what personal data do we collect about you

When you are a contractor or temporary worker on an assignment at one of our clients, we may process personal data about you such as:

  • Identification information – your name, contact information (including home address, home phone number and mobile phone number), citizenship and country of residence, date of birth, (in exceptional cases) gender, digital signature and languages spoken.
  • Professional information – we may process personal data related to your work including (without limitation) your job title, description and location, your department, professional email address, reporting levels, and employment status (full-time/part-time/etc.).
  • Assessments & background check information - this may include criminal background and credit checks, reference checks, work rights status, as well as aptitude and psychological assessment results.
  • Financial information – financial information including (without limitation) your bank account number, bank details, tax number.
  • Salary information – we may process salary information including (without limitation) recurring payments and benefits, your bonus.
  • Performance-related information – performance-related information including (without limitation) information on your performance reviews.
  • Disciplinary information - information relating to disciplinary measures taken against you, if any.
  • Grievance information – In order to assist in the reporting of grievances and (suspected) misconduct within the Randstad Group of companies, we have established dedicated channels through which stakeholders may voice concerns, either through local reporting mechanisms in place at the level of the local Randstad Group companies or, for serious misconduct (including whistleblowing), through our Integrity Line, the Randstad Group reporting facility. Whenever we receive a grievance report or a report about (suspected) misconduct we may process personal data related to the complainant, the other individuals mentioned in the complaint and the person(s) that is/are subject of the complaint and/or of the investigation into the complaint. 
  • Government issued identifiers – government issued identifiers including (without limitation) the national identification number, social insurance number and social security number, as legally required.
  • CV/resumes and other recruitment information – your CV/resume and other relevant information (such as your photograph, interview notes and information included in the cover letter or as part of the application process).
  • Travel and expense data – travel and accommodation information and expenses including (without limitation) travel itineraries, hotel and travel reward cards.
  • Information you choose to share with us – information you choose to share with us, including (without limitation) information you share when using IT support or calling the helpline, and information about you that may be conveyed by your use of a webcam in communicating with us. 
  • Information related to identification/access control cards – employee identification and access control cards may contain your name, photograph, employee number and may be linked to other details on record (department, phone number, license plate).
  • CCTV footage – we may process footage of you obtained through our use of CCTV surveillance systems.
  • Survey results – we may process your responses to questions in employee surveys.
  • Information related to your usage of Randstad devices, software and access to Randstad’s network – we may process information related to your use of our devices, software and access to our networks, including (without limitation) your browsing history, your use of email, internet and social media, whether at the workplace, on our equipment or otherwise through our networks. 
  • Visitor information – when accessing our buildings, we may collect your name, contact details, car plate number, identification, etc. for security reasons. Where we are legally required to do so we may also ask you to disclose information about your health (including information related to viral infections, flu, etc.) for health and safety reasons.
  • Trade sanctions information relating to you - we may verify whether you are a politically exposed person, a specially designated national or otherwise subject to sanctions under applicable laws or regulations

personal data of referees

The submission of references is essential to the recruitment process as we give critical consideration to any input provided to us by your referees.

In submitting your application, you may be required to submit the names and other personal data of referees you wish us to contact. Before you give us any personal data about your referees, you must notify each referee with the purpose of Randstad's use of their personal data (please read the section on referees) and obtain their permission to disclose to us their data for the purposes of evaluating your candidacy for current or future vacancies that we may engage with you from time to time.

if you do not give us the information we seek

Unless otherwise stated, all information requested by Randstad for the purpose of managing the employer-employee relationship is mandatory.  

why do we need your personal data

Your personal data will be processed for the purpose of managing the employer-employee relationship between Randstad and you and all the matters that may arise therefrom, including without limitation purposes related to performance, evaluation, discipline, policy and/or legal compliance. 

As such, your personal data may be processed for the purpose of:

  • your actual or possible work placement/assignment with a Client;
  • checking your work rights status with any government department or body (or their agents);
  • checking your ability to enter the workplace in accordance with prevailing government advisories and/or regulations;
  • where legally permitted, to undertake directly or through agents a criminal reference check with relevant government agencies, background checks or credit checks;
  • payment for work completed on a temporary/contract assignment;
  • to follow up with you to offer you work or ascertain your availability for work;
  • your performance appraisals;
  • our analysis and/or assessment of your ongoing performance and/or prospects;
  • any test or assessment (including medical tests and assessments) that you might be required to undergo;
  • our identification of your training needs;
  • any workplace rehabilitation;
  • our management of any complaint, investigation or inquiry in which you are involved;
  • any insurance claim or proposal that requires disclosure of your personal data;
  • analysing your data to share job opportunities which are of a better fit or which matches your requirements closer; and
  • ensuring our internal business processes are running smoothly which may include quality assurance audits, quality and services evaluations, fulfilling legal requirements and conducting confidential systems maintenance and testing.

with whom do we share your personal data

candidates & contractors/temporary workers

If you are a candidate and/or contractor/temporary worker, your personal data may be disclosed to:

  • potential and actual employers and clients of Randstad;
  • referees;
  • with other entities of the Randstad group of companies. We are part of a multinational group of companies and sometimes we may share personal data with other Randstad groups of companies for the purposes of efficient management of business, compliance with legal and regulatory requirements and to provide our Services to you (include as matching) and to our clients. For an overview of these entities, click here.
  • with third parties providing HR-related services to use (e.g. payroll service providers).
  • with third party providers of IT-related services (e.g. we use an external provider to support our IT-infrastructure; e.g. an important part of our software and databases sit in a cloud-environment which is operated by a third party service provider).
  • with third parties providers of marketing-related services (e.g. we may store your personal data in a cloud-based CRM-application that is hosted and provided by a third party service provider; e.g. when we use a third party service provider to organise an event we may share your personal data with that third party in order to invite you to that event).
  • with providers of professional services (e.g. to our auditors, our tax advisors, our legal advisors).
  • our insurers;
  • with banks; (e.g. in order to pay the salaries of our contractors/temporary workers we share some of their personal data with our bank)
  • any government department or body (or their agents) to verify your work rights status;
  • with public authorities (e.g. pursuant to applicable law Randstad must disclose personal data to the social security authorities and to tax authorities)
  • with law enforcement authorities, courts and regulatory authorities (e.g. as part of a criminal investigation police services may require us to disclose personal data to them)
  • a designated, registered training provider in relation to training and personal development opportunities;
  • any person with a lawful entitlement to obtain the information; 
  • select third parties including suppliers and sub-contractors for the performance of any contract we enter into with them; and
  • (where permitted by law) third party providers of criminal, background or credit checking services.

related purpose disclosures (relevant for candidates, business relations and referees)

We outsource a number of services to contracted service suppliers (CSPs) from time to time. Such CSPs may be located overseas. As part of the outsourcing arrangement with a CSP, they may need access to some of your personal data.



Typically our CSPs would include:

  • software solutions providers;
  • I.T. contractors and database designers and Internet service suppliers;
  • legal and other professional advisors;
  • insurance brokers, loss assessors and underwriters;
  • background checking and screening agents; and
  • talent marketplace platforms.

We take reasonable steps to ensure that terms of service with our CSPs recognise that we are bound by obligations under the PDPO to protect the privacy of your personal data and that they will not do anything that would cause us to breach those obligations.

Once we establish and maintain an employment, staffing or placement relationship with you, we use the data you provided to us, to comply with laws and regulations, including but not limited to employment law, tax and social security and national and international sanctions regulation compliance. For the purposes mentioned above, Randstad may transfer your personal data to other Randstad entities that provide services on behalf of Randstad.

We may also disclose your personal data to third parties:

  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; or
  • if all or a substantial part of our assets are acquired by a third party, in which case the personal data that we hold about you may be one of the transferred assets.

When we share your personal data as described above, your personal data may be transferred to, stored, used and processed in a jurisdiction other than Hong Kong. You understand and consent to the transfer of your Personal Data out of Hong Kong as described herein. Where we transfer your personal data to a country outside of Hong Kong, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPO.

direct marketing

We will only send direct marketing materials to you if you have consented or if you have indicated no objection to receive such direct marketing materials. We cannot use your personal data for direct marketing unless we have received your consent or indication of no objection. In all direct marketing materials, we will give you the option to unsubscribe from receiving further marketing communications.

access & correction

If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.

Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

We will respond to your request as soon as reasonably possible. If we are unable to respond to your request within forty (40) days after receiving your request, we will inform you in writing days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the Personal Data (Privacy) Ordinance).