Legal
Privacy Policy
How Ampion Global Consulting collects, uses, shares and protects personal data in the course of our recruitment activities, and the rights you have under the UK and EU GDPR and under US state privacy laws.
In short. We are a specialist recruitment consultancy for the US power and energy engineering sector. To do that work we collect professional information about candidates and hiring contacts, use it to match people to roles, and share candidate details with prospective employers with the candidate’s knowledge. We do not sell your personal information. You can ask us at any time to access, correct or delete the data we hold, or to stop contacting you, by emailing privacy@ampiongc.com.
1. Who we are
This policy is issued by Ampion Global Consulting Ltd (“Ampion”, “we”, “us”, “our”), a company registered in England & Wales under company number 16270085, with its registered office at 86–90 Paul Street, 3rd Floor, London EC2A 4NE, United Kingdom.
For the personal data described in this policy, Ampion is the data controller. For the purposes of the UK GDPR and EU GDPR, you can reach our data protection contact at privacy@ampiongc.com.
2. Who this policy covers
We are a recruitment consultancy. This policy applies to personal data we process about:
- Candidates — engineers, specialists and other professionals we may represent, place, or keep in touch with about opportunities in the US power and energy sector;
- Client and prospective-client contacts — hiring managers, HR and talent contacts, and other representatives of the firms we recruit for;
- Referees and referrals — people who provide a reference for a candidate, or whose details are passed to us as a possible candidate;
- Website visitors — anyone who visits ampiongc.com.
3. Information we collect
Candidates
- Identity and contact details — name, email address, phone number, city/state and country, and links to professional profiles such as LinkedIn.
- Professional and employment information — your CV or résumé, work history, current and past employers, job titles, disciplines and specialisms, skills, and portfolio or project details you choose to share.
- Qualifications and credentials — education, professional licenses and certifications (for example PE, EIT/E.I.), memberships and training.
- Eligibility to work — work authorization and immigration/visa status relevant to a role, to the extent required by a prospective employer or by law.
- Preferences and expectations — the roles, locations and working arrangements you are looking for, availability, notice period, and compensation expectations or history where you choose to provide them.
- Assessment and process information — interview notes, our discussions with you, feedback from clients, references, and the status of any application.
- Communications — emails, messages, and call notes exchanged with us.
Client contacts
- Business contact details (name, job title, employer, email, phone), the requirements of the roles you are hiring for, and our correspondence and feedback with you.
Website visitors
- Technical and usage data such as IP address, device and browser type, pages viewed and referring pages, collected through cookies and similar technologies (see Cookies and analytics).
4. Where we get it
We collect personal data:
- Directly from you — when you send us your CV, complete a form, book a call, email us, or speak with us.
- From publicly available and professional sources — such as LinkedIn and other professional networks, public professional directories and registers, company websites, and job boards or CV databases where you have made your details available for recruitment.
- From referrals — when a colleague, contact or referee suggests you as a potential candidate or provides a reference.
- From our clients — feedback on candidates and role requirements.
Where we source your details from a third party or public source, we will tell you when we first contact you and give you the opportunity to ask us to stop.
5. How and why we use it
We use personal data to:
- provide recruitment services — understanding your skills and goals and matching candidates to suitable roles;
- contact you about relevant opportunities, and keep in touch about your search or your hiring needs;
- submit candidate details to prospective employers, with the candidate’s knowledge, and manage the interview and offer process;
- take up references and, where a role requires it, help verify qualifications and eligibility to work;
- maintain our candidate and client network and records, and manage our relationship with you;
- send you occasional updates or marketing about our services where you have not opted out (and, where required, only with your consent);
- operate, secure and improve our website;
- comply with our legal and regulatory obligations, and establish, exercise or defend legal claims.
6. Our legal bases (GDPR / UK GDPR)
Where the UK GDPR or EU GDPR applies, we rely on the following legal bases:
| What we do | Legal basis |
|---|---|
| Providing recruitment services, matching and introducing candidates, and maintaining our professional network | Legitimate interests — running a recruitment business and helping candidates and clients connect |
| Taking steps to place a candidate in a role, or to fill a client’s vacancy, at your request | Performance of a contract, or taking steps at your request before entering into one |
| Marketing communications where consent is required, and any processing of special category data | Consent (which you can withdraw at any time) |
| Verifying eligibility to work, keeping required records, and responding to lawful requests | Legal obligation, and/or legitimate interests |
Where we rely on legitimate interests, we have considered the impact on you and do not use your data where your interests and rights override ours. You can object to this processing — see Your rights.
7. Sensitive information
We do not seek to collect “special category” data (such as health, racial or ethnic origin, religious beliefs, or similar) or other sensitive information as part of the ordinary recruitment process. Please do not include such information in your CV unless it is necessary. Where we do need to process sensitive information — for example, if a role or accommodation requires it — we will do so only where the law allows, and generally with your explicit consent. Certain US state laws treat some data, such as precise geolocation or immigration status, as “sensitive”; we limit our use of such data to what is necessary to provide our services.
8. Who we share it with
We share personal data only as needed to provide our services and run our business:
- Prospective employers (our clients) — we share candidate details with clients for roles the candidate is interested in, with the candidate’s knowledge. We aim to confirm your interest before submitting you for a specific role.
- Service providers (processors) — trusted suppliers who process data on our behalf and under contract, such as cloud hosting and storage, our applicant-tracking/CRM system, email and communications tools, calendar and scheduling tools (for example, for booking calls), and website analytics providers.
- Professional advisers and authorities — our advisers (such as legal and accounting), and regulators, law-enforcement or other authorities where we are required or permitted to do so by law.
- Corporate transactions — a purchaser or successor, if we reorganize, merge, or sell part of our business, subject to appropriate protections.
We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising, as those terms are defined under US state privacy laws.
9. International data transfers
Ampion is based in the United Kingdom and recruits for roles in the United States, so personal data is transferred internationally — in particular between the UK/EU and the US — including to US-based clients and service providers. Where we transfer personal data out of the UK or EEA, we put appropriate safeguards in place, such as the UK International Data Transfer Agreement or Addendum, the European Commission’s Standard Contractual Clauses, or transfers to countries covered by an adequacy decision. You can ask us for more information about these safeguards using the contact details below.
10. How long we keep it
We keep personal data only for as long as it is needed for the purposes described in this policy. For candidates and network contacts, this generally means for as long as your information remains relevant to opportunities we may be able to help with, and we periodically review and remove records that are no longer relevant — typically within around six years of our last meaningful contact, unless a longer period is required by law or to resolve a dispute. Client records are kept for the duration of our relationship and for any period required by law. You can ask us to delete your data sooner (see below).
11. How we protect it
We use appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse or alteration, including access controls, encryption in transit, and use of reputable service providers. No method of transmission or storage is completely secure, but we work to protect your information and to meet our legal obligations if a breach occurs.
12. Your rights under the GDPR / UK GDPR
If you are in the UK or EEA (and in many cases wherever you are), you have the right to:
- access the personal data we hold about you;
- rectify inaccurate or incomplete data;
- erase your data (the “right to be forgotten”) in certain circumstances;
- restrict or object to our processing, including objecting to processing based on legitimate interests and to direct marketing at any time;
- data portability — to receive certain data in a portable format;
- withdraw consent at any time, where we rely on consent.
To exercise any of these rights, email privacy@ampiongc.com. We will respond within the time limits set by law. You also have the right to complain to your data protection authority — in the UK, the Information Commissioner’s Office (ico.org.uk) — though we would welcome the chance to resolve your concern first.
13. Your US state privacy rights
Depending on your state of residence — including California (CCPA/CPRA), Virginia, Colorado, Connecticut, Utah and Texas, among others — you may have some or all of the following rights regarding your personal information:
- Know / access — to know what personal information we collect, use and disclose, and to obtain a copy;
- Delete — to request deletion of your personal information;
- Correct — to correct inaccurate personal information;
- Opt out — of any “sale” or “sharing” of personal information, or targeted advertising. We do not sell or share personal information or use it for targeted advertising;
- Limit sensitive information — to limit the use of sensitive personal information;
- Non-discrimination — you will not receive discriminatory treatment for exercising your rights.
The categories of personal information we collect are described in section 3 and, under the CCPA, include identifiers, professional or employment-related information, education information, and internet/electronic activity. We collect this for the recruitment purposes set out in section 5 and disclose it as described in section 8.
To submit a request, email privacy@ampiongc.com. We will verify your request using the information we hold, and you may use an authorized agent to submit a request on your behalf with proof of authorization. California residents may also request information under California’s “Shine the Light” law; as noted, we do not share personal information with third parties for their own direct marketing.
14. Cookies and analytics
Our website uses a small number of cookies and similar technologies. Some are necessary for the site to function. We also use Google Analytics 4 to understand how the site is used — for example, which pages visitors view and the general region (country level) they visit from — so we can improve it.
Analytics cookies are off by default. When you first visit, we ask for your choice through a consent banner, and we only set analytics cookies if you accept. We use Google’s Consent Mode, and we have configured Google Analytics without advertising features, Google Signals or ad personalization, and with IP address anonymization, so your data is used for site analytics only and not for advertising. Google acts as our processor for this purpose; some data may be processed in the United States under the safeguards described in section 9.
You can change your choice at any time using , or by clearing cookies in your browser. You can also install Google’s Analytics Opt-out Browser Add-on. For more on how Google handles data, see Google’s Privacy Policy.
We also use Umami, a privacy-focused analytics tool, alongside Google Analytics. Umami does not use cookies and does not collect personal information — it counts visits and pages viewed and estimates general location from your IP address, which is not stored. Because it sets no cookies, it runs regardless of your cookie choice above. See Umami’s Privacy Policy for details.
We also use Microsoft Clarity, a session-replay and heatmap tool, to see how visitors move through and interact with the site so we can spot points of friction. Clarity is gated behind the same consent choice as Google Analytics above and only loads if you accept; it masks the content of text inputs by default. See Microsoft Clarity’s Terms for details.
15. Automated decision-making
We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing. Decisions about who to put forward for a role involve human judgment.
16. Children
Our services are directed to working professionals and are not intended for children. We do not knowingly collect personal information from anyone under 16.
17. Third-party links
Our website and communications may link to third-party sites and tools (for example, LinkedIn or our scheduling provider). We are not responsible for the privacy practices of those third parties, and we encourage you to review their privacy policies.
18. Changes to this policy
We may update this policy from time to time. When we do, we will change the “last updated” date above and, where changes are significant, take reasonable steps to let you know. Please check back for the latest version.
19. How to contact us
For any question about this policy or your personal data, or to exercise your rights, contact us at:
- Privacy and data protection: privacy@ampiongc.com
- General inquiries: hello@ampiongc.com
- Post: Ampion Global Consulting Ltd, 86–90 Paul Street, 3rd Floor, London EC2A 4NE, United Kingdom