Flag icon ie
EuropeFlag icon ItalyItalyFlag icon FranceFranceFlag icon SpainSpainFlag icon PortugalPortugalFlag icon PolandPolandFlag icon BulgariaBulgariaFlag icon Czech republicCzech republicFlag icon SlovakiaSlovakiaFlag icon RomaniaRomaniaFlag icon TurkeyTurkeyFlag icon LithuaniaLithuaniaFlag icon GermanyGermanyFlag icon MontenegroMontenegroFlag icon NetherlandsNetherlandsFlag icon SerbiaSerbiaFlag icon SwitzerlandSwitzerlandFlag icon United KingdomUnited KingdomFlag icon CroatiaCroatiaFlag icon HungaryHungaryFlag icon BelgiumBelgiumFlag icon LuxembourgLuxembourgFlag icon IrelandIrelandFlag icon NorwayNorwayFlag icon DenmarkDenmarkLatin AmericaFlag icon BrazilBrazilFlag icon ArgentinaArgentinaFlag icon ColombiaColombiaAsiaFlag icon IndiaIndiaFlag icon ChinaChinaFlag icon Hong KongHong Kong

Data Privacy Notice

Last updated: 15/12/25

Gi Group is committed to protecting and respecting your privacy. This Data Privacy Notice explains how we collect, use, store and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and applicable Irish data protection laws. This notice applies to all candidates, clients and other individuals whose data we process.

Who we are

Gi Group Recruitment Ireland Limited, registration number 744968, is a recruitment agency operating in the Republic of Ireland. Our registered office is located at River House, Blackpool Retail Park, Blackpool, Cork, T23 R5TF, Ireland. We act as a data controller when processing your personal data and are referred to in this notice as “THE ORGANISATION”.

If you have any questions regarding this notice, please contact us at uk.privacy@gigroup.com.

Gi Group has appointed a Data Protection Officer (DPO), who can be contacted at uk.privacy@gigroup.com.

For any enquiries about this privacy notice, or to exercise any rights under this notice, please email uk.privacy@gigroup.com.

What personal data we collect

We may collect and process the following categories of personal data:

  • Candidate data: Name, contact details such as email address, phone number and address, CV or resume, employment history, education details, skills, qualifications, references, salary expectations and any other information you voluntarily provide to us.
  • Client data: Contact details of client representatives, business details, contract information and relevant communications.
  • Sensitive personal data (special categories): Where necessary and only with your explicit consent, we may process sensitive information under GDPR Article 9 exceptions, such as for employment law, social welfare, legal claims, public health, vital interests or substantial public interest, while ensuring strong safeguards and compliance with Irish data protection law.

Furthermore, to carry out certain data processing activities for sending you marketing messages by automated means, for example email, as described in this notice, THE ORGANISATION may ask for your consent as the legal basis.

How we collect your data

We collect your personal data through:

  • Direct interactions, for example when you submit your CV, register on our website or contact us.
  • Online job boards and professional networking platforms, for example LinkedIn.
  • Referrals or recommendations from third parties.
  • Publicly accessible sources.

Why we process your personal data

We process your personal data for the following purposes and on the following legal bases:

  • To provide recruitment services, such as matching candidates to job opportunities, on the basis of performance of a contract.
  • To comply with legal obligations, for example verifying your right to work in Ireland.
  • For legitimate business interests, such as improving our services and maintaining records.
  • With your explicit consent where required, for example to process sensitive data or retain your CV for future opportunities.

Who we share your data with

Your personal data may be shared with the following parties:

  • Prospective employers or clients for recruitment purposes.
  • Trusted third party service providers, such as IT support, payroll processing or background check providers.
  • Regulatory or legal authorities where required by law.

We ensure that all third parties comply with the GDPR and handle your data securely.

International data transfers

If we transfer your personal data outside the European Economic Area, we will ensure that appropriate safeguards, such as Standard Contractual Clauses, are in place to protect your data. Your information may also be shared internally, including between companies in THE ORGANISATION’s group, members of the People and Recruitment team and IT staff, where access to the data is necessary for the performance of their roles.

Data provided within our platform MyGiGroup will be made available to Gi Group Holdings Recruitment Ltd, registered company number 07577190, and its subsidiaries, to allow candidates to speed up the registration procedure to the reserved areas of the respective portals of these companies, which act as independent data controllers within the Gi Group group of companies.

THE ORGANISATION may share your data with third parties to obtain references from other employers, obtain employment background checks from third party providers and obtain necessary criminal records checks through Garda vetting. THE ORGANISATION may also share your data with third parties in the context of a sale of some or all of its business, or with THE ORGANISATION’s clients in relation to providing services related to finding suitable workers. In those circumstances, the data will be subject to confidentiality arrangements.

We also use a trusted third party service provider, Jobg8 Ltd, to help us send job alerts to candidates who have opted in to receive these updates. Where you sign up for job alerts via our website or other registration points, your email address and relevant preferences may be shared with Jobg8 solely for the purpose of delivering these alerts. Jobg8 acts as a data processor on behalf of THE ORGANISATION and adheres to its own privacy policy, which can be found at Jobg8 Privacy.

The Data Protection Commission (DPC) of Ireland plays a critical role in regulating and supervising data protection compliance within Ireland and, by extension, the European Union. When it comes to international data transfers, the DPC operates within the framework of the GDPR, specifically Chapter V, Articles 44 to 50.

GDPR and international data transfers

Under Chapter V of the GDPR, international transfers of personal data to countries outside the European Economic Area must ensure that the level of data protection is equivalent to that within the European Union. The DPC enforces these rules in Ireland and oversees compliance by organisations.

Mechanisms for international data transfers

The DPC ensures that organisations use one of the following lawful mechanisms for international data transfers:

a. Adequacy decisions (Article 45 GDPR)

  • The European Commission may determine that a third country, territory or international organisation ensures an adequate level of data protection. Transfers to such countries are permitted without further authorisation.
  • Examples include Japan, the United Kingdom and Canada for commercial organisations.
  • The DPC monitors compliance with these adequacy decisions and assists organisations in determining their applicability.

b. Appropriate safeguards (Article 46 GDPR)

If no adequacy decision exists, organisations must implement appropriate safeguards to protect data. The DPC monitors and provides guidance on the use of these safeguards, which include:

  • Standard Contractual Clauses (SCCs): Pre approved contractual clauses ensuring data protection.
  • Binding Corporate Rules (BCRs): Internal rules for multinational companies to transfer data within their corporate group. BCRs must be approved by the DPC or another EU Data Protection Authority.
  • Codes of Conduct and Certification Mechanisms: These mechanisms are encouraged by the DPC as alternative safeguards.

Data retention

We will retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The Gi Group Data Retention Policy can be requested by emailing uk.privacy@gigroup.com.

Your data protection rights

Under the GDPR, you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request corrections to inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data where applicable.
  • Restriction: Request that we limit the processing of your data.
  • Data portability: Receive your data in a structured, commonly used, machine readable format.
  • Objection: Object to the processing of your data for certain purposes, for example direct marketing.
  • Withdraw consent: Withdraw your consent at any time where processing is based on consent.

You can make a subject access request by completing THE ORGANISATION’s SAR form or by emailing uk.privacy@gigroup.com.

You may request at any time that we stop using your personal data for direct marketing purposes or unsubscribe from our marketing communications. To do this, please click the “Unsubscribe” link at the bottom of our emails or update your preferences on your online registration portal.

To exercise your rights, please contact us at uk.privacy@gigroup.com. We aim to respond to all requests within one month.

How we protect your data

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss or misuse. This includes secure storage systems, encryption and regular staff training on data protection.

Cookies

A cookie is a small text file or piece of code which often includes a unique identifier that is sent to your computer, tablet or mobile phone browser from a website’s computer and is stored on your device. A cookie cannot read data on your hard disk or read cookie files created by other sites. Cookies do not damage your system.

Each website can send its own cookie to your browser if your browser preferences allow it. Many websites do this whenever a user visits in order to track online traffic flows. You can manage your cookie preferences through the dedicated area on our website. When you visit the website for the first time, or return after one year, a cookie banner appears at the bottom of the website. This allows you to accept all cookies, reject cookies other than those essential for our website to work, or manage your cookie preferences.

You can also set your browser to block cookies generally or to alert you when a cookie is being set. Please note that if you choose not to accept our cookies, some features of our site may not function as intended.

We only use cookies for website administration purposes and to give us information about the number of visitors to different parts of our website.

Changes to this privacy notice

We may update this notice periodically to reflect changes in our practices or legal requirements. The latest version will always be available on our website.

Offensive or inappropriate content

If you post or send offensive, inappropriate or objectionable content anywhere on any Gi Group or associated company platforms or to THE ORGANISATION, or otherwise engage in disruptive behaviour on any of THE ORGANISATION’s services, THE ORGANISATION may use your personal information to stop such behaviour.

Where THE ORGANISATION reasonably believes that you are, or may be, in breach of any applicable laws, for example because content you have posted may be defamatory, the company may use your personal information to inform relevant third parties, such as law enforcement agencies, about the content and your behaviour.

Links

THE ORGANISATION’s website or other online services may contain hyperlinks to websites owned and operated by third parties. These third party websites have their own privacy policies and are also likely to use cookies. They will govern the use of personal information you submit, which may also be collected by cookies while visiting these websites. We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk. This Privacy Notice applies only to personal data collected by THE ORGANISATION and to how THE ORGANISATION processes personal data.

Automated decision-making

We do not make decisions about candidates, website users or other individuals based on automated decision-making.

Contact and complaints

If you have any questions or concerns regarding this notice or how we process your data, please contact us at uk.privacy@gigroup.com.

If you are not satisfied with our response, you have the right to lodge a complaint with the Data Protection Commission in Ireland:

Website: www.dataprotection.ie
Phone: +353 57 868 4800

Signed: Paulo Canoa – Regional Head UK, Ireland and Netherlands, Country Manager UK and Ireland

Date: December 2025