Skip to main content

Privacy Policy

Updated January 1, 2018

This Policy provides information regarding:

  1. DAC Group (“DAC”) management and protection of personal data,
  • Collected from its employees for workforce management purposes
  • Collected in the course of recruitment
  • Collected from website visits for the purposes of operating and improving the website
  • Processed and analysed on behalf of DAC s clients.
  1. The process to exercise individual privacy rights regarding one’s personal data held by DAC in relation to:
    • Individual access,
    • Rectification, as appropriate,
    • Objection to use
    • Restriction of processing
    • Challenging compliance
  1. DAC Group does not collect special categories of data such as racial or ethnic origin or health data.

I. DAC PROTECTION AND MANAGEMENT OF PERSONAL DATA

1.    Collection

DAC collects personal data, meaning information about an identified or identifiable individual, directly from individuals, from its employees and from its website.

DAC has access to its clients’ data, without collecting it, to perform data analysis as a service to a client. In these cases, the data may be personal or anonymous. In either case, DAC never collects or stores the data.       

DAC Group collects personal data from, 

  • its employees, with implicit consent for the purposes of human resource management including hiring, deployment, compensation, benefits, leave management, performance management, discipline and termination, as well as emergency contact;
  • candidates for positions at DAC; with proper notification and implicit consent, DAC may use internet searches to perform due diligence on candidates strictly in relation to data relating to recruitment purposes.
  • customers business email addresses as necessary to the business relationship
  • Website users, through automatic collection of certain technical information, including IP address, device information, geo-location information, computer and network performance data and navigation history. DAC uses permanent and temporary cookies on the website. Cookies are small text files, stored on the user’s computer during the site visit. Cookies often store the settings for a website, and help DAC make the user’s experience more efficient by providing information about the visit. DAC uses permanent cookies to analyse website usage and for language preferences. DAC uses temporary (session based) cookies to improve performance and to determine web trends. DAC cookies may be disabled but this may exclude the use of some features of the website.

DAC processes personal data that its clients have collected and provided to DAC for the purposes of a contract with a client. This data is analysed and processed exclusively under the instructions of the client in the context of the contract and in accordance with the contract. DAC uses this data to develop multi-platform and multi-channel directional marketing, display advertising and search marketing campaigns and strategies for its customers. DAC also uses this data for data analytics purposes to provide its clients with insights into their businesses and marketing campaigns and strategies.

This Privacy Policy will always be easily accessed from the website.

2.     Disclosure

DAC does not sell or otherwise disclose to third parties any data it holds save in the following exceptional cases:

  • Should DAC receive a request from law enforcement authorities to provide personal data in its custody, it would only do so upon demonstration of lawful authority. If the data requested is held on behalf of a business customer, DAC will consult the customer unless it is prohibited to do so by law.
  • Strictly as allowed by law, DAC may disclose data to another organisation where it is:
    • reasonable for the purposes of investigating a breach of an agreement or a contravention of the law that has been, is being or is about to be committed and it is reasonable to expect that disclosure with the knowledge or consent of the individual would compromise the investigation;
    • reasonable for the purposes of preventing, detecting or suppressing fraud and it is reasonable to expect that the disclosure with the knowledge or consent of the individual would compromise the ability to prevent, detect or suppress the fraud;
    • necessary to identify an individual who is injured, ill or deceased, to a government institution or the individual’s next of kin or authorised representative and, if the individual is alive, with notification to the individual.
  • With respect to employee data, DAC may disclose personal data if it is necessary:
    • to establish, manage or terminate an employment relationship, as allowed by law.
    • in a prospective business transaction where DAC has entered into an agreement that:
      • restricts the use and disclosure of that data solely for purposes related to the transaction
      • protects the data by security safeguards appropriate to the sensitivity of the information, and
      • if the transaction does not proceed, the data is returned to DAC or destroyed it within a reasonable time.

3.     Transfer

DAC may transfer personal data to suppliers and sub-contractors it employs to deliver its services and the transfer may occur across national borders. In all cases, it is subject to the following conditions:

  • The transfer is solely for the purpose of assisting DAC in its service delivery and under its instructions.
  • It comes under contractual clauses that ensure compliance with data protection legislation at a compatible level of protection whether DAC transfers as a collector to a processor or as a processor to a sub-processor.
  • When DAC collects personal data,
    • DAC informs individuals, through this privacy policy and in its website Privacy Statement, of the possibility of transfer abroad, as the case may be;
    • Exercises due diligence in the choice of processors to whom to transfer the data;
    • Ensures compliance with data protection with contractual clauses and monitors compliance through means including inspections, audits and immediate breach reports.
  • When DAC processes personal data for a client, it does so  
    • Exclusively under documented instructions from its business customer;
    • With approval of the customer and in accordance with the SA.

4.     Location of personal data

DAC stores European employee data in the United Kingdom.

Website data, client data and non-European employee personal data are stored in Canada and in the United States.

5.     Security

DAC is committed to data security and protects personal data through integrated physical, technological and administrative safeguards. In particular,

  • All data is protected by security safeguards appropriate to the level of sensitivity of the data through (i) physical measures, such as secure areas; (ii) technical measures, such as encryption and secure servers; and (iii) organisational measures such as access policies based on the need-to-know and employee security through vetting and supervision.
  • All data is retained only for as long as it is necessary for the purposes for which it was collected or transferred, in accordance with DAC Retention Schedule.
  • Should DAC suffer a breach, it would implement its Incident and Breach Response Plan, including notification to individuals and or data collector, as soon as feasible.

II. PROCESSES TO EXERCISE PRIVACY RIGHTS AT DAC

1.     Individual access

DAC responds to individual requests for access to one`s personal data, and for rectification as necessary for all data it holds as a collector, through new following process.

In relation to employee data and employment candidate data, the request must be addressed to the Vice-President Human Resources to respond.

In relation to website data, the request must be addressed to the Vice President, Technology, to respond.

Both will seek advice from the Data Protection Officer as necessary to ensure compliance. The DPO may be reached at DPO@dacgroup.com  

DAC responds:

  • Within one month, free of charge, unless
    • the volume or the complexity of the request require a longer process, where DAC will inform the requester, within one month, of the reasons for an extension and may charge a reasonable fee to cover administrative costs; or
    • the request is unfounded or excessive and DAC may refuse the request with justification.
  • Providing the following information:
    • the purposes of the processing;
    • the categories of personal data processed;
    • the third parties to whom the personal data have been or will be transferred under the employment of DAC and their location;
    • the criteria to determine the period for which the personal data will be stored;
    • the existence of the right to request rectification or erasure of personal data and the process for it;
    • the right to object to processing, as applicable;
    • the right to lodge a complaint with a supervisory authority.

2.     Rectification

Rectification requests follow the same process as access requests, described above.

DAC provides rectification as soon as possible within one month. Should DAC refuse the request, it will provide justification.

3.     Challenging compliance

An individual about whom DAC holds data may challenge compliance with data protection rights by filing a complaint in accordance with the process instituted for access requests and rectification requests, described above.

DAC will investigate the complaint in consultation with the office responsible for the use of the data and under the guidance of Data Protection Officer. Should the complaint be well-founded, DAC will take all appropriate measures to resolve the complaint and, if necessary, amend its practices as needed.

CONTACT

The Data Protection Officer may be reached at DPO@DACGroup.com

The Vice-President, Human Resources, may be reached at m.labbe@dacgroup.com

The Vice-President, Technology, may be reached at dtemby@dacgroup.com.

Last Updated January 17, 2023

General:

DAC Group (“DAC”)

DAC is committed to respect the privacy rights of visitors and users of its website. This privacy policy (“Policy”) explains how we may collect, store and use personal data about you when you browse our careers page (the “Site”) and when you provide your personal data to us through the recruitment website.

These terms will apply regardless of how the Site is accessed and will cover any technologies or devices (if applicable) by which we make the Site available to you. It provides you with details of the types of personal data that we may collect from you, how we use your personal data and the rights you have with respect to our use of your personal data when we are the data controllers.

By continuing to use the Site, you are agreeing to the terms of this Policy.

For the purposes of any applicable European laws relating to privacy and data protection including any applicable legislations implementing the General Data Protection Regulation (Regulation (EU) 2016/679 (the “Privacy Laws”), DAC Group (“We”) are the data controllers of the personal data (as defined in the Act) which we collect from you or which you provide to us through the Site. We guarantee to comply with the standards, procedures and requirements laid down in law to ensure that your personal data is kept secure and processed fairly and lawfully.

What Information do we collect?

You should be aware that this Site is being monitored and may capture information about your visit that will help us improve the quality of our service.
When you apply for a job, request information, send a question or answer, send a resume or otherwise actively send us data through our Site, we collect and process such data which includes, but not limited to, the following:

  • “Personal Information”, which may comprise: your name, e-mail address, personal address, telephone number, gender, occupation, interests, a password, and any other data included in a submitted profile or resume;
  • Any other information which you provide when you report a problem through our Site

Cookies

A cookie is a small file placed on your computer when you visit a website. We use ‘cookies’ to keep track of your current session and to personalise your experience. Cookies also enable us to:

  • Estimate our audience size and usage pattern; and
  • Recognise your preferences such as language and region when you return to the Site.

We do not use cookies to collect or store Personal Information. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of the Site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to the Site. For the settings of cookies, please refer to the ‘Help’ function within your computer.

Application

If you apply for a job, you agree that:

  • The Personal Information which you provide to us is true, accurate, and complete in all respects.
  • You agree not to impersonate any other person or entity or to use a false name or a name that you are not authorised to use.
  • You will keep your application information secure and not disclose it to any third party.

How does DAC use the information collected?

We will never sell any information about you to anyone. We use your Personal Information to carry out our obligations arising from any engagement entered you may have with us and for the specific purpose for which it was volunteered.
We will use your Personal Information and any information provided by you as a job applicant to:

  • Contact the individual concerned and providing information about our operations and employment;
  • Manage job applicant information including creation of records in the selection process; and
  • Any other uses as may be necessary to employment and recruitment activities.

We will treat all your Personal Information as confidential and will not share your Personal Information with third parties.

Given that the Internet is a global environment, using it to collect and process personal data necessarily involves the transmission of data on an international basis.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), although the data will always be held securely and in line with the requirements of the relevant data protection laws. It may also be processed by staff operating outside the EEA who works for us. Such staff may be engaged in, amongst other things, the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

How long do we keep your personal data?

We will keep your personal data for as long as we need it to achieve the purpose for which it has been collected or to meet our legal obligations.

  • We keep the data relating to a job application until you request us to delete it or after one year starting from the fulfilment of the position or the end of the recruitment process.
  • When you send us a request regarding our brand, your data will be kept for the time necessary to handle such a request.
  • Personal data within cookies set on your terminal will be kept for as long as we need it to achieve the purpose for which it has been collected (e.g. session identification cookies are just kept for the duration of the ongoing session), and, in any case, for a maximum duration of 13 months.

We might keep some personal data for longer to comply with legal or regulatory obligations or to protect our legitimate interests.

Your rights on your personal data

You have the following rights at any time:

  • The right to request access to personal data that we hold about you;
  • The right to request from us rectification of any personal data that is inaccurate or incomplete;
  • The right to request erasure (‘right to be forgotten’) of personal data if these data are no longer necessary in relation to the purposes for which they were collected or otherwise processed or if you withdraw your consent (we might have to keep some personal data to meet legal requirements or legitimate interests though);
  • The right to obtain restriction of processing where one of the following applies:
      If you have contested the accuracy of your personal data, processing shall be restricted for a period enabling us to verify such accuracy,
      When processing is unlawful, and you oppose to the erasure of your personal data and request the restriction of their use instead,
      If we no longer need the personal data for the purposes of the processing but they are required by you to establish, exercise or defend your legal claims,
      When you have objected to processing based on legitimate interests, processing shall be restricted for a period enabling the verification whether our legitimate grounds override yours,
  • The right to object, on grounds relating to your situation, where processing of your personal data is based on our legitimate interests. You also have the right to object at any time to processing for direct marketing purposes (including profiling to the extent that it relates to such direct marketing);
  • The right to data portability, meaning you have the right to receive the personal data we hold about you in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller where the processing is based on your consent or on a contract and is carried out by automated means. You have also the right to have your personal data transmitted directly from us to another controller where technically feasible;
  • The right to lodge a complaint with a supervisory authority if you have reasons to think that your rights on your personal data are infringed by DAC.

Note that we may ask you additional information necessary to confirm your identity to exercise your rights.

Security

We believe that the security of your Personal Information is important, and we are taking technical and organisational security measures to ensure their protection. In the unlikely event that your Personal Information, in our possession, is or is likely have been compromised, we may seek to notify you. If a notification is appropriate or required by law, we would endeavour to do so as promptly as possible, and, to the extent we have your e-mail address, we may notify you by e-mail. By using this Site, you consent to our use of e-mail as a means of such notification.

Changes to this Policy

This Policy may change. You should check our careers page frequently to view recent changes. If you choose to visit the Site, your visit and any dispute over privacy is subject to this Policy. Any changes will be posted on the Site and the date at the bottom of the page will be amended to reflect when the Policy was last revised.
Questions and enquiries related to this policy should be directed to our Data Protection Officer at DPO@DACGroup.com

Your goals. Our expertise. Let's talk