People privacy notice

Privacy notice - Arabic / PDF

Privacy notice - Bahasa Indonesia / PDF

Privacy notice - Bahasa Malaysia / PDF

Privacy notice - Dutch / PDF

Privacy notice - French / PDF

Privacy notice - Hindi / PDF

Privacy notice - Italian / PDF

Privacy notice - Japanese / PDF

Privacy notice - Polish / PDF

Privacy notice - Serbian (Latin) / PDF

Privacy notice - Simplified Chinese / PDF 

Privacy notice - Spanish / PDF

Privacy notice - Thai / PDF

Privacy notice - Turkish / PDF

Privacy notice - Traditional Chinese / PDF

Privacy notice - Welsh / PDF

While you are working for us (and after that relationship comes to an end), we may need to collect, store, access, analyse, share, or use in some other way, the following types of personal information:

Personal identification information: full name, title, job title, employee number, date of birth, nationality, civil/marital status, and military/veteran status.

Contact details: work/personal email addresses, phone numbers, postal addresses, next of kin and emergency contact information.

Business and career development information: start and end dates, CV/resume and cover letter details, educational qualifications and transcripts, professional qualifications and certifications, interview notes, work history, employment and personal references, working hours, salary, pension and benefits, attendance, annual leave, training records, membership of professional bodies, and performance reviews and feedback.

Travel and location information: work location(s), immigration status, visa and travel information, place of work, traveller preferences, travel security risk assessment data, building pass data or visitor book entries captured when entering or leaving our premises.

Driving information: (where relevant and necessary) vehicle details, driver licence, traffic violations and accident information (for example, if operating a company vehicle), fuel card usage, and insurance information.

Audio/visual information: camera footage and/or other information obtained through electronic means such as building access pass records, seat/desk booking data, video and audio recordings in meetings or events, photographs taken at events or used on profiles, in digital media or promotional materials, footage and images captured by security cameras on our premises.

Use of IT and digital communication systems: information about your use of our IT and digital communications systems including user access logs and usage analytics, time keeping and utilisation information, web browser history, internet protocol (IP) address, working location, and the contents of email and instant messages. See our workforce monitoring requirements and acceptable use requirements in STEP for more information.

We may need to process particularly sensitive personal information about you for specific and limited purposes, but we will only do so if permitted or required by law. If we are required to obtain your informed and explicit consent before processing your sensitive personal information, further details about the proposed use and handling of it will be provided to you at the point of collection.

Sensitive personal information is treated with particular care and access to it is tightly restricted and controlled. For the purposes of this privacy notice, it includes:

Government issued identifiers: (where necessary and either permitted or required by law) passport details, national identity card details, driver’s licence details, national insurance number, and social security/insurance number.

Financial information: bank account details, payment card details, salary and bonus information, shareholding and share dividend details, pension contributions, health insurance and other employee benefit payments/deductions, tax and social security payment details.

Background screening and vetting information: employment references, education checks, and (where necessary and permitted by law) information about criminal convictions and/or alleged offences, the outcome of driver’s license and financial probity checks, drug and alcohol test results, and the outcome of national security vetting.

Health and biometric information: details of reasonable adjustments and accessibility requirements (including those related to your mobility, sight or hearing), health condition(s), sickness absence (including leave allowance and use), occupational health and other medical reports, travel health risk assessment data, wellbeing information, fingerprints, and facial scans.

Inclusion information: (where necessary and either permitted or required by law in the jurisdiction where you reside) racial/ethnic origin, religious or philosophical beliefs, disability status, sexual orientation, biological sex, and gender identity. This information allows us to monitor workforce inclusion and equality of opportunity/outcomes. It will be used to comply with applicable legal obligations and (if necessary, in an aggregated and depersonalised form) for reporting purposes.

We collect your personal information throughout the time you spend working for us. It will normally be collected directly from you, and there are some occasions where we receive your personal information from third parties.

Onboarding and people management systems: we collect your personal information during the onboarding process (for example, collecting your bank account details so we can pay your salary) and throughout your employment with Mott MacDonald.

IT and digital communication systems: we collect your personal information when you use internal IT and digital communication systems (for example, messages sent or received through your Mott MacDonald email account); or external IT and digital communications systems that send or transmit data through our IT network infrastructure. Your personal information may also be contained in data from third party systems you use to perform your job if we need to audit/monitor cyber security risks or user activity. Please see our workforce monitoring requirements and acceptable use requirements in STEP for more information.

In-person events and conferences: we collect your personal information when you attend an event or conference hosted by Mott MacDonald or another third party we have partnered with (for example, capturing your image to promote the event).

Online application systems and in-person, telephone, or video conference interviews: we collect your personal information when you apply for a different role within Mott MacDonald using our internal careers website and recruitment system. We also collect your personal information during any in-person, telephone, or video conference interviews.

Third parties: third parties provide us with your personal information throughout your employment, this may include:

• Individuals/organisations who have agreed to provide personal or employment references (for example, to confirm your work history or provide information about your past performance).
• Government departments or agencies (for example, to provide us with tax and social security/insurance information).
• Educational institutions (such as universities and colleges) and professional membership bodies (for example, to verify qualifications and certifications).
• Third party service providers we engage to perform background screening and vetting, medical screening, tests, and evaluations, to create, distribute and analyse results from employment surveys, process visa and work permit applications, process payroll transactions, and confirm travel and accommodation reservations.

We may need to collect personal information from you about individuals who are closely associated with you such as your spouse/partner, your children, or other family members. For example, if Mott MacDonald is providing them with insurance/medical benefits or helping your family to relocate to a new city or country while you are working for us.

If you have an ongoing health condition and/or are being treated with medication that affects your work, we may require contact information for your doctor or healthcare provider.

We may also require you to provide personal information such as name and contact details of your next of kin, nominated pension/insurance beneficiaries, and emergency contacts.

In some jurisdictions, young adults on work experience or undertaking an internship/apprenticeship Mott MacDonald may be considered minors who are unable to enter into legal agreements or give valid consent to the processing of their personal information. In that scenario, and subject to their agreement, we may need you to provide us with personal information about a parent or legal carer/guardian.

In all these scenarios, because we do not have a direct relationship with these individuals, we are relying on you to tell the individual concerned that you need to provide their personal information to us and obtain their agreement to you sharing it with us. While in our possession, their personal information will be subject to the same robust handling requirements and safeguards as your own personal information.

Mott MacDonald is responsible for deciding how we collect, access, analyse or otherwise process personal information about our people. We process personal information about you primarily for the purposes of managing our relationship with you, giving you access to the tools and facilities you need to do your work, providing you with a range of benefits, and complying with our legal obligations.

We will only use personal information about you when the law allows us to do so. In some jurisdictions, the legal justifications we can rely upon to process your personal information may be slightly different to the ones outlined in this privacy notice. If that is the case, we will notify you of the differences in a supplementary privacy notice.

The purposes for which we may need to process your personal information (and the categories of personal information involved) include:

Managing our people

• Completing the onboarding process for new members of our workforce: arranging access to equipment, systems, and facilities; ensuring we can comply with our legal and regulatory obligations.
• Assessing and managing work performance: keeping track of your probation reviews; evaluating your attendance, absence and time keeping; evaluating progress against goals and activities agreed with your line manager; supporting your personal and professional development; evaluating your eligibility for promotions and pay awards; conducting pay and grading reviews.
• Communicating with you: providing work-related information to you, responding to your questions, notifying you of changes to your compensation, benefits or changes in corporate structure and policies and contacting you in emergency situations (for example, natural disasters).
• Processing financial transactions: paying your salary, bonuses, share dividend payments; administering payroll taxes, and other deductions (including pension and social security contributions); managing your travel costs and expenses (including reimbursing you for work-related travel).
• Administering employment benefits: providing you with health insurance, a pension, global mobility support, wellbeing resources, and facilitating medical leave (for example, short term disability leave).
• Supporting your personal and professional development: providing you with education, training, and professional development opportunities (for example, to attend professional conferences or obtain a new professional certification).
• Managing work-related travel: booking and managing work-related travel/accommodation and contacting you during travel or in emergency situations.
• Ensuring a safe and productive workplace: determining whether you’re fit to undertake tasks required for a particular role; determining eligibility for (and arranging) work-related reasonable adjustments; providing equipment; giving you access to internal systems; monitoring your compliance with our internal policies and procedures; protecting our property from theft, vandalism, and damage.
• Conducting investigations: evaluating and resolving alleged capability, disciplinary, grievance, and conduct issues; investigating security breaches and potential misuse of company assets, equipment and systems; and investigating allegations of theft, fraud, or criminal activity.
• Conducting background screening and vetting: conducting background checks and vetting (for example, employment and education reference checks, financial probity checks, driver’s license and motor vehicle checks, criminal background checks, and national security vetting).

Categories of personal information used for this purpose include:

• Personal identification information
• Contact details
• Business and career development information
• Travel and location information
• Driving information
• Audio/visual information
• Use of IT and digital communication systems
• Health and biometric information
• Background screening and vetting information
• Financial information
• Government issued identifiers
• Inclusion information
• Your feedback, opinion, interests, preferences, and other information

Fulfilling our contractual obligations to our clients

• Billing for, and evidencing, the hours you’ve spent working on an assignment (for example, providing our client with your name and salary rate or redacted payslip), performing drug and alcohol testing (where required by our clients for health and safety reasons), and carrying out background checks (where required by our clients for safeguarding or national security reasons).

Categories of personal information used for this purpose include:

• Personal identification information
• Contact details
• Business and career development information
• Travel and location information
• Driving information
• Health and biometric information
• Background screening and vetting information
• Financial information
• Government issued identifiers
• Inclusion information
• Your feedback, opinion, interests, preferences, and other information

Promoting Mott MacDonald and winning new business

• Featuring members of our workforce in promotional material (on our website, social media feeds, or in other digital/print media) promoting our services, products, events, and our brand

Categories of personal information used for this purpose include:

• Personal identification information (name, job title)
• Audio/visual information

Improving the effectiveness of our people management processes

• Monitoring and improving our human resources procedures and making decisions relating to human resource allocation
• Undertaking internal and external audits of our people management processes (for example, assessing HR policies and practices)
• Understanding your experience at Mott MacDonald (for example, through workforce surveys)
• Evaluating any feedback that we receive from you (for example, how we can improve our health and benefits coverage or career development programme)

Categories of personal information used for this purpose include:

• Personal identification information
• Contact details
• Business and career development information
• Your feedback, opinion, interests, preferences, and other information

Carrying out internal recruitment and workforce restructuring

• Assessing your personal and professional development
• Assessing your skills, qualifications, and interests against Mott MacDonald career opportunities
• Setting up and conducting interviews and assessments
• Conducting background checks and assessments
• Verifying that you are permitted to work in a particular country or jurisdiction
• Answering any questions regarding the application, interview, and selection process
• Contacting individuals (for example, a current or former line manager and local HR representative) to obtain or discuss employment references used to evaluate your past conduct or performance

Categories of personal information used for this purpose include:

• Personal identification information
• Contact details
• Business and career development information
• Travel and location information
• Health information (for example, accessibility requirements)
• Background screening and vetting information
• Government issued identifiers
• Your feedback, opinion, interests, preferences, and other information

Complying with legal obligations

• Disclosing personal information to government agencies, regulatory authorities, or law enforcement (this includes complying with subpoenas and court orders)
• Complying with record keeping and reporting obligations
• Pursuing our legal rights and remedies
• Establishing or defending Mott MacDonald’s legal position
• Managing complaints and legal claims
• Satisfying workplace health and safety requirements
• Conducting medical checks and health screening (for example, during a public health emergency)
• Conducting criminal record and driver’s license checks (depending on applicable local law, and specific role/client requirements)
• Verifying that your immigration status allows you to work in a particular country or jurisdiction
• Conducting grievance and disciplinary investigations and hearings
• Assessing employment and tax law obligations related to pay, social security, working hours, and annual leave entitlement
• Monitoring and reporting on gender and ethnicity pay gaps (where required by law)
• Monitoring and reporting on inclusion and equality (where required by law)

Categories of personal information used for this purpose include:

• Personal identification information
• Contact details
• Business and career development information
• Travel and location information
• Driving information
• Audio/visual information
• Use of IT and digital communication systems
• Health information
• Background screening and vetting information
• Financial information
• Government issued identifiers
• Inclusion information
• Your feedback, opinion, interests, preferences, and other information 

We will only process your personal information where the law allows us to. We normally rely on one or more of the following legal justifications when we process your personal information (collect, store, access, analyse, share, or use it in some other way):

• As necessary to fulfil and perform the contractual obligations that we have entered into with you
• As necessary to comply with a legal obligation, for example to share personal information with tax authorities or law enforcement agencies
• As consistent with your consent (where applicable)
• As necessary for our legitimate interests and business needs (where permitted by law), for example, to bill our clients for work you have completed
• As necessary to protect your interests (or someone else’s interests), for example in the event of a medical emergency or a threat to your physical safety
• As necessary in the public interest, for example, to perform contact tracing during a public health emergency

Some of the above will overlap, so it’s possible that several different legal bases will apply at the same time to justify our processing of a particular element of your personal information.

In certain locations, there may be differences in the legal justifications that can be relied upon when we process personal information (due to local legal requirements or the way that Mott MacDonald operates in that jurisdiction). If that’s the case, we will notify you in a supplementary privacy notice.

If it is necessary and proportionate to do so, we may have to share your personal information with:

Different Mott MacDonald entities involved in managing our relationship with you and operating our business.

Our service providers and suppliers who support our business administration and people management activities, such as to book travel and accommodation, provide training and development support, deliver occupational health services and support, provide employee benefits such as private medical insurance, workplace pensions and wellbeing support, process payroll transactions, conduct background screening and vetting, support our technology systems and infrastructure or manage access to our work premises and facilities. These include Sterling (workforce screening and vetting), Amex Global Business Travel (travel management), Microsoft (communication services, internet services and cloud computing) and SAP (people management and onboarding systems).

Our clients and delivery partners for bidding, project delivery, access (to premises and IT systems), billing, invoicing and audit purposes; this may include your name, work (country) location, job role and professional qualifications, CV/resume, your salary or an equivalent hourly/daily rate, redacted payslip, the activities you carried out during an assignment, the hours spent on specific tasks. Where necessary, we may also be required to provide a limited range of information on background checks, medical conditions, and wellbeing as part of their screening or health and safety processes.

Our external legal or other professional advisers for advice on employment matters, assessment of visa and work permit options, for audit purposes (for example, to ensure tax compliance and improve efficiency), to determine tax obligations, and (when necessary) to investigate, pursue, or defend legal/insurance claims (or other claims of a similar nature).

Business transferees in the event of a corporate restructuring. For example, if we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a merger, acquisition, sale, joint venture, consolidation, or other disposition of all or any portion of our business or assets.

Regulatory authorities or law enforcement agencies where necessary to facilitate the prevention, detection and investigation of suspected criminal activity, if we need to comply with an official request for information (this includes complying with subpoenas and court orders) or to meet other legal obligations (for example, reporting a work-related incident to health and safety regulators, agencies and administrators).

When we need to share your personal information with these third parties, we use a combination of contractual, physical, and technical measures to keep it secure.

To protect personal information that is transferred internationally, we ensure that adequate and proportionate safeguards are in place and that your privacy and data protection rights are protected. This is because you may have fewer rights under local laws in some countries than you do in your country of residence.

Those safeguards will normally include data encryption, role-based access permissions, and legal agreements that facilitate the lawful cross-border transfer of personal information. Please refer to our Group policies for more information.

Please note that we will never sell your personal information to a third party for any purpose.

We work hard to maintain and improve security measures that prevent personal information from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. We limit access to personal information to individuals and organisations who have a legal right of access (for example, regulatory authorities or law enforcement agencies), or a legitimate business need to know (for example, line managers, HR professionals and service providers). Our service providers and suppliers will only process personal information in accordance with our instructions, and we ensure that all third parties are subject to a legal duty of confidentiality.

All Mott MacDonald people who may be required to access your personal information when carrying out their duties are required to complete privacy and data protection training, and information security training, on an annual basis.

Please also see our Group policies for more information.

We will only retain your personal information for as long as reasonably necessary for the purposes set out in this privacy notice. Generally, this means we keep your personal information for the duration of the time you spend working for us, and then for a limited amount of time afterwards. When setting those retention periods we consider:

• How long do we need to keep it to operate our business and manage our relationship with you? For example, we need to retain your personal information to pay your salary each month and to administer your health insurance, pension, and other benefits.
• How long do we need to retain the information to comply with our legal or regulatory obligations? For example: evidence required for an external tax, immigration, or financial audit; to comply with a specific provision in a particular law; or to respond to a legal claim or regulatory investigation.
• Do we need to keep it for another legitimate purpose, for example, to prevent harm to individuals or our business; or to protect our legal rights, property, or assets.

In some instances, and for specific reasons, we will keep information for an extended period of time. When your personal information is deleted or destroyed, we ensure that it is safely and permanently disposed of in accordance with any local legal requirements.

We respect your rights over your personal information. As one of our people you have the following rights over your personal information:

• Right of access to your personal information. This enables you to request a copy of your personal information and to check that we are processing it lawfully.
• Right to correct the personal information that we hold about you. This enables you to ask us to amend or update any incomplete or inaccurate personal information.
• Right to request erasure of personal information about you. This enables you to ask us to delete or remove personal information where there is no valid reason for us to continue processing it.
• Right to object to the use of your personal information if you think we do not have a valid reason to process it and want us to stop processing it.
• Right to restrict further use of personal information about you. This enables you to ask us to limit or suspend the use of your personal information (for example, if you want us to confirm its accuracy or the reason why we are processing it).
• Right to transfer personal information about you to another party. You can ask us to send/port) your personal information, such as your work record, payslips or other personal information to another organisation, such as a future employer.

You or an authorised nominee can exercise these rights at any time by submitting a request through our individual rights request form, by contacting privacy@mottmac.com or by contacting your HR business partner. If you’re a resident of California, you can also submit a request by contacting us at 1-800-832-3272.

If you’ve asked someone else to exercise your rights on your behalf and that nominee does not provide written evidence of their authority to do so (for example, a power of attorney or a letter of authority signed by you), we will not be able to process or action their request.

If you choose to exercise any of your rights set out above, we are committed to treating you fairly and ensuring non-discriminatory treatment. We will respond to you within any applicable statutory deadline (for example, in the UK and EEA we will respond to you within one month from the date we receive your request; and in California we will respond to you within forty-five days from the date we receive your request). If there is a lawful reason to extend this deadline, then we will let you know as soon as possible.

Please also note that the extent to which you can exercise your rights may be limited by the rights and interests of others or a legal obligation (for example, where we are unable to delete all your personal information due to our regulatory obligations). If this is the case, we will let you know as quickly as possible.

If you have provided your consent to the collection and processing of your personal information for a specific purpose, and we are relying on that consent to justify our use of your personal information for that purpose, you may have the right to withdraw your consent.

To withdraw your consent, please contact the HR team for your unit or region in the first instance. Once they have received notification that you are withdrawing your consent, we will no longer process your personal information for the purpose(s) to which you had originally agreed, unless we are required or permitted to do so by law and have a legitimate reason for doing so.

If you choose to withdraw your consent to certain processing activities it could mean we are unable to provide certain amenities or benefits, and you may be excluded from certain activities (while you are working for us). The consequences of withdrawing your consent to a specific processing activity will be communicated to you at the point when you tell us you would like to withdraw your consent.

If you have concerns about the way Mott MacDonald has processed your personal information, or you want to exercise your privacy rights, please complete our individual rights request form or contact privacy@mottmac.com. If you’re located in Singapore, you can also contact us by calling 6293 1900.

If you’re unhappy with our response after raising a concern or submitting an information rights request, you can register a complaint directly with the privacy and data protection regulator in the country, state, or province where you are located. If you aren’t sure which regulatory authority enforces privacy and data protection compliance in your jurisdiction, please contact privacy@mottmac.com to request the relevant contact details.

This privacy notice was issued in July 2025 and may need to be updated because of changes to our systems and processes or the law, so we recommend that you review this notice periodically. If changes materially affect your privacy rights, we will attempt to notify you and take any other steps required by applicable law.