Treasure Data Candidate Privacy Statement
Last updated: March 26, 2024
This privacy statement describes the handling of personal data obtained about internal and external job applicants by Treasure Data, Inc. and its local affiliate relevant to the job in question (“we”, “us”, or “Treasure Data”), including applicants who have applied directly to Treasure Data as well as through third party agencies and recruiters. It also describes the handling of personal data of any prospective candidates who expressed an interest in receiving news and details about future job opportunities at Treasure Data.
Personal data is information, or a combination of information, that could reasonably allow you to be identified. This privacy statement describes:
- what personal data we collect during the application and recruitment process and why we collect it;
- how we collect, use and protect that personal data; and
- how you can exercise the rights available to you under applicable law in relation to that personal data.
Treasure Data’s processing of personal data is in all cases subject to the requirements of applicable local law.
This privacy statement does not cover your use of Treasure Data’s websites. To learn more about Treasure Data’s data collection and processing practices in that regard, please read our general Privacy Statement. This privacy statement does not cover the collection and processing by Treasure Data of personal data related to Treasure Data’s employees or other workers.
- Types of personal data we collect and process
We collect your personal data from you directly and potentially from other sources.
The personal data that we collect directly from you can include:
- personal identifiers (e.g. your name) and contact information (e.g. home address, email address, telephone number);
- educational information (e.g. educational history, qualifications, certifications) and job history (e.g. previous employment, performance history);
- information on previous and/or relevant work experience;
- information you include in your resume or CV, cover letter or other information you provide to us in support of an application and/or in connection with the recruitment process;
- information from interviews you may have (if any), including information you may choose to voluntarily submit to us (e.g. information about your compensation history or personal situation);
- information on the type of employment you are or may be looking for, desired salary and other terms relating to compensation and benefits packages, willingness to relocate, or other job preferences;
- details of how you heard about the position you are applying for;
- information related to any assessment you may take as part of the interview screening process;
- information about your family and dependents;
- sensitive and/or demographic personal data obtained during the application or recruitment process such as race or ethnicity, gender, veteran status;
- nationality, citizenship, immigration information (e.g. for visa purposes, right to work information);
- information about your health or disabilities (e.g. in connection with a request for accommodation in the interview process);
- information relating to any previous applications you may have made to Treasure Data and/or any previous employment history with Treasure Data;
- electronic, visual and/or audio information in connection with on-premise location monitoring for security purposes.
We may collect the following personal data about you from other sources:
- information about your educational and professional background from publicly available sources, including online, that we believe is relevant to your application (e.g., your LinkedIn profile);
- reference information and/or information received from background checks (where applicable), potentially including your criminal records history, employment history, educational history and/or compensation history, from employment screening agencies, publicly available registers or databases, former employers and/or educational institutions (as allowed by local laws);
- information about your performance or conduct from individuals you work with and/or with whom you have worked in the past who may provide feedback about you;
- information about you from Treasure Data employees who interview you and who may provide feedback about you. This may include for example inferences drawn from education, employment, employment history, and professional or employment-related information relating to your characteristics, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
- How we use your personal data
We use your personal data for the purposes of carrying out our recruitment activities and complying with the law. Our use of your personal data includes:
- managing our recruitment system, job applications and a database of interested individuals and leads;
- assessing your skills, qualifications and interests against career opportunities at Treasure Data;
- verifying your information and carrying out reference checks and/or conducting background checks (where applicable) if you are offered a job;
- communicating with you about the recruitment process and/or your application(s);
- in appropriate cases, sending you communications about other potential career opportunities at Treasure Data that you may be interested in;
- where requested by you, assisting you with obtaining an immigration visa or work permit where required;
- proactively conducting research about your educational and professional background and skills and contacting you if we think you would be suitable for a role with us;
- responding to your enquiries;
- operating, evaluating and improving Treasure Data’s application and/or recruitment process and activities, including improving diversity in recruitment practices;
- creating and/or submitting reports as required under any local laws and/or regulations, where applicable;
- complying with applicable laws, regulations, legal processes or enforceable governmental requests;
- protecting the rights and property of Treasure Data or a third party, as required or permitted by applicable law.
- Data disclosures
We will share your personal data with third parties who have a legitimate need for it, including:
- in order to carry out the purposes of our processing described above. Your personal data may be shared with Treasure Data, Inc. and its subsidiaries, for example for internal human resource management;
- in order to enable our service providers to provide their services to us. Treasure Data uses service providers to perform some of the processing activities described above, for example background checks;
- in order to comply with our legal obligations, regulations, government clearances, or contracts or to respond to a court order, administrative or judicial process or a lawful request by a public authority. Categories of recipients would include counterparties to contracts, law enforcement agencies, courts, regulators, government authorities or other third party;
- as necessary to establish, exercise or defend against potential, threatened or actual litigation (for example, to seek legal advice from external lawyers);
- in order to detect, prevent or otherwise address fraud, security or technical issues, or to protect our rights, your rights or the rights of any third party;
- otherwise in accordance with your consent (for example, if you have given us permission to contact your referees). It is your responsibility to obtain consent from referees before providing their personal data to Treasure Data.
- Data security
The security of your personal data is very important to us. We use reasonable physical, electronic, and organizational safeguards appropriate to nature of the personal data that we process according to this privacy statement and designed to protect such personal data from loss, misuse, and unauthorized access, use, alteration, or disclosure. Please note that no system is completely secure. So, while we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.
- International transfers
Treasure Data operates globally, which means your personal data may be stored and processed outside of the country where it was originally collected. For example, because we are headquartered in the United States, personal data collected in other countries is routinely transferred to the United States for processing.
- Data retention
If you apply for a job at Treasure Data and your application is unsuccessful (or you withdraw from the process or decline our offer), Treasure Data will retain your personal data for a period after your application. We retain this information in accordance with Treasure Data’s data retention policy for as long as reasonably necessary to fulfill the purposes for which the personal data was collected and to pursue our legitimate interests, for example to defend any existing or potential legal claims.
The criteria we use to determine the data retention period for your personal data are:
- Whether your application remains under process;
- Whether you have requested that we retain your personal data for future opportunities;
- Whether retention of your personal data is required by law, demanded by law enforcement or governmental agencies, or is required to enforce our legal rights;
- Where we process your personal data with your consent, we process it until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a permanent record of the fact that you have asked us to cease processing your personal data so that we can respect your request in the future.
- Your rights in respect of your personal data
In certain countries, you may have certain rights under data protection law. This may include the right to request access or to update or review your personal data, to request that it is deleted or anonymized, or object to or restrict Treasure Data using it for certain purposes. Please see Section 8 below for specific additional information by region/country.
If you wish to exercise your rights to your personal data under applicable law, you can submit a request to us by using this Data Subject Request Form. We will respond to any requests in accordance with applicable law, and so there may be circumstances where we are not able to comply with your request.
We encourage you to contact us to update or correct your information if it changes or if the personal data we hold about you is inaccurate.
- JURISDICTION-SPECIFIC PRIVACY RIGHTS
NOTICE TO JOB APPLICANTS WHO ARE RESIDENTS OF CALIFORNIA (US)
- A. Disclosures
The California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (“CCPA”) requires businesses subject to it that collect personal data of California residents to make certain disclosures regarding how they collect, use, and disclose such personal data.
The categories of personal data and the sources from which we collect personal data are described in Section 1 above. We collect personal data identified in this privacy statement for the purposes set forth in Section 2 above and disclose it to third parties as outlined in Section 3 above.
If in the last 12 months you have applied for a job at Treasure Data or have expressed an interest in receiving news and details about future job opportunities at Treasure Data, we may have collected these categories of personal data from you, used and disclosed it as described in this privacy statement.
We do not “sell” or “share” (as these terms are defined under the CCPA) your personal data and we have not done so in the last 12 months.
Some of the personal data about you listed in Section 1 above that we may collect and process are considered “sensitive” under the CCPA, namely: racial or ethnic origin and information concerning your health. We do not “sell” or “share” (as these terms are defined under the CCPA) such sensitive personal information. We only use and disclose it for the limited purposes permitted under CCPA and not for the purposes of inferring characteristics about a consumer.
- B. Individual rights
The CCPA affords certain individual rights to California residents. We describe these rights in this Section B. Our obligation to afford you these rights or provide notifications to you, however, are subject to any contrary laws, rules, or law enforcement demands.
Right of access
Upon request, we will tell you the categories and specific pieces of personal data we have collected about you in the previous 12 months. In addition, upon request, we will disclose to you:
- The categories of personal data we have collected about you.
- The categories of sources from which the personal data is collected.
- The business purpose for collecting your personal data.
- The categories of third parties with whom we share your personal data.
- The specific pieces of personal data we have collected about you (subject to limits under applicable law).
If we do not provide you with access to certain personal data, we will give you specific reasons for refusing to do so and provide a contact point for further inquiries.
The identity of any person making an access request must be verified as a condition of providing the requested information. See Section E below for information about identity verification.
Right of deletion
You may request that we delete any of your personal data that we collected and is retained by us, subject to certain conditions and exceptions.
If we do not delete your personal data following a deletion request, we will give you specific reasons for refusing to do so and provide a contact point for further inquiries.
The identity of any person making a deletion request must be verified as a condition of deleting the personal data as requested. See Section E below for information about identity verification.
Right of correction
Treasure Data will employ reasonable means to keep personal data described in this notice accurate, complete, up-to-date and reliable for its intended use. You may request that we correct or update any of your personal data that we collected and is retained by us that is inaccurate, subject to certain conditions and exceptions. We may have a legal right or obligation to preserve personal data as it currently exists.
If we do not update certain personal data, we will give you specific reasons for refusing to do so and provide a contact point for further inquiries.
The identity of any person making a correction request must be verified as a condition of deleting the personal data as requested. See Section E below for information about identity verification.
- C. How to exercise your individual rights
If you wish to exercise your rights to your personal data under the CCPA, you can submit a request to us by using this Data Subject Request Form. You may also contact us via email at privacy@treasure-data.com.
We will respond to any requests in accordance with applicable law, and so there may be circumstances where we are not able to comply with your request.
- D. Policy against discrimination
It is the policy of Treasure Data not to discriminate against California residents for exercising any of their rights under this notice or other applicable law.
- E. Identity verification
Only you, or an authorized agent or conservator authorized to act on your behalf, may request to exercise individual rights related to your personal data.
Your request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data and is making a request (or, if applicable, your authorized representative is making the request). Also, you or your representative must describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to or act upon your request if we cannot verify your identity or the identity and authority of an agent or conservator making the request. We must also confirm the personal data in question relates to you.
The information you provide us for identity verification will not be further disclosed, retained longer than needed for verification purposes, or used for unrelated purposes.
NOTICE TO JOB APPLICANTS WHO ARE RESIDENTS OF THE EUROPEAN ECONOMIC AREA, SWITZERLAND OR THE UNITED KINGDOM
- A. Your rights.
If you are a resident of the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following data protection rights: right to access, rectification, deletion, restriction of processing, data portability, right to object, and right not to be subject to automated individual decision making. Please note that these rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep. You can exercise any of these data protection rights by completing our Data Subject Request Form.
If we collected and processed your personal data with your consent, you can withdraw your consent at any time by filling out our Data Subject Request Form. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
Where we process your personal data based on legitimate interests, you can object to this processing in certain circumstances. In such cases, we will cease processing your personal data unless we have compelling legitimate grounds to continue or where it is needed for legal reasons.
To submit a complaint to a data protection authority about our collection and use of your personal data, you can contact the data protection authority in your jurisdiction.
- B. Legal basis for processing your personal data.
Our legal basis for collecting and using your personal data described above will depend on the personal data concerned and the context in which we collect it. In most cases the legal basis will be one or more of the following:
- to comply with our contractual obligations to you or to take steps to enter into a contract with you;
- to comply with our legal obligations;
- for purposes connected to legal claims, for example for defending Treasure Data’s legal rights;
- to pursue our legitimate interests, for example to conduct our recruitment processes efficiently and fairly or to manage applicants effectively;
- with your consent, in specific circumstances. If we rely on your consent to process your personal data, you may withdraw your consent at any time by contacting us using the details at the end of this privacy statement.
When we are required by local law to collect certain personal data about you, your failure to provide this data may prevent or delay the fulfilment of our legal obligations and may impact our ability to employ you.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us using the contact details provided in the “How to contact us” section below.
- C. Data transfers.
Where personal data of applicants in the EEA, Switzerland, or the UK is being transferred to a recipient located in a country outside the EEA, Switzerland or the UK which has not been recognized as having an adequate level of data protection by the competent authority, we ensure that the transfer is governed by the European Commission’s standard contractual clauses or other contractual mechanism approved by the competent authority.
- D. DPO appointment
Treasure Data has appointed Bird & Bird DPO Services SRL as a Data Protection Officer (“DPO”) under the General Data Protection Regulation and the Data Protection Act 2018 of the United Kingdom. The DPO may be reached:
- via email: DPO@treasure-data.com
- by mail at the following address: Bird & Bird DPO Services SRL, Avenue Louise 235 b 1, 1050 Brussels, Belgium
- How to contact us
If you have a privacy concern or question related to this privacy statement, please contact us via email at privacy@treasure-data.com
If you are based in the European Economic Area or in the United Kingdom, you may also contact Treasure Data’s DPO (refer to contact details at Section 8 above).
- Changes to this privacy statement
We may change this privacy statement from time to time. When we do, we will revise the “last updated” date at the top of it and post any changes to it on this webpage. Each version of this privacy statement is identified at the top of the page by its effective date. We encourage you to periodically review this privacy statement to learn how Treasure Data is protecting your personal data.