Privacy Policy

This Privacy Notice (“Notice”) describes how Protiviti BV (we, us, our or Protiviti) may use, process, store and disclose Personal Information that we may collect about individuals, including if you register with us, through this website and from other sources, such as when you apply for a job with Protiviti. The types of data we collect are described in the section below ‘Your Personal Information and how we collect it’.

We act as a controller and we are responsible for the Personal Information we process. This Notice informs you how we protect your Personal Information and informs you about your privacy rights.

It is important that you read this Notice together with any other Privacy Notice we may provide and on specific occasions when we are collecting or processing your Personal Information so that you are fully aware of how and why we are using your Personal Information. This Privacy Notice supplements other Notices you may receive from us and is not intended to override them.

This website is not intended for children and we do not knowingly collect data relating to children.

You can download a pdf version of the Privacy Notice here:  Download

Contact Details:

If you have any questions about how we use your Personal Information, contact us at: [email protected]

Your Personal Information and how we collect it

Registering with this Website

When you use or register with this website, such as searching for information or applying for a job, we may ask for certain Personal Information including your name and contact information (email, home address and phone number). Depending on the nature of your enquiry or activities on our website, we may also ask for and/or collect:

  • your job search criteria, salary expectations and preferences;
  • job title, company name, employment history, employment experience, educational history, skills, and salary;
  • information about your professional interests through white papers or newsletters you collect, as well as professional interests that you describe to us;
  • other background information together with any login ID and password created by you;
  • information you provide including in emails, letters or during telephone calls
  • technical data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. We may also receive technical data about you if you visit other websites employing our cookies. Please see our Cookie Policy for further details;
  • profile data including your username and password, your interests, preferences, feedback and customer survey responses;
  • usage data including information about how you use our website and services;
  • marketing and communications data including your marketing and communication preferences.

In relation to a job applicant the Personal Information and information set out above provides us with an explanation of a job applicant’s past work experience, including details of any gaps or periods of unemployment and academic background, and may be used to obtain references. We may ask you to provide original, documentation in paper format, including proof of identity, evidence of immigration status and qualifications and we may verify some or all of the information you provide in relation to your application for a job. We may use a third party to perform background screening and verification services and we will inform you at the time.

Our Clients and Suppliers

If you are a Client or supplier of goods and services we will collect and process information about individuals in your organisation to enable us to communicate with them and to provide our services or receive goods and services. Usually we process the individual’s name and business contact data only.

Website visitors

We collect a limited amount of information about our website users, which we use to help us improve your experience with our website and manage our services.

The following information will be collected:

  • technical data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. We may also receive technical data about you if you visit other websites employing our cookies. Please see our Cookie Policy for further details;
  • profile data including your username and password, your interests, preferences, feedback and customer survey responses;
  • usage data including information about how you use our website and services;
  • marketing and communications data including your marketing and communication preferences.

How we use your Personal Information

We use, process, store and disclose your Personal Information and other data we collect for the purposes of performing the services requested and functionalities offered by the Site. By using our Site, requesting our services and / or applying for a job you agree that we may process your Personal Information for the purposes described.

We will also process your Personal Information for other legitimate business purposes such as producing statistics, analysing how successful our marketing campaigns are, the number of visitors to our website and complying with other contractual, legal and regulatory obligations and duties.

Currently we do not use automated decision-making technologies to make final or conclusive decisions about you and a member of our staff will always be involved in the provision of working finding services.

Change of Purpose

We will only use your Personal Information for the purposes for which we collected it (e.g. to consider you for employment if you are a job applicant), unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your Personal Information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

We may process your Personal Information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Transferring your Personal Information outside of the UK / Europe

Protiviti is part of an international group of companies operating globally. We may share some of your Personal Information with our group companies, including Robert Half, a recruitment firm, our parent company Robert Half International Inc., based in the United States, and other group companies within or outside the European Economic Area (EEA), who may use and process your Personal Information for similar purposes as described in this Privacy Notice. The data protection laws outside Europe may not provide an equivalent level of protection to those inside Europe and in these circumstances, we will take steps to ensure that your Personal Information is adequately protected, secure, kept confidential and that we have a lawful basis for the transfer. This means we may require the 3rd party recipient to sign the EU Model Contract clauses approved by the European Commission as providing personal data with the same protection that your Personal Information has when it is processed within the EEA.

When we transfer your Personal Information to 3rd parties based in the US, we will check if they are a member of the EU/US Privacy Shield (as Membership requires the business to provide similar protection to personal data shared between Europe and the US). If they are not Privacy Shield certified, we will ensure these recipients will only process your Personal Information on our instructions and they will be subject to a duty of confidentiality and required to sign the EU Model Contract.

You can contact us if you require further information on the mechanism we use when transferring your Personal Information out of the EEA.

Disclosing your Personal Information to 3rd Parties

To the extent necessary or appropriate and without notifying you, Protiviti may disclose your Personal Information to external 3rd Parties (who are not members of the Robert Half group of companies) in the following circumstances:

  • to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to: (a) comply with the law requiring such disclosure; (b) protect the rights or property of Robert Half or its group companies; (c) prevent a crime, protect national security or for fraud detection or prevention; or (d) protect the personal safety of individuals using our website or members of the public.
  • to 3rd parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, we will let you know.
  • to IT consultants carrying out testing and development work on our IT systems, service providers who we may appoint as data processors and to other service providers who may be based outside the EEA.

Where applicable, we will impose appropriate contractual, security, confidentiality and other obligations on to 3rd party service providers and processors we have appointed, based on the nature of the services they provide to us. We will only permit them to process your Personal Information in accordance with the law and our instructions. We do not allow them to use your Personal information for their own purposes and when our relationship ends we will ensure your Personal Information is securely returned or destroyed.

Some of these 3rd parties are also controllers responsible for processing your Personal Information for their purposes, for example, the local tax authority is a controller for tax purposes. We may not be able to impose obligations or restrictions on these controllers in connection with how they process your Personal Information.

Keeping your Personal Information Secure

We have put in place appropriate security measures to prevent your Personal Information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to do so.

We have put in place procedures to deal with any suspected Personal Information breaches and we will notify you and the applicable supervisory authority of a breach where we are legally required to do so.

How long we retain your Personal Information

Protiviti will retain your Personal Information for as long as necessary to fulfil the purposes that we collected it for. This means we will keep your Personal Information throughout the period of your relationship with Protiviti.

We are required by law to keep basic information about our Clients and customers (including contracts, evidence of identity, financial and transaction data).

Your personal data will in any case be stored in compliance with the law and the limitation periods that oblige us to store your personal data for a longer period, e.g. to defend ourselves against any legal actions.

Where there is no retention period stated in law, we determine the appropriate retention period for Personal Information by considering the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of the data, the purposes for which we process it and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymise your Personal Information (so that it can no longer be associated with you and we cannot identify you). We do this for research or statistical purposes in which case we may use this anonymised data indefinitely without further notice to you.

Details of the retention periods for different aspects of your Personal Information are set out in our Record Retention and Destruction Policy which you can request from us by contacting us at: [email protected]

Your Legal Rights

You have the right to:

Make a Data Subject Access Request to access your Personal Information at any time. This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it.

Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate Personal Information we hold about you corrected, although we may need to verify the accuracy of the new data you provide to us.

Request erasure / deletion / removal of your Personal Information. This enables you to ask us to delete or remove your Personal Information where we do not have a valid reason to continue to process it. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Please Note: we may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your Personal Information where we are relying on a legitimate interest (or those of a 3rd party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to process it.

Data Portability / Request the transfer of your Personal Information to you or to a 3rd party. We will assist you with this transfer to a 3rd party either by transferring your Personal Information for you or by providing you with a copy in a machine-readable format. Please Note: this right only applies to automated information which you initially provided consent for us to use or where we used the Personal Information to perform a contract with you.

Withdraw consent at any time where we are relying on your consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.

We want to ensure we keep your Personal Information accurate and up to date. In addition to your legal rights, you may ask us to make changes or request a copy of your Personal Information informally, by contacting your local Protiviti office.

Additional information, Response Times and Fees

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights or when you make an informal request). This is a security measure to ensure that Personal Information is not disclosed to any person other than the individual who has the right to receive it. We may also contact you to ask you for further information in relation to your request to help us locate your data and to speed up our response.

We try to respond to all legitimate requests within one month. It may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You will not have to pay a fee to exercise any of these rights. However, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

The Legal Basis for processing your Personal Information

We have set out a short description of main ways we will collect, store, process, share and disclose your Personal Information and the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

We will only use your Personal information when the law allows us to. Most commonly, we will use your Personal information in the following circumstances:

  • To fulfil a contract we are about to enter into or have entered into with you;
  • Where it is in our legitimate interests;
  • When it is our legal or regulatory duty;
  • When you consent.

A legitimate interest is when we have a business or commercial reason to use your information in conducting and managing our business. We will consider and balance any potential impact on you and your legal rights when we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required for compliance with a legal or regulatory obligation or permitted to by law).

Marketing Messages

Generally we do not rely on consent as a legal basis for processing Personal Information except in relation to sending direct marketing communications via email or text message. However, where we are providing you with work finding services, you will receive email marketing communications from us even if you have not given us consent as we rely on the ‘soft opt in’ form of consent.

You may receive marketing communications from us if you provided us with your details when you registered with us at a promotional or networking event or attended a training course and you have given us consent to send you marketing. We may also use your identity, contact details, technical data, usage data and profile data to form a view and decide which services may of interest or relevant for you.

You have the right to withdraw your consent to marketing at any time by:

  • Following the opt out links contained in our marketing email messages;
  • Following the opt out process described in our text marketing messages;
  • Sending an email with “UNSUBSCRIBE ME” in the subject field to: [email protected]

Opting out of receiving marketing messages does not apply to:

  • Personal Information that you have provided to us in connection with the performance of a contract between us.

We will never sell or disclose your Personal Information to any 3rd parties to use for marketing.


You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookies Policy.

Links to other websites

Our website may include links to 3rd party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these 3rd party websites and are not responsible for their privacy statements.

Feedback and Complaints

You have the right to make a complaint at any time to the Belgian supervisory authority for data protection issues. We would ask you to provide us with the opportunity to discuss your concerns with you before you contact the supervisory authority so please contact the EU Data Protection Office, Stationsstraat 24 b1, 1702 Groot-Bijgaarden or email [email protected]

Changes to this Privacy Notice

If we change this Privacy Notice we will post any updates here for your review. If we change material terms we will provide notice of the revised Privacy Notice for 30 days on our home page at

This Privacy Notice was last updated: 25 May 2018