Dott (emTransit B.V.) uses website cookies to personalize content, features, and to analyze traffic. Some third parties we work with may also set cookies on our website. Read our full Cookie Notice for all the details. You can always update which cookies you allow in the Settings.
Job Candidate Privacy Notice
Date of last amendment: 28 January 2022.
This notice explains what personal data (information that can directly or indirectly identify you) we hold about you, how we collect it, and how we use and may share information about you during your application process. We are required to notify you of this information under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice we may provide to you from time to time when we collect or process personal information about you.
Who collects the information
While different entities in our corporate group may from time to time act as (co-)controllers in respect of your personal data, emTransit B.V. acts as the primary controller and responsible entity for all personal data processing described in this policy. Our Data Protection Officer oversees the entire corporate group's compliance. For any questions about this policy, including questions about your rights under data protection law, please contact our Officer at: email@example.com.
What information do we collect about you and for what purpose?
We will need certain information from you before we decide to employ you. This would usually include your name and contact details, details of your qualifications, experience, employment history and interests; details of your referees, proof of eligibility to work (for non-nationals), any other information you decide to submit or disclose during the recruitment process and any other information that we decide is necessary for us to arrive at a recruitment decision.
We collect this for the purpose of deciding whether to recruit you or not, to comply with legal obligations and for the purposes of our legitimate interests: to ensure we employ the right people.
How we collect the information?
We may collect this information:
What do we do with your information?
Information we collect
Why we collect the information (legal basis) and how we use it.
How we use and may share the information
Contact details (names, email address,
home address, phone number, social
CV (qualification information, work
experience, employment history,
Proof of eligibility to work (for
Certificate of conduct (if applicable, you
will receive further notice of this
Legitimate interest: for the purpose of assessing your candidacy for the role that you have applied to, determining whether you are eligible to work in the country you are applying for, and for ensuring
that we find the right candidate for the open role at Dott.
To comply with legal obligations.
To assess your candidacy for the role.
To enter into/perform the employment contract.
We may share this information with the relevant
subsidiary if applicable, or with any recruitment
agencies we may be working with if you have
applied through them.
Gender you identify with
Legitimate interest: for the purpose of increasing inclusivity in our recruitment processes and improving these, and in order to improve the process for the candidates.
We use and share internally this information in an aggregated manner.
Where information may be held
Information may be held at our offices and those of our group companies, and third party agencies, service providers, representatives and agents as described at the end of this notice. Information may be transferred internationally to our group of companies and overseas to other countries around the world, including countries that do not have data protection laws equivalent to those in your country of residence, for the reasons described at the end of this notice. We will transfer your personal data outside the European Economic Area only when there is an appropriate safeguard in place.
We use Lever to process recruitment applications. For details on their privacy practices, please see: https://www.lever.co/privacy/
Most of our personnel records are stored on BambooHR. For details on their privacy practices, please see: https://www.bamboohr.com/privacy-policy/
We use different third-party payroll providers depending on your country of your residence. They act as our processors and we maintain primary responsibility for the protection of your information that we send to them.
How long we keep your information
If you provide us with your consent, we will retain this information for no longer than 1 year for the purpose of reaching out to candidates that we are interested in at a later stage, unless you ask us to delete it before that. If you do not provide us with your consent, we will retain this data for 90 days and once this period is reached, your personal data will be deleted.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and after going through a vetting process and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Your rights under data protection law
We are committed to fulfilling your statutory data protection rights. If you send us a request regarding your rights under data protection law, we will respond within one month from the day of receipt and, where possible, address your request within such time. Where necessary, this period may be extended by up to a further two months in complex cases. Under the General Data Protection Regulation, you have the right:
to be informed
to access (such information)
to restrict processing
to object to profiling
to data portability
to complain to the regulatory authority
to withdraw consent
For full information on your statutory rights, please visit the:
- Belgian Data Protection Authority’s website (https://www.autoriteprotectiondonnees.be/ - https://www.gegevensbeschermingsautoriteit.be/) for candidates based in Belgium;
- Dutch Data Protection Authority's website (https://autoriteitpersoonsgegevens.nl/nl/zelf-doen/privacyrechten) for candidates based in the Netherlands;
- Finish Data Protection Authority’s website (http://www.tietosuoja.fi/en/) for candidates based in Finland;
- French Data Protection Authority’s website (http://www.cnil.fr/) for candidates based in France;
- German Data Protection Authority’s website (http://www.bfdi.bund.de/) for candidates based in Germany;
- Italian Data Protection Authority’s website (http://www.garanteprivacy.it/) for candidates based in Italy;
- Norwegian Data Protection Authority’s website (https://www.datatilsynet.no) for employees based in Norway;
- Polish Data Protection Authority’s website (https://uodo.gov.pl/pl) for candidates based in Poland; and
- Spanish Data Protection Authority’s website (https://www.aepd.es/es) for candidates based in Spain.
- Swedish Data Protection Authority’s website (https://www.imy.se/) for candidates based in Sweden.
- United Kingdom’s Information Commissioner’s Officer (https://ico.org.uk/) for candidates based in the United Kingdom.
We would, however, appreciate the chance to deal with your concerns before you approach your Data Protection Authority so please contact us first by emailing us at firstname.lastname@example.org.