en
Candidates

Together, we’ll map out career-defining, life-changing pathways to achieve your career ambitions. Browse our range of services, advice, and resources.

Learn more
Services

We understand that no two organisations are the same. Find out more about how we've customised our recruitment offerings to help clients across South East Asia meet their needs.

Read more
About Robert Walters Malaysia

Since our establishment in 2006, our belief remains the same: Building strong relationships with people is vital in a successful partnership.

Learn more

Work for us

Our people are the difference. Hear stories from our people to learn more about a career at Robert Walters Malaysia.

Learn more


Privacy Policy

 

This policy applies to the group of companies that are ultimately owned by Robert Walters plc (company no. 03956083) of 11 Slingsby Place, St Martin's Courtyard, London, WC2E 9AB, United Kingdom, trading under the Robert Walters, Resource Solutions and Walters People brands (collectively referred to as the “Robert Walters Group”). 

References in this policy to “we”, “us” or “our” are references to the Robert Walters Group.  

What We Do 

The Robert Walters Group provides:  

  • recruitment consultancy services placing candidates on a permanent, contract and interim basis across a range of industries and geographies under the Robert Walters and Walters People brands (“Recruitment Services”);  
  • business process outsourcing services assisting companies with their permanent recruitment, temporary recruitment, supply chain and labour supply and screening (commonly known as “RPO”, “MSP” and “Service Procurement Desk Services” which for the purpose of this policy are collectively referred to as “Outsourced Services”); 
  • other consultancy, technology and advisory services (“Consultancy Services”).

 

We operate through a global network of affiliated entities and utilise vendors where needed, to ensure we provide the best solutions to our clients across the countries where we perform services.

  • Unless we notify you otherwise, we operate as a data controller when processing your personal data for our Recruitment Services and Consultancy Services. If we share your personal data with our clients as part of our Recruitment Services or Consultancy Services, it is likely that our clients will process your personal data as a data controller. Our clients may request additional personal data from you as part of their hiring processes.   
  • Unless we notify you otherwise, we are the data processor and our clients are the data controllers of your personal data processed by us for our Outsourced Services. Where we act as a data processor, the privacy policy of our client will apply. Unless we notify you otherwise, if a company within the Robert Walters Group engages you on a temporary assignment, the Robert Walters Group company who engages you will be the data controller of your personal data. 

 

If you are uncertain about who the data controller of your personal data is, please contact us using our contact information set out in section 13 of this policy. 

The purpose of this Global Privacy Policy (“policy”) is for us to inform you how we collect, use and disclose your personal data. It is important that you read this policy in conjunction with any notices or statements relating to data, data protection, fair processing and/or privacy that we may issue at the time of collecting your personal data where applicable in the jurisdiction. They are not intended to override the policy unless stated otherwise by us in such policy, notice or statement.  

1. What personal data do we collect? 

Personal data is any information relating to an identified or identifiable person.  

We will only collect personal data that we are permitted to collect by law on a jurisdictional basis. We have set out below a non-exhaustive list of the types of personal data that we most commonly collect. 

Type of Personal Data
Description of Personal Data 
Identity data Your title, first name, last name, maiden name, date of birth, gender, photograph, national insurance number (or equivalent in your country), nationality and other information relating to residency and citizenship which may be required to establish a right to work in a given country, marital status and number of dependents. 
Contact data Your delivery address, email address and telephone numbers, emergency contact details and contact details history. 
Historical data Your educational history and credentials, employment history, criminal background history, social media, skills and qualifications, and results from any other background and disclosure checks in countries where it is lawful to carry out such checks. 
Employment-related data Your current remuneration, pension and benefits, what role you are looking for, what work-related areas interest you, third party references (if taken) and interview and assessment feedback created either ourselves or by our client following an interview or assessment. 
Verification data A copy of your driving licence, passport, identity card or another form of identification and referee details. 
Financial data Your bank sort code and account number and tax-related information and credit checks.
Diversity data We may collect diversity data for governmental reporting purposes, which may include racial or ethnic origin, religious or other similar beliefs and physical or mental health, including disability-related information.
Technical data
  • Your internet protocol (IP) address, MAC address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, mobile phone location data and other technology on the devices you use to access our website and our services. 

Profile data Your usernames applicable to accessing our services, interests in so far as these are applicable to the services we provide to you and other preferences and other insights or determinants that we have gained from our analysis and profiling of you. 
Usage data
  • How you use and navigate around our websites and what you browse within them.  

  • We also may have any CCTV footage collected when you have attended our premises. 

Marketing data Your preferences in receiving marketing from our third parties and us and your communication preferences. 
Visa application data Your contact and identity information, immigration history (including residency, immigration status and travel history), character disclosures (including offences, disclosures and information relevant to meeting character requirements), health disclosures and information relevant to meeting health criteria. 
Video If video surveillance operates in or near our offices we may capture images of you where permitted by law.  We may also capture video of you if you attend an event organised by us where you have given your express consent for us to do so. 

 

Sensitive or special category personal data - during the recruitment process or in the course of the services we operate, we may collect personal data that is considered sensitive or special category in certain countries. We may be required by local privacy laws to obtain your explicit consent to handle this type of personal data. You will be provided with a consent form if your express consent is required. Please contact us if you have not been provided with a consent form and you believe we hold your sensitive or special category personal data. 

In respect of candidates and users of Robert Walters Group websites, we also handle the following types of data:

  • Aggregated Data, such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy; and 
  • Anonymised Data, which is data created from your personal data where your identity has been removed and you cannot be traced to it.

 

The age at which an individual is regarded as a child differs per country. We do not typically collect personal data relating to individuals under 18. 

2. How we collect personal data 

We generally collect your personal data directly from you. For example, we collect your personal data when you: 

  • deal with us in person, by telephone, letter, fax, email or via our websites;
  • register with us (e.g. at career fairs);
  • submit any other information to us, such as a CV;
  • complete psychometric assessments or other assessments;
  • subscribe to job alert emails;
  • subscribe to our publications;
  • attend an event we have organised;
  • enter a competition, promotion or survey; and/or
  • give us feedback. 

 

We may also use the following third party channels to collect your personal data:

  • pre-employment screening and background checking organisations where permitted in the jurisdiction;
  • our clients and their third party suppliers; 
  • governmental and regulatory bodies, such as tax and social security authorities;
  • third party suppliers, including other recruitment and employment agencies, job board providers and job aggregators and our managed service providers who are within our supply chain;
  • other recruitment agencies;
  • analytics providers, such as Google Analytics and various job boards; and
  • communication platforms, such as Adobe Marketo, Cison and PR.

 

We may also collect your personal data from publicly available sources where permitted in the jurisdiction, including:

  • your identity and historical data from social media sites, such as LinkedIn, Twitter and Facebook;
  • your identity and contact data from company and commercial registers or electoral registers; and
  • your identity, from qualification and membership lists of professional bodies. 

 

We allow you to sign up or login to a Robert Walters Group account with a LinkedIn, Facebook or Google account (“Social Media Account”) so you can use our online services simply and easily without having to create a specific account with us. If you choose to use this feature, we will process your name and primary email address on your Social Media Account in accordance with this policy. 

Cookies are small text data stored on your PC or mobile device and are creaited by the website's servers. We collect your personal data automatically via cookies when you visit Robert Walters Group websites, in line with the cookies settings in your browser. You can find out more about these cookies, including how we use them and what choices are available to you, by reading our Cookies Policy. You can find out more about the use of cookies on http://www.allaboutcookies.org/.

3. How we use personal data 

We will only use your personal data when the law permits us to, and the uses set out below will be subject to that requirement. 

Candidates 

Your personal data will be collected and handled by us in order to:

  • provide careers, recruitment and/or related intermediary services to or for you;
  • match your details against job vacancies which we consider are appropriate for you in order to assess your suitability for them;
  • allow you to submit your CV, apply for specific jobs or to subscribe to our job alerts so that we can notify you when relevant job vacancies arise;
  • apply for jobs on your behalf by sending your personal data to clients;
  • facilitate the recruitment process if a client wishes to progress your application;
  • fulfil our contractual obligations to our clients; 
  • inform you about any relevant industry developments, events, promotions and competitions, and to communicate any other relevant information;
  • answer your enquiries or questions;
  • conduct statistical analysis;
  • monitor diversity;
  • comply with our regulatory commitments;
  • pursue or defend a legal claim;
  • conduct pre-employment screening;
  • prevent or detect a crime, where the law requires us to carry out such monitoring; and
  • provide you with further information which may be of interest to you in regard to the employment market and opportunities. 

 

Website users 

Your personal data will be collected and handled by us in order to:

  • improve our customer service and make the way we operate more useful to you (which includes tailoring our websites to suit your requirements);
  • let you know about our recruitment services across all areas of our business;
  • send you communications where you have indicated you are happy to receive such information or have purchased products or services from us, which may include the following:
  • E-newsletters and hard copy newsletters;
  • Emails about the services we offer and new product launches;
  • Reminders when your products or services may be due for renewal; and
  • Opportunities to participate in market research. 

 

Depending on the contact preferences you select, we will communicate with you by post, telephone, SMS, email or other electronic means such as via social and digital media. We may use your usage data to help ensure that this messaging is personalised and relevant to you. 

Referees:

We will use your personal data purely for the purpose of conducting a reference check on a candidate. 

Visa Applicants: 

Your personal data will be collected and handled by us for the purpose of preparing and processing your visa application and related immigration services. 

4. Who your personal data is shared with 

Subject to local regulations in the jurisdiction, we may disclose your personal data to:

  • any company in the Robert Walters Group;
  • prospective employers or engagers;
  • other recruitment companies or intermediaries involved in managing the supply of personnel;
  • data processors of the Robert Walters Group;
  • pre-employment screening and background checking organisations;
  • your referees;
  • your past employers and relevant education institutions;
  • your professional bodies;
  • government and regulatory bodies, such as tax and social security authorities;
  • third party suppliers, including other recruitment and employment agencies, job board providers and job aggregators and our managed service providers who are within our supply chain; and
  • third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business structure, any new owners may use your personal data in the same way as set out in this policy. 

 

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions, which includes compliance with this policy. 

5. Legal grounds 

In certain countries our companies that act as a data controller are required to establish legal grounds as set forth by applicable law to process your personal data. Depending on our relationship with you, if required to do so, we will rely on one or more of the following legal grounds:

Legal Ground Permitted Purpose 
Where you have given us consent to use your personal data for one or more permitted purposes. 

For example: 

  • when you create a website account with us; 

  • when we are required by law to collect your explicit consent to process your personal data; and  

  • where you otherwise provide us with your consent. 

Where we need to process your personal data to comply with a legal or regulatory obligation. 

For example:  

  • to perform background checks in accordance with our legal obligations;

  • to comply with our legal and regulatory requirements in relation to taxation and financial compliance; 

  • for equal opportunities monitoring and reporting purposes;

  • to co-operate with our regulators and other public authorities;  

  • to comply with any other obligation to which we are subject under applicable rules and law.  

Where we need to process your personal data to perform the contract, we are able to enter or have entered into with you. 

For example:

  • to employ/engage you if you are applying for a vacancy with us; and 

  • to enter into or perform our agreement with you if you are a supplier or external adviser. 

Where the processing of your personal data is necessary for the pursuit of our legitimate business interests and your interests and fundamental rights do not override those interests. 

For example: 

  • to offer and provide our recruitment services to you and to assess your skills against our vacancies with our clients; 

  • to provide you with marketing material to aid your job search; 

  • to manage complaints and legal claims;  

  • to conduct appropriate background checks if you are to be employed/engaged by us; 

  • sharing your personal data with the companies that form the Robert Walters Group;  

  • sharing your personal data with our third party services providers; and 

  • sharing your personal data with potential employers and other clients (including our MSP clients) of ours who can offer job opportunities within their organisations.  

 

If you would like to know what legal grounds we rely upon to process your personal data, please contact us using our contact details in section 13 of this policy. 

6. Retention 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. We view our relationship with you as being one which is to support your career through numerous roles and assignments. Accordingly, we may retain your data for a period of time which is materially greater than simply one placement if we reasonably believe that we will continue to have an ongoing relationship with you.   

We will appropriately and securely dispose of your personal data when it is no longer required.  To determine the appropriate retention period for personal data, we will consider the following factors: 

  • amount and nature of the personal data; 
  • its sensitivity; 
  • the potential risk of harm from unauthorised use or disclosure of the personal data; 
  • the purposes for which we handle your personal data; 
  • whether we can achieve those purposes through other means; and 
  • applicable legal requirements. 

 

When we act as a data processor to our clients, the data controllers, we will retain your personal data in accordance with the retention periods prescribed by our clients. 

7. Your rights 

The country you are located in and the applicable privacy laws determine your rights in respect of your personal data. These may include: 

Right Description of Right
Right to be informed about your personal data and details of the handling and processing of that personal data and information, including, as applicable the safeguards used to protect your personal data in the event that we transfer it outside the territory it was collected in;
Right of access  to your personal data and to obtain information about how we handle and process it;
Right to have inaccuracies corrected if your personal data is inaccurate, including to have incomplete personal data completed;
Right of erasure of your personal data, which is also known as the “right to be forgotten”. We do not delete personal data from our back-up files that are created for disaster recovery purposes and are not easily accessible; 
Right to restrict handling and processing  of your personal data, which includes requesting us to suppress your personal data file;
Right to move, copy or transfer your personal data to another organisation, also known as “data portability”;
Right to object to the handling and processing of your personal data for certain purposes, in particular to personal data processed for direct marketing purposes and to personal data that is handled and processed for certain reasons based on our legitimate interests;

Right to withdraw consent

or permission that you have previously provided to us in relation to our handling and processing of your personal data, such as for the purposes of marketing by electronic means;

Rights in relation to automated decision making

where such automated decision making has a legal effect on you or otherwise significantly affects you; and 

Right to complain

to us in relation to the handling of your personal data; or the regulatory body which enforces data protection law in your locality.

 

 

Please contact us using our contact details set out in section 13 of this policy if you wish to exercise any of your legal rights.  

Where permitted by law, you may be charged a fee to access your personal data or to exercise any other right that may apply. We will let you know if a fee applies to your request before we complete it. 

We may also request certain information to help us confirm your identity, ensure your right to exercise any of rights in the table above and to prevent your personal data being disclosed to any person who has no right to receive it.  

We will respond to all legitimate requests within any legal timeframes. 

8. Technology

We will always use your personal data fairly. We may on occasion use technological filters to sort through the job applications we receive and to match candidates to specific job vacancies. If we have used technological tools to a significant extent when assessing your job application, we will inform you of this. Please let us know when we contact you if you feel there are other factors that we should consider as part of your job application.

9. Data security

We hold your personal data in a combination of secure computer storage facilities and paper-based files.

We have in place an appropriate level of security around your personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage to it.

We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk of harm that might result from unauthorised or unlawful processing, accidental or unlawful loss, destruction or alteration, unauthorised (or disclosure of) access or damage to your personal data including:

  • locks and security systems;
  • encryption
  • usernames and passwords;
  • virus checking;
  • auditing procedures and regular data integrity checks; and
  • recording of file movements.

 

We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They must only process your personal data on our instructions and subject to the access controls listed above. They are also subject to a duty of confidentiality.

We have agreed on security-related measures with the third parties we share your personal data with to ensure that it is treated by those third parties in a way that is consistent with how we safeguard your personal data.

We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority where we are legally required to do so.

If you suspect any misuse, loss of or unauthorised access to your personal data, please contact us immediately using our contact details in section 13 of this policy.

10. Personal data storage and transfer

  • Personal Data originating from the UK or European Economic Area (“UK or EEA Personal Data”) 
  • Due to the global nature of our business we may need to transfer UK and EEA Personal Data outside of the UK and EEA. For example, we may transfer personal data to Robert Walters Group companies, service providers and government or public authorities in order to perform our recruitment services and comply with our legal obligations. 
  • If we do transfer UK and EEA Personal Data outside of the UK and EEA, we will make sure that appropriate safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply, or we are authorised to do so. If requested, we will provide you with details of the safeguards that we have implemented. 
  • We, our service providers and/or the third parties to whom we may disclose UK and EEA Personal Data may transfer such data outside of the UK and EEA. 
  • Personal Data originating from outside the UK or EEA (“Non-UK and Non-EEA Personal Data”)  
  • We collect personal data relating to individuals in the following countries outside the UK and EEA: Africa, Australia, Brazil, Canada, Chile, China (including Hong Kong and Taiwan), India, Indonesia, Japan, Malaysia, Mexico, Middle East, New Zealand, Philippines, Singapore, South Africa, South Korea, Switzerland, Thailand, United States of America and Vietnam.  
  • Due to the global nature of our business we may need to transfer Non-UK and Non-EEA Personal Data outside the original territory in which the data was collected (“Original Territory”). For example, we may transfer personal data to Robert Walters Group companies or potential employers internationally in any of the countries listed above, and to service providers and government or public authorities in order to perform our services and comply with our legal obligations. 
  • If we do transfer Non-UK and Non-EEA Personal Data outside the Original Territory, we will make sure that such transfers are performed in compliance with applicable law. We, our service providers and/or the third parties to whom we may disclose Non-UK and Non-EEA Personal Data may transfer such data outside of the Original Territory.    

 

11. Privacy policies of third parties

This policy explains how the Robert Walters Group handles your personal data. Please also read the privacy policies of the social media platforms and third party websites through which you arrive at a Robert Walters Group website. We encourage you to read the privacy policies provided by these sites before giving them your personal data.

12. Changes to this policy

We reserve the right to change this policy from time to time. Changes will be notified on our website seven days before taking effect. We may make emergency changes to this policy when we believe it is reasonable to do so e.g. to comply with legal or regulatory requirements. 

13. How to contact us

If you have questions or comments about our privacy practices, or if you would like to submit a request exercising your privacy rights, please contact us. You can:

  • Email us at the mailbox for your country below: 
     
Africa and the Middle East dataprotection@robertwalters.com
Australia and New Zealand ANZPrivacyOfficer@robertwalters.com.au
Brazil  DataProtectionBR@RobertWalters.com
European Economic Area (EEA) and UK  dataprotection@robertwalters.com  or dataprotection@resourcesolutions.com
Greater China and South East Asia (India, Indonesia, Malaysia, the Philippines, Thailand, Vietnam)  ContactSEAC@robertwalters.com
Japan  privacy@robertwalters.co.jp
Singapore  SingaporeDPOs@robertwalters.com.sg
South Korea  privacy@robertwalters.co.kr
Switzerland  dataprotection@robertwalters.com
USA and Canada  dataprotection@robertwalters.com  or dataprotection@resourcesolutions.com
Brazil, Chile and Mexico  dataprotectionLATAM@robertwalters.com

 

  • Contact our Data Protection Officer (DPO): 
    Richard Harris 
    DPO@robertwalters.com

  • Contact our EU representative (RESOURCE SOLUTIONS UK ONLY): 

Sandy Scott  
eu.representative@robertwalters.com

14. Country Specific Information 

United States of America, California

The data processing activities we carry out on the personal information of California residents (“California data”) does not currently fall within scope of the California Consumer Privacy Act (CCPA). Should this change over time, we will update this policy accordingly. 

Please rest assured that we do and will continue to ensure that we follow best industry practice when processing California data. 

Australia

Process for lodging a complaint if you believe your personal data has been mishandled by us: 

  • We will acknowledge receipt of your complaint and respond to it within 30 days. 

  • We will take steps to confirm the authenticity of the complaint and the contact details provided to us;

  • We will seek additional information about the complaint if necessary;

  • If the complaint can be resolved by procedures for access and correction, or some other solution, we will suggest these to you as possible solutions (where necessary on a confidential and without prejudice basis);

  • If we do not respond to your complaint within 30 days, or we are unable to resolve your complaint, you may take your complaint to an external dispute resolution scheme to which we belong or to the Office of the Australian Information Commissioner.