Global Employee and Applicant Privacy Notice

Privacy notice for our recruiting activities and HR efforts.

Last updated February 25, 2023.

Permission to process personal data by Stacksync

By submitting an application for an open position with Stacksync, whether via our career page, or via external platforms such as Indeed, LinkedIn, or Xing, you express your interest in taking up work with us. In this context, you transmit personal data, which we will use and store exclusively for the purpose of your job search / application process.

This data privacy statement, which refers exclusively to data collected as part of the online application process, is to inform you about how your personal data that is collected as part of the online application process is handled at our end.

The controller

The controller under data protection law is:

Stacksync SA

1 rte d’Eguechaudens

1030 Bussigny, Vaud, Switzerland

Commercial register entry number: HRB 211731

Registration Court: Lausanne Local Court

Data Protection Officer contact: dpo@stacksync.com

Personal data collected as part of the application process

Personal data means any information concerning the personal or material circumstances of an identified or identifiable individual. This includes information such as, for example, your name, address, telephone number and date of birth, but also data relating to your specific career etc. by reference to which a specific individual can be identified with reasonable effort. However, information which cannot be (in)directly associated with your real-life identity is not personal data.

In particular, the following data is collected during this process:

  • Name (first and last names)

  • Email address

  • phone number

  • LinkedIn profile (optional)

  • Channel through which you found us

  • Any information typically detected by senses (e.g. Audio conversations,...)

Furthermore, you can choose to send us expressive documents such as a cover letter, your CV and reference letters. These may contain additional personal data such as date of birth, address, etc.

How does the Company collect data?

  1. The Company mainly collects and records your personal data from you. You will provide this information directly to your managers or local Human Resources contact or enter it into our systems, your participation in HR processes, emails and instant messages you send or through verbal information which is recorded electronically or manually. In addition, further information about you will come from your managers, Human Resources or occasionally your colleagues.

  2. We also obtain some information from third parties: for example, references from a previous employer, medical reports from external professionals, information from tax authorities, benefit providers or where we employ a third party to carry out a background check (where permitted by applicable law) or occasionally from customers.

  3. In some circumstances, data is collected indirectly from monitoring devices or by other means (for example, building and location access control and monitoring systems, CCTV, telephone logs and recordings, instant message logs and email and Internet access logs), if and to the extent permitted by applicable laws. In these circumstances, the data may be collected by the Company or a third party provider of the relevant service. This type of data is generally not accessed on a routine basis but access is possible.

  4. Some data may be obtained from publicly accessible sources.

  5. In the event that particular information is required by the contract or statute this will be indicated at the time of collection. We will also let you know where there are consequences of you not providing the information requested. Failure to provide some information will mean that we cannot carry out certain HR processes. For example, if you do not provide us with your bank details, we will not be able to pay you. In some cases it may mean that we are unable to continue with your employment or engagement as the Company will not have the personal data we believe to be necessary for the effective and efficient administration and management of our relationship with you.

Use of your personal data

During the application process, your personal data will be stored, evaluated, processed or forwarded internally within Stacksync. Only authorized HR staff and/or staff involved in the application process have access to your data. The personal data is stored, as a rule, exclusively for the purpose of filling the vacancy for which you have applied.

The data may be used and processed for statistical purposes (e.g. reporting). Any conclusions drawn will not be related to individual persons.

If you are employed at Stacksync, your personal data are collected and processed for various business purposes, in accordance with applicable laws and any applicable collective bargaining agreements. We have set out in this Notice the purposes we may use your personal data for. Data may occasionally be used for purposes not obvious to you where the circumstances warrant such use (eg in investigations or disciplinary proceedings). We may, where we think it is necessary, provide you with additional information in relevant HR policies to ensure that you understand how your personal data may be used.

Rights of data subjects

If Stacksync as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Stacksync’s Data Protection Officer (see above).

Personal data storage

Your data will be stored for a period of 12 months after the application process has been concluded. This is usually done to fulfill legal requirements and/or defending ourselves against any claims arising from legal provisions. After this period, we are obligated to delete or anonymize your data. In case of anonymization, the data will only be available to us in the form of so-called metadata, without any direct personal reference, for statistical analysis (for example, share of male and/or female applicants, number of applications per specified period of time etc.).

Furthermore, we reserve the right to store your data for 36 months after the application process has been concluded for the purpose of adding it to our Talent Pool in order to identify any other vacancies that may be of interest to you. This includes, for example, applications for apprenticeships or internships. By accepting the data privacy statement, you consent to any further storage of your data as well as its inclusion in our Talent Pool.

Should you be offered and accept a position with us during the application process, we will store the personal data collected as part of the application process for at least the duration of your employment.

You will not be notified directly when your data has been deleted.

Concluding provisions

Stacksync reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.

If you have any questions, feel free to contact us at privacy@stacksync.com

Last updated