At Dott, we are dedicated to safeguarding your privacy and ensuring you have full control over your personal data. Your trust and security are paramount, and we are committed to protecting your personal data and ensuring your rights are respected.

Our commitment to your privacy includes granting you the following rights concerning your personal data:

Right to Access Information

You are entitled to request an overview of your personal data processed by us, along with a copy of this data, ensuring you’re fully informed about the information we hold about you.

Right to Rectification

Should you find your personal data in our possession to be inaccurate or incomplete, you have the right to request that we correct or update it. In cases where your data has been shared with third parties, we will also inform them of any necessary amendments to ensure the accuracy of your information across all platforms.

Right to Object to Processing

You may object to the processing of your personal data if you believe our use of it is for our legitimate interests yet unjustifiably impacts you. Upon receiving an objection, we will assess the situation to determine if your rights override our processing activities. However, this right does not apply where the processing is a legal requirement or necessary for fulfilling a contract with you.

Rights Regarding Automated Decisions

TIER-Dott occasionally employs automated decision-making processes essential for entering into or performing a contract with you. You will be informed if such processes affect you, with the option to request a manual review of automated decisions, thereby ensuring fairness and accuracy.

Right to Restrict Processing

You can request that we limit the processing of your personal data under specific conditions, such as when the accuracy of the data is contested, its processing is unlawful, the data is no longer needed for processing, or while objections to processing based on legitimate interests are being evaluated.

Right to Data Portability

This right allows you to obtain your personal data in a structured, commonly used, and machine-readable format and to transfer that data to another entity, where technically feasible, ensuring ease of access and the ability to move your data as needed.

Right to Erasure

Also known as the ‘right to be forgotten,’ this enables you to request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary, its processing is objected to, it has been unlawfully processed, or when required by law.

Right to Complain

If you are dissatisfied with how we have handled your personal data or responded to your requests, you have the right to lodge a complaint with the relevant data protection authority, ensuring your concerns are addressed appropriately.

Exercising Your Rights

Requests may be denied if they do not meet specific criteria. In such cases, or if there is a delay in processing your request due to legal requirements or complexities, we will inform you of the reasons for denial or delay, ensuring transparency and communication throughout the process. 

There are circumstances under which we may not be able to fulfill your request regarding your personal data. For instance, if you request the deletion of transaction data but TIER-Dott is under a legal obligation to retain records of that transaction to comply with laws, we must deny such requests. Similarly, requests that could compromise our legitimate use of data for anti-fraud and security purposes may also be declined. This could occur if, for example, you ask for the deletion of an account currently under investigation for security reasons.

Other grounds for denying a privacy request include situations where complying with the request would infringe on the privacy rights of others, if the request is deemed frivolous or vexatious, or if fulfilling the request would pose an extreme impracticality. Our commitment to protecting the privacy and security of our users’ data means we must carefully balance individual rights with legal obligations and the collective security of all users’ information.

At Dott, we uphold the principle that exceptional opportunities and robust privacy can coexist harmoniously. This philosophy guides our approach to candidate data collection — we are thoughtful and selective in what we gather, ensuring that we collect only the personal data necessary to comply with data minimization principles, assess your suitability for a role, and enhance your recruitment experience.

We may collect and process the following categories of personal data during the recruitment process:

Identity Data and Contact Data

Name, surname, date and place of birth, ID or passport number, home address, phone number, and email address.

Professional and Educational Data

Employment history, qualifications, education details, certifications, references, special projects, and professional memberships.

Legal and Compliance Data

Nationality, work permit or visa status, social security or tax identification number (where legally required), and background check information (if applicable).

Additional Data

Photographs (if voluntarily provided), hobbies or interests, and other information you choose to share as part of your application or communication with us.

Audio-Visual Data

In certain Dott offices or warehouses, CCTV cameras may operate for security purposes in accordance with local laws.

Interview and Meeting Recordings

If you provide explicit consent, Dott may record interviews or online meetings conducted during the recruitment process. These recordings may include your image, voice, and any materials or presentations you choose to share during the conversation.Such recordings are used solely to ensure fairness and consistency in candidate evaluation, interviewer training, or documentation purposes. You may refuse or withdraw consent at any time without any negative impact on your application.

Processing your personal data is essential for managing our recruitment process and, where applicable, preparing to enter into an employment or service agreement with you. We use your information to evaluate your suitability for the role, communicate with you throughout the selection process, and take necessary steps at your request before establishing an employment relationship.

We also process certain information to meet our legal obligations or where it is in our legitimate business interest — for example, to ensure fair and consistent hiring practices, maintain accurate records, and improve the effectiveness of our recruitment activities.

Recruitment and Candidate Evaluation

To assess your skills, qualifications, and suitability for a role at Dott. This includes reviewing your CV, conducting interviews, and evaluating your experience in relation to current and future openings.

Interview Coordination and Communication

To manage and coordinate interviews, assessments, and related communications, including scheduling, providing feedback, and keeping you informed about the progress of your application.

Verification and Background Checks

To verify the information you provide (such as education, experience, and references) and to perform background or work eligibility checks where legally permitted and relevant to the role.

Meeting Recordings (With Consent)

If you have provided consent, to record online or in-person interviews or meetings for evaluation, documentation, or training purposes. These recordings may include your image, voice, and shared materials, and you may refuse or withdraw consent at any time without any negative impact.

Legal and Compliance Requirements

To comply with applicable laws, regulations, and reporting obligations, such as employment law, immigration requirements, or equality monitoring where legally required.

Improving Recruitment and Diversity Practices

To enhance our recruitment processes, improve fairness and efficiency, and support diversity and inclusion initiatives through aggregated and anonymised data analysis.

Future Opportunities and Talent Pool

To maintain contact with you regarding other relevant or future career opportunities, but only if you have consented to be part of our talent pool.

Contract Preparation and Onboarding

If you are offered a position, to prepare your employment contract, facilitate onboarding, and set up HR and administrative systems necessary for your role.

Legal Proceedings and Compliance

To protect Dott’s legal rights, resolve disputes, or respond to lawful requests from authorities or regulators, consistent with our legal obligations.

We may share your data with:

Within the Dott Corporate Group

Dott may share your personal data internally within our corporate group to streamline services, support business operations, and enhance customer experiences. This collaboration across our entities ensures consistency in service delivery and policy adherence.

Public Authorities

When required by law, such as tax or regulatory bodies, courts, or law enforcement.

External Service Providers

Recruitment and assessment platforms (e.g., Lever, Greenhouse), IT providers, consultants, and external auditors who assist in the recruitment process. (If applicable)

If your application is unsuccessful, withdrawn, or declined, we retain your data for up to 18 months after the end of the process, unless required longer for legal or compliance reasons.

We retain this data to:

• • Defend against potential legal claims related to recruitment decisions.
    
  • Consider you for future openings.
    
  • Analyse and improve recruitment effectiveness. 

You may contact us at any time if you wish to have your personal data deleted. Once we verify your request and confirm that no legal or contractual obligation requires us to retain it, we will ensure your data is promptly and securely deleted. When no longer needed, data is deleted, anonymised, or securely aggregated in accordance with GDPR.

At Dott, safeguarding your personal data is a top priority. We implement a comprehensive blend of technical and organizational measures designed to ensure the confidentiality, integrity, and secure processing of your personal data. Our approach includes:

• • Robust IT Security Measures: We employ state-of-the-art IT security solutions, including encryption, firewalls, and secure server configurations, to protect your data against unauthorized access, disclosure, alteration, and destruction.
  • Policies and Procedures: TIER-Dott has established a thorough set of policies and procedures that govern how personal data is handled within our organization. These guidelines ensure that all employees understand their roles and responsibilities in protecting user data.
  • Internal Framework of Policies and Minimum Standards: We maintain an internal framework that sets out policies and minimum standards for data protection across all our operations. This framework is designed to provide a consistent level of security for your personal data, regardless of where in our organization it is being processed.
  • Regular Updates and Compliance: Our data protection policies and standards are not static; they are regularly reviewed and updated to keep pace with regulatory changes and advancements in technology and security practices. This proactive approach ensures that our data protection measures remain effective and fully compliant with current regulations.
  • Training and Awareness: We also invest in training and awareness programs for our employees to ensure they are knowledgeable about the importance of data protection and the specific practices we follow to secure your information.

By integrating these measures into our daily operations, TIER-Dott is committed to protecting your personal data against any form of misuse, ensuring it is processed in a secure and lawful manner.

Should you have any inquiries regarding this Candidate Privacy Statement or our practices related to applicant data privacy — including situations where a third-party service provider processes data on our behalf — you may contact us at privacy@ridedott.com

You may also contact our Data Protection Officer (DPO) directly for questions, concerns, or requests related to your personal data. We are available to guide you on how to submit a privacy-related complaint, and we are committed to supporting you throughout that process.

At Dott, we take every privacy concern seriously. Each inquiry is carefully reviewed by our dedicated privacy and compliance team to determine the most appropriate course of action, including those arising from requests for access or deletion. We generally aim to respond to comprehensive requests within thirty (30) days; however, in certain cases, we may require additional information or time to provide a complete response.

If your feedback suggests that improvements can be made in how we handle candidate data or privacy matters, we will take prompt action to implement such enhancements where appropriate. Should a privacy issue negatively affect you or another individual, we will work diligently to reach a fair and timely resolution.

If at any point you are dissatisfied with Dott’s response, you have the right to escalate your complaint to your local Data Protection Authority. Upon request, we will assist you by providing details of the relevant authority and the complaint process applicable to your jurisdiction.

In the event of significant updates to this Candidate Privacy Statement, Dott will provide prior notice before implementation and, where applicable, inform you directly if your information is on record with us.

Change of Services  

This section applies to individuals affected by the transition from Tier services to Dott services in various operational areas.

Tier Mobility SE and Dott are pleased to announce their strategic merger, marking the beginning of a new chapter in our shared commitment to improving sustainable urban mobility worldwide. During the merger process, Tier and Dott will act as joint data controllers, in accordance with Article 26 of the General Data Protection Regulation (GDPR).

This partnership is designed to enhance the quality of our services, expand operational coverage, and improve the overall user experience. Throughout this transition, we remain committed to handling your personal data transparently, responsibly, and in full compliance with applicable data protection laws. This section provides important information about how your personal data and privacy are managed during the transition from Tier services to Dott services.

Your Privacy Rights 

As we integrate Tier and Dott’s systems and services, our top priority is to ensure a seamless and user-friendly experience while fully safeguarding your privacy rights. We are dedicated to maintaining simplicity and transparency in how you manage your privacy preferences during this process.

In alignment with GDPR principles, your rights to access, rectification, restriction, erasure, objection, and data portability remain fully protected.

The personal data you previously provided to Tier for ride or service use will remain in Tier’s systems for a limited period, solely for transition and compliance purposes. Afterward, the data will be securely transferred, anonymised, or deleted in accordance with applicable retention policies.