Skip to Main Content

Recruitment Privacy Notice – EEA

Available in: Polish
Effective Date: April 4, 2022

 

Introduction and scope of privacy notice

This Recruitment Privacy Notice (“Notice”) explains the type of information we process, why we are processing it and how that processing may affect you.

Please also read the Appendix relevant to the country in which you are applying for a role for, where relevant, specific information as it relates to your country.

What do we mean by “personal data” and “processing”?

Personal Data” is information relating to you (or from which you may be identified) which is processed by automatic means or which is (or is intended to be) part of a structured manual filing system.  It includes not only facts about you, but also intentions and opinions about you.

Processing” means doing anything with the data.  For example, it includes collecting it, holding it, disclosing it or deleting it.

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health, sexual orientation, sex life, trade union membership and genetic and biometric data are subject to special protection and considered by EU privacy law to be “sensitive Personal Data“.

Your Personal Data – what we hold and why we process it?

We process your Personal Data for the purposes of fulfilling our recruitment practices.  Some of the Personal Data that we process about you comes from you.  For example, you tell us your contact details.  Other Personal Data about you is generated from references and third party companies such as recruitment agencies.  Your Personal Data will be seen internally by managers, administrators and HR.

How long do we keep your Personal Data?

If you are successful in your application, your Personal Data will be kept on your personnel file.  If you are unsuccessful, your Personal Data will normally be deleted after 12 months. If your data is only useful for a short period (such as CCTV images), we will delete it once no longer needed.

Transfers of Personal Data outside the EEA

We are headquartered in the United States and also have offices in the Netherlands, Germany, Poland, Singapore and India.  Our HR and recruitment team is based in the USA, the Netherlands, Germany and India.  Therefore, we will transfer your Personal Data outside the EEA to other companies in the FourKites group.

We will also transfer it to our third party service providers in other countries. For example, recruiting or executive search agencies, recruiting platform providers, background checking or other screening providers.

We will ensure that the transfer is lawful and that there are appropriate security arrangements.

We have entered into agreements ensuring appropriate and suitable safeguards with our group members and third party service providers, incorporating the EU Standard Contractual Clauses (where applicable). If you wish to see details of these safeguards, please email privacy@fourkites.com.

Contact details

In processing your Personal Data, we, and in some cases our group companies, may act as a data controller.

If you are applying for a role in the EEA, in processing your Personal Data, the entity which would employ or engage you will be the data controller in relation to your Personal Data.  In some cases, FourKites, Inc. will act as data controller.

If you have any questions relating to our processing of your Personal Data, please contact us at privacy@fourkites.com.

Legal grounds for processing personal data

What are the grounds for processing?

Under data protection law, there are various grounds on which we can rely when processing your Personal Data.  In some contexts, more than one ground applies.  Three of those grounds can be summarised as Legal Obligation, Legitimate Interests and Consent.  We outline what those terms mean below:

Term Ground for processing Explanation
Legal obligation Processing necessary to comply with our legal obligations Ensuring we perform our legal and regulatory obligations. For example, providing a safe place of work and avoiding unlawful discrimination.
Legitimate Interests Processing necessary for our or a third party’s legitimate interests We or a third party have legitimate interests in carrying on, managing and administering our respective businesses effectively and properly and in connection with those interests processing your data.

Your data will not be processed on this basis if our or a third party’s interests are overridden by your own interests, rights and freedoms.

Consent You have given specific consent to processing your Personal Data In general processing of your Personal Data in connection with our recruitment practices is not conditional on your consent.  But there may be specific occasions where we rely on your consent.

Processing sensitive Personal Data

If we process sensitive Personal Data about you, as well as ensuring that one of the grounds for processing mentioned above applies, we will make sure that one of the grounds for processing sensitive Personal Data applies, including (for example) where processing is for equality and diversity purposes to the extent permitted by law.

Further information on the Personal Data we process and our purposes

Examples of the Personal Data and the grounds on which we process Personal Data are in the table below.  The examples in the table cannot, of course, be exhaustive.

Purpose Examples of personal data that may be processed Grounds for processing
Recruitment Information concerning your application and our assessment of it, the fact of your application and our record of it, your references, any checks we may make to verify information provided or background checks (if permitted by local law) and any information connected with your right to work. If relevant, we may also process information concerning your health, any disability and in connection with any adjustments to working arrangements. Employment Contract (if you are applying for a role in Germany)

Legal obligation

Legitimate interests

Contacting you Your address and phone number Legitimate interests
Security CCTV images Legal obligation

Legitimate interests

Monitoring of diversity and equal opportunities To the extent required or permitted by local law, information on your nationality, racial and ethnic origin, gender, sexual orientation, religion, disability and age Legitimate interestsConsent

Who gets to see your Personal Data?

To carry out the purposes outlined above, your Personal Data will be disclosed to managers, HR and recruitment teams, administrators and other employees of any of the FourKites group companies for employment, administrative and management purposes as mentioned in this Notice.  We will also disclose this to other companies in our group in order to achieve these purposes.

Access to your Personal Data and other rights

We try to be as open as we reasonably can about Personal Data that we process. If you would like specific information, just ask us.

You also have a legal right to make a “subject access request”. If you exercise this right and we hold Personal Data about you, we are required to provide you with information on it, including a description and copy of the Personal Data and an explanation of why we are processing it.

If you make a subject access request and there is any question about who you are, we may require you to provide information from which we can satisfy ourselves as to your identity.

As well as your subject access right, you may have a legal right to have your Personal Data rectified or erased, to object to its processing or to have its processing restricted.  You may also have the right to be given your data in a machine-readable format for transmitting to another data controller though this right is unlikely to be relevant to you the context of our recruitment processes.

We are unlikely to rely on consent as a ground for processing.  However, if we do, you may withdraw consent at any time — though if you do so that will not affect the lawfulness of what we have done before you withdraw consent.

Complaints

If you have complaints relating to our processing of your Personal Data, please contact privacy@fourkites.com.

You may also raise complaints with the statutory regulator in your jurisdiction.

The relevant statutory regulators are set out in the Appendices to this Notice.

Appendix A

Germany

If you are applying for a role with our entity in Germany, the following additional information and amendments to the Notice apply:

1. In addition to the legal grounds set out in the section entitled What are the grounds for processing, the following legal grounds for processing apply if you are applying for a role with our entity in Germany:

Term Ground for processing Explanation
Employment Contract Processing is necessary for the decision to enter into, for carrying out and/or for termination of an employment contract. This will usually cover the application process, all processing that is necessary for your employment relationship with us, and for any processing relating to the termination of the employment relationship.

2. Personal Data relating to job applicants (other than the person who is successful) will normally be deleted after 6 months.

3. In Bavaria, Germany, the statutory regulator is the Bavarian Data Protection Authority. For contact and other details see: https://www.lda.bayern.de

Appendix B

Netherlands

If you are applying for a role with our entity in the Netherlands, the following additional information and amendments to the Notice apply:

1. In the Netherlands, the statutory regulator is the Autoriteit Persoonsgegevens. For contact and other details see: https://autoriteitpersoonsgegevens.nl

Appendix C

Poland

If you are applying for a role with our entity in Poland, the following additional information and amendments to the Notice apply:

1. In addition to the legal grounds set out in the section entitled What are the grounds for processing, an additional legal ground for processing the data of job applicants may be their Consent. Consent may be expressed by including Personal Data in the application.

2. In Poland, the statutory regulator is the President of the Personal Data Protection Office. For contact and other details see: https://uodo.gov.pl/.