this function) may have cookies stored on their computers from these third party websites. Cookies are collected from third party sites so that you can be logged in to your account on their site and share our content simply and easily.
For more information on the cookie policies of these third party sites, please visit their websites. You will be able to control the way cookies are used when you are signed into your accounts on these sites through the privacy settings they have made available to you.
12.4 Managing Cookies
Some people find the idea of a website storing information on their computer or mobile device intrusive. If preferred, it is possible to block some or all cookies or even delete cookies but, as we’ve explained above, the cookies that we use help you get the most from our website services. Blocking or removing cookies may negatively impact your user experience of the site. If you do wish to disable cookies, please follow the following instructions: http://www.allaboutcookies.org/manage-cookies/
13. CareersinAudit.com Online Privacy Statement – Q&A
What is Personal Data?
Under the EU’s General Data Protection Regulation (GDPR), personal data is defined as:
“Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
How do you use my personal data?
This privacy notice explains in detail you how we, CareersinAudit.com and the CareersinAudit Group, will collect and use your personal data for cookies, recommended jobs, subscriptions and job applications. Should you have any further questions, please feel free to get in touch.
Why does CareersinAudit.com need to collect and store personal data?
In order for us to provide you with jobs, we need to collect personal data for correspondence purposes and/or detailed service provision. This enables us to let you know about relevant roles, offers and updates. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
Will CareersinAudit.com share my personal data with anyone else?
We may pass your personal data on to third-party service providers contracted to CareersinAudit.com in the course of dealing with you. Any third parties with whom we share your data are obliged to keep your information securely, and to use it only to fulfil the service they provide to you on our behalf. When they no longer need your data to fulfil this service, they will dispose of the information in line with the CareersinAudit.com procedures. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
How will CareersinAudit.com use the personal data it collects about me?
CareersinAudit.com will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary to provide you with the service to which you have signed up. CareersinAudit.com is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.
Under what circumstances will CareersinAudit.com contact me?
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions or send you information that is not relevant to you or your job search. The information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.
Can I find out the personal data that CareersinAudit.com holds about me?
CareersinAudit.com, at your request, can confirm what information we hold about you and how it is processed. If CareersinAudit.com does hold personal data about you, you can request the following information:
- The identity and the contact details of the person or organisation that has determined how and why to process your data. In some cases, this will be a representative in the EU.
- Contact details of the data protection officer, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of CareersinAudit.com or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients to whom that the data is/will be disclosed.
- If we intend to transfer the personal data outside of the EU, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority.
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
What forms of ID will I need to provide in order to access this?
CareersinAudit.com accepts the following forms of ID when information on your personal data is requested:
Passport, driving licence, birth certificate, utility bill (from last 3 months) or bank statement (from last 3 months).
We will respond to all requests within 28 days.
View our GDPR Company Statement here
View how we prepared for the GDPR in our GDPR Compliance Statement here
14. Our Details
This website is provided by CareersinAudit.com Ltd, company number 05521948.
12 Hammersmith Grove
Tel: +44 (0)207 553 6350
15. Data Protection Officers & Contact
Data Protection Officer GDPR Owner
Elizabeth Cracknell Simon Wright
12 Hammersmith Grove 12 Hammersmith Grove
W6 7AP W6 7AP
Tel: +44 (0)207 553 6350 +44 (0)207 553 6351
If at any time you would like to contact us with your views about our privacy practices, or with any enquiry relating to your personal information, you can do so by sending us an email.