As a provider of Executive Search, Leadership and Board Services, Amrop’s business has always been based on trust, confidentiality and respect for privacy. More than just compliance, we go beyond the requirements of the law, running our business in accordance with the Values and Principles contained in our Code of Professional Practice.
We recognize that our role in protecting personal data is critical – on behalf of our clients, our candidates and all members of the Amrop Partnership. We are committed to ensuring that all personal data shared and processed within Amrop is protected, private and secure, thus also providing a framework for compliance with General Data Protection Regulation (EU) 2016/679 (GDPR) and other data protection legislation.
Amrop adheres to the principles and requirements of data protection and relevant national or regional legislation, including those of the European Economic Area (EEA) where the GDPR applies.
We ensure that personal data is processed according to applicable lawful bases.
Across our global footprint, Amrop promotes a positive culture towards data protection. We apply internal processes that ensure compliance with local legislation and requirements, and train our professionals to work in accordance with these.
We ensure that our clients are aware of their roles in protecting personal data, and work with them under defined contractual terms for the sharing of personal data.
Amrop takes the individual rights of candidates and other data subjects seriously. Where required by law in our various countries and territories, we respect individuals’ rights:
• to be informed about their data processing
• to have access to their personal data that we may hold
• to right to rectify and update their personal data
• to erase their data and be forgotten
• to restrict or object to the processing of their personal data.
When required, Amrop offices obtain valid consent from candidates and other data subjects for the processing of their personal data.
For national Privacy Policies and Consent Forms, please contact our local offices.
Amrop believes that holding accurate, up-to-date data is fundamental to its successful performance as a business. We only collect data for specific purposes related to our business, and do not retain data longer than necessary.
Amrop takes all necessary measures to ensure the security of data we process against unlawful access or loss, including specific actions related to potential data breaches.
We have policies and processes in place for safeguarding data, devices and systems, and have developed internal Amrop Digital Security Guidelines applicable to all our offices.
We actively promote the use of state-of-the-art database technologies with integrated data protection functionalities.
We ensure that our 3rd party vendors are aware of their roles in data protection, and work under defined contractual terms for the sharing of personal data.
Some national or regional legislation requires that international transfers of personal data must include special safeguards and mechanisms to ensure that the ‘protection travels with the data’.
Notably, under the GDPR, this applies to data that is transferred from the EEA to non-EEA countries.
Amrop offices have entered into mutual Standard Contractual Clauses in order to ensure the safe and efficient flow of personal data within our global organization.
