PRIVACY POLICY
Update Date: 10/31/2024
1.0 Introduction
The Process Group, LLC. and its subsidiaries (“TPG Engineers”, “TPG“, “we”, “us”, “our”) are committed to protecting your personal data. Please read this Privacy Notice carefully as it explains:
- how and why TPG uses your personal data when you access our website, services and/or otherwise engage with us; and
- your legal rights in respect of your personal data.
Where you provide TPG with personal data about other individuals (for example, other people within your organization), please refer them to this Privacy Notice.
The term “personal data” used in this Privacy Notice is taken from data protection laws and broadly means any information that can identify individuals.
If you have any questions or comments about this Privacy Notice, please find our contact details in section 11 of this Privacy Notice.
Note that we may change this Privacy Notice from time to time by updating this page. This Privacy Notice does not apply to any third-party websites, plug-ins or applications to which you may be directed from our website. Clicking on those links or enabling those connections may allow third parties to collect or share data about you and so we encourage you to read the privacy policies/notices on the other websites you visit. We do not accept any responsibility or liability for the privacy practices of such third parties and your use of them is at your own risk.
2.0 Who are we and who is responsible for your personal data?
TPG is an international professional services and engineering firm headquartered in Canada, with offices in numerous locations across five continents. Further details can be found on our website. Our contact details can be found in section 11.0 of this Privacy Notice.
Typically, the TPG entity or associated entity that is legally responsible for handling your personal data will be the entity in the country where you are accessing our services and/or otherwise engaging with us.
Where TPG is engaged by its clients to provide services and as a result, we collect and use your personal data, we generally do so in line with our clients’ contractual instructions, or in accordance with applicable data protection laws. It is usually our clients and not TPG that decide how and why any personal data should be used in the provision of services, so our clients will be ultimately responsible for your personal data in such circumstances.
3.0 What personal data do we collect about you and for what purposes?
We may collect personal data about you or individuals working for your organization in various circumstances, including in the provision of our services, use of our website, attendance at one of our events/offices and/or where we otherwise engage with you, e.g., to procure a service for TPG etc. The personal data that we will collect and the reasons for using it will depend on the nature of your relationship with us which may include the following:
- Identification and verification
We may ask for your passport or other official identification document to verify your identity, for example, if you are required to visit TPG offices or facilities, or to access TPG systems prior to or during your engagement with us. Aside from the data you provide to us directly, and in accordance with the local laws of the country where you are accessing our services, we may also find information about you from other sources, such as from tax authorities, carefully selected third party background screening providers (see section 5 below for more information on TPG’s use of third parties), and/or from publicly available registers/websites where you have voluntarily made your personal data available (e.g., LinkedIn, company databases etc.). We require this information as part of our business acceptance processes and to comply with our legal obligations to prevent against money laundering, terrorism, corruption and fraud. - Engaging with you
This includes personal data such as your name, title, position, the company you work for, your postal address, email address, phone number and your correspondence with TPG (including notes/transcripts/recordings of calls by telephone or Voice over IP systems). We may also ask about your relationship to another person, for example to establish any conflict of interest that might exist. We require the above information in order to engage with you for business purposes. - On-site security
If you visit us at our premises, we may collect your image and/or video footage via CCTV, and may also collect visitor log information (e.g., entry and exit times, vehicle registration etc.). We collect this personal data as it is in our legitimate interest to ensure our premises are secure and for the purposes of detecting/preventing crime. If you connect to our guest Wi-Fi network when visiting one of our offices, we may collect your name, e-mail address, telephone number, device MAC address, IP address and location to provide you with access to this network and to protect it from unauthorized use. - Meeting/events
We may collect basic contact information from you when you register or attend a meeting/event hosted by or on behalf of TPG. We use this information to identify you for building security and safety reasons, and so that we can invite you to future events/meetings (see section 3(f) on marketing below). In addition, for promotional purposes, we may also collect photos/video footage of individuals attending such meetings and events. However, you may also wish to inform us of any specific dietary requirements and/or tell us about any disabilities you have so that we can make the reasonable adjustments you require to facilitate your attendance at the meeting/event. In certain countries, such details fall into the category of personal data that data protection law considers to be inherently sensitive, as it relates to your health/disability and/or potentially your religion. This type of information is purely optional, so you do not have to provide it to us if you do not wish to, provided that you accept any associated risks of us not being aware. For more information about the legal bases which we rely on to use this specific type of personal data, please see section 4.0, “On what legal basis do we use your personal data?” below. - Automated interactions
As you interact with our website, we may automatically collect personal data from your device by using cookies and other similar technologies. Processing such information is necessary for us to pursue our legitimate interests in improving our website and providing a more relevant service to our clients and business partners. This information is not used to develop a personal profile of you. For further details, please see our Cookie Policy. - Marketing and information gathered through our website and our social media accounts
Certain sections of our website, including our blogs, invite you to request publications, newsletters and alerts, subscribe to receive invitations to events, seminars and webinars, take part in client surveys and to receive TPG announcements. If you do so, we will collect some or all of the following information: your name, email address, job title, organization name and company address. Our systems will recognize you as a user and based on the content you view/request, we will strive to provide material that is relevant to you and your interests. We may also collect this information about you where you have physically attended an event hosted by TPG, so that we can invite you again in the future. In addition, TPG maintains accounts on social media platforms (such as LinkedIn, YouTube, Instagram, Facebook and X) and may collect pictures, demographic information, interests and other personal data that you may share with the social media platform when interacting with these accounts. Note that you can opt out of receiving marketing communications at any time, either by clicking on the unsubscribe link in the relevant communication, or by emailing us at unsubscribe@tpgengineers.com. For further information, please see section 9 of this Privacy Notice, “What are your rights over your personal data?”. - Recruitment
TPG will collect and use your personal data when you apply for a job, consultancy role, or work placement/internship with us. We may receive information about you through a recruitment agency or directly from you where you complete an online application form via any of TPG’s career portals or when negotiating your consultancy/independent contractor agreement with TPG. The personal data will include information relating to your education, employment history, skills, referrals, and other background information such as your right to work in the country where you are applying to work etc. We will handle any personal data about you that we receive during the recruitment process in accordance with this Privacy Notice.- In connection with your application to work for TPG, we may process the following categories of personal data:
- information contained in your CV/resume, cover letter, transcripts, or other materials included in your application,
- information provided on your application form, including name, address, telephone number, personal email address, education level, academic institutions, and language skills etc., as well as your salary prior to applying to TPG (which is provided on an optional basis),
- professional certificates or licenses you hold and any other professional qualifications/certifications,
- information relating to whether you are entitled to work in the country you have applied to work in, including any visas/work permits you hold,
- your results/responses from personality tests/other online assessments conducted during TPG’s recruitment process,
- your desired salary and employment and relocation preferences; and
- information provided to us during an interview.
- We will use your personal data for the following purposes:
- to assess your suitability for employment with us and in any subsequent interviewing/assessment process, and to assist us in our decision as to whether to make you an offer of employment – copies of the information you submit, and any further correspondence will be retained in order to progress your application for work and as a record of our employment and fair access processes,
- to manage the security of our premises and systems (including our online application portals),
- to protect TPG’s legal rights and comply with legal and regulatory requirements placed on TPG (including disclosure of information in connection with legal claims and other ethics and compliance investigations),
- to assess your skills and experience for suitable job opportunities, where you have expressed an interest to be notified about this in the future, and
- to monitor diversity and equal opportunities within TPG where we are legally permitted to do so, by analyzing any supplementary information you provide to us voluntarily (see above in “What personal data do we collect?”). We do not use this information in any employment-related decision, and it is only used in an aggregated form (i.e., the information will be grouped with similar categories of information from others to provide statistical data only and will not identify any individual personally).
- We may use email or telephone to contact you to discuss your application and in certain countries, if you are successful in your application, we will contact your referees to obtain references about you.
- Please note that if your application is successful and you are offered a permanent or temporary position with TPG, you may be required to undergo certain background checks before we formalize your employment with us. Depending on the role you are applying for and the laws of the country you are applying to work in, this may include verifying your academic/professional qualifications, employment history, credit history, criminal records and medical history. However, we will only ask you to undergo relevant and legally permitted background screening checks at the final stage of the recruitment process and at such time, you will:
- receive further information about how your personal data will be used in the background screening process, as well as your rights in respect of your personal data; and
- be asked to provide your explicit consent to TPG conducting such background checks.
- In connection with your application to work for TPG, we may process the following categories of personal data:
- Personal data of general populations
The nature of TPG’s business does not include the gathering of personal data of general populations. - Profiling
The term “profiling” refers to where your personal data is used for solely automated processing to evaluate or predict certain aspects about you without human assessment. TPG does not currently do any profiling using personal data.
4.0 On what legal basis do we use your personal data?
The main legal grounds that TPG relies on to collect and handle your personal data are:
- With your consent. For example, where:
- it is mandatory under the data protection laws in a particular country that we operate in (note, this will either be your explicit consent or inferred consent where allowed by applicable law (the latter meaning your agreement is assumed based on your action or inaction at the point of collection, use or sharing of your personal data);
- TPG cannot lawfully handle personal data on the below or other permitted grounds under data protection laws; and/or
- TPG collects information that the data protection laws of certain countries consider to be inherently sensitive (for example, where you tell us about your dietary requirements so that we can cater to your specific health or religious requirements, or where you ask us to make adjustments to accommodate your disability etc.).
- Where it is necessary for us to collect and use personal data to provide our services to/perform a contract with you or your organization. For example:
- to conduct our business activities, we have information (such as contact details and email communications) of our clients’, business partners’ and suppliers’ employees;
- to complete projects for our clients, we may receive personal data of individuals;
- to facilitate visitor access and on-site services at our premises; or
- to process applications for employment.
- Where it is necessary in TPG’s or in our clients’ legitimate interests. For example:
- to administer and improve our websites;
- to provide our services to/otherwise engage with you in the course of our day-to-day business activities;
- to conduct investigations if we suspect illegal or illicit behavior (whether or not this suspicion arises from a whistleblower’s alert);
- to manage the security of our systems and networks;
- for insurance purposes;
- to exercise or defend our legal rights or to comply with court orders; and
- to develop our business (including to communicate with you about our services, events, surveys and other promotional activities).
- To comply with legal requirements placed on TPG. For example:
- to maintain accurate records;
- to conduct certain background checks when evaluating and vetting new clients/business partners (e.g., to comply with anti-money laundering, terrorist financing and sanctions laws – this might include financial, credit and identity checks, and screening which could also include sensitive information such as political allegiances or criminal convictions etc.); and
- for the purposes of fraud and crime prevention and detection or as otherwise required under applicable law.
5.0 Who do we share your personal data with?
We may share information that you have provided to us as necessary within the TPG group of entities and with certain third parties such as service providers acting on our behalf who will use the data to provide the service. These may include insurers, IT and cloud service providers, background screening providers, legal advisers, accountants, tax advisers, advertising agencies, insurance companies, financial or lending institutions, and facilities services providers etc. We will ensure that any third-party service provider that we use commits to an appropriate level of security and confidentiality to protect your personal data. We may also share your personal data in connection with a merger, acquisition, sale of all or a portion of TPG’s assets, financing, restructuring or other corporate transactions. In some circumstances and in accordance with applicable law, we may have to disclose your personal data with other third parties for legal, tax or regulatory purposes such as:
- where a domestic or foreign court, police, law enforcement agency, governmental agency, or regulatory body asks us for it;
- to protect TPG’s assets and interests, or to protect people’s safety, security, rights and/or property;
- to assist TPG with internal or external investigations into potentially illegal or suspicious activity; or
- to manage, defend or settle any actual or potential legal claims.
6.0 How do we protect your personal data?
We strive to maintain systems that are secure and meet industry standards and protect your personal data, including: physical, electronic and procedural safeguards that comply with relevant standards to protect personal data; and contractual protections and information security procedures to ensure that service providers with whom we share personal data maintain adequate protections and security standards.
7.0 Is your personal data transferred overseas?
TPG does not currently have business operations overseas; however, we may use cloud services to conduct business (meaning that personal data may be stored on TPG’s behalf by a cloud provider with server locations around the world as part of that cloud provider’s business model).
8.0 How long will we keep your personal data?
Your personal data will be retained as long as necessary to fulfill the purposes for which it was collected, unless TPG needs to retain it as required by applicable laws. When determining the retention period, we consider various criteria, such as:
- the nature and duration of our relationship with you;
- the types and sensitivity of personal data;
- the purposes for which we use your personal data and whether we can achieve those purposes through other means;
- statutory retention and limitation periods; and
- other applicable legal requirements.
At the end of any retention period, your personal data will either be securely deleted in its entirety or anonymized so that you can no longer be identified from that data.
9.0 What are your rights over your personal data?
You have various legal rights in relation to your personal data with some restrictions and exceptions, depending on the laws of the country where you are based. Such rights may allow you to ask TPG to:
- tell you whether we are using or storing your personal data;
- provide a copy of your personal data (subject to the privacy rights of other people and the information already provided to you in applicable privacy notices);
- correct any inaccuracies in your personal data by informing us to make the necessary changes;
- modify or withdraw your consent for the collection, use and disclosure of your personal data, where TPG has obtained your consent for this (see section 4 “On what legal basis do we use your personal data?” above);
- delete your personal data where there is no lawful justification for TPG to retain it;
- pause use of your personal data until:
- TPG verifies any inaccuracies in your personal data that you notify us of; or
- we assess that TPG’s legitimate interests in processing your personal data outweigh your interests in the data not being processed; and
- transfer your personal data to you or another organization in a commonly used electronic format (known as the right to data portability).
You may also be able to object to your personal data being processed (including if we use it for profiling purposes), when:
- it is in our legitimate interests or those of a third party;
- TPG is acting in the public interest; or
- we use it for direct marketing purposes.
If you object to the last ground, TPG will stop processing your personal data for marketing purposes (and any associated profiling). In the other cases, TPG will stop processing the relevant data unless:
- we identify compelling legitimate grounds to continue which override your privacy rights; or
- we need to process the data for a legal claim.
Note, you may have additional rights in accordance with the local laws of the country where you are based.
You may exercise or enquire about the above rights by contacting TPG’s data protection point of contact (see section 11 “How can you contact us?” below).
10.0 What are TPG’s privacy protocols regarding minors?
We do not knowingly solicit or collect personal data from children under the age of 18. If we discover that a child under the age of 18 has provided us with personal data without the verifiable consent of a parent or legal guardian, we will take reasonable steps to delete that information.
11.0 How can you contact us?
The purpose of this Privacy Notice is to detail the ways in which we handle your personal data and your rights to control it. This Privacy Notice sets out most of your rights under relevant laws, but not necessarily every right you have. If you have any concerns, requests related to, among others, the exercise of your rights, complaints or questions that have not been covered, please contact us by emailing us at privacy@tpgengineers.com
12.0 Complaints
You may have a right to make a complaint to the relevant Data Protection Authority (“DPA”) at any time. We would appreciate the chance to understand your concerns in the first instance before you contact the DPA, however. The website of the DPA responsible for overseeing data protection compliance in your country can be accessed via this link: Global Privacy Law and DPA Directory (iapp.org).
13.0 Changes to this Privacy Notice
This Privacy Notice was last updated on the date shown at the top of this page. We may change this Privacy Notice from time to time by updating this page.