Last updated: September 1th, 2020
With differing legal privacy frameworks worldwide, it is necessary in an international group to determine rules and specifications for handling personal data. This policy establishes a group-wide standard and also applies to countries that currently do not have a comprehensive statutory privacy framework.
The privacy of our candidates is very important to Us and We have therefore implemented technical and organizational security measures to ensure that your privacy is not violated. The information you provide that We process will at all times be processed and protected in accordance with applicable law and this Policy. You are always welcome to contact us via e-mail, email@example.com if you have any questions about data protection or our processing of your personal data.
DEFINITIONS THAT ARE GOOD TO UNDERSTAND
Personal data means any information that directly or indirectly can identify a physical living person. Examples of personal data are name, address, phone number and e-mail address.
Processing of personal data includes any operation of personal data, such as collection, registration and storage.
The data controller is the one who independently or jointly with other determines the purpose and the means of the processing of personal data, and who is responsible for that the processing is compliant with applicable laws.
WHO IS THE CONTROLLER?
The data controller is the hiring Veoneer company. Our address can be found at “Contact” below. Where we have appointed a data protection officer (DPO), you may contact the DPO via the contact details provided in “Contact” below.
WHAT PERSONAL DATA IS PROCESSED?
Our routines for processing personal data have been designed to minimize the amount of personal data being processed, and We will only collect personal data that is necessary as part of the recruitment process based on the purposes set out in this Policy. Personal data is collected both in connection with you submitting your application to work for us and during the recruitment process. We encourage that you only provide information that you are comfortable with us processing.
The personal data that may be processed follows by the table below. Please note that the information that is processed may vary depending on which Veoneer entity you have applied for employment with and also depending on how far along the process you come.
Information processed and collected from you
Such as name, address, phone number and e-mail address
Such as date of birth, government issued identification number if applicable or other identification number
Including information about your previous experience, education and any other information you include in your CV
Work certificates and diplomas
To support your experience and education.
Notes and answers
From interviews and potential screening questions
WHY WE PROCESS YOUR PERSONAL DATA?
We process your personal data to manage your application and evaluate whether you would be a good match for the position you have applied for. We process your personal data for the following purposes based on the following legal grounds.
The purpose of the process:
To administrate your application for a position with us and considering your suitability for the relevant role It is necessary for ours and your legitimate interest to manage your application to work for us.
Obtaining, considering and verifying your employment references and employment history
It is necessary for our and your legitimate interest to manage your application to work for us.
Making a job offer to you and entering into a contract of employment with you
It is necessary to perform your employment contract.
Developing, operating and collecting feedback on recruitment activities and employee selection processes
It is necessary for our legitimate interest to always improve our recruitment process.
Present you as a candidate for other Veoneer entities
It is necessary for our and your legitimate interest to find suitable work with Us.
Communicating with you and with information in connection with your potential employment or engagement with Us.
It is necessary to perform your employment contract, for our legitimate interest to manage your application and job offer or for the protection of your vital interests.
To retain your information to enable for us to contact you for future vacancies.
Your consent, which is always voluntary and provided separately.
There will be no automated decisions regarding your application to work for us. This means that there will always be a human being reviewing your application to determine whether you are a good match for the position.
WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
We may share your personal data with companies within the Veoneer group of companies, including companies in other countries including outside EU/EEA, when it is relevant for the purposes set out in this Policy. When we share your information in this way we ensure that appropriate security measures, both technical and organizational, have been implemented to protect your personal data.
We will, as a main rule, not share your personal data with anyone outside our Veoneer group of companies, but should we do so it would be shared in accordance with this Policy. We implement appropriate and reasonable legal, technical and organizational security measures to ensure that your personal data is processed safely and with an adequate level of protection when shared with third parties. We will always have a written contract with third parties to ensure the protection of your personal data. Examples of measures taken before any personal data is transferred to third countries are EU standard contractual clauses or Privacy Shield. If you would like to see a copy of the measures taken, please feel free to contact Us.
Your personal data may be shared with the following categories of third parties.
Recruitment partner, our partner in the recruitment process will have access to your personal data
Group companies, companies within the Veoneer group of companies may receive access to your personal data either if we share information about potential candidates or if the we share systems and suppliers.
Service providers, IT-service providers of platforms, document conversion, email, database search, error tracking, calendar integration, file hosting, image manipulation systems and other IT-services. We will never share your personal data with a third party who is not authorized to take part of the personal data by this Policy.
RETENTION OF PERSONAL DATA
Your personal data is retained only for such time that is necessary for us based on the purposes set out in this Policy or for such time We are obliged by law to store the personal data.
You have various rights which you can enforce, including the right to be informed in accordance with this Policy. The below table provides a summary of the rights that the law entitles you to. The table also includes information on possible conditions and limitations on how the right can be exercised and how your right can be executed.
What does it mean?
How do I execute this right?
Conditions to exercise?
Right of access
You have the right to access to the personal data that we have on you.
Requests for such information should be made in writing to firstname.lastname@example.org. If possible, you should specify the type of information you would like to see to ensure that our disclosure meet your expectations.
We must be able to verify your identity. Your request may not affect the rights and freedoms of others, e.g. privacy and confidentiality rights of other staff.
Right of data portability
You may be entitled to receive the data which you have provided to us and which is processed by us by automated means, in a commonly-used machine readable format.
Requests should be made in writing to email@example.com. If possible, you should specify the type of information you would like to receive to ensure that our disclosure meet your expectations.
The GDPR does not establish a general right to data portability but if the processing is based on your consent or on our contract with you and when the processing is carried out by automated means (e.g. not paper records) you can exercise this right. The right includes only personal data that you have provided to us. Hence, the right does not apply to personal data generated by us.
Rights in relation to inaccurate personal or incomplete data.
You may challenge the accuracy or completeness of personal data which we process about you. If it is found that personal data is inaccurate, you are entitled to have the inaccurate data removed, corrected or completed, as appropriate.
We encourage you to notify us of any changes regarding your personal data as soon as they occur, including changes to your contact details, telephone number, immigration status. A request to use this right is made in writing to firstname.lastname@example.org.
This right only applies to your own personal data. When exercising this right, please be as specific as possible.
Right to object to or restrict our data processing of your personal data.
You have the right to object to or ask us to restrict the processing of your personal data.
Requests should be made in writing to email@example.com.
This right applies only if the processing of your personal data is explicitly based on our so-called legitimate interests. Objections or request for restrictions must be based on grounds relating to your particular situation. This means that your request for the objection or restriction cannot be generic or too general.
Right to have personal data erased
You may be entitled to have your personal data erased (also known as the “right to be forgotten”), e.g. where you think that the information we are processing is inaccurate, or the processing is unlawful.
Requests should be made in writing to firstname.lastname@example.org.
There are various lawful reasons why we may not be in a position to erase your personal data. This may apply (i) where we have to comply with a legal obligation, (ii) in case of exercising or defending legal claims, (iii) where we have to comply with legal archiving obligations, or (iv) where the personal data is necessary for the performance of our contract with you.
Right to withdrawal
You have the right to withdraw your consent to any processing for which you have previously given consent to.
Requests should be made in writing to email@example.com or as instructed when you gave your consent.
If you withdraw your consent it will only take effect for the future.
To contact the Global Veoneer DPO please use the following email address firstname.lastname@example.org.
If you consider that we are in breach of our obligations under data protection laws, you may lodge a complaint with the competent data protection authority.
CHANGES TO THE POLICY
We may decide to change this Policy from time to time to reflect the type of personal data that we process and/or the way in which it is processed. We will update you on material changes to this Policy by email. We also encourage you to check this Policy on a regular basis.