Skip to main content

Safeguard Global’s report “Top Countries for Hard-to-Fill Life Sciences Roles” is out! > Download it now
Contact us

Data Personal and Privacy Notice for Clients and Suppliers

Safeguard Global and its affiliated entities (“Safeguard Global”, “we”, “us”) take the protection of personal data seriously. This Privacy Notice explains how personal data relating to individuals with whom we interact in our business context, for example employees, directors, contractors or other representatives of our clients, prospective clients, suppliers, service providers, partners, and their group companies (“you”). If you operate as a sole trader, freelancer, or other unincorporated business, some information that you provide for business purposes may still be personal data about you and this Notice applies accordingly.

This Notice applies to Safeguard Global and reflects our commitment to processing personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), and our global privacy standards.

Controller identity and contact details

For the purposes of this Privacy Notice, the data controller is Safeguard World International Limited (trading as “Safeguard Global”), Meadowside, Mountbatten Way, Congleton, England, CW12 1DY, United Kingdom (Company Registered Number: 06439329; VAT Registration Number: 923426534). You can contact us at privacy@safeguardglobal.com.

Where a Safeguard Global affiliate entity is involved as a separate controller for specific processing activities, the relevant affiliate and its contact details will be identified at the point of collection and/or in the relevant contract documentation.

What types of your Personal Data do we process about you?

We process personal information related to you and that is collected in the context of our business relationship with you or the organisation you represent. This may include:

  • Identification and professional contact data: full name, business address, phone number, business email address, job title, employer or organisation, and other professional contact details;
  • Professional and organisational information: role or function within the organisation you represent, areas of responsibility, authorisation to act on behalf of a client or supplier, and internal reference identifiers;
  • Compliance, legal and due diligence information: where required by applicable law or internal compliance obligations, such as information necessary to conduct know-your-business checks, sanctions screening, conflict-of-interest assessments, or to comply with tax, anti-money laundering, or similar legal requirements.
  • Communication data: emails, meeting records, notes and correspondence that may have personal data exchanged in the course of our business relationship;
  • Technical and usage data relating to your use of our website, platforms, or systems, such as login credentials, access logs, user activity, IP address, device identifiers, and similar technical information.

All of this information, and other personal information which we may collect and process, will be referred to collectively in this Privacy Notice as "Personal Data".

As a rule, we do not seek to collect or process special categories of personal data (for example data revealing health or political opinions) or data relating to criminal convictions and offences in the context of our relationship with clients and suppliers. However, in limited and exceptional circumstances, such data may be processed where this is strictly necessary to comply with applicable legal or regulatory obligations, including but not limited to Know Your Customer (“KYC”), Customer Due Diligence (“CDD”), anti-money laundering (“AML”), counter-terrorist financing (“CTF”), tax evasion prevention, and international sanctions laws and regulations.

In such cases, Safeguard Global will process only the minimum amount of personal data required for these purposes, on an appropriate lawful basis under applicable data protection laws (including consent where required by law or another valid legal basis), and subject to appropriate safeguards. This may include, where legally permitted and necessary, the verification of identity and legitimacy of clients and suppliers, which can involve checks against fraud, sanctions, or other relevant regulatory databases. All such processing is carried out in accordance with applicable data protection requirements and aims to ensure compliance with legal obligations and promote responsible corporate conduct in the jurisdictions in which Safeguard Global operates.

Additionally, in some cases, we may also receive and process personal data relating to you or the organisation you represent, such as authorized or beneficial owners, where necessary for contractual, legal, or compliance purposes. Such data will be processed solely for those purposes and in accordance with this Privacy Notice or the applicable data protection law.

Why do we process your Personal Data and why are we allowed to do so?

We process your Personal Data for the following purposes:

  1. Contract and relationship management: to communicate with you, manage the commercial relationship, negotiate and enter into contracts and statements of work, administer and perform contractual obligations, and handle day-to-day account management and support. Legal basis: performance of a contract (Article 6(1)(b) GDPR) insofar as processing is necessary for contractual steps or performance, and legitimate interests (Article 6(1)(f) GDPR) to manage our business relationships and communications.
  2. Compliance and due diligence: to comply with applicable legal and regulatory obligations, including accounting, tax, audit, sanctions screening, anti-money laundering, conflict-of-interest checks, record-keeping and similar requirements. Legal basis: compliance with a legal obligation (Article 6(1)(c) GDPR) and, where applicable, legitimate interests (Article 6(1)(f) GDPR) in preventing fraud and ensuring responsible business conduct.
  3. Security and administration of systems: to manage access to our systems and platforms, maintain security, troubleshoot, and keep audit logs. Legal basis: legitimate interests (Article 6(1)(f) GDPR) in ensuring the security and integrity of our systems and preventing misuse.

Where we rely on legitimate interests, those interests include: maintaining effective business communications, ensuring information security, preventing fraud and misuse, and running our business in an efficient and compliant manner. You may object to processing based on legitimate interests as described in the “Your Privacy Rights” section.

As a general rule, Safeguard Global does not rely on consent as a legal basis for processing personal data in the context of relationships with clients, partners and suppliers. Where consent is required by law in exceptional circumstances, it will be obtained separately and may be withdrawn at any time.

Is providing your Personal Data mandatory?

Where we request identification and professional contact data, the provision of such data is generally necessary to manage our business relationship and, where applicable, to enter into and perform a contract with the organisation you represent. In some cases, we must also process certain information to comply with legal obligations (for example, accounting, tax, sanctions screening and anti-money laundering requirements).

If you do not provide the requested information, we may be unable to establish or continue the business relationship, to provide services, or to comply with applicable legal requirements.

What you need to know about providing information about someone else

In the context of our business relationships, you may provide us with personal data relating to other individuals, such as, colleagues, authorised representatives, signatories, beneficial owners, or other persons associated with the organisation you represent. By providing such personal data, you confirm that you are authorised to share this information with us for the relevant business, contractual, or compliance purpose and that individuals concerned have been informed, where appropriate, of the processing of their personal data. You should not provide personal data about other individuals to us unless you are legally permitted to do so. If you are unsure whether you are authorised to provide such information, please do not provide it to us and contact our Data Protection Officer (DPO) by writing to dpo@safeguardglobal.com for guidance.

Where do we receive your Personal Data from?

We may receive information about you from:

  1. You or your representative;
  2. The organisation you represent;
  3. Any authorised intermediaries;
  4. Publicly available sources; public entities, bodies or authorities;
  5. Third-party providers where applicable;
  6. Our affiliate companies, where permitted under applicable privacy/data protection laws.

Who may receive your Personal Data?

Depending on the nature of our relationship with you and the services provided, your personal data may be shared with the following categories of recipients (“Recipients”):

  1. The Client, Suppliers, or business partners, where necessary to perform contractual obligations, deliver services, or manage the relevant business relationship;
  2. Persons authorised by us to process Personal Data, who have signed a confidentiality agreement in compliance with applicable data protection laws (for example, certain of our employees in our Human Resources/Administration departments, system administrators who may have access to Personal Data during the performance of their duties);
  3. Third-party service providers and partners, including IT service providers, cloud hosting providers, professional advisers and other vendors supporting our business operations, who acts as processor or sub-processors and are subject to appropriate contractual safeguards;
  4. Intermediaries or embedded service partners, depending on the applicable service structure.
  5. Public authorities, bodies or entities to which Personal Data must be communicated under the applicable law or under binding orders from competent authorities; and
  6. Our affiliate companies, where permitted under applicable privacy/data protection laws.

Will your Personal Data be transferred outside the EU/EEA or UK?

Your Personal Data may be transferred to Recipients located in various different countries. We have implemented appropriate safeguards to ensure the lawfulness and security of these Personal Data transfers according to applicable data protection laws. With respect to data transfers outside of the EU/EEA, we may rely on adequacy decisions from the European Commission, written agreements (including the Standard Contractual Clauses adopted by the European Commission under Commission Implementing Decision (EU) 2021/914 of 4 June 2021, supplemented by the UK Information Commissioner’s Office’s International Data Transfer Addendum to the EU Commission Standard Contractual Clauses), or other safeguards or conditions considered adequate to the transfer at hand. Upon written request to privacy@safeguardglobal.com you can receive further information on international data transfers and can obtain a copy of the appropriate safeguards that we have put in place in order for the transfer to lawfully take place.

For how long may we keep your Personal Data?

Retention periods may vary depending on the nature of the personal data; the purpose of the processing; and applicable legal, regulatory, accounting, or tax obligations. However, Safeguard Global retains data only for as long as necessary to fulfill the purpose for which it was collected, including the performance of contractual obligations, the management of business relationships, and compliance with applicable legal and regulatory requirements.

Once personal data is no longer required for the purposes for which it was collected, it will be securely deleted or anonymised in accordance with data protection legislation.

Your Privacy Rights

As a data subject, you are entitled to exercise the following rights with regard to the processing of your Personal Data, at any time:

  • Access your Personal Data (and/or obtain a copy of those Personal Data), as well as information on the processing of your Personal Data;
  • Correct or update your Personal Data, where it may be inaccurate or incomplete;
  • If applicable, request the erasure of your Personal Data, where the processing is unnecessary or otherwise unlawful;
  • Request the restriction of the processing of your Personal Data, where the Personal Data processed is inaccurate, or that the processing is unnecessary or unlawful, as well as where you have objected to the processing;
  • If applicable, request a copy of the Personal Data you provided to us in a structured, commonly used and machine-readable format, as well as request the transmission of those Personal Data to another data controller;
  • Object to the processing of your Personal Data, based on relevant grounds related to your particular situation, which you believe must prevent us from processing your Personal Data for a given purpose;
  • Withdraw your consent to processing, where your consent serves as the legal basis for processing. This will not affect the lawfulness of processing carried out prior to your withdrawal.

Since Safeguard Global acts as an independent controller, you may exercise your rights by contacting us using the details provided in this Notice and by using the DSAR form

You also have the right to lodge a complaint with a supervisory authority. In the EU/EEA, you may contact the supervisory authority in your habitual residence, place of work, or the place of the alleged infringement (list of authorities: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en). In the UK, you may contact the Information Commissioner’s Office (ICO): https://ico.org.uk/make-a-complaint/.

How to exercise your Privacy Rights

Requests to exercise any of the above rights must be sent in writing:

  • By using the DSAR form available on the Safeguard Global website.
  • to us at the following address: privacy@safeguardglobal.com.
  • to the Legal Team, to the attention of the Privacy lawyer at: LeonardoMorais@safeguardglobal.com

At any time, you can contact privacy@safeguardglobal.com if you have any questions arising from this Privacy Notice or regarding your Personal Data. You can also:

  • Contact our Data Protection Officer (DPO) by writing to dpo@safeguardglobal.com.
  • Contact the competent Supervisory Authority (in the Member State of your habitual residence, place of work or place of the alleged infringement) whose contact details are available here (for EU/EEA) and for UK, click here, if you believe that the processing of your Personal Data that we carry out is unlawful.