Effective date: Nov 1, 2020
Head of People and Culture
+358 40 5037 626
Name of the register
Fluido recruitment database
At Fluido, we want you to feel that we do not have a secret agenda with the data we collect from you. We want to be transparent, and in order to do this, we have compiled some heavy-duty words for you to let you know how we collect and use your data and meet our data protection obligations.
This policy sets out the basis on which we collect, use, and disclose the personal data of our job applicants, as well as your rights in respect of such personal data.
Brace yourself! Our Policy for you to read and enjoy:
The purpose of processing the personal information /Purpose for the use of a register
The purpose of the register is to process received applications and application information for employment purposes at Fluido. The personal information can be related to one or several open positions, or the applicant can submit an open application. The register is used for managing the recruitment process and applicant information.
Fluido may use external third parties as service providers for processing personal data. Third parties may additionally support Fluido in the recruitment process.
Legal Basis of Processing
We process your Personal Data when it is necessary for the performance of a contract (Art. 6 para 1(b), GDPR) to which you are the party or in order to take steps at your request prior to entering into a contract. We have a legitimate interest (Art. 6(1)(f), GDPR) in processing personal data during the recruitment process and in keeping records of the process. Processing data from job applicants allows us to manage the recruitment process, assess and confirm a candidate’s suitability for employment, and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims. If you do not provide the Personal Data for processing, we will not be able to continue providing our services or engage further in our employment relationship.
In some cases, we need to process data to ensure that we are complying with our legal obligations.
In the case of Personal data being collected and processed in Germany, the lawfulness of processing is based pursuant Article 6 (1) sentence 1 (b) GDPR, Article 9 (2) (b) and (h) GDPR, Article 88 (1) GDPR, Article 8 (1) sentence 1 no 2 and 3 BDSG.
The purpose of the data collection is to be able to carry out an assessment of your application and if you are a good fit for the applied role. For this reason, we will store all data provided by you during your application. Based on the data collected during the process, we will check whether you will be invited to the interview as a given step of the selection process.
In the case of generally suitable candidates, we will collect certain other pieces of personal data which are essential for the selection decision. This will include the personal information collected during background and reference checks conducted after obtaining explicit consent from the applicants.
We will not use your data for any purpose other than the recruitment process of which you are part. If we wish to use your personal data for a new purpose not covered by this Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing unless authorised by law.
“What if I do not provide my Personal Information?” you may ask
If you choose not to provide your Personal Information, which is mandatory to process your request, we may not be able to provide the corresponding service, i.e., initiating the recruitment process and helping you join us.
The content of the register
• First Name; Last Name
• Preferred location (where applicable)
• Preferred location; position (as you apply for a particular role)
• Language skills
• Current location/address
• LinkedIn url
• Twitter url
• Previous experience – a. Organization name; b. Role; c. Start Date; d. End date; e. Description of responsibilities
• Applicant information – Free text field questions
• Curriculum Vitae
Sources of data
The data stored in the register is provided by applicants themselves by submitting an application on the Fluido website or by email/phone and also includes notes recorded by Fluido during internal meetings, conversations with the applicant, and reference checks. The applicant can update their data by contacting the owner of the register or by emailing firstname.lastname@example.org.
Regular destinations of disclosed data
The register and applicant information can only be accessed by Fluido personnel involved in the recruitment and selection processes and possible recruitment agencies helping with the process.
The registered data may be shared within the Fluido group of companies. Third-party service providers may be used to process personal data on behalf of the Fluido group of companies.
Data will be located within the European Union. Processing of personal data may also take place within other companies in the Fluido group, and therefore the data may be transferred to and/or accessed by other companies belonging to the Fluido group globally.
Your personal data listed above will generally not be transferred to a third country. In some cases, your personal data may be transferred or allowed access to countries located outside of the EU, for which data protection legislation may differ from that of the EU or UK, i.e. to Infosys main offices located in India and third-party servers in the USA, for the purposes of the recruitment process of the Infosys Group. We shall take the necessary steps to ensure the confidentiality and security of the transferred data. We have, in particular, implemented the following safeguards: Standard Contractual Clauses (Art. 46 para. 2 lit. c) GDPR).
If your application for employment is unsuccessful (including when the role which you applied for is not available), we will hold your data on file for 12 months. At the end of that period, your data is deleted or destroyed (unless we need to retain it for longer to exercise or defend any legal claims).
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which employee data is held will be provided to you in a separate privacy notice.
How safe is your data
We are committed to ensuring that your data is not in any kind of danger.
Both Technical and organisational security arrangements are in place to protect any unauthorised access to personal data. All computer equipment and terminals are protected with passwords and have encrypted hard drives.
The information system’s users have a right to access only such files, data, and other resources that they are entitled to use due to their work assignments. The information system’s users are provided with appropriate training and are bound by confidentiality obligations.
As a data subject, you have a number of rights under data protection law. You can:
• access and obtain a copy of your data on request (Art. 15 GDPR);
• ask Fluido to change incorrect or incomplete data (Art. 16 GDPR);
• ask Fluido to delete or stop processing your data, for example, where the data is no longer necessary for the purposes of processing (Art. 17, 18 and 21 Abs. 1 GDPR);
• object or restrict the processing of your data where Fluido is relying on its legitimate interests as the legal ground for processing;
If you would like to exercise any of these rights or if you have any questions about this notice or our processing of your data more generally, please contact us.
You are under no statutory or contractual obligation to provide data to Fluido during the recruitment process. However, if you do not provide the information, we may not be able to process your application.
How to Contact Us
Data Privacy Office, Infosys Limited, Electronics City, Hosur Road, Bangalore 560 100, India
Phone: +91 80 2852 0261
Contact Your Local Data Protection Authority
If you are unhappy with how we safeguard your personal data, you have the right to bring a complaint to your local data protection authority.
Effective Date: November 1, 2020