Deloitte Global Recruitment Privacy Notice
Last Updated: 24 February 2025
Introduction
We are committed to protecting your privacy. This Deloitte Global Recruitment Privacy Notice (“Privacy Notice”) explains how we, Deloitte Touche Tohmatsu Limited with registered office at 1 New Street Square, London, United Kingdom, EC4A 3HQ (“we”, “us”, “our”, “DTTL” or “Deloitte Global”) collect, use, share, store and protect your Personal Information in connection with our online and offline recruitment activities, programs, and events. It also sets out your rights and who you can contact for more information or queries. This Privacy Notice applies to the handling of your personal information as candidate, applicant, participant in our recruiting activities, programs and events, and third party whose information is provided to us in connection with one of these relationships.
Information about you, which may be referred to as personal data in some jurisdictions, is referred to as “Personal Information.” Personal Information refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual.
We may also sometimes collectively refer to handling, collecting, protecting, and storing your Personal Information as “processing” such Personal Information.
As used in this Privacy Notice, "Deloitte Network" refers to one or more of Deloitte Global, its network of member firms and their related entities. DTTL and each of its member firms are legally separate and independent entities. Please see www.deloitte.com/about for a detailed description of the legal structure of DTTL and its member firms.
For the avoidance of doubt, Deloitte Global is not an employing entity. Successful candidates who accept offers for Deloitte Global positions will be employed or otherwise engaged by the local Deloitte entity in the country in which the role is primarily based.
What Personal Information We Collect:
The Personal Information that we may collect or obtain at various stages of our recruiting activities, programs and events, includes:
Basic details and identifiers such as name, address, phone number and email address,
Educational background,
Employment background,
Qualifications and work eligibility, including your nationality, country of residence, and work visa status,
Photographs and documents to verify your identity,
Jobs in which you have expressed an interest or for which you would like to submit an application,
Recruitment platform login information,
Talent Communities in which you have expressed an interest,
CV, resume or transcripts, and any supporting documentation attached to your resume such as copies of certificates, diplomas and coverletter,
Employment references,
Compensation details, such as salary information, depending on your region,
Background check information, such as verification of your educational and professional background, and other relevant information subject to applicable laws,
Information provided as part of virtual campuses, online and in-person interviews, and assessments, including information about your personality, competency, capability and suitability for a position,
Publicly available information, such as social media or other online resources where your information is made publicly available,
Details of services agreements, employment, assignment, or secondment offer and agreements.
We may collect or obtain such Personal Information because you give it to us in connection with your application for a position, or in connection with your creation of your profile in an online Talent Community, or the information may be submitted on your behalf in support of a Deloitte Global position you have applied for or expressed interest in. For instance, to the extent appropriate and in accordance with applicable law, we may seek additional data and/or verify your Personal Information by contacting your references, referrer, and other third parties. For instance, we may create Personal Information in the course of recruiting activities, typically interviews and assessments results and feedback.
Special Category Data
It is generally not our intention to seek sensitive information like date of birth, place of birth, age, sex, gender, marital/civil partnership status, parental status, military status, and other sensitive personal data (“Special Category Data”) including information relating to racial and ethnic origin, religious, political, or philosophical beliefs, trade union membership or information about your health, disabilities, sexual orientation, gender identity, and transgender status as part of our recruitment process or recruitment related activities. However, we might gather sensitive information about you because you voluntarily provide the information to us or we are required to collect the information as a result of legal requirements imposed on us. If we do receive any such Special Category Data about you, we will, where necessary, obtain your explicit consent to collect and use such information in accordance with applicable laws.
How We Use Your Personal Information
We process your Personal Information for the purposes of, or in connection with our recruitment process and recruitment related activities. We only process your Personal Information for the purposes for which it is collected unless we reasonably need it for another compatible purpose and there is a legal basis for further processing.
We will use the Personal Information that we collect or obtain about you:
To communicate with you and respond to your requests or application or to inform you about opportunities and events.
If you contact us (for example, through our recruiting systems and career websites, contact forms, or sign up to receive email from our Talent Communities or at events) we process your Personal Information to communicate with you about your application or job interests. For example, we may update you on the status of your application, inform you about new vacancies and hiring events, or invite you for recruitment activities such as a phone or in-person interview. If you sign up for promotional emails, we will inform you about thought leadership, reports, articles, events, and career opportunities and working in a Deloitte Global position.
To assess suitability and eligibility for a particular role and maintain records in relation to recruitment, evaluation, and background screening and hiring.
We process your Personal Information to connect the right candidate with the right Deloitte Global position (irrespective as to whether you have chosen to register with us to set up an account) and to evaluate whether you are the right applicant for a position. We may therefore include your Personal Information in our recruitment databases to manage our candidate selection and recruiting processes. If you are selected for a position, information about you will also be used to facilitate the hiring process, extend an offer and provide you with welcome information and other items. Please be aware that, prior to hiring you or otherwise engaging your services, and for the relevant Deloitte entity to be able to extend an offer, you may be requested to complete a background check in accordance with local law; where pre-employment, criminal record and national security clearance checks are required, this will generally be included in the advertised job description.
As set out above, if your application is successful and you accept an offer, you will be employed or otherwise engaged by the Deloitte entity in the country in which your role will primarily be based.
To enable your use of our career websites.
When you choose to register with us to set up an account, we process your Personal Information so that we can create and administer your personal account.
To analyze, develop and improve our recruiting activities and hiring processes.
We use your Personal Information for Deloitte Global analytics purposes, including in aggregated or pseudonymized form, to improve our recruitment and hiring process and augment our ability to attract successful candidates and to conduct statistical analysis and create internal reports, for example regarding usage of our career websites and Talent Communities or demographic analysis of candidates. If you choose to participate in our surveys, we may collect your feedback about Deloitte Global and our recruiting activities.
To maintain the security of our career websites, recruiting systems and our networks.
We may use your Personal Information as necessary to maintain the security of our career websites, recruiting systems and our networks. For example, we may process information about you when investigating suspicious activity on our career websites, recruiting systems and our networks (such as IP address recording to prevent denial of service attacks).
To comply with applicable laws and regulations and to operate our business.
In some cases, we may process your Personal Information (including sensitive or special category data) to comply with applicable laws and regulations, such as legally mandated reporting or other legal process requests and legal requirements, such as those relating to public health and workplace safety. We may also process your Personal Information in the performance and organization of our business and internal management, for example to conduct audits and investigations, as part of a corporate transaction (such as a sale, divestiture, reorganization, merger or acquisition), finance and accounting, archiving and insurance purposes and in the context of dispute resolution to establish, exercise, or defend against potential, threatened, or actual litigation.
Legal Basis for Processing the Data
We are required by law to set out in this Privacy Notice the legal basis on which we rely in order to process your Personal Information.
The table below provides an overview of the legal basis for processing your Personal Information for the specific purposes for which we use your Personal Information as outlined above in the “How We Use Your Personal Information” section.
Purpose for Collecting Personal Information & Legal Basis for Processing Personal Information
To communicate with you and respond to your requests or application or to inform you about opportunities and events.
Based on consent or otherwise justified based on a legitimate interest to select and communicate with candidates. Please note you can opt-out of receiving marketing-related emails or participating in surveys at any time.
To assess suitability and eligibility for a particular role and maintain records in relation to recruitment, evaluation, and background screening and hiring.
Necessary for compliance with a legal obligation or otherwise justified based on a legitimate interest to ensure successful hiring and onboarding operations.
To enable your use of our career websites.
Based on consent. Please note that you can always close your account and withdraw your consent, although this may affect our ability to consider you for joining Deloitte.
To analyse, develop and improve our recruiting activities and hiring processes.
Justified based on a legitimate interest in the continuous improvement and efficacy of Deloitte Global recruitment and hiring operations.
To maintain the security of our career websites, recruiting systems and our networks.
Justified based on a legitimate interest to protect Deloitte professionals, assets, and property.
To comply with applicable laws and regulations and to operate our business.
Justified based on a legitimate interest to protect Deloitte professionals, assets, and property. Necessary for the compliance with a legal obligation or for the establishment, exercise, or defense of legal claims or otherwise justified based on a legitimate interest to operate Deloitte Global business in an efficient and appropriate manner.
To the extent that we process any Special Category Data relating to you for any of the purposes outlined above, we will do so because either: (a) you have given us your explicit consent to process the information; (b) the processing is necessary to carry out our obligations under employment, social security or other applicable law; or (c) the processing is necessary for the establishment, exercise or defense of legal claims.
Please contact us using the information detailed in the section “How to Contact Us” for any questions related to our collection and use of your Personal Information.
Sharing Personal Information:
We restrict the access to and disclosure of your Personal Information to other members of the Deloitte Network who need the information for the purposes set forth in this Privacy Notice. When there is a need, we may share your Personal Information with the following categories of recipients:
Service providers;
Support providers;
Government departments and agencies;
The courts, police, and other law enforcement agencies;
Professional advisors, such as law firms, tax advisors or auditors;
Revenue and tax authorities;
Regulatory agencies and other professional bodies;
Any person or corporate entity in connection with a business transition, such as a restructure, sale, or acquisition of any member of the Deloitte Network; and
Other third parties to accomplish the purposes described in this Privacy Notice.
Prior to sharing Personal Information with a third party, we will ensure that any such disclosure is in accordance with applicable data protection laws.
Transfer of Personal Information
Please note that some of the recipients of your Personal Information referenced above in the section “Sharing Personal Information” may be based in countries outside of the UK or the European Economic Area (“EEA”) whose laws may not provide the same level of data protection. In such cases, we will ensure that there are adequate safeguards in place to protect your Personal Information that comply with our legal obligations. The adequate safeguard might be a data transfer agreement with the recipient based on standard contractual clauses approved by the applicable authority (e.g., for personal information subject to the UK GDPR, the UK Information Commissioner’s Office) for transfers of Personal Information to third countries.
Further details of the transfers described above, and the adequate safeguards used by us in respect of such transfers are also available from us. For such information, please contact us by using the “How to Contact Us” section below.
Data Retention
We will retain your Personal Information for as long as is necessary to fulfil the purpose for which it was collected. We may retain your Personal Information for longer to comply with legal obligations or if your Personal Information may be the subject of a legal claim or may otherwise be relevant for future litigation or investigation.
If your application is successful and you accept a Deloitte Global position, any relevant Personal Information collected during the selection period will become part of your personnel records and will be retained in accordance with applicable laws and with the Deloitte Global Professionals Privacy Notice (available to you during the onboarding stage).
If your application is unsuccessful, and you created an account on our career websites, we will retain and use your Personal Information as part of your application for a reasonable period of time to manage matters arising in connection with your application or future applications, for system administration purposes, to consider you for potential future roles, and to perform research. In any case, your account will be deemed inactive, and your account information will be deleted, after two (2) years of inactivity. Prior to such deletion, you will receive a notification to inform you about the upcoming account deletion and can opt to maintain your account.
If you choose to join a Deloitte Global Talent Community and sign up to receive promotional emails, we will maintain this information for a period of one (1) year or until you opt out. If you opt out, we will retain your opt out preference for as long as necessary to comply with applicable law.
More generally, to determine the appropriate retention period for your Personal Information, we will consider our legal obligations; the amount, nature, and sensitivity of the Personal Information; the potential risk of harm from unauthorized use or disclosure of Personal Information, and whether we can achieve those purposes through other means. If there is any Personal Information that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of the personal data.
Security of Personal Information
We use a range of physical, electronic and managerial measures to keep your Personal Information secure, accurate and up to date. These measures include:
education and training of relevant personnel so they are aware of our privacy obligations when handling Personal Information;
administrative and technical controls to restrict access to Personal Information on a ‘need to know’ basis;
technological security measures, including fire walls, encryption and anti-virus software; and
physical security measures, such as staff security passes to access our premises.
Although we use appropriate security measures once we have received your Personal Information, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavor to protect Personal Information, but we cannot guarantee the security of data transmitted to us or by us over the internet.
Your Rights Over Your Personal Information
You may have various rights under your local law in relation to the Personal Information we hold about you. In particular, you may have a legal right to:
obtain confirmation that we are processing your Personal Information and request a copy of the Personal Information we hold about you;
ask that we update the Personal Information we hold about you, or ask that we correct such Personal Information that you think is incorrect or incomplete;
ask that we delete Personal Information that we hold about you, or restrict the way in which we use such Personal Information;
withdraw consent to our processing of your Personal Information (to the extent such processing is solely based on previously obtained consent);
receive a copy of the Personal Information concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such Personal Information to another party (to the extent the processing is based on consent or a contract); and
object to our processing of your Personal Information.
To help us maintain the accuracy of your Personal Information, please contact us by using the “How to Contact Us” section below if any of your personal details have changed.
If you are unsatisfied with the way in which we have handled your Personal Information or any privacy query or request that you have raised to us, you may have a right to complain to the data protection authority in the UK or your local jurisdiction. For such information, please contact us by using the “How to Contact Us” section below.
Verification of Personal Information requests
For certain Personal Information requests, we must first verify your identity before processing your request. To do so, we may ask you to provide us with your full name, contact information, and relationship to Deloitte Global. Depending on your request, we may ask you to provide additional information. Once we receive this information, we will then review it and determine whether we are able to match it to the information Deloitte Global maintains about you to verify your identity.
Third party requests
If you are submitting a Personal Information request on behalf of someone other than yourself, please contact us by using the “Contact information” section below and include proof that you are authorized to make the request. This may be in the form of a written authorization signed by the person whom you are acting on behalf of or a valid power of attorney.
Cookies and Other Tracking Technologies:
We may process Personal Information from you when you interact with our career websites and recruiting systems or communications and promotional emails. For example, we use cookies (small text files stored in a user's browser) or web beacons (electronic images that allow us to count users who have accessed particular content and to access certain cookies) to identify you and your interests and remember your preferences, and to collect analytics about how you use our career websites. Where applicable, additional information on how we may use cookies and other tracking technologies, and how you can control these, can be found in the Cookie Notice on the applicable website.
More information on how we use cookies and other tracking technologies on Deloitte Global’s Deloitte.com website can be found in its Cookie Notice .
Some of our online recruiting activities are hosted by third parties. When you access sites operated by these third parties, they may to the extent permitted by applicable law, including your consent to the extent required, and consistent with this Privacy Notice, place their own cookies or other tracking technologies on your device.
How to Contact Us:
To exercise your rights or if you have any questions concerning your privacy while using the Website, please contact DTTLPrivacy@deloitte.com. . Should you wish to contact our Data Protection Officer, you may write to 1 New Street Square, London, EC4A 3HQ, or send an email to DeloitteGlobalDPO@deloitte.com.
DGSL Privacy Services Limited, with registered office at 29 Earlsfort Terrace, Dublin 2, Ireland, is appointed as our representative in the European Union to act on our behalf if, and when, we undertake data processing activities to which the EU General Data Protection Regulation (GDPR) applies. It can be contacted at DTTLPrivacyEU@deloitte.com.
Changes to this Privacy Notice
We may modify or amend this Privacy Notice from time to time.
To let you know when we make changes to this Privacy Notice, we will amend the date at the top of this page. The new, modified, or amended Privacy Notice will apply from that revision date. Therefore, we encourage you to periodically review this Privacy Notice to be informed about how we are protecting your information.
This Privacy Notice was written in English. To the extent any translated version of this Privacy Notice conflicts with the English version, the English version controls.