Neuer Kurs
Jetzt starten
Back to main legal page
Print this page

Applicant Privacy Notice

Applicant Privacy Notice

Introduction

Pendo.io, Inc. and its affiliated companies and subsidiaries (“Pendo”, “we”, “our”, or “us”) will collect and process the information that we receive related to job applicants and employment candidates during the application process; this information may include information that identifies a particular individual, could be used to identify a particular individual (whether directly, indirectly or in combination with other data), or is otherwise linked or reasonably linkable to a particular individual (“Personal Data”). This Applicant Privacy Notice (“Applicant Privacy Notice”) sets out which Personal Data that we collect about you and how we use it.

Throughout this Applicant Privacy Notice, we may use the term “processing” to cover all activities involving your Personal Data, including collecting, handling, storing, sharing, accessing, using, disclosing, transferring and disposing of information.

The controller of your Personal Data will be the Pendo entity to whom you apply for a position. See this Applicant Privacy Notice for information about how to contact Pendo about our information practices or this Applicant Privacy Notice.

Purposes of Processing your Personal Data

In this Section, we describe the purposes for which we collect and process Personal Data about applicants, and, for applicants in the European Economic Area and the United Kingdom (herein the ”EEA and UK”), the applicable legal bases for our processing of their Personal Data, under GDPR and local data protection law. Where required by applicable law, we will obtain your consent to the collection and processing of your Personal Data. If you do not provide Personal Data indicated as mandatory (for example, on our application form), we may not be able to process your application.

Administration of Application Process and Assessment of Your Skills, Qualifications and Suitability for the Vacancy, including Information Verification
Pendo may process your Personal Data for the purpose of administrating the application process. This includes reviewing your Personal Data to assess your skills, qualifications and your suitability for our career opportunities, as well as to take measures to verify that the information you have provided is true and accurate, including by means of reference checks (where permitted by applicable local laws). Personal Data processed for these purposes may include:

  • name, address, email address, telephone number or other contact information;
  • position applied for, application letter and job preferences, how you heard about the position, your willingness to travel if the applied position so requires, eligibility to work in the jurisdiction in which the position(s) you apply for are located;
  • information about current employment;
  • your work visa, permit, or other documents evidencing authorization to work under the applicable immigration laws;
  • your educational background, references, CV and application details, interview and assessment data, vetting and verification information and previous experience;
  • your previous (job) experience and references;
  • photographs;
  • memberships of committees or other bodies;
  • language skills, computer knowledge, special skills including (driver) licenses, interests, leisure activities, other qualifications, activities;
  • and any other Personal Data necessary or voluntarily given by you in connection with your application.

Legal Bases of Processing for Applicants in the EEA and UK.
For applicants in the EEA and UK (other than Germany), we process your Personal Data as explained in this Section, on the following legal bases: (a) in order to comply with legal obligations, including immigration and equal employment opportunity compliance; and (b) our legitimate business interests where those interests are not overridden by your fundamental rights, which include our legitimate interests in recruiting and filling open positions, and hiring the best candidates for employment, while at the same time complying with all applicable laws.
For applicants in Germany, our legal basis for processing is the necessity of such processing for hiring decisions.

Record-keeping and Communication of Career Opportunities
Pendo may process your Personal Data for the purpose of keeping your record for current and future hiring processes, including for the purpose of communicating with you and providing you with information regarding potential career opportunities that suit your profile. Personal Data processed for this purpose includes:

  • name, address, email address, telephone number or other contact information;
  • position applied for, application letter and job preferences, how you heard about the position, your willingness to travel if the applied position so requires, eligibility to work in the jurisdiction in which the position(s) you apply for are located;
  • information about current employment;
  • education, previous (job) experience, CV and references;
  • memberships of committees or other bodies;
  • language skills, computer knowledge, special skills including (driver) licenses, interests, leisure activities, other qualifications and activities;
  • and any other Personal Data necessary or voluntarily given by you in connection with your application

Legal Bases of Processing for Applicants in the EEA and UK.
For applicants in the EEA and UK (other than Germany), we process your Personal Data as explained herein this, on the following legal bases: (a) in order to comply with legal obligations to maintain records of recruiting efforts, where applicable; and (b) our legitimate business interests where those interests are not overridden by your fundamental rights, which include our legitimate interests in recruiting and filling open positions, and hiring the best candidates for employment, while at the same time complying with all applicable laws.
For applicants in Germany, our legal basis for processing is the necessity of such processing for hiring decisions.

Establish, Exercise and Defend Legal Claims
Pendo may process your Personal Data for the purposes of establishing, exercising and defending potential legal claims. Personal Data processed for these purposes include:

  • name, address, email address, telephone number or other contact information;
  • position applied for, application letter and job preferences, how you heard about the position, your willingness to travel if the applied position so requires, eligibility to work in the jurisdiction in which the position(s) you apply for are located;
  • information about current employment;
  • education, previous (job) experience and references;
  • photograph;
  • memberships of committees or other bodies;
  • language skills, computer knowledge, special skills including (driver) licenses, interests, leisure activities, other qualifications and activities;
  • and any other Personal Data necessary or voluntarily given by you in connection with your application.

Legal Bases of Processing for Applicants in the EEA and UK. For applicants in the EEA and UK, we process your Personal Data as explained in this Section, on the following legal bases: (a) in order to comply with legal obligations from EU or Member State law to which we are subject; and (b) our legitimate business interests where those interests are not overridden by your fundamental rights, which includes our interest in establishing, exercising and/or defending our position in potential legal claims, such as in the event of a dispute or controversy between you and Pendo related to the hiring process and/or your application.

Special Category Data
To the extent permitted by applicable laws, Pendo collects and processes a limited amount of Personal Data that falls into the definition of special categories of Personal Data, sometimes called “sensitive personal data” or “sensitive data”, which may include:

  • physical or mental health (including details of accommodations or adjustments);
  • trade union membership; and
  • criminal records and information regarding criminal offences or proceedings (where permitted by applicable local laws).

Where we process special categories of Personal Data, it will be justified by a condition set out at the previous Sections above and also by one of the following additional conditions: (a) the processing is necessary for the purposes of carrying out the obligations and exercising the rights of you or Pendo in the field of employment law, social security and social protection law, to the extent permissible under applicable laws and there is no reason to believe that the data subject has an overriding legitimate interest in not processing the data; (b) the processing is necessary for the assessment of your working capacity, medical diagnosis, to the extent permitted by applicable laws; and (c) the processing is necessary for purposes authorised by applicable law.

Retention of your Personal Data
The Personal Data processed pursuant to your application for employment will be processed in accordance with our data retention guidelines, which apply running from the date from when the hiring process related to the position(s) you have applied for is finished, unless a longer period is necessary for our legal obligations or related to a legal claim.

Collection of Personal Data

Pendo mainly obtains your Personal Data directly from you. You may provide this information directly to the hiring manager or relevant recruiter or enter it into our systems. In addition, further information about you may be generated by the relevant recruiter, hiring manager or other employees involved in the recruitment process.

To the extent permitted by applicable law, we may also obtain some information from third parties: for example, references from a previous employer, information from tax authorities, or where we employ a third party to carry out a background check (where permitted by applicable law).

In some circumstances, subject to applicable law, data is collected indirectly from monitoring by, for example, building and location access control and monitoring systems when you come to our premises for an interview, CCTV, telephone logs and recordings and email logs), if and to the extent permitted by applicable laws. In these circumstances, the data may be collected by Pendo or a third-party provider of the relevant service. This type of data is generally not accessed on a routine basis but access is possible. Some data may be obtained from publicly accessible sources.

In the event that particular information is required by contract or statute, this will be indicated at the time of collection. We will also let you know where there are consequences of you not providing the information requested. Failure to provide some information will mean that we cannot carry on with the recruitment process. For example, if you do not provide us with your name or background, we will not be able to consider you for employment. In some cases, it may mean that we are unable engage further with you as Pendo will not have the Personal Data we believe to be necessary to reach a recruitment decision.

Disclosure and Transfer of Personal Data

For the purposes listed above, we may share your Personal Data on a need–to-know basis with Pedno employees due to their function within Pendo (in the country of the posted position and in other countries where we have operations (including countries outside EU/EEA and UK or outside your country or jurisdiction of residence), with external parties or associates, such as applicant verification vendors, law enforcement, courts, regulatory authorities, and with Pendo’s parent, subsidiaries and/or affiliates, where permitted by applicable law.

Pendo has taken reasonable steps to ensure that your Personal Data is shared and treated securely and in accordance with this policy and applicable legislation. For transfers of Personal Data from employees in the EEA or UK to group companies located outside the EEA or UK, we maintain intragroup data transfer arrangements based on the European Commission’s Standard Contractual Clauses (”SCCs”). Where legally required, we will also enter into SCC’s or equivalent means with parties outside our group companies to ensure that appropriate safeguards are in place to protect your personal information and that transfer of your personal information is in compliance with applicable data protection laws. If you are in the EU, you are entitled to, upon request, receive a copy of any documentation showing that appropriate safeguards have been taken to protect your Personal Data during such transfer.

Transfers in accordance with this section are based on the same legal ground as is applicable for the respective purpose (as set forth above).

Your Personal Data transferred or stored outside your country or jurisdiction of residence will be accessible to law enforcement and regulatory authorities according to the applicable laws of such foreign jurisdictions.

You may, at any time, revoke consents that you have given to Pendo pertaining to any such processing of Personal Data that is based on your consent.

You may revoke your consent by contacting Pendo via the contact details set forth below. Please indicate details of your consent revocation (which Personal Data, etc.). Upon such revocation, Pendo will cease to process your Personal Data relating to the purposes for which your consent has been revoked.

Your Rights
Pendo will take steps in accordance with the applicable legislation to keep your Personal Data accurate, complete and up-to-date. You are entitled to have any inadequate, incomplete or incorrect Personal Data corrected. Furthermore, you also have the right to request access to the Personal Data that we store about you and you may also have the right to information about how we have Processed your Personal Data. You are entitled to review your Personal Data and request that we amend or delete such Personal Data under certain circumstances.

If you would like to act upon any of your rights relating to your Personal Data, please initiate such request by contacting us at [email protected].

If you are in the EEA or the UK, you also have additional rights. Your ability to exercise these rights may be dependent on the legal basis we rely on to process your Personal Data, and these rights are also subject to various exemptions, under EU, Member State or UK law, that we may choose to exercise. If we rely on an exemption, we will tell you when responding to your request. We may also ask you for proof of your identity when making a request to exercise a right. The additional rights include the right to, under certain circumstances: (i) object to any processing of your Personal Data processed on the basis of our legitimate interests, (ii) restrict the processing of your Personal Data to only comprise storage of your Personal Data (e.g. during the time when Pendo assesses whether you are entitled to have Personal Data erased), (iii) receive your Personal Data in a common machine-readable format and to require us to transmit it to another data controller where this is technically feasible, and (iv) withdraw consent to processing.

Complaints
You also have the right to lodge a complaint with us or a supervisory authority, in your jurisdiction of residence, if you consider that the processing of your Personal Data infringes applicable law. For further information regarding your rights, or to exercise any of your rights, please contact us through the details below.

Automated Decision Making and Profiling

Pendo does not currently rely on automated decision making.

Notices of Changes and Additional Privacy Notices

Pendo may change or update this Applicant Privacy Notice at any time. We may undertake certain processing of Personal Data, which are subject to additional Privacy Notices.

Contact Us

If you have any questions or concerns regarding the processing of your Personal Data, please contact us via email using the information set forth above, or electronically using the details set forth below: [email protected].

APPENDIX A: CCPA SUPPLEMENT

Additional Privacy Notice for California Applicants

This Appendix A (the “California Applicant Notice”) describes our collection and use of certain personal information relating to external job applicants and candidates for positions with Pendo (”Applicants”), and is intended to satisfy our applicable notice requirements under the California Consumer Privacy Act (“CCPA”). We may provide Applicants additional notices about our data collection practices that are covered by other laws (e.g., if we conduct a background check or extend an employment offer).

SCOPE OF THIS NOTICE

This California Applicant Notice applies to the personal information that we collect from and about Applicants, in the context of reviewing, assessing, considering, managing, storing or processing their applications or otherwise considering them for a position with us.

What isn’t covered by this notice?

This California Applicant Notice does not address or apply to our collection of personal information that is not subject to the CCPA, such as consumer credit reports and background checks, publicly available data lawfully made available from state or federal government records, or other information that is exempt under the CCPA. This California Applicant Notice also does not apply to the personal information we collect from employees, which is subject to a separate privacy notice.

Are our practices the same for all Applicants?

The categories of personal information that we collect and our use of personal information may vary depending upon the position(s) or location, as well as the associated qualifications and responsibilities. The information in this California Applicant Notice is intended to provide an overall description of our collection and use of personal information about Applicants. Also, in some cases (such as where required by law), we ask for your consent or give you certain choices prior to collecting or using certain personal information.

CATEGORIES OF PERSONAL INFORMATION COLLECTED:

In general, we may collect the below categories of personal information about Applicants to the extent permitted under applicable laws:

Identifiers: such as a real name, alias, postal address, unique personal identifier, online
identifier, Internet Protocol address, email address, account name, social security number, driver’s license number or other government identifiers.
Paper and electronic records: records containing personal information, such as name, signature, photo, contact information, education and employment history, Social Security number and other government identifiers, insurance policy number, financial or payment
information, medical information, or health insurance information.
Characteristics of protected classifications: such as race, color, sex, sexual orientation, gender identity, age, religion, national origin, disability, citizenship status, military/veteran status, marital status, medical condition or other characteristics of protected classifications under California or federal law. (Note: generally, this information is collected on a voluntary basis and is used in support of our equal opportunity and diversity and inclusion efforts and reporting obligations, or where otherwise required by law.)
Internet or other electronic network activity information: such as browsing history, search history, and information regarding interactions with an internet website, application, or advertisement, as well as physical and network access logs and other network activity information related to your use of any Pendo device, network or other information resource.
Geolocation data: precise location information about a particular individual or device.
Audio, video and other electronic data: audio, electronic, visual, thermal, olfactory, or
similar information, such as, CCTV footage, photographs, and call recordings and other audio recording (e.g., recorded meetings and webinars).
Employment information: professional or employment-related information.
Education information: information about education history or background that is not
publicly available personally identifiable information as defined in the federal Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).
Inferences: inferences drawn from any of the information identified above to create a profile about an individual regarding her or his preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

PURPOSES FOR COLLECTING AND USING PERSONAL INFORMATION:

Subject to applicable legal restrictions, we may use Applicant personal information for the following general purposes:

Recruiting, hiring, and evaluating applicants: to review, assess, recruit, consider or otherwise manage applicants, candidates and job applications, including:
scheduling and conducting interviews;
identifying candidates, including by working with external recruiters;
reviewing, assessing and verifying information provided, to conduct criminal and background checks, and to otherwise screen or evaluate Applicants’ qualifications, suitability and relevant characteristics;
extending offers, negotiating the terms of offers, and assessing salary and compensation matters;
satisfying legal and regulatory obligations;
communicating with Applicants regarding their applications and about other similar position(s) for which they may be interested;
maintaining Applicant personal information for future consideration; and
in support of our equal opportunity employment policy and practices
Security and monitoring: to monitor and secure our resources, network, premises and assets, including:
monitoring for, preventing and investigating suspected or alleged misconduct or violations of work rules;
monitoring for, preventing investigating and responding to security and privacy incidents;
providing and managing access to physical and technical access controls;
monitoring activities, access and use to ensure the security and functioning of our systems and assets;
securing our offices, premises and physical assets, including through the use of electronic access systems and video monitoring; and
  • conducting appropriate screenings of individuals prior to entering or accessing certain locations or premises.
Auditing, accounting and corporate governance: relating to financial, tax and accounting audits, and audits and assessments of our business operations, security controls, financial controls, or compliance with legal obligations, and for other internal business purposes such as administration of our records retention program.
Defending and protecting rights: to protect and defend our rights and interests and those of third parties, including to manage and respond to employee and other legal disputes, to respond to legal claims or disputes, and to otherwise establish, defend or protect our rights or interests, or the rights, interests, health or safety of others, including in the context of anticipated or actual litigation with third parties.
Complying with legal obligations: relating to compliance with applicable legal obligations (such as hiring eligibility, responding to subpoenas and court orders) as well as assessments, reviews and reporting relating to such legal obligations, including under employment and labor laws and regulations, Social security and tax laws, environmental regulations, workplace safety laws and regulations, and other applicable laws, regulations, opinions and guidance.

CONTACTING US ABOUT THIS NOTICE: If you have any questions or concerns regarding our use of personal information as described in this California Applicant Notice, please contact us at [email protected] .