Aviatrix Candidate Privacy Notice

Aviatrix Candidate Privacy Notice

 

This notice is meant to inform you how Aviatrix Systems Inc (a Delaware, US corporation) and its affiliates and subsidiaries will collect and use Personal Information about you (“you” or “the Candidate”) in the context of our recruitment process. Therefore, Aviatrix Systems Inc shall be considered the data controller as defined in the GDPR for this recruitment process.

 

Please read the following notice carefully. We invite you to review our general privacy notice at https://aviatrix.com/privacy-policy/ which also applies to all data we process as a controller. Please also note that Aviatrix may change this Candidate Privacy Notice at any time, in which case you may receive an updated notice if applicable.

 

Effective Date: 1 April 2022

 

Introduction

 

In order to effectively run our recruitment process, we collect and use information about (potential) candidates which may be considered Personal Information under the GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act) and other similar legislation (hereafter: “Personal Information”). This notice sets out which data we collect, what we use it for, how we handle your data, which rights you have under relevant legislation and how to exercise those rights.

 

For all our recruitment activities, we use a SaaS service called Greenhouse Software Inc. (www.greenhouse.io). Greenhouse will act as a data processor to Aviatrix and will only process your data on our behalf and per our instructions.

Information we collect about you

 

In order to carefully and accurately assess your application, we may collect the following information about :

  • Name, address, phone numbers, email addresses
  • Social and professional profiles,
  • Education and work experience (CVs)
  • Other information you voluntarily provide throughout the process, including through internal or third-party assessment centers/exercises and interviews.

 

If we carry out a background check as part of our recruitment process, we may also gather information about:

 

  • Details of your reference providers, including their name, contact details, employer, and job role.
  • Details of your immigration/visa status, such as work authorization.
  • Other required information as applicable per situation and on a country per country basis

 

More specific information will be provided to candidates for whom we carry out such background checks as required.

 

We may collect this information from various sources and use information from different sources to build a full profile of you. These sources include:

 

  • Personal Information you provide directly to us;
  • Personal Information we receive from someone who has referred you to us as a suitable candidate;
  • Personal Information collected from publicly available sources, including any business social media platforms you use or other information available online.

 

For candidates for whom we carry out a background check we may also collect Information provided by background-checking agencies, including (where lawful) criminal background checks, and security clearance checks (to the extent applicable to relevant government work) to verify the accuracy of information you have provided.

 

How we may use your Personal Information

 

We may process your Personal Information for the following purposes:

 

  1. To assess your application for a job opening at Aviatrix to which you have applied.
  2. To consider you for other (future) job openings at Aviatrix.
  3. To communicate with you throughout the recruitment process.

 

As our lawful basis for data processing, we rely on the legitimate interest of finding suitable candidates for Aviatrix. According to Art. 6(1)(f) of the GDPR, organizations such as Aviatrix can claim that collecting and evaluating candidate data is a legitimate interest as it pertains to selecting a candidate for employment.

 

How we handle your Personal Information

 

Security

 

Aviatrix is committed to security of your Personal Information as such we employ industry standard procedural and technological measures that are reasonably designed to help protect your Personal Information from loss, unauthorized access, disclosure, alteration, or destruction. Aviatrix uses, without limitation, firewalls, password protection, encryption, and other security measures to help prevent unauthorized access to your personal data. We have internal procedures and policies, guidelines, and documented practices for the safe handling and protection of data and conduct audits of the same.

 

Your Personal Information will be shared and handled only by Aviatrix employees on a need-to-know basis. All Aviatrix employees handling your Personal Information are subject to appropriate confidentiality obligations.

 

Data Retention

 

Per default, we will retain all Personal for as long as necessary to fulfill the purposes for which we collected it (the Retention Period).

 

However, we will delete your Personal Information before this Retention Period ends in case you request us to do so by sending a request to infosec@aviatrix.com. If we wish to keep your Personal Information beyond the Retention Period we may seek your consent to do so.

 

Please note that for certain jurisdictions (such as the State of California) law mandates that we retain your Personal Information beyond the Retention Period. If applicable law, accounting requirements or other requirements compel us to do so we may keep your Personal Information beyond the Retention Period. Seek legal counsel to check whether this may apply to you.

 

 

Your rights and how to contact us

 

If the General Data Protection Regulation applies to you because you are in the European Union and if we are the controller of such personal data, you have rights under data protection laws in relation to your personal data. You may be able to exercise these rights in relation to the Personal Information:

 

  • Right of access – you may have the right to request a copy of the Personal Information we have about you and to request supporting information explaining how the Personal Information is used;
  • Right of rectification – you may have the right to request that we rectify inaccurate Personal Information about you;
  • Right of erasure – you may have the right to request that we erase Personal Information about you;
  • Right to restrict processing – in some situations, you may have the right to request that we do not use the Personal Information you have provided (for example, if you believe it to be inaccurate);
  • Right to data portability – you may have the right to receive your Personal Information in a structured, commonly used and machine-readable format and to transmit such information to another controller;
  • Right to withdraw consent – where we process your Personal Information based on consent, you have the right to withdraw consent at any time. However, this will not affect the lawfulness of the processing based on consent before its withdrawal. Furthermore, even in case of a withdrawal we may continue to use your Personal Information as permitted or required by law; and
  • Right to object – where we are processing your Personal Information based on a legitimate interest (or those of a third party) you may challenge this. However, we may be entitled to continue processing your Personal Information where we can demonstrate that we have compelling legitimate grounds to process your information (which override your rights and freedoms), or where continuing to process your Personal Information is relevant to the establishment, exercise or defence of legal claims.

 

 

 

International Transfers for European candidates

 

The Personal Information we collect from you will be stored by our subprocessor Greenhouse and as such may be transferred to and stored in the United States of America.

 

Adequacy of data protection is instead ensured by Standard Contractual Clauses approved by the European Commission in accordance with Article 46(2)(c) of the General Data Protection Regulation, or any equivalent clauses approved by the authorities in the United Kingdom including any additional safeguards as required by EU / UK data protection laws that we have in place with that third party, which we have in place with our subprocessor Greenhouse.

 

In addition, the GDPR grants you the right to lodge a complaint with your competent regulatory authority.

 

To exercise any of these rights please contact us at infosec@aviatrix.com.

 

 

 

 

 

 

 

@Julie Montgomery are you able to fill in a list of data points we would typically collect through Greenhouse for a candidate or otherwise?