Privacy Notice.

This notice explains how Met Traders collects, uses, stores, and protects personal data. It applies to visitors to this website and to people who apply for roles with us.

01 What personal data we collect

We only collect information that is necessary for a specific, lawful purpose. Depending on how you use this site, this may include:

• Contact details you give us through the application form: full name, email address, telephone number if provided in your CV.
• Professional information: your curriculum vitae, area of interest, experience level, and any note or message you send us.
• Technical data: IP address, browser type, device type, pages viewed, and referring page, collected via standard server logs. (We do not currently run analytics or tracking cookies.)
• Cookies and similar technologies: see the separate Cookie Policy.

We do not knowingly collect data from anyone under 18.

02 Why we process your data and our lawful basis

Under UK GDPR we must identify a lawful basis for each purpose. The main bases we rely on are:

Consent (Article 6(1)(a))

When you submit the recruitment form you tick a consent box. You may withdraw consent at any time by emailing us.

Legitimate interests (Article 6(1)(f))

For standard web-server logging, security monitoring, fraud prevention, and keeping our technical infrastructure stable.

Legal obligation (Article 6(1)(c))

Where we are required to retain records under tax, financial-services, employment, or anti-money-laundering regulation.

Contract (Article 6(1)(b))

Where processing is necessary to enter into or perform a contract with you, such as progressing a job application toward an offer.

03 How we use your data

• Review your application and contact you about current or future roles.
• Operate, secure, and improve this website.
• Comply with our legal and regulatory obligations.
• Respond to enquiries you send us.

We do not use your data for automated decision-making or profiling with legal effect. We do not sell your personal data.

04 How long we keep it

We retain personal data only for as long as necessary:

Unsuccessful applications

Up to 12 months from the date of your application, after which records are deleted unless you have given separate consent for us to hold your CV for future opportunities.

Successful applications

Retained as part of your employment record in accordance with our internal HR retention schedule and UK law.

General enquiries

Up to 24 months.

Server logs

Up to 90 days, then aggregated or deleted.

05 Who we share with

We only share your personal data where necessary, and only with recipients who provide adequate safeguards. Typical categories include:

• Our hosting, email, and form-infrastructure providers, under written Data Processing Agreements.
• Group entities within The Met Group where the role you have applied for is held by another group entity.
• Regulators, law enforcement, or courts where we are legally required to do so.
• Professional advisers (legal, audit, compliance) under duty of confidence.

06 International transfers

Where personal data is transferred outside the United Kingdom or European Economic Area (for example to our Dubai operations or to a cloud provider), we rely on an approved transfer mechanism such as the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or an adequacy decision, and we apply additional safeguards where appropriate.

07 Your rights

Under UK GDPR you have the right to:

• Access the personal data we hold about you.
• Ask us to correct inaccurate data.
• Ask us to erase your data, where applicable.
• Ask us to restrict or object to our processing.
• Receive your data in a portable format.
• Withdraw consent at any time, without affecting the lawfulness of prior processing.
• Complain to the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, contact our Data Protection Lead using the details below. We will respond within one calendar month.

08 Security

We use technical and organisational measures designed to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit, access controls, staff training, and regular review of our processes. No system is perfectly secure; where we believe a personal data breach is likely to result in risk to your rights, we will notify both the ICO and you in line with UK GDPR.

09 Cookies

We currently use only a limited set of strictly necessary, first-party cookies and browser storage to make the site work; we do not use analytics or tracking cookies at this time. If that changes, we will update this notice and our Cookie Policy and ask for your consent first. See our Cookie Policy for details and how to manage cookies in your browser.

10 Changes to this notice

We may update this notice from time to time. When we do, we will change the "last reviewed" date above and, where changes are material, draw the update to your attention.

11 Contact

For any privacy-related question or to exercise your rights, please contact our Data Protection Lead: