Dear Applicants and Candidates,
At GitGuardian, we care about your privacy and are committed to protect your Personal Data in accordance with all applicable data protection laws and regulations.
This Global Applicant and Candidate Privacy Notice (the āNoticeā) gives you information about how GitGuardian SAS and GitGuardian Inc. (collectively referred to as āGitGuardianā, āweā, āourā, āusā) collect Personal Data about job applicants and candidates (āyouā or āyourā) in relation to your application for a position offer with GitGuardian and how and why we use that Personal Data in the course of our recruitment process.
Please carefully read and fully understand this Notice before submitting your Personal Data to us.
The Notice explains:
- Identity and contact details of the Data Controllers
- Personal Data we collect
- Use of your Personal Data
- Legal bases we rely on to process your Personal Data
- How we share your Personal Data
- How we safeguard your Personal Data
- How long we keep your Personal Data
- How your Personal Data is transferred internationally
- How you can exercise your data subject rights
- Cookies
- Update of the Notice
- Contact us
Please note that this Notice covers recruitment and applications for all GitGuardian open positions.
If you are a California resident, our Notice will provide specific provisions applicable to you as follows:
- A list of additional types of Personal Data that may be collected in Section 1 āPersonal Data we collectā;
- The purpose(s) for which the categories of info are collected and used is in Section 3 āLegal bases we rely on to process your Personal Dataā
- In Section 4 āHow we share your Personal Dataā, we explain how we share your Personal Data
- Our retention period explanation is in Section 6 āHow long we keep your Personal Dataā
- Your rights regarding your Personal Data are detailed in Section 8 āHow you can exercise your data subject rightsā
The provision of your Personal Data is necessary in order to process your job application. If you do not provide your Personal Data, we might not be able to process your application.
1. Identity and contact details of the Data Controllers
GitGuardan SAS is a company headquartered in France, at the registered address 54 rue de Seine 75006 Paris, France, with a US affiliate, GitGuardian Inc., based at 185 Alewife Brook Parkway Ste 210 Cambridge MA 02138.
When we say āGitGuardianā weāre referring to the GitGuardian entities that control and are responsible for your Personal Data.
2. Personal Data we collect
For the purpose of this Notice, āPersonal Dataā refers to the information that identifies, relates to, and describes or is reasonably capable of being associated with or being linked (directly or indirectly) to you.
In connection with your application, we may collect, use and store Personal Data, either:
- directly from you when you submit your application on GitGuardianās website or provide information to us in the course of a recruitment process, or
- from third parties with your approval: we may obtain Personal Data about you from publicly and commercially available sources as permitted by law, as well as collect Personal Data about you through third-party social networking services where you may apply, such as LinkedIn, Welcome to Jungle, VentureFizz. Candidate and applicant Personal Data may also be obtained from recruitment agencies or headhunting firms or from other GitGuardianās employees or workers who recommend people they know for employment with GitGuardian.
Regarding sensitive information, please note that we Ā do not collect or process Personal Data that reveals your government identifiers, financial accounts, racial or ethnic origin, religious, political or philosophical beliefs, genetic data, biometric data, trade union membership, or information about your health/sex life/sexual orientation (āSensitive Personal Dataā).
Applicable only to applicants or candidates for our US office GitGuardian Inc.: Background check process
For applicants or candidates for our US office GitGuardian Inc., as per applicable US laws and California Consumer Privacy Act, as amended by the California Privacy Rights Act (āCCPAā), GitGuardian may perform background checks during the application and recruitment process (the āBackground checksā) subject to relevant legal requirements.
In summary, depending on how you interact with us and the role for which you are being considered, the following categories of Personal Data may be collected and disclosed in the preceding 12 months:
- Identifiers, including name, email address, and telephone number;
- Characteristics of protected classifications under state or federal law, including date of birth, age, gender;
- Audio, electronic, visual, or similar information, including photographs;
- Professional or employment-related information, including rƩsumƩs, CVs, cover letters, work samples, references, background checks, info from interviews and screeners, and immigration or visa status
We do not infer characteristics using Sensitive Personal Data, and do not use Sensitive Personal Data beyond the limited business purposes permitted by local laws, including the California Consumer Privacy Act.
3. Use of your Personal Data
We only use your Personal Data as part of our application and recruitment process in order to:
- Identify and contact potential candidates;
- Evaluate your candidacy or application or eligibility for potential employment by assessing your competency and suitability with the company;
- Verify the information submitted or collected;
- Keep records relating to application and recruitment;
- Manage our relationship and communicate with you;
- Comply with any of our legal and regulatory requirements;
- Decide the terms and conditions of any such employment offer;
- Statistical purposes, such as your gender: we ask for your gender on the application page to help us understand the diversity of our applicant pool and to track our progress in attracting and hiring a diverse workforce. ļ»æThe information is optional and will not be disclosed to the hiring manager or the interview team and will not be considered in the hiring process;
- Having evidence in case a legal claim is pursued by any candidate or applicant;
- Maintaining a talent pool in order to contact potential candidates with regard to future job openings even if an actual application was unsuccessful;
- Make improvements to our recruiting processes;
Applicable only to US applicants concerning potential Background checks:
- Verify your Personal Data and assess your eligibility for our available opportunities.
4. Legal bases we rely on to process your Personal Data
We process your Personal Data based on:
5. How we share your Personal Data
We do not sell your Personal Data to third parties.
We also do not share your Personal Data to third parties for cross-context behavioral advertising.
Internally, your Personal Data will be shared, on a need-to-know basis, with the Human Resources department, recruitment team members, and managers/other employees within GitGuardian who are involved in the recruitment and selection process.
With regard to external third parties, we endeavor to take appropriate steps to ensure that any third party who receives your Personal Data is bound to maintain its confidentiality. We do not share your Personal Data with third parties other than as described in this Section. Ā
GitGuardian uses external third parties for the provision of services in connection with the application and recruitment processes. Ā Your Personal Data may be disclosed to the following third- parties:
- Service Providers: Ā We may share your Personal Data with external service providers assisting us in our recruitment process, such as recruitment agencies, recruitment platform providers, IT developers and support providers, and providers of hosting services;
- Employers and References: To conduct employment verifications and professional reference checks, we may disclose your Personal Data to your current and former employers, as well as the individuals you have provided as references.
- Administrative or judicial entities: There may be instances where we are obligated by law to share your Personal Data with administrative agencies or public bodies, such as labor authorities, courts, or law enforcement agencies.
6. How we safeguard your Personal Data
GitGuardian has implemented and continues maintaining all appropriate technical and organizational measures to protect your Personal Data and ensure the confidentiality, integrity, availability and resilience of all our processing systems and services. We aim at continuously improving our physical, digital and procedural safeguards to prevent any unauthorized access, disclosure, use, modification, damage or loss of your Personal Data. Ā
7. How long we keep your Personal Data
Unless otherwise required or permitted by applicable laws and regulations, we endeavor not to retain your Personal Data for longer than it takes to complete the application and/or recruitment process.
If you are offered and accept a position with us, your Personal Data will be stored in our human resource system and become part of your employment record. You will be informed in a separate privacy notice about the specifics on how we process Personal Data of our employees.
If you are considered for a position at GitGuardian and your candidacy is unsuccessful, you decline our offer, or you withdraw your application, we may retain your Personal Data, subject to your prior consent, only to consider you for potential future positions at GitGuardian, for a retention period of:
- 3 months after the end of the recruitment process, or
- 2 years if you consented to be part of our Talent Pool.
If you do not want us to retain your Personal data to consider you for potential future positions, you may request that we delete it as described in Section 9 of this Notice. Please note, however, that we may retain some Personal Data that we are required to retain by law or in order to defend ourselves in the event of a legal claim.
8. How your data is transferred internationally
All your Personal Data is stored primarily within the European Economic Area.
We may share your Personal Data with the recruitment departments of our affiliates or our human resource consultants, who will contact you regarding your application and recruitment process that may be based outside of the European Economic Area.
If your Personal Data is processed by us outside of the European Economic Area, we have taken suitable measures to ensure that that your Personal Data is transferred in accordance with applicable data protection law, including, for example, to countries that adequately safeguard personal data as approved by the European Commission, or under the European Commission-approved Standard Contractual Clauses.
Further information about the appropriate safeguards may be obtained by contacting us at legal@gitguardian.com.
9. How you can exercise your data subject rights
Through the application and/or recruitment process, you should ensure that all Personal Data you submit is accurate and complete. If you are unable to provide accurate and complete information for any reason or are unwilling to submit the Personal Data required for a specific position, we may not be able to deem you fit for a specific job and/or proceed further with your application.
In accordance with applicable laws and regulations, you have the following rights to your Personal Data:
Before we accede to such a request, we may need to verify your identity. To ensure security and traceability, you may be asked to submit a written request. We always ensure we will promptly respond to such requests.
To make such a request, please write to legal@gitguardian.com.
If you are an applicant or candidate for our US office GitGuardian Inc., you can also make such a request by telephone at +1 (339) 356-1880.
We may decline to process or limit certain requests under certain circumstances, e.g. if they are manifestly unfounded or excessive, or if they adversely affect the rights and freedoms of others.
10. Cookies
If you apply through GitGuardianās website, please note that your use of any of our services or website is also governed by our general Privacy Policy (https://www.gitguardian.com/legal/privacy-policy) and Cookie Policy (https://www.gitguardian.com/legal/cookie-policy).
11. Update of the Notice
GitGuardian reserves the right to update or change this Notice at any time. You are informed of the date of the last update at the top of this Notice. We will keep the Notice up to date with any changes.
12. Contact us
Should you have any questions or concerns about this Notice or your privacy, please contact us at legal@gitguardian.com.