CCM Recruitment International was established in February 1988. The core of the business is the provision of recruitment services to medical clients in the Middle East, Australia, UK, and Ireland. CCM has offices in London, Central Europe, Australia, and Ireland.
CCM processes data on the basis of consent and legitimate interest. CCM is accountable for the data it collects and holds about individuals and demonstrates compliance in the way we collect, store, and use personal data. When storing data, CCM ensures that it is kept in a confidential and secure fashion and that personal data is not disclosed in an improper or unprofessional way.
CCM Recruitment’s systems are designed to ensure the highest standards of data security. This includes information held concerning candidates, clients, and internal staff.
CCM Recruitment International may update this policy at any time, and any alterations shall be effective immediately upon posting of the modified policy.
All CCM employees are aware of, and trained in, the basics of data protection and privacy. By raising staff awareness and carrying out training sessions, compliance with GDPR can be maintained and risks minimised. This training is completed for new staff during their induction, and refreshers are given to all staff on a regular basis.
Who collects personal data?
Data will be collected by CCM Recruitment to provide recruitment services and/or intermediary services. This data may be shared with third parties if consent has been given to do so by the data subject.
What information does CCM collect?
CCM collects data about individuals in several ways depending on their engagement with us. GDPR broadens the definition of personal and sensitive data.
CCM may collect:
Non-Personal Data: non-identifiable data such as anonymous IP addresses that cannot be used to identify individuals
Personal data: names, addresses and other contact information such as email addresses and telephone numbers
Sensitive data: such as medical records, employment references
CCM may anonymise the data we hold and collect to maintain the integrity of services provided.
Candidate and client data is collected and used for the sole purpose of providing employment services. Candidate data will only be disclosed to prospective employers with prior approval and consent.
How does CCM collect data?
CCM generally collects data directly from individuals and clients:
When a CV or application is submitted
When an individual subscribes to alerts about our services
When information is submitted by an individual in connection with a job opportunity or workshop, or open day event
When it is freely given in person, over the telephone, by letter, fax, or email and via the website
When recruitment services are provided to client companies
CCM may collect data from third parties for vetting and verification purposes. This data may be obtained in the form of:
Employment references or letters
Medical test results
Visas and immigration documents
Results of enquiries from former employers or engagers, work colleagues, professional associations or registration bodies
Any information about workplace accidents
Any information about investigations, litigations, registrations, professional disciplinary matters, criminal matters, inquests or inquiries
Why does CCM collect this data?
CCM collects information in order to understand an individual’s needs and provide:
Recruitment and job-seeking services that have been requested
Information to clients about candidates for specific job opportunities
Services to clients which have been requested such as references, qualification verifications, and health clearances
Improve our products and services
CCM may disclose and use your personal data to:
Match your details against job vacancies, which we believe may be appropriate for you
To apply for jobs on your behalf by sending your data to clients
To allow you to submit your CV, apply for specific jobs or to subscribe to job alerts so that we can notify you when job vacancies arise
To market our recruitment services to you across all areas of our business
To inform you about any relevant industry developments, send you details of any events, promotions and competitions, and to communicate any other relevant information;
To maintain and promote CCM Recruitment Internationals business relationships
To answer your enquiries or questions;
For other purposes for which you have engaged with CCM
Third party companies responsible for CCM data security and back-up (if required)
How does CCM share data?
CCM shares data via:
Email and other electronic means e.g. portable storage devices
In hardcopy form
Verbally, as appropriate
Various levels of consent are required through different stages of the recruitment process.
Consent is defined as:
‘’…any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.’’
CCM will provide individuals with a clear explanation of the consent mechanisms in place, and be clear that their consent is:
Of a voluntary nature
Able to be withdrawn easily
Not taken by silence or inactivity
Taken only when the subject has been provided with sufficient information to enable them to understand what they are consenting to
Obtained as a lawful basis for processing personal data
Consent for data collection may be obtained by:
Notification of data collection upon visiting the CCM website in the form of a cookie and website policy that individuals can choose to agree with
Registering their details on the CCM website contact or application form and accepting the terms of this policy
Written consent such as a candidate signing a ‘Permission to Disclose Personal Data’ form
Individuals requesting to receive email alerts via the website
In-person e.g. if an individual attends a CCM workshop or open-day
Electronic means at various stages of the recruitment process e.g. email
CCM’s consent mechanisms are reviewed on a regular basis.
Any subject that CCM holds information on may request for the erasion, rectification, and restriction of their personal data. Requests can be made formally in writing to the CCM Quality Coordinator. Individuals CCM holds information on are able to make portability requests to have their data transmitted to another controller. Access requests will be responded to within a 30-day timeframe or less. CCM has grounds to refuse access requests if it can demonstrate that they are manifestly unfounded or excessive. CCM ensures that these requests are authenticated and secure. For data subject deletion and access requests, where data has been shared with relevant third parties e.g. a licencing authority and/or body, candidates are to be aware that they may be required to contact these parties directly as different policies and requirements are place. CCM assists candidates with these requests.
Individuals can request to be sent a copy of the policy (via post, email, or in hardcopy form)
CCM staff have access to the policy on the server, and in hardcopy form in the office
CCM takes reasonable steps to ensure that personal data is accurate, complete, and up to date. CCM may also contact individuals from time to time to check whether their details have changed. If CCM is unable to confirm that the personal data it holds about an individual or client is accurate, complete, and up to date, it will be purged from the system. We encourage individuals to stay in touch, and update their details with us on a regular basis in order to receive the best service from us.
CCM treats all data breaches seriously and has step-by-step procedures that are followed in the instance of a data breach occurring. Serious breaches are to be reported to the Data Protection Office of Ireland and investigated within 72 hours. If a data subject is at a higher risk of a data breach (e.g. transmitting data to a third country), they will be informed of such risks. A record of all data breaches is maintained.
CCM holds personal data in a combination of secure computer storage facilities including our server, and in paper-based files.
CCM has security procedures in place, including technological features, to protect the data we hold from misuse, loss, and unauthorised access, modification or disclosure. CCM uses a reputable and GDPR-complaint external company to safely and securely shred paper records.
While all precautions are taken, information CCM receives via the internet cannot be guaranteed as secure. Any submission of information to CCM by this means is at the data subject’s own risk. CCM will utilise security features once data has been transmitted successfully.
Cookies and other websites
Cookies are small amounts of information, which CCM stores on your computer. They allow us to monitor website traffic, and to personalise the content of the website for you.
Most browsers allow you to turn off cookies. If you want to know how to do this, please look at the help menu on your browser.
Clicking on links and banner advertisements and RSS feeds may result in your transfer to another website, where data privacy practices may be different to that of CCM. It is your responsibility to familiarise yourself with these privacy policies as CCM accepts no responsibility for, and has no control over, other websites or any information or data collected by, or for them.
Option to Unsubscribe
You may at any point chose to unsubscribe from receiving marketing material and job opportunities sent by CCM by:
Replying to an email you have received from us with the words ‘No More Information’
Clicking the unsubscribe button at the bottom of a CCM email you have received
Calling into our office on +353 (0) 1 836 6092.
Please note that unsubscribing from marketing and promotional emails does not remove your record from our systems. This is a separate request. If you wish to exercise this, please send us a request in writing and we will respond accordingly. Right to be Forgotten requests can be sent via:
The personal data CCM collects from individuals may be transferred outside the EU if consent has been obtained. Such transfers will occur if they are necessary as part of the recruitment process and/or related services CCM Recruitment International provides, e.g. where an individual applies for a vacancy or position outside the EEA, or where the transfer is authorised by law.
CCM Recruitment International and/or the third parties to whom it may disclose personal data to may store personal data on a server overseas.
CCM has contracts and agreements in place with clients outside of the EEA to ensure the safety of the data it shares with them. CCM takes steps to ensure this data is treated securely outside of the EEA and reviews these agreements at regular intervals.
Want to update your details?
Have a question in regards to our Data Protection Policy?
Wish to make a complaint?
Please do not hesitate to get in touch. We aim to reply to all communications as soon as possible.