Recruitment Privacy

Find information on our Recruitment Privacy Policy and data collection.

Recruitment Privacy Policy

As a potential employee or contractor of the Egress Software Technologies group, you may be applying for a role with any of our group companies in the UK, United States or Canada, whether in response to an open vacancy or on a speculative basis. Whatever the situation, we recognise the importance of your privacy.

Egress Software Technologies Limited (we, us and our) based in the United Kingdom will hold your personal data for and on behalf of itself and its group companies. This policy sets out how the information that you give us and our group companies, or that we obtain from other sources, or learn about you through your relationship as an applicant with our group.

If you have any questions we would be happy to answer them. Just get in touch at DPO@egress.com.

This policy was last updated on 20 April 2021

The information we collect and how we get it

We collect information about you in a number of ways. We may combine the information that we receive from these various sources with other information that we collect or receive. We set out further below how we use this information.

Security

The security and confidentiality of your personal information is very important to us. We have implemented commercially reasonable technical and organizational safeguards to appropriately protect your personal information against accidental, unauthorized, or unlawful access, use, loss, destruction or damage. The measures that we utilize are administrative--[such as the training of employees on privacy and information security-related activities], technical--[such as pseudonymization or encryption techniques, and network firewalls], and physical--[such as locks and video surveillance].

We limit access to your personal information to those employees, agents, contractors and other third-parties who have a business need to know.  They will only process your personal data on our instructions and they are subject to a duty of confidentiality. 

Still, no system can be guaranteed to be 100% secure. If you have questions about the security of your personal information, or if you have reason to believe that the personal information that we hold about you is no longer secure, please contact us immediately as described in this Privacy Notice.

From

How we obtain or receive it

Examples of the types of information

You

  • direct, speculative approach
  • existing employee or contractor referral
  • application through our website
  • response to a head-hunter approach
  • Name, address
  • Right to work in the UK
  • Previous employment
  • Email address and contact details
  • Role interested in
  • CV (the content of which is decided by you)

Recruitment agencies

  • speculative approach
  • response to open vacancies on the group’s website
  • response to an approach by an existing employee or contractor
  • Name, address
  • Previous employment
  • Email address and contact details
  • Role interested in
  • CV (the content of which is decided by you)

Third parties

  • references provided by third parties that we approach (e.g. previous employers or individuals)
  • verification of claims made (e.g. qualifications) with third parties (e.g. relevant industry bodies)
  • Previous roles, salary and responsibility
  • Grievances, disciplinary information
  • Opinions

How we use the data that we collect

We use the information we obtain as part of recruitment in each of the following ways:

What we use it for

Our reasons

Our lawful basis

Acknowledging your application (by whatever route or means)

To ensure that we meet are able to let you know that we have received your interest in working for our group and are considering it.

Legitimate Interests

Review and consider your application (by whatever route or means)

To enable us to assess your suitability for the role, or a role, within the group.

Where you have applied through a Recruitment Agent or third party, this may involve us liaising or discussing the merits of your application with them.

Legitimate Interests

Communicate with you, a Recruitment Agency or other third party involved in your application

We may need to communicate directly with you or these parties for administration reasons connected with your application (e.g. arranging interviews and travel arrangements) or to communicate decisions taken in respect of your application.

Legitimate Interests

Interviewing you

During any interview process we will refer to, and rely on, information that you’ve provided or that we’ve received in relation to your application.

Legitimate Interests

Carrying out pre-employment checks and other administration

Prior to joining the group, we may require you to carry out certain checks with third parties and to pass the results of those checks to us. These will be maintained in accordance with our employment privacy policy. These checks may include those designed to protect our business or that of our customers (e.g. Criminal Records Bureau (CRB) or Disclosure Scotland, pre-employment credit checks). Where we ask you to provide such a search we will not share the results with other potential employers and will abide by the relevant body’s code of practice in respect of handling the information.

Legitimate Interests

Keeping you informed of future roles

If you have asked us to do so, we may keep you informed directly of any future roles that become available that we consider relevant to your experience. We may also notify third parties (such as Recruitment Agents) of vacancies and they may then contact you in relation to them.

Consent, Legitimate Interests

Exercising our rights

We may need to process certain information (including personal data) in order to exercise or enforce our rights under this and any other relevant policies.

Legitimate Interests, Legal obligation

Responding to and actioning any request by you in exercising your legal rights in relation to your personal data

Processing may be required to provide confirmation of information to you (e.g. if you make a data subject access or data portability request) or in order to action a request that you make (e.g. correction, deletion, erasure or restriction).

Legitimate Interests, Legal obligation

Contact you and any relevant regulator in the event of a breach where we are legally required to do so.

Processing may be required to effectively respond to, and mitigate the effects of, any personal data breach that involves your personal data.

Legitimate Interests, Legal obligation

Who we may share the data that we collect with

Who we may share it with

Our reasons

Our lawful basis

Employees and contractors of other companies within our group

We share your personal data with those most relevant to the role that you have applied for, or are seeking, to enable them to be involved in the potential recruitment process.  This may involve the transfer of your personal data to other territories and outside the country you are resident or located in.

Legitimate Interests

Recruitment agencies

Where you have applied through a Recruitment Agency, we may share details of your application, its merits and success or failure with them (together with opinions such as our reasoning for any decisions taken).

Legitimate Interests

Third parties

If you have provided us with information about a referee, or have made claims in respect of certain qualifications, we may disclose the existence and nature of your application (and its status) to those third parties in order to obtain a reference or validate your qualification.

Legitimate Interests

Those involved in interviewing

Sometimes we may use third parties in our interview process, where this is the case for the role or application you have made, you will be made aware of it prior to the interview and we may share details of your application with that third party for the purpose of the interview.

Legitimate Interests

Recruitive software

We store information about applicants on our third party SaaS platform currently provided by Recruitive Limited. More information on them is available on request.

Legitimate Interests

Law enforcement

We reserve the right to disclose information in order to comply with national, EU or Member State law to which we are subject, including to meet national security and law enforcement requirements. You can find out more on our approach.

Legitimate Interests

Future purchaser of all or part of our Group or assets

We reserve the right to transfer our obligations, rights and permissions in your information to any organisation to which we may transfer our business or assets (including if we, or a relevant part of us or our assets, are proposed to be purchased or acquired by a third party).

Legitimate Interests

If you provide us with information about others

If you provide information and personal details about others (such as a referee), you confirm that they are happy for you to do so and for us to contact them at the appropriate stage of your application.

Who we may share your information with, and sending information outside the country you are located in

To operate our group effectively we use shared systems, resources and sub-processors and so the information that we collect may be transferred, shared and processed within our group and to and by these third-parties. They are only authorised to use your personal information as necessary to provide the services to us that we request from them and must abide by data privacy and security obligations set out in applicable law.

Record maintenance: We use a third party – Recruitive Limited, to provide a platform through which we are able to easily manage and track applications to work within our group. More information about it can be found at https://www.recruitive.com/privacy-policy/

Group companies: If you apply for a role within a group company located outside of the territory that you are currently resident in, you acknowledge that it may be necessary for us to share your personal data with those members of our group (and other third parties as set out above in who we can disclose your data to). These individuals may be located outside the country you’re resident in.

Selling your information: We will not, and do not, sell your information for: (i) valuable consideration (as defined in the California Consumer Privacy Act) or for their direct marketing purposes; or (ii) monetary consideration for the person to license or sell it to additional person (as defined in Nevada Senate Bill 220). Your information may be shared with third parties as set out above for our business purposes.

What we need you to do

We need to make sure that the information that we hold about you is accurate, up-to-date and still relevant. As a result, we need you to tell us promptly if there are any changes to the information that you’ve provided by letting us know at careers@egress.com.

How long we will keep your information for

We will keep information that you provide to us as a result of an application (by whatever route or means) for a period of 12 months (unless you have a current job application in process with us). If you are successful in your application, when you become an employee or contractor of our group, your personal data will be held in accordance with our Employment Privacy Policy – details of which will be made available to you at the appropriate time. 

Your rights as an individual

As an individual you may have certain rights by law in respect of the personal data that we hold about you. These rights may not always apply as your location and the basis on which we are processing your personal data may affect their availability. You can find out more information about them and our Data Protection Officer at http://www.egress.com/legal/your-rights.

If you ever have a complaint relating to the delivery of our services, or our processing of your personal information, you can find details on how to raise this in our Complaints Policy at www.egress.com/legal

Privacy Shield

Our policy is to respect and protect personal data collected or maintained by or on behalf of Egress Software Technologies. In furtherance of our commitment to this Privacy Policy, Egress Software Technologies, Inc. has certified to adhere to the Privacy Principles set forth in the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework regarding personal data related to employees, contractors and candidates of Egress Software Technologies resident in the European Economic Area (EEA) and Switzerland, respectively, and processed in support of the Egress Software Technologies Group’s human resources operations.  Egress Software Technologies, Inc. adheres to the Privacy Shield principles.  With respect to personal data received or transferred pursuant to Privacy Shield, Egress Software Technologies, Inc. is subject to the regulatory enforcement powers of the U.S. Department of Commerce.  Egress Software Technologies, Inc’s commitment to participate in the Privacy Shield program can be found at the following DOC website located at https://www.privacyshield.gov/welcome that officially lists all U.S. entities that have registered for the program.  Egress Software Technologies, Inc. has further committed to cooperate with EU data protection authorities (DPAs) for EEA residents and with the Swiss Federal Data Protection and Information Commissioner for Swiss residents with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU or Switzerland, respectively, in the context of the employment or engagement, or potential employment or engagement, relationship.

TRUSTe

 

International Privacy Verification

Whilst the Court of Justice of the European Union (CJEU) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) ruled the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks invalid in the summer of 2020, we remain committed to the Privacy Shield Principles.  In recognition of our continued commitment, in October 2020 we self-certified with the International Privacy Verification programme (IPV). The IPV’s assessment criteria are aligned with those of the Privacy Shield and therefore by certifying with the IPV we are able to continue to demonstrate our compliance with the core Privacy Shield Principles in relation to the protection of personal data transferred outside of the UK and EU.

If you do not feel that we have resolved your complaint or concern satisfactorily you can contact our U.S based third-party dispute provider (free or charge) at https://feedback-form.truste.com/watchdog/request.

TRUSTe

Changes to this policy

We can change this policy from time to time. You (and, if you are a business, your users) should check the website periodically to make sure that you, or they, have read our most recent policy. When we do make changes, we will change the date at the top of this document.

EU Representative

Egress Software Technologies Limited (a foreign company registered on the Dutch Chamber of Commerce) further identified in the section above is our EU representative.

About us

We are Egress Software Technologies Limited. We are a limited liability company registered in England and Wales (number 06393598). Our registered office is 12th Floor, The White Collar Factory, 1 Old Street Yard, London, EC1Y 8AF, United Kingdom. Our VAT number is 921 4606 46.

Law

This Policy, its subject matter and formation are governed by English law. We both agree that the courts of England and Wales will have exclusive jurisdiction

Glossary

Legitimate Interest means our interest in conducting and managing our business to enable us to give you the best service and experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

Performance of Contract means processing your personal information where necessary for the performance of a contract that we have with you, or to take steps before entering into such a contract.

Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.