People privacy notice

We will use your personal information to assess your suitability for the role, enable shortlisting, prepare for any interviews and assessments required, and contact you to arrange, conduct, evaluate and feedback on assessments and interviews and, where successful, to make you an offer/provide you with an agreement/contract of employment. This applies to all Workers and applies whether you have made an application directly to us, have been added as a prospect or via an agency or any other third-party.

For this purpose, we will collect:

Contact details and other information to confirm your identity. This includes your name, gender, address, phone number, date of birth and email address;

Information about your employment history and skills. This includes your CV / resumes, application forms, references, records of qualifications, skills, training and other compliance requirements. This may also include records of when you contact us, emails, webchats and phone conversations; and

Information generated by us and you, through a combination of recruiting activities to further assess suitability for the role(s), such as interviews, assessment centres, assessments/tests (cognitive ability tests, skills tests, personality tests, job simulations, psychometric tests, etc). For example, you may complete a written test or we may take interview notes.

Once working at dentsu, we will also use your personal information to assess your suitability for other roles you may apply for or projects that may be assigned to you.

We will carry out pre-employment checks (where permitted by law) either using in-house resources or approved third-parties, to establish eligibility to work and other pre-Employment Checks which shall be commensurate to the risks and responsibilities of each job role such as criminal record, financial sanctions, etc and follow up references provided to us and potential other sources where necessary.

We will process and record the personal data of anyone given a job with dentsu, even if they don't turn up on their first day.

Where applicable, we will make reasonable adjustments to the recruitment process based on the accessibility requirements you make us aware of or we become aware of.

For this purpose, we may, subject to the circumstances, collect information about you to help us assess adjustments which need to be made or work restrictions which may apply. This may include your nationality, preferred language, and details of any accessibility requirements.

We will maintain and process general records necessary for the management of workers, to operate the contract/agreement of employment or contract for services between you and the dentsu organisation, and we will need to allocate and manage your duties and responsibilities and the business activities to which they relate.

Depending on where you are based, we may process and record your personal data for purposes including, but not limited to:Collecting information to facilitate your onboarding to the organisation. For example when receiving IT equipment and setting you up on our systems or sending you items to your home address if you are working remotely.

Facilitating moves within the company in the event of changes to your role, location, or manager.

Should you relocate to a different location, there are processes in place for support with visa applications, tax and relocation assistance.

Running employee surveys, new joiner or leaver surveys.

We may need to respond to reference requests that have been made for you for instance by new employers, mortgage or rental companies, etc.

For some leave requests we will need information that indicates the nature of the time off and duration so we can approve, apply correct policies and redistribute workload as needed.

In certain locations and for some roles, overtime will need to be tracked.

Where requested, we will need to process information required to help you participate in activities and programmes you are eligible for.

In some dentsu locations, we have workforce representation groups who need to be informed when workers join or leave the company.

This involves providing and administering remuneration, benefits (such as pension/retirement schemes, insurance, policies to benefit your health and wellbeing, etc), and recognition /incentive schemes. This may involve us passing appropriate personal information on to the relevant third-party providers so they can contact you, or you may register with them directly. We will also provide the details of any beneficiaries you nominate in case of death or other benefits to the relevant third-party.

We may use third-party suppliers for benefits and recognition systems and we’ll make sure we follow the requirements of the law and that your personal information is protected by them appropriately.

We will run pay benchmarking processes and reporting as required by law and to ensure we are rewarding our employees appropriately with equal pay.

We will process personal information in relation to staff awards, recognition schemes, and incentives to reward good performance.

We may contact you or send you gifts on special occasions such as your birthday and to recognise ‘length of service’ milestones working for us. We will do this using any personal data you provide us with (either in a HRIS or more generally) but you can always ask for this to not happen by contacting your People Leader or raising a case via Ask People Services.

Where applicable, we may need to conduct reviews to assess or investigate performance, capability, conduct, absence, or grievance concerns and other informal and formal HR or Legal processes, to make related management decisions and anything else required under our contract with you.

We will review and track your performance at regular intervals. Your personal information will be stored to track your progress. The ways in which your data will be used may include:

Setting objectives and goals.

Tracking progress against identified deficiencies based on specific action plans.

Tracking your competencies against your current and other roles.

Gathering feedback from managers, peers, direct reports and others in the organisation.

Managing staff rewards for fulfilling objectives / tasks.

This involves providing and administering payroll including tax and social security deductions and contributions, and any other deductions or garnishments required by law or your contract.

We will often utilise third-party suppliers for benefits and recognition systems, and we’ll make sure we follow the requirements of the law and that your personal information is protected by the appropriate technical and organisational measures.

This involves reimbursing expenses where you have paid for something which is considered a genuine cost of business or providing access to corporate credit cards.

We will often utilise third-party suppliers for expense systems and credit card schemes, we’ll make sure we follow the requirements of the law and that your personal information is protected by the appropriate technical and organisational measures.

We will process your personal data because of your day-to-day activities in your role with us at dentsu. The type of data processed will depend on the nature of your role, but can include:

Being part of group / 'all office' email distribution lists internally;

Having the capability to access staff business records such as email, Office 365, Teams and OneDrive;

Staff time management and scheduling, including timesheet recording;

Sharing contact information with clients, including for pitches;

Booking and invoicing for services;

Inviting you to and confirming your attendance at internal and external dentsu events;

Providing knowledge to a central service management system (e.g. ServiceNow) and responding to service downtime;

Logging IT Service Desk tickets with internal system providers, which includes support to: (i) permit internal or external IT support to remotely operate or physically repair staff systems as necessary to fix / manage requests raised by you (only when you have granted access via screenshare or camera); and, (ii) provision of AI service desk chatbot to assist with triaging service tickets;

Tracking intranet usage: You will be searchable on the intranet, and your information will appear on pages where you have created or contributed content;

Meeting room and desk booking systems.

Your personal data may be stored to allow dentsu to manage its business operations and plan appropriately for the future.

This will include resource planning, project planning, staff cost management, resource allocation, client profitability analysis and timesheet compliance. Managers are required to assess their direct reports to assess Potential Level, Retention Risk and Impact of Loss. Your information will be processed for this on an ongoing basis.

This includes managing forecasting, budget / account management and planning for the future.

From time to time, we will disclose your personal data to third-party service providers (e.g. Microsoft Dynamics 365) to assist in our accounting and auditing processes.

We have systems and processes in place to protect our data, IT network, computer systems, and electronic communications from security threats. Your personal data may be processed to support these efforts in the following ways:

• Authenticating legitimate users and logging access to corporate systems, applications, and data, including login times, file access, sharing, and download activity;
• Analysing network traffic to detect and prevent unauthorised access, data exfiltration, or other security threats;
• Deploying endpoint detection and response tools on dentsu-managed devices to identify malware, suspicious activity, or policy violations;
• Monitoring the use of removable media, cloud storage services, and external file transfers, and restricting where corporate data can be stored;
• Applying data security posture management solutions to identify and remediate system vulnerabilities and to ensure the application of relevant dentsu data governance rules and policies;
• Using data loss prevention tools to identify potential risks and prevent the unauthorised transmission of sensitive or confidential information;
• Training and testing staff in phishing awareness;
• Setting up IT alerts and contacting you in the event of a security incident; and
• Conducting audits and investigations where there is reasonable suspicion of misuse, policy breach, or unlawful activity.

To further enhance security, we have deployed a secure corporate browser for dentsu-managed devices and for dentsu corporate apps on personal devices. This system monitors user browsing activity to protect against malicious websites, threats, malware and policy violations, capturing and storing all browser-related traffic, including (but not limited to) websites visited, data transfers, IP addresses, usernames, dates and times of visits to websites, and dentsu email addresses. We also deploy tools which capture and process data regarding the reliability of dentsu devices and systems and to provide access for users to secure web sessions, AI services and password management functionality and to identify issues requiring further diagnostics and remediation by monitoring various technical parameters of end-user devices, with a view to undertaking analytics on device performance in real time.

We do this to review and better understand employee retention and attrition rates, and to understand the success of our systems / programmes. This helps inform our business decisions and we will often use the assistance of external parties to do this.

Your information may be gathered for business operational and reporting documentation such as the preparation of annual reports, which may use photographic images and graphs, and staff engagement or benchmark questionnaires. Your data, if used, will normally be anonymised so that you would not be personally identified.

We will also run data mining to assess the success of our systems and analyse how we can help you work more efficiently.

Sometimes we may need to gather personal data in relation to any allegations, complaints, investigations and disciplinary processes that occur during your time working at dentsu, whatever your role in the process.

This can include "whistle blowing or speak up now" reports from employees and are handled through third-party services.

Evidence in all cases will need to be gathered and recorded for the duration of any investigation.

We may also need to manage litigation proceedings on behalf of dentsu. Your data may be processed where required.

When you leave dentsu, we run certain processes involving your personal data to understand why you left us, to help run our business or to support a legal obligation we have.

When you leave, we may conduct an exit interview and ask you to partake in a leaver’s survey.

Your data will be used when we are preparing for your departure, for example when you are returning IT equipment or corporate credit cards. This may involve the use of your home address if you are working remotely.

We will also retain information to manage and administer your pension and other related legal obligations.

After you leave, we will retain certain information to understand and evidence decision making in your role and maintain knowledge within the business; for example, this may include your handover notes or emails you have sent. We do this because it is in our interests to use this information to help run our business, or it may be to support a legal obligation we have.

We may also ask if you’d like to opt in to our alumni marketing programme whereby you can receive communications about dentsu and information about new job openings.

Personal Data means information that identifies you as an individual, or is capable of doing so. Any information relating to an identified or identifiable person. An identifiable person is someone who can be identified, directly or indirectly, by reference to details such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.

Personal Data includes Special Category Data, being more sensitive personal data such as information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, and data concerning sex life or sexual orientation.

Personal Data also includes Criminal Offence Data, being personal data relating to criminal convictions and offences or related security measures.