ODN Group Privacy Policy

Last updated: 02/09/2025

ODN Group (“we”, “our”, “us”) is committed to protecting the privacy and personal data of all individuals we interact with, including candidates, clients, business partners, and employees. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in connection with our recruitment services, talent systems and process optimisation, and talent data reporting solutions.

This Policy is designed to comply with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, and other applicable global privacy laws (including, where relevant, the California Consumer Privacy Act (CCPA) and similar legislation).

1. Information We Collect

We may collect and process the following categories of personal information:

  • Candidate Information: Name, contact details, CV/resume, employment history, education, skills, qualifications, references, right-to-work documents, and any other information provided during recruitment processes.

  • Client and Business Partner Information: Contact details, role/title, company information, and communications relating to services provided.

  • System & Process Data: Information provided by clients to optimise their HR or recruitment systems and workflows.

  • Talent Data Reporting Information: Aggregated and anonymised workforce or recruitment data used for reporting, benchmarking, and analysis.

  • Technical Data: IP addresses, device identifiers, and system usage information when interacting with our platforms or services.

2. How We Use Personal Information

We process personal information for the following purposes:

  • Recruitment Services: To source, evaluate, and place candidates with clients.

  • Talent Systems & Process Optimisation: To analyse and enhance recruitment processes, HR systems, and workflows.

  • Talent Data Reporting: To create data insights and reports (typically anonymised or aggregated) for clients.

  • Contractual Obligations: To provide services as agreed with our clients and candidates.

  • Compliance & Legal Obligations: To meet regulatory requirements, prevent fraud, and ensure lawful operations.

  • Business Operations: To manage internal processes, communications, and IT systems.

3. Legal Basis for Processing

In compliance with GDPR and other applicable laws, we rely on the following legal bases:

  • Consent: When candidates or clients explicitly agree to certain uses of their data.

  • Contractual Necessity: When processing is required to fulfil our agreements with clients or candidates.

  • Legitimate Interests: To provide and improve services, ensure security, and conduct analytics (balanced against individual rights).

  • Legal Obligations: To comply with applicable employment, business, and data protection laws.

4. Data Sharing & Disclosure

We may share personal information with:

  • Clients: Candidate information may be shared with clients for recruitment and placement purposes.

  • Service Providers: Third-party vendors who support IT, data processing, background checks, or other operational services.

  • Legal & Regulatory Bodies: Where required by law, regulation, or legal process.

  • Business Transfers: In the event of a merger, acquisition, or restructuring.

We do not sell personal information to third parties.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law or to establish, exercise, or defend legal claims. Recruitment data may be retained for future placement opportunities, subject to applicable laws and individual rights.

6. Data Security

We implement appropriate technical, organisational, and administrative measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. However, no transmission of information via the internet can be guaranteed as completely secure.

7. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), the UK, or other jurisdictions with data protection laws, we ensure adequate safeguards are in place in line with applicable regulations, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.

  • The UK International Data Transfer Agreement (IDTA) or Addendum.

  • Other legally recognised transfer mechanisms.

8. Your Rights

Depending on applicable law, individuals may have the following rights:

  • Access to personal information we hold about you.

  • Correction of inaccurate or incomplete information.

  • Deletion of your information (“right to be forgotten”).

  • Restriction of certain processing.

  • Data Portability to receive your data in a structured, machine-readable format.

  • Objection to processing, including for legitimate interests or direct marketing.

  • Withdrawal of Consent (where processing is based on consent).

  • Lodge a Complaint with a relevant supervisory authority.

To exercise these rights, please contact us (see Section 10 below).

9. Cookies & Tracking

Our websites and platforms may use cookies and similar technologies to enhance user experience, analyse usage, and improve services. You can manage cookie preferences through your browser settings.

10. Data Protection Officer (DPO) & Contact Information

We have appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws.

Data Protection Officer – ODN Group
Email: dpo@odn-group.com

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website with an updated effective date.

About Us

RECRUITMENT

privacy policy

© 2025. All rights reserved.

Candidates
Employers
Data Safety

Services

Who we are

Terms of Service

Referrals

Referrals