The Sourcery collects personal information when you submit a job application and possibly interview for a job. Such personal information may include:
- email address and other contact information
- your uploaded documents which may include resume or CV, cover letter, previous work experience, education and transcripts
- relevant work experience, type of employment sought, data available
- names and contact information for referrals
- sensitive information (race/ethnic origin) if you chose to submit it as part of the applications process
- likes, dislikes and personal interests as shared by you
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. We restrict access to personal information to The Sourcery, and affiliate company’s employees, contractors and agents who need to know information in order to process applications. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
The Sourcery (“Controller”) is located at 450 Mission Street, Ste. 101, San Francisco, CA 94105 and can be contacted by emailing GDPR@thesourcery.com.
Controller’s data protection officer (“DPO”) is Mike Haydon, who can be contacted at GDPR@thesourcery.com.
SOURCE OF DATA AND PURPOSE OF PROCESSING
Your personal data was either obtained from publicly available sources (e.g. LinkedIn) or provided to Controller by someone who referred you for potential employment or marketing purposes. Our servers, logs and other technologies automatically collect information about you to help us administer, protect and improve our services; to analyze usage, and to improve user experience.
The Sourcery will from time to time collect personal data for the purposes of recruiting and marketing.
- For recruiting purposes your data may be collected because Controller wishes to evaluate your candidacy for employment at Controller or a client’s company.
- For marketing purposes your data may be collected because Controller wishes to share information about its products and services that may be valuable to you, and to evaluate you as a potential customer.
Your personal data will be processed for the purposes of managing Controller’s recruitment related and marketing activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, sending emails regarding Controller’s products and services, scheduling meetings with employees of Controller, and as is otherwise needed in the recruitment, hiring, marketing and customer onboarding processes.
LEGAL BASIS FOR DATA PROCESSING
The legal basis for processing of personal data is either (i) because you have explicitly consented to such processing or (ii) because the processing of personal data is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment, and the solicitation, evaluation, discussion and onboarding of new customers. If you have explicitly consented to your personal data being processed, you may withdraw such consent by contacting our DPO at GDPR@thesourcery.com.
RECIPIENTS OF YOUR PERSONAL DATA
Your personal data may be shared with Greenhouse Software, Inc., and/or ZenProspect, and/or Contactually and/or MailChimp, which are cloud services providers located in the United States of America and engaged by Controller to help manage its recruitment, hiring and marketing processes on Controller’s behalf.
If you are located outside of the United States, your personal data has been transferred to the United States. Because the European Union Commission has determined that United States data privacy laws do not ensure an adequate level of protection for personal data collected from EU data subjects, the transfer was subject to appropriate additional safeguards under the standard contractual clauses. You can obtain a copy of the standard contractual clauses by contacting us at GDPR@thesourcery.com.
STORAGE OF PERSONAL DATA
Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment or as a potential customer.
Under the GDPR, you have the right to:
– request access to your personal data,
– request that your personal data be rectified or erased,
– request that processing of your personal data be restricted; and
– transfer your data to another controller.
If you would like to exercise any of these rights, please contact our DPO at GDPR@thesourcery.com. In addition, you may lodge a complaint with an EU supervisory authority, contact details for which may be found here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
DISCLOSURES OF PERSONAL DATA
Your personal information will be disclosed when we are required by law to do so. We may be required to use and retain personal information for legal and compliance reasons. We may also use your personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe necessary or appropriate under (a) applicable law, which may include laws outside of your country of residence or (b) to respond to requests from courts, law enforcement agencies, regulatory agencies and other public and government authorities, which may include such authorities outside your country of residence. We will only disclose your personal information to third party business partners or companies for their business purposes, when we have your permission to do so and when we have a contractual relationship with such third party which provides adequate safe guards with respect to personal data.
If you have additional questions, please contact us.