Recruitment and candidate
privacy notice


We need to process applicant and candidate data to ensure we can manage a fair and effective recruitment and selection process and to assess suitability for a role. This Privacy Notice provides an overview of how data is used and stored as part of this process. This Privacy Notice does not apply to data related to Altus marketing, employees, products or our website. For this information, please visit this website.

Note that if you are located in California, please see our additional CCPA policy here.

Who is Altus Group and how can you contact us?

Altus Group Limited and its affiliates forming part of the Altus group of companies, including but not limited to Altus Group (UK) Limited, Argus Software (UK) Limited, and Altus Group Australia Pty Limited (Altus Group, we, our, or us) respect your privacy and personal information. You can find out more about Altus Group here or by contacting us by email at

Information we collect

Personal information collected


Your legal and preferred name, physical address, country of residence and contact details, including email address and telephone number

To maintain accurate contact details during the application and interview process. We have a legitimate interest in processing this personal data during recruitment process and for keeping records of the process.

Information relating to your right to work, past references, educational references, criminal records

To fulfil our obligations to ensure that the people we employ are entitled to work in the country where the job is located and to meet the requirements of our employee vetting policy/process which may include past employment references, educational references, criminal records.

We have either a legal obligation in collecting this data or a legitimate interest. For referencing and vetting we have a legitimate interest in processing this data so that we can assess suitability for a role and ensure we adhere to our regulatory requirements.

Details of your qualifications, skills, experiences and employment history in the form of CV provided

Information about your current remuneration, including benefit entitlements

We use this information to manage recruitment and selection and to assess your suitability for the role applied for. We have a legitimate interest in processing this personal data and for keeping records of the process.

For Canada & UK based job requisitions

Voluntary disclosure data including ethnicity, sexual orientation, gender self-identification, pronouns, health, disability and military status

For US job based requisitions

Mandatory Equal Employment Opportunity (EEO) data

We will use this information to make reasonable adjustments to the recruitment process for candidates who have a disability or accessibility requirements. We process this information to carry out our legal obligations and exercise specific rights in relation to employment.

To maintain and promote equality in the workplace if you are successful, this information will be held in the recruitment system.

We may also use this data for our diversity equity inclusion (DEI) measurement purposes, but this data will only be used in an aggregated anonymised form

Selection documentation such as interview notes (for interviews via phone, video or in person), presentation materials and assessment and/or test results as part of the recruitment process

During the recruitment we have a legitimate interest in capturing this personal information to ensure we can assess suitability for the role.

Disclosure of personal information

During the recruitment process we may share your personal data with third parties including:

  • HireRight (with respect to vetting and background checks)

  • Phenom and WorkDay (the internal platforms that we use for candidate relationship management)

  • Recruitment Agencies (third parties who support our recruitment)

  • External solicitors/advisors (with respect to any legal claims)

Your information will be shared solely for the purposes of the recruitment process. Altus Group has offices and service providers in many countries, including UK, Canada, USA, France, Singapore, Australia, Germany, Italy, Morocco India and Hong Kong. Therefore, your personal information may be transferred to or stored in countries outside your country of residence. We take reasonable steps to protect your data and put in place confidentiality restrictions and other contractual assurances with parties to whom we transfer your personal information, to ensure there is an adequate level of protection equivalent or comparable to your country of residence for the personal information.

Data retention and security

We will retain your personal information in accordance with applicable local law and our data retention policies and practices for the length of time required fulfil the purposes outlined above. We take the security of your data seriously and have internal policies and controls to ensure that your data is not lost, accidentally destroyed, misused, or disclosed. All of our third-party service providers are required to take appropriate security measures to protect your personal information.

Your rights

You can contact us to:

  • access your personal information

  • withdraw your consent (if consent was required); or

  • correct or update your personal information.

If you are located in the European Union or the UK, you have additional rights to:

  • erase your personal information.

  • restrict your personal information;

  • port your personal information to another service provider (if applicable); or

  • object to some processing that is based on our legitimate interests.

Please note that we may require you to provide personal information to allow us to identify you.
If you have unresolved concerns, you have the right to complain to the data protection authorities. We would however appreciate the chance to address your concerns directly with you first. The relevant authority will be the supervisory authority of the country:

  • (i) of your habitual residence/place of work; or

  • (ii) in which you consider the alleged infringement has occurred. For example, in the UK, you can contact the Information Commissioner’s Office (ICO), at

Last updated: September 2023