• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by virtue of an adequacy regulation under section 17A or adequacy decision under section 18(2) each of the DPA 2018; • Where we use certain service providers, we may use standard clauses approved by the Secretary of State under section 119A of the DPA 2018 which give personal data the same protection it has in the UK; and • where we use a service provider who is a member of a larger corporate group and this will involve the service provider transferring personal data outside the UK (but within their group of companies) the service provider may have binding corporate rules in place (checked and verified by us). Please contact us at graduates@newtonimpact.com if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
RECRUITMENT FAIRS AND UNIVERSITY EVENTS IN THE UNITED STATES OF AMERICA
When you meet us at a recruitment fair or university event in the United States and choose to share your details via our QR form, we process your personal data as described in this notice. Newton will use the details you provide (including your name, email address, school, major and graduation year) to contact you about opportunities at Newton and to consider you for current or future roles. We may store your details in our recruitment systems and share them with our recruitment team and service providers who support our recruitment activities. We process your personal data for the purposes of recruitment and talent management on the basis of our legitimate interests in identifying, assessing and engaging individuals who may be suitable for current or future roles within Newton.
HOW DO WE PROTECT YOUR PERSONAL DATA?
We have put in place measures to protect the security of your information. Details of these measures are available upon request. We have also put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
6
INFOSEC-20 v3.2 Dated 03/03/2026
Made with FlippingBook - Online catalogs