We will use your personal information to assess your suitability for the role, enable shortlisting, prepare for any interviews and assessments required, and contact you to arrange, conduct, evaluate and feedback on assessments and interviews and, where successful, to make you an offer/provide you with an agreement/contract of employment. This applies to all Workers and applies whether you have made an application directly to us, have been added as a prospect or via an agency or any other third-party.

For this purpose, we will collect:

Contact details and other information to confirm your identity. This includes your name, gender, address, phone number, date of birth and email address;

Information about your employment history and skills. This includes your CV / resumes, application forms, references, records of qualifications, skills, training and other compliance requirements. This may also include records of when you contact us, emails, webchats and phone conversations; and

Information generated by us and you, through a combination of recruiting activities to further assess suitability for the role(s), such as interviews, assessment centres, assessments/tests (cognitive ability tests, skills tests, personality tests, job simulations, psychometric tests, etc). For example, you may complete a written test or we may take interview notes.

Once working at dentsu, we will also use your personal information to assess your suitability for other roles you may apply for or projects that may be assigned to you.

We will carry out pre-employment checks (where permitted by law) either using in-house resources or approved third-parties, to establish eligibility to work and other pre-Employment Checks which shall be commensurate to the risks and responsibilities of each job role such as criminal record, financial sanctions, etc and follow up references provided to us and potential other sources where necessary.

We will process and record the personal data of anyone given a job with dentsu, even if they don't turn up on their first day.

Where applicable, we will make reasonable adjustments to the recruitment process based on the accessibility requirements you make us aware of or we become aware of.

For this purpose, we may, subject to the circumstances, collect information about you to help us assess adjustments which need to be made or work restrictions which may apply. This may include your nationality, preferred language, and details of any accessibility requirements.

We will maintain and process general records necessary for the management of workers, to operate the contract/agreement of employment or contract for services between you and the dentsu organisation, and we will need to allocate and manage your duties and responsibilities and the business activities to which they relate.

Depending on where you are based, we may process and record your personal data for purposes including, but not limited to:

Collecting information to facilitate your onboarding to the organisation. For example when receiving IT equipment and setting you up on our systems or sending you items to your home address if you are working remotely.

Facilitating moves within the company in the event of changes to your role, location, or manager.

Should you relocate to a different location, there are processes in place for support with visa applications, tax and relocation assistance.

Running employee surveys, new joiner or leaver surveys.

We may need to respond to reference requests that have been made for you for instance by new employers, mortgage or rental companies, etc.

For some leave requests we will need information that indicates the nature of the time off and duration so we can approve, apply correct policies and redistribute workload as needed.

In certain locations and for some roles, overtime will need to be tracked.

Where requested, we will need to process information required to help you participate in activities and programmes you are eligible for.

In some dentsu locations , we have workforce representation groups who need to be informed when workers join or leave the company.

This involves providing and administering remuneration, benefits (such as pension/retirement schemes, insurance, policies to benefit your health and wellbeing, etc), and recognition /incentive schemes. This may involve us passing appropriate personal information on to the relevant third-party providers so they can contact you, or you may register with them directly. We will also provide the details of any beneficiaries you nominate in case of death or other benefits to the relevant third-party.

We may use third-party suppliers for benefits and recognition systems and we’ll make sure we follow the requirements of the law and that your personal information is protected by them appropriately.

We will run pay benchmarking processes and reporting as required by law and to ensure we are rewarding our employees appropriately with equal pay.

We will process personal information in relation to staff awards, recognition schemes, and incentives to reward good performance.

We may contact you or send you gifts on special occasions such as your birthday and to recognise ‘length of service’ milestones working for us. We will do this using any personal data you provide us with (either in a HRIS or more generally) but you can always ask for this to not happen by contacting your People Leader or raising a case via Ask People Services.

Where applicable, we may need to conduct reviews to assess or investigate performance, capability, conduct, absence, or grievance concerns and other informal and formal HR or Legal processes, to make related management decisions and anything else required under our contract with you.

We will review and track your performance at regular intervals. Your personal information will be stored to track your progress. The ways in which your data will be used may include:

Setting objectives and goals.

Tracking progress against identified deficiencies based on specific action plans.

Tracking your competencies against your current and other roles.

Gathering feedback from managers, peers, direct reports and others in the organisation.

Managing staff rewards for fulfilling objectives / tasks.

This involves providing and administering payroll including tax and social security deductions and contributions, and any other deductions or garnishments required by law or your contract.

We will often utilise third-party suppliers for benefits and recognition systems, and we’ll make sure we follow the requirements of the law and that your personal information is protected by the appropriate technical and organisational measures.

This involves reimbursing expenses where you have paid for something which is considered a genuine cost of business or providing access to corporate credit cards.

We will often utilise third-party suppliers for expense systems and credit card schemes, we’ll make sure we follow the requirements of the law and that your personal information is protected by the appropriate technical and organisational measures.

We will process your personal data because of your day-to-day activities in your role with us at dentsu. The type of data processed will depend on the nature of your role, but can include:

Being part of group / 'all office' email distribution lists internally;

Having the capability to access staff business records such as email, Office 365, Teams and OneDrive;

Staff time management and scheduling, including timesheet recording;

Sharing contact information with clients, including for pitches;

Booking and invoicing for services;

Inviting you to and confirming your attendance at internal and external dentsu events;

Providing knowledge to a central service management system (e.g. ServiceNow) and responding to service downtime;

Logging IT Service Desk tickets with internal system providers, plus systems permitting IT staff to remotely operate staff systems in order to fix / manage requests (when you have granted access);

Tracking intranet usage. You will be searchable on the intranet and your; and information will appear on pages where you have produced the content;

Meeting room and desk booking systems.

Your personal data may be stored to allow dentsu to manage its business operations and plan appropriately for the future.

This will include resource planning, project planning, staff cost management, resource allocation, client profitability analysis and timesheet compliance. Managers are required to assess their direct reports to assess Potential Level, Retention Risk and Impact of Loss. Your information will be processed for this on an ongoing basis.

This includes managing forecasting, budget / account management and planning for the future.

From time to time, we will disclose your personal data to third-party service providers (e.g. Microsoft Dynamics 365) to assist in our accounting and auditing processes.

We have systems in place to prevent unauthorized access to our computer and electronic communications systems and preventing the distribution of malicious software. Your personal data is processed for several reasons, including authenticating legitimate users, contacting you in the event of an incident, training and testing in phishing awareness, setting up IT alerts, and restricting where corporate data can be stored.

To further enhance security, we have deployed a secure corporate browser for dentsu-managed devices and for dentsu corporate apps on personal devices. This system monitors user browsing activity to protect against malicious websites, threats, and malware, capturing and storing all browser-related traffic, including (but not limited to) websites visited, data transfers, IP addresses, and dentsu email addresses.

Please note: This system will not:

monitor other browsers on your personal device (e.g. Chrome, Edge, Safari etc); the only data we will collect pertains to interactions with corporate applications.

collect any inputs or clicks performed by you on a website, including filling in forms, responding to questions, or updating details. We only collect the full URL.

-          process, correlate, or share any information collected unless it triggers a security event.

We do this to review and better understand employee retention and attrition rates, and to understand the success of our systems / programmes. This helps inform our business decisions and we will often use the assistance of external parties to do this.

Your information may be gathered for business operational and reporting documentation such as the preparation of annual reports, which may use photographic images and graphs, and staff engagement or benchmark questionnaires. Your data, if used, will normally be anonymised so that you would not be personally identified.

We will also run data mining to assess the success of our systems and analyse how we can help you work more efficiently.

We are required to monitor and document activity as required to demonstrate legal compliance. This includes conflict of interest records, gifts and hospitality and anti-bribery and corruption reporting, and mandatory compliance training.

This also includes our obligations in relation to maternity or parental leave legislation, working time and health and safety legislation, taxation rules, worker consultation requirements, other employment laws and regulations to which dentsu is subject.

Personal data is also kept enabling us to process data subject rights requests employees may have during or after their employment with dentsu.

We will occasionally need to comply with lawful requests by public authorities (including without limitation to meet national security or law enforcement requirements), discovery requests, or where otherwise required or permitted by applicable laws, court orders, government regulations, or regulatory authorities (including without limitation data protection, tax and employment), whether within or outside your country.

We will also need to gather information such as ethnicity, disability, age, religion/belief, gender and sexual orientation in order to comply with equality and diversity requirements and to help improve the company's employment practices.

We run D&I and social impact initiatives and ask all employees to sign up to a DEI pledge, for which your personal information will be processed.

Throughout your employment with dentsu, you will undergo various training programmes to both enhance your skills and also to fulfil mandatory compliance requirements. This depends on your role and where you are working, but can include:

Mandatory Data Protection, Ethics & Compliance, Intellectual Property, Code of Conduct, and Security e-learning courses. Employees' completion of these training courses is recorded and stored. Additional required training courses may be added, and completion is required, based on market-level and global requirements.

External coaches will occasionally run sessions. With consent, basic personal information will be shared with those coaches.

In certain markets, we run a mentor scheme to assist with the mentee's progression and learning. Participation data is tracked, and employee profile data may be used to select appropriate mentor/mentee matches.

Available learning platforms will track learning content utilization, assessment scores, platform access, learning completions, and attendance in live learning programs.

This will include us needing to process information about absence or (where required or permitted by applicable law) medical information regarding physical or mental health or condition in order to: assess eligibility for incapacity or permanent disability related remuneration or benefits; determine fitness for work; facilitate a return to work; make adjustments or accommodations to duties or the workplace; and make management decisions regarding employment or engagement, or continued employment or engagement, or redeployment, and conduct-related processes.

This includes providing support in work related injuries, illness, management of your health and safety, providing any accessibility support you may need (including where you make us aware in your health declaration upon joining us and as updated by you when appropriate) and contacting your emergency contact if ever needed. This may include us making a referral to the occupational health service and assisting you with ill health retirement applications.

Any staff members who require assistance exiting the building in an emergency will have their information provided to fire marshals by way of Personal Emergency Evacuation Plans (PEEPS). Those fire marshals and any first aiders will also have their information stored on company systems, including the training they have received.

In some dentsu locations, we will carry out Display Screen Equipment (DSE) Assessment & New Expectant Mother (NEM) Assessment to ensure workstations are suitable for all employees.

We are also required by law to record details of any accident that occurs in the workplace.

We may contact you in the event of an emergency or potential threat to you or our business such as a natural disaster or cyber-attack. Such emergencies or disasters might include a fire or any other case where business is not able to occur under normal conditions.

To ensure you are promptly informed about such events, we may use any personal data you provide us with (either in a HRIS or more generally) which may include your private contact details e.g. private phone number or email.

The following are the scenarios in scope:

Severe weather

Emergency Service/Security Incidents

Health emergencies

Cyber Security

Significant technological failures

Gathering evidence for disciplinary action or termination.

Sometimes we may need to gather personal data in relation to any allegations, complaints, investigations and disciplinary processes that occur during your time working at dentsu , whatever your role in the process.

This can include "whistle blowing or speak up now" reports from employees and are handled through third-party services.

Evidence in all cases will need to be gathered and recorded for the duration of any investigation.

We may also need to manage litigation proceedings on behalf of dentsu. Your data may be processed where required.

When you leave dentsu, we run certain processes involving your personal data to understand why you left us, to help run our business or to support a legal obligation we have.

When you leave, we may conduct an exit interview and ask you to partake in a leaver’s survey.

Your data will be used when we are preparing for your departure, for example when you are returning IT equipment or corporate credit cards. This may involve the use of your home address if you are working remotely.

We will also retain information to manage and administer your pension and other related legal obligations.

After you leave, we will retain certain information to understand and evidence decision making in your role and maintain knowledge within the business; for example, this may include your handover notes or emails you have sent. We do this because it is in our interests to use this information to help run our business, or it may be to support a legal obligation we have.

We may also ask if you’d like to opt in to our alumni marketing programme whereby you can receive communications about dentsu and information about new job openings.