Privacy Policy for Research

About this Policy

Here at Madgex, we are committed to protecting the privacy and security of your personal information. This policy explains what we collect, how and why we collect it, how we use it and how it is protected.

This policy was last updated on November 21st 2019. We may change the policy from time to time so please revisit this page to ensure you’re still happy.

Who we are

We’re Madgex, the mar­ket-lead­­ing career tech­nol­o­gy and solu­tions provider and we’re formed of Madgex Ltd oper­at­ing from the UK and Toron­to and Madgex Inc oper­at­ing from the USA.

Under the terms of GDPR for the pur­pos­es of UX Research, Madgex Ltd acts as the Data Con­troller’, the com­pa­ny which man­ages and decides why and how your person­al infor­ma­tion is processed. This Pri­va­cy Pol­i­cy sets out how we man­age and pro­tect that data.

What we col­lect and how we use it

The Madgex research team con­tin­u­al­ly keep in touch with both recruiter and job­seek­er audi­ences, by run­ning research stud­ies and projects. This way we can be sure our prod­ucts best serve the peo­ple that use them and that we con­tin­u­al­ly improve the user experience.

The type of per­son­al data we col­lect includes:

  • Con­tact infor­ma­tion, such email, tele­phone number
  • Per­son­al infor­ma­tion, such as name and gender
  • Loca­tion
  • Employ­ment infor­ma­tion and preferences
  • Pho­tos, video, audio and screen­shots (with consent)

What we use it for

Madgex will use your per­son­al data for the pri­ma­ry pur­pose of research, to man­age and improve our prod­ucts & ser­vices. Your par­tic­i­pa­tion in research, togeth­er with your indi­vid­ual respons­es to research ques­tions will be kept strict­ly con­fi­den­tial. We will not share per­son­al infor­ma­tion from research with third parties. 

If you take part in research oppor­tu­ni­ties, we will use the con­tact infor­ma­tion you pro­vide to get back to you as soon as pos­si­ble or send you ser­vice relat­ed announce­ments. Any per­son­al infor­ma­tion and data col­lect­ed and processed is done so in line with the UK Data Pro­tec­tion Act 2018

Through con­sent you have express­ly agreed to our use of your per­son­al information.

If you have any ques­tions about the law­ful basis on which we are pro­cess­ing your per­son­al data, please con­tact us.

Will we ever share your information?

We may need to dis­close your per­son­al infor­ma­tion to third par­ties (pro­vid­ed that they are bound by appro­pri­ate oblig­a­tions to safe­guard your infor­ma­tion) as follows:

  • To our employ­ees, offi­cers, insur­ers, pro­fes­sion­al advi­sors, agents, sup­pli­ers or sub­con­trac­tors to the extent that it is rea­son­ably nec­es­sary to do so for the above per­mit­ted purposes;
  • If we are required to do so by law or in any legal proceedings;
  • If we need to for fraud pre­ven­tion or to pro­tect the rights, prop­er­ty or safe­ty of us, our cus­tomers or others.
  • To third par­ties wish­ing to pur­chase our busi­ness or assets.
  • We will not share your per­son­al infor­ma­tion with third par­ties for the pur­pos­es of fur­ther mar­ket­ing. We’re good like that.

Where are we stor­ing your data?

The main host­ing data cen­tres are locat­ed in the EEA.

Trans­fers to third coun­tries and safeguards

We are an inter­na­tion­al busi­ness with a glob­al cus­tomer base. We may need to trans­fer per­son­al infor­ma­tion between any of the coun­tries we oper­ate in and to our sup­pli­ers and sub­con­trac­tors in oth­er coun­tries. We do not trans­fer any data to third coun­tries or inter­na­tion­al organ­i­sa­tions unless they are deemed by applic­a­ble law to have ade­quate pri­va­cy pro­tec­tion or rec­og­nized legal mech­a­nisms are in place to ensure ade­quate pro­tec­tion of your infor­ma­tion (e.g. EU Mod­el Con­tract Claus­es or EU-US Pri­va­cy Shield or Swiss-US Pri­va­cy Shield frameworks).

Any inter­na­tion­al trans­fers of your per­son­al infor­ma­tion will also be sub­ject to bind­ing pri­va­cy and con­fi­den­tial­i­ty terms enabling us to ensure com­pli­ance with this Pri­va­cy Policy.

How do we pro­tect your information?

We take Data Secu­ri­ty very seri­ous­ly, in fact, we pride our­selves on it.

We reg­u­lar­ly review our infor­ma­tion col­lec­tion, stor­age and pro­cess­ing prac­tices, includ­ing phys­i­cal secu­ri­ty mea­sures, to guard against unau­tho­rised access.

We restrict access to per­son­al infor­ma­tion to our employ­ees, con­trac­tors and agents on a need-to-know basis and ensure that they are sub­ject to con­trac­tu­al con­fi­den­tial­i­ty oblig­a­tions and may be dis­ci­plined or ter­mi­nat­ed if they fail to meet those obligations.

We will only ever work with trust­ed third par­ties, hav­ing first com­plet­ed due dili­gence, to ensure they also enforce an ade­quate lev­el of data secu­ri­ty to pro­tect your information.

We have mul­ti­ple lay­ers of secu­ri­ty in place to pro­tect the secu­ri­ty of our clients and their clients’ infor­ma­tion. Details of these mea­sures may be pro­vid­ed upon request.

How long do we hold your infor­ma­tion for?

We will only hold your infor­ma­tion for as long as is nec­es­sary for the pur­pos­es of research and analysis. 

Where audio or video record­ing is nec­es­sary for research, con­sent will be obtained first and can be with­drawn at any point lat­er. We will auto­mat­i­cal­ly delete audio and video record­ings after 5 years.

What are your rights?

We regard the prin­ci­ples of GDPR as the gold stan­dard in Data Pro­tec­tion and there­fore will extend the rights out­lined below to all our glob­al con­tacts, regard­less of whether you’re with­in the ter­ri­to­r­i­al scope of GDPR.

You have sev­er­al rights as a data sub­ject as sum­marised below:

Access:

You have the right to obtain con­fir­ma­tion as to whether your per­son­al infor­ma­tion is being processed by us and, if it is, to access your infor­ma­tion and details of how we process it, as long as this does not adverse­ly affect the rights and free­doms of others.

Rec­ti­fi­ca­tion:

We will rec­ti­fy any errors in the per­son­al infor­ma­tion we hold on request.

Era­sure:

In addi­tion to any Madgex func­tion­al­i­ty that enables you to delete infor­ma­tion, you may ask us to erase your per­son­al infor­ma­tion from our sys­tems in the fol­low­ing situations:

  • The infor­ma­tion is no longer nec­es­sary in rela­tion to the pur­pose for which it was collected;
  • You with­draw your con­sent on which the pro­cess­ing is based and where there is no oth­er legal ground for the processing;
  • You object to the pro­cess­ing and there are no over­rid­ing legit­i­mate grounds for the processing;
  • The infor­ma­tion has been unlaw­ful­ly processed;
  • The infor­ma­tion has to be erased for com­pli­ance with a legal oblig­a­tion to which we are subject.
  • Right to restrict pro­cess­ing: You have the right to restrict our pro­cess­ing on spec­i­fied grounds.

Noti­fi­ca­tion:

Where you have asked us to rec­ti­fy, erase or restrict pro­cess­ing of your infor­ma­tion, we shall com­mu­ni­cate the same to each recip­i­ent to whom your infor­ma­tion has been dis­closed, unless this proves impos­si­ble or involves dis­pro­por­tion­ate effort, in which case we shall let you know.

Data porta­bil­i­ty:

You have the right in spe­cif­ic cir­cum­stances where pro­cess­ing is based on con­sent to receive your infor­ma­tion in a struc­tured, com­mon­ly used and machine-read­­able for­mat and have the right to trans­mit the infor­ma­tion to anoth­er con­troller with­out hin­drance, pro­vid­ed that our pro­cess­ing is car­ried out by auto­mat­ed means.

Right to object:

In cer­tain cir­cum­stances you have the right to object to our pro­cess­ing of your infor­ma­tion, includ­ing in rela­tion to pro­fil­ing, direct mar­ket­ing or sci­en­tif­ic or his­tor­i­cal research purposes.

Auto­mat­ed indi­vid­ual deci­sion making:

You have the right not to be sub­ject to a deci­sion based sole­ly on auto­mat­ed pro­cess­ing, includ­ing pro­fil­ing, which pro­duces legal effects con­cern­ing you unless this is nec­es­sary for our con­tract, is autho­rised under applic­a­ble law or is based on your explic­it consent.

How can I exer­cise my rights?

If you would like to exer­cise any of these rights, please email, call or write to us using the con­tact details below.

We will require addi­tion­al infor­ma­tion from you so that we can cor­rect­ly ver­i­fy your identity.

For more infor­ma­tion about the cir­cum­stances in which these data sub­ject rights apply, see the guid­ance pro­vid­ed by your local reg­u­la­to­ry author­i­ty, for exam­ple in the UK; https://​ico​.org​.uk/​f​o​r​— o​r​g​a​n​i​s​a​t​i​o​n​s​/​g​u​i​d​e​— t​o​— t​h​e​— g​e​n​e​r​a​l​— d​a​t​a​— p​r​o​t​e​c​t​i​o​n​— r​e​g​u​l​a​t​i​o​n​— g​d​p​r​/​i​n​d​i​v​i​d​u​a​l​— rights/

Com­plain­ing to the regulator

We hope we can help you to resolve any query or con­cern you have over the use of your infor­ma­tion, how­ev­er the Gen­er­al Data Pro­tec­tion Reg­u­la­tion also gives you the right to make a com­plaint with your local super­vi­so­ry author­i­ty where any alleged infringe­ment of data pro­tec­tion law has occurred.

The super­vi­so­ry author­i­ty with­in the UK is the Infor­ma­tion Com­mis­sion­er who may be con­tact­ed at https://​ico​.org​.uk/​c​o​n​c​erns/ or tele­phone at 0303 123 1113 or oth­er chan­nels as updat­ed at https://​ico​.org​.uk/​g​l​o​b​a​l​/​c​o​n​t​a​c​t‑us/.

What hap­pens if a data breach occurs?

Whilst we endeav­our to keep your per­son­al infor­ma­tion safe, we have an inter­nal inves­ti­ga­tion pro­ce­dure in case of data pro­tec­tion secu­ri­ty breaches.

In the event of data theft, we may sus­pend access to our servers, emails and online sys­tems and take oth­er urgent steps to pre­vent fur­ther unau­tho­rized access to information.

If we believe that our data has been com­pro­mised, we will report the issue to the Infor­ma­tion Com­mis­sion­er’s Office (ICO).

We will noti­fy you with­out delay if we believe a data breach is like­ly to result in a sig­nif­i­cant risk to your rights and free­doms. Any noti­fi­ca­tion will describe in clear and plain lan­guage the nature of the per­son­al data breach and con­tain all required information.

Changes to this Policy

We reserve the right to update this pri­va­cy notice at any time, and we will pro­vide you with a new pri­va­cy notice when we make any sub­stan­tial updates.

We may also noti­fy you in oth­er ways from time to time about the pro­cess­ing of your per­son­al information.

Our details

If you have any ques­tions regard­ing this pri­va­cy notice or the infor­ma­tion we hold about you please reach out through our Data Pro­tec­tion Team via wiley​.com/​d​a​t​a​p​r​o​t​e​ction

Request a Demo