I. Glossary – basic concepts.
Personal data – all information that we process related to you. For example: first name, last name, e-mail address, telephone number, education, information about your professional experience, etc.
Processing – all activities performed relating to your personal data. For example: gathering, retaining, updating, sending messages to you, deleting data.
II. Information about GlobalLogic – the data controller
E-mail address for contact: privacy@GlobalLogic.com
The data controller is the GlobalLogic company based in the country where the position you applied for is located:
Croatia: GlobalLogic d.d., Ulica grada Vukovara 284, Zagreb, registered under number 80723939
Germany: GlobalLogic GmbH, Mies-van-der-Rohe-Str.8, 80807 Munich Germany, registered under number HRB 183478, District Court München
Poland: GlobalLogic S.A., ul. Strzegomska 46B. 53-611 Wroclaw, Poland, registered under KRS number 0000630382
Slovakia: GlobalLogic s.r.o., Štúrova 27, 040 01 Košice, Slovakia, registered under number 47782421
Sweden: GlobalLogic Sweden AB, Slottsgatan 20, 211 33 Malmo, Sweden, registered under number 559042-2035
UK: GlobalLogic Worldwide Limited, Highlands House Basingstoke Road, Spencers Wood, Reading, Berkshire, England, RG7 1NT, registered under number 9582637
III. What personal data do we gather, and what is the purpose and the legal grounds for processing that data?
The scope of personal data we process depends on what information you provide in your application – this includes the content of documents, information on how you submit them, as well as the content of our possible further communication and conclusions from the recruitment procedure. Providing all data is voluntary.
If you have agreed to participate in a specific recruitment process or in future recruitment processes, your consent will be the legal basis for us to process your personal data (Article 6 (1)(a) GDPR). In some cases, we may process your personal data for the purpose of future recruitments based also on our legitimate interests (Article 6 (1)(f) GDPR), to submit to you an offer of employment in accordance with your qualifications and our needs – for purposes consistent with the purpose for which your personal data was originally collected (so-called compatible purpose as defined by Article 6(4) GDPR).
In every case, the purposes for which we are processing data are:
- assessment of your candidacy in respect of requirements for the position indicated in the job offer for which you have submitted your application, and/or for future recruitments for similar positions;
- if you meet the requirements for a position – to submit an offer of cooperation to you and to conclude a contract;
- demonstrating that the recruitment process is compliant with the law.
Notwithstanding the foregoing, some of the personal data you provided, e.g. your first name, last name and contact address, may be used by us to send you occasional correspondence (e.g. thank you notes or seasonal greetings). The legal basis for processing of abovementioned personal data for this specific purpose will be our legitimate interest (Article 6 (1)(f) GDPR) – maintaining our relationship and promoting GlobalLogic brand.
In the case of data processing on the ground of consent, we remind you that you can withdraw your consent at any time, without affecting the lawfulness of processing that has already been done on the basis of that consent. Whereas, if your data is processed on the ground of our legitimate interest, you have the right to object to such processing. You can find a description of your rights in Part VI below.
IV. Duration of retention of your personal data
If you applied on or after May 25th 2018 and we process your personal data in connection with a single recruitment process, it will be deleted after 6 months from the end of the recruitment process understood as the conclusion of a contract with another candidate. This time allows to complete the trial period and confirm that the position has actually been effectively filled-in.
Data processed on the basis of a consent to participate in future recruitment processes (this includes also recruitment processes for positions that are constantly open), if the consent was given on or after May 25th 2018, is processed until withdrawal of the consent or until the purpose for which such consent was expressed (hiring you) is fulfilled, but usually for no longer than 3 years from the time you granted the consent.
If you applied before May 25th 2018, processing of your personal data is based on our legitimate interest (see Part III above) for up to 18 months from collecting it.
The periods described above may be extended as appropriate in the event of any claims and court proceedings – for the duration of such proceedings and their settlement – and if the law obliges us in certain cases to process such data for a longer period of time.
V. Who has access to your personal data?
Your personal data will only be accessed by duly authorized GlobalLogic employees or associates, advisers or auditors – to the extent necessary to perform their duties.
We are a global company, which means that some companies from the GlobalLogic group are located outside the European Economic Area (EEA). In each case, we apply all required safeguards, including standard data protection clauses adopted pursuant to decisions of the European Commission. Where it is necessary, we also endeavour to ensure that our partners are covered by appropriate programs such as Privacy Shield. Additionally, in order to protect personal data, both when sending and after receiving it, we apply generally accepted standards. You can obtain a copy of the security measures we apply for the transfer of personal data to third countries by contacting us at privacy@GlobalLogic.com.
GlobalLogic may also be required – if there is a legal basis to do so – to provide certain information to public authorities, for purposes related to proceedings they are conducting.
VI. Your rights related to processing of your personal data
For effective exercise of your rights, please send any requests to privacy@GlobalLogic.com from the contact address you have provided, with subject “GDPR Request”, and please specify which right(s) you wish to invoke. Please note that the instructions given in the preceding sentence are only a recommendation not a requirement. You have the following rights:
1. Access to your personal data – you may ask us to provide detailed information regarding:
- whether we are processing your personal data;
- for what purpose;
- what categories of data we are processing;
- who is the recipient of your data;
- what is the planned duration of processing (if possible), and if we are not able to say, the criteria for determining that duration;
- if the personal data has not been given by you – all available information about the source of the data.
You can also receive access to all of your personal data that we are processing (data copy).
2. Data rectification – if information about you is or has become inaccurate, you have the right to demand that data is rectified.
3. Revocation of consent – you can revoke your consent to the processing of your personal data at any time, without affecting the legality of processing performed prior to such revocation.
4. Erasure of data – in certain situations, GDPR gives you the “right to be forgotten.” You can invoke this right if we are still processing your personal data, particularly in the following cases:
- the data is no longer vital for the purposes for which it was collected or otherwise processed;
- you revoke consent to the processing of personal data and there is no other legal basis for continuing to process it;
- you object to the processing of your personal data when there are no overriding, justified legal bases for processing;
- you object to the processing of your personal data for marketing purposes;
- your data is processed in a manner that violates the law;
- the law requires that we erase your data.
5. Restriction of processing – you can demand that we limit our activities in principle only to storing information about you when:
- you question the correctness of personal data we are processing – for a period of time that allows us to determine the correctness of that data;
- the processing of your personal data violates the law, but you prefer that processing be restricted rather than the data be erased;
- GlobalLogic no longer needs your personal data for the purposes of processing, but you need it for establishing, pursuing, or defending legal claims;
- you have objected to the processing of your personal data – only until such time as it is determined whether your interests take precedence over our legally justified interests.
6. Data portability – you have the right to receive your data in a commonly-used format that can be read by a computer, and also to have your data sent to another data controller, if:
- processing is done on the basis of your consent or a contract; and
- processing is done in an automated manner.
7. Objection – you have the right to object to some operations we perform on your personal data for special reasons related to your personal situation, particularly in the following cases:
- when our processing is based on a legitimate interest;
- when we process your personal data for purposes related to scientific or historical studies, or for statistical purposes.
Remember, however, that when in spite of your objection we conclude that there are important, legitimate grounds for processing that override your interests, rights and freedoms, or the basis for establishing, pursuing or defending claims, we will continue to process your personal data encompassed by the objection to the extent necessary. If you disagree with such an assessment of the situation, you can exercise your right to file a complaint with the relevant public authority (more information below).
8. Complaints to the relevant public authority – in connection with our actions as the controller of your personal data, you have the right to file a complaint to the relevant data protection authority. You can find list of local authorities responsible for data protection across the EU and their contact details at: http://edpb.europa.eu/about-edpb/board/members_en.
Of course, if you have any comments, we encourage you to first contact us at firstname.lastname@example.org.