Stonebranch Candidate Privacy Policy

Last updated: 12.08.2024

I.  GENERAL INFORMATION

We are committed to protecting your privacy and your personal data. Transparency and data protection is vital for our business, and through our candidate application and recruitment process we will collect, process, and store personal information about you. We will process your data for the following purposes:

  • application management;
  • assessment and pre-employment screening;

This document explains why we collect your personal information, what information we collect and how it is processed.

II.  WHO WE ARE

Stonebranch, Inc. (Headquarters) | United States of America | 4550 North Point Parkway, Suite 400 | Alpharetta, GA, 30022, USA /Phone: +1 678 366 7887 | Our data protection officer contact: dpo@stonebranch.com  -  Global locations Stonebranch

III. WHY WE COLLECT YOUR PERSONAL INFORMATION?

To manage your application, we will process necessary personal information about you. The purposes are to process your data required to progress your application or required by law or any regulatory requirements.

Purposes in detail: 

Application management: CV (name, surname, education, work history/job data; previous employers, positions, dates) application form (name surname, phone number, email address, employment history, academic and professional qualifications, age, and work experience. 

Assessment and pre-employment screening: employee benefits; basic salary, benefits, bonuses, etc. Employer feedback/references to include regulated references where necessary; assessment results, e.g., required skills assessment results, results from video or telephone assessment. 

IV.  WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH?

Your data will usually be presented to Stonebranch by (a) a recruitment agency; or by you contacting us because of a recruitment campaign and sharing application form through the website or/and uploading your CV to our website or recruitments web sites. Under both scenarios, data will be stored, processed, and managed by Stonebranch in a capacity as Controller deciding the purposes and means of the processing.

The recruitment process will involve:

  • Assessing and processing your application,
  • Assessing your suitability (skills and strengths for the role)
  • Activities needed to complete the onboarding and screening process of a successful application.

To enable these processes, your personal information may be shared internally but limited to what is required by each individual to perform their role in the recruitment process.

Your personal information may be shared internally at Stonebranch with the following people:

  • Those employees who will manage and lead your role (Management);
  • Employees at Stonebranch with responsibility for tasks in the recruitment process (HR Department);
  • Employees at Stonebranch with compliance/security responsibility for investigating issues of compliance regulations, policies, and contractual requirements;

We may also need to share your information with certain external third parties, but this will happen only with your prior notice and consent. 

V. DATA PROCESSORS

To perform employment tasks, we ask for help from outsourced companies. These act as data processors on behalf of Stonebranch. The data will be indirectly available to third companies engaged by Stonebranch or with whom Stonebranch cooperates in the provision of platform administration, maintenance services, application services which help us to manage the information received in the system more effectively. We maintain an up-to-date list of the names and locations of all processors. This list is below:

Processor: BambooHR

Types of data accessed: CV (name, surname, photograph, marital status, number of children, nationality/citizenship, education, work history/job data, previous employers, positions, dates, driving license type, personal/professional website, hobbies/personal interests) application form (name, surname, phone number, email address, employment history, academic and professional qualifications, age, and work experience, salary expectations, visa status, completion of required military service). The types of data accessed will vary based on global location and any applicable local, state, or federal/national laws.

Purpose: To provide hiring and onboarding system functionality

Data Location: United States of America

VI.  How do we protect your information?

Our systems are protected to ensure unauthorized or unlawful processing of personal information, accidental loss or destruction of, or damage to personal information does not occur. Our staff is trained to ensure they are compliant with GDPR and Data Protection laws.

VII.  Your rights

Under the General Data Protection Regulation (GDPR), you have several rights concerning your personal data. You have the right to request from us access to and rectification or erasure of your data, the right to restrict processing, object to processing, and the right to data portability.

VIII.  Data protection authority

You also have the right to lodge a complaint with your local data protection authority or Stonebranch Lead Authority.

IX.  Contacts: 

Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted. Please contact us through Data Subject Access Request Form

In the event that you wish to file a complaint about how we have handled your personal data, please contact the DPO Resources at Stonebranch dpo@stonebranch.com or in writing at:

Stonebranch GmbH |Europa-Allee 54 |60327 Frankfurt am Main |Germany

Our Privacy Team will then investigate your complaint and work with you to resolve the matter.

If you still feel your personal data has not been handled appropriately according to the law, you can contact Federal Commissioner for Data Protection and Freedom of Information (BfDI) in Germany (Stonebranch Lead Authority) and file a complaint with them.

X.  Data retention

Your personal data will be stored after the recruitment process as follows:

  • as a rule for 2 years if you have been unsuccessful in the recruitment process;
  • for up to two years, if you have consented to be included in a pool of candidates or a list for future vacancies; (You can withdraw your consent anytime and ask deletion of your personal data). Such withdrawal of consent does not affect the lawfulness of any use based on your consent prior to its withdrawal;
  • for the duration of your employment contract, if you are successful in the recruitment process and any mandatory time period after if required by law.

Your personal data will be deleted upon expiry of the storage period.

XI.  Changes to this Notice

We reserve the right to make changes to this notice at any time. Any changes to this notice will be posted on this page thus make sure to read this notice before submitting your personal information. Substantial changes will be highlighted on the site or may be emailed to you.

XII.  Contact us

Please also feel free to contact Stonebranch if you have any questions about this privacy notice or seek to exercise any of your statutory rights. Our data protection officer will respond within a reasonable timeframe. You may contact us at dpo@stonebranch.com