This website uses cookies to ensure you get the best experience.

SMG and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Google
SMG career site

Shopper Media Group Ltd Privacy Notice for Applicants

Last Updated: September 2025

About this Notice

This privacy notice (Notice) explains how Shopper Media Group Ltd and its associated Brands (we, our, us, SMG) processes the personal data during the recruitment and hiring process, including workers such as casual workers, agency workers, contractors, interns, volunteers, those workers we employ via our chosen employer of record partners and protective staff such as job applicants. It also explains your rights under data protection legislation.

Please note that any references to "employment" or “staff” are not intended to imply or confer any employment rights to non-employees.

This Notice applies alongside any other information SMG provides about a particular use of personal data, for example, when collecting data via an online or paper form.

Data Controller and Data Protection Officer Details

For the purposes of any applicable data protection laws in England and Wales, including the Data Protection Act 2018 (DPA), the UK General Data Protection Regulation (UK GDPR) and General Data Protection Regulation EU 2016/679 (EU GDPR), SMG is the data controller of your personal data. SMG has appointed a Data Protection Officer, who can be contacted via:

- Email at dpo-hub@next15.com or data.protection@smg.team

- By writing to: FAO Data Protection and Privacy Office, SMG, 60 Great Portland Street, London, W1W 7RT.

How We Collect Your Information

We may collect your personal data in a number of ways, for example:

- via affiliate partners that you have consented to / requested to provide SMG with your data. This could include recruitment providers, partnership websites and or job mailing lists.

- from the information you provide to us before making a job application, for example, when you come for an interview;

- when you submit a formal application to work for us, and provide your personal data in application forms and covering letters;

The Type of Information We Collect

Contact and communications information, including:

- your contact details (including email address(es), telephone numbers and postal address(es));

- records of communications and interactions that we have had with you.

Biographical, educational and social information, including:

- your name, title, gender, nationality and date of birth;

- details of your education and references from your institutions of study;

- lifestyle information and social circumstances;

- your interests and extra-curricular activities;

- third party profile information such as your LinkedIn profile, during recruitment and selection;

Work Related Information, including:

- details of your work history and references from your previous employer(s);

- start date and if different, the date of your continuous employment;

- leaving date and your reason for leaving;

- location of employment or workplace;

Online Identifiers, including;

- details of your IP address, geolocation, browser type and operating system when you visit our website or in relation to our IT set-up.

Special Categories Data

Where this is necessary for your engagement to work for or with us, we may also collect special categories of data and information about criminal convictions and offences, including information:

- revealing your racial or ethnic origin, data related to your religious beliefs, your sex life and or sexual orientation;

- information concerning your health, medical conditions and disabilities;

- details around trade union membership;

- concerning criminal convictions (see the section below on Criminal Convictions Data).

How We Use Your Personal Data

Subject to applicable law, your personal data may be processed by us for the following purposes:

Recruitment and selection

- to evaluate applications for employment and make decisions in relation to the selection of employees;

- pre-employment screening including, where relevant and appropriate, identity check, address records, right to work verification, prior employment and reference check, education qualifications, credit check, financial sanction check and criminal record checks (see the section below on Criminal Convictions Data);

- to make job offers, providing contracts of employment or engagement and preparing to commence your employment or engagement where you accept an offer from us;

- to contact you should another potentially suitable vacancy arise;

- to deal with any query, challenge or request for feedback received in relation to our recruitment and selection decisions.

Automated Decision Making, Profiling and the Use of AI Technology

Your data will not be subject to automated decision-making or profiling.

Compliance Monitoring, Security and Systems Use

- auditing, monitoring, investigating compliance in relation to our policies, applicable law, the prevention and detection of criminal activity to protect our assets and premises;

- responding to legal and regulatory requests

- comply with lawful requests by public authorities, disclosure requests, or where otherwise required or authorised by applicable laws, court orders, government regulations, or regulatory authorities (including, without limitation, data protection, tax and employment), whether within or outside the country or jurisdiction to which you are resident or employed.

- processing background checks on an annual basis for those categories(s) of employees that require it (see the section below on Criminal Convictions Data).

- using explorations and security tools in order to comply with requests made under data protection legislation. For more information in relation to this, please see our Data Subject Rights Request Policy.

Legal Basis for Processing Your Data

Every time we process personal data, we must have a legal basis upon which to rely.

We will only collect, use and share your personal information where we are satisfied that one or more of the following legal bases apply:

Legitimate Interest

The processing is necessary for the legitimate interests pursued by Next15 or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal information. When we use legitimate interest as our legal basis for processing your information, we conduct an assessment in order to risk assess our activities. Our legitimate interests include our interests in running SMG in a professional, sustainable manner, in accordance with all relevant legal and regulatory requirements and in line with industry best practice.

Consent

The processing is based on your consent. Where consent is required for the processing in question, it will be sought from you separately to ensure that it is freely given, informed and that we can clearly demonstrate that your consent was given to us via an affirmative action on your part.

Information regarding such processing will be provided to you at the time that consent is requested. You should be aware that it is not a condition or requirement of your employment to agree to any request for consent.

Data Sharing

For the above purposes, personal information may be transferred within or outside of the jurisdiction where you are employed, perform work or where you reside, either within our Group or to third parties, including, but not limited to:

- any holding company, subsidiary, or affiliate of SMG as regulated by our Intra Group Data Transfer Agreement;

- with our chosen professional employer organisation and or employer of record that we partner with;


SMG may also disclose personal information to a third party where it is necessary to do so in order to protect or pursue our legitimate interests (ensuring this is proportionate and limited to information which is strictly necessary for the purpose of the processing activity). SMG will take appropriate steps to ensure that the recipient of personal information in such circumstances puts in place an adequate level of protection for such personal information in accordance with applicable legal requirements.

If you would like further information in relation to third parties that we share your data with, please contact the Data Protection and Privacy Office

How secure is my information with third-party service providers and other entities within our group?

All of our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

International data transfers

The personal information collected for the purposes of recruitment is stored and processed inside the UK and/or EU/EEA.

Nonetheless, there may be circumstances where SMG shares or discloses data out with the jurisdiction where you reside in relation to the provision of IT infrastructure or other professional services.

In these circumstances, and where applicable, your personal data will only be transferred on one of the following bases:

- The transfer is subject to one or more of the "appropriate safeguards" for international transfers prescribed by applicable law (e.g. data transfer assessments and standard contractual clauses as adopted by the European Commission and UK Government, respectively);

- a European Commission decision or a decision by the Home Secretary provides that the country or territory to which the transfer is made ensures an adequate level of protection; or

- there exists another situation where the transfer is permitted under applicable law (for example, where we have your explicit consent).

Data Retention

We will retain your personal data for as long as is reasonably necessary for the purposes explained in this Notice. Once our retention period

If you would like further details regarding our retention periods, please contact the Data Protection and Privacy Office.

Your Rights

Under data protection legislation, you have the following rights:

- to obtain access to, and copies of, the personal data we hold about you.

- to require that we cease processing your personal data if the processing is causing you damage or distress;

- to require us to correct the personal data we hold if it is incorrect;

- to request that we erase your personal data;

- to request that we restrict our data processing activities in relation to your personal data;

- to object to certain data processing activities and

- the right to not be subject to any automated decision making processes or profiling without the opportunity for human review or intervention.

Please note that the above rights are not absolute, and requests may be refused where exceptions apply.

If you have any questions about these rights, please contact the Data Protection and Privacy Office.

Contact and Complaints

If you have any queries about this privacy notice or how we process your personal data, if you would like to make a complaint or if you wish to exercise any of your right please contact the Data Protection and Privacy Office at dpo-hub@next15.com or data.protection@smg.team or in writing to:

The Data Protection and Privacy Office

60 Great Portland Street,

London,

W1W 7RT

If following such referral, you are still not satisfied with how your personal data is used by SMG you can make a complaint to the Information Commissioner (www.ico.org.uk).

Changes To This Notice

SMG will update this Privacy Notice from time to time. Any substantial changes that affect your rights will be provided to you directly as far as is reasonably practicable.





Already working at SMG?

Let’s recruit together and find your next colleague.

@bootsmediagroup.com