Candidate Privacy Notice

Scope

This Candidate Privacy Notice (“Notice”) describes how Cloud Software Group, Inc. and its subsidiaries and related companies (collectively, “Cloud Software Group,” “We”, “Us” or “Our”) handle and protect your Candidate Personal Information, as defined below, which Cloud Software Group  processes in connection with Our talent acquisition process.

By making available your Candidate Personal Information, you acknowledge that:

• You have reviewed this Notice;
• You have provided any notices and obtained any consents needed to provide information concerning others (e.g., information about employment references); and
• Your Candidate Personal Information may be transferred and processed worldwide, including in the US and other countries that may not be deemed to provide the same level of data protection as your home country, for the purposes and in the manner specified in this Notice.

We will process Candidate Personal Information in accordance with this Notice, unless in conflict with requirements of applicable law, in which case applicable law will prevail.  You are under no statutory or contractual obligation to provide data to Cloud Software Group during the talent acquisition process, but if you do not provide certain information, We may not be able to process your application.

This Notice does not form part of any contract of employment offered to candidates hired by Us. If a candidate is hired as an employee, Candidate Personal Information may be used in connection with his/her employment in accordance with the terms of Our separate Internal Privacy Notice, a copy of which is provided to all employees during the onboarding process. For information about our processing activities in connection with your general use of Our websites and our use of cookies and similar technologies outside the scope of this Notice, please see the Cloud Software Group Privacy Statement.

Definitions

For the purpose of this Notice:

Candidate Personal Information is personal information, as defined under applicable privacy and data protection laws, that an individual employment candidate makes available to Us in connection with the talent acquisition process.

Processing refers to any action performed on Candidate Personal Information, such as collecting, recording, organizing, storing, transferring, modifying, using, disclosing, or deleting.

Sensitive Candidate Personal Information is Candidate Personal Information concerning nationality or citizenship, race or ethnic origin, criminal history, trade union membership, or other protected category of personal information under applicable privacy and data protection laws.

What Candidate Personal Information We Collect

We collect Candidate Personal Information the following ways:

• Directly From You. You may use various electronic and paper methods to submit Candidate Personal Information to Us. The primary method is through our online application processing application (Workday), through interviews and other direct interactions with you. 
• Indirectly From You. For example, from your actions on Our talent acquisition websites and applications or from information your computer or mobile device transmits when interacting with such websites and applications.
• From Third Parties. In addition, to the extent permitted by law, We may collect Candidate Personal Information from third parties, for example, from recruiters, in connection with a background, credit, or employment check or an employment reference (subject to your consent where required by law), from a recruiting or other publicly-available web site, such as your professional LinkedIn profile, your professional profile on your current employer’s website, speaker bios on the websites of professional conferences where you have spoken, or articles you have published.

We may collect the following types of Candidate Personal Information:

• Contact information (e.g., name, email, address, telephone number);
• Application information, including resume/CV, cover letter, and responses to our application forms;
• Employment history and educational background;
• Former employer feedback;
• Compensation information;
• Government-issued identifiers (e.g., SSN/TIN, government ID,  driver’s license, passport information);
• Immigration, residency, and work permit status;
• Other information necessary for legitimate human resources, business, legal, security, or safety-related purposes; and
• Other aggregate and/or pseudonymized personal data derived from any of the aforementioned categories of Candidate Personal Information.

Sensitive Candidate Personal Information

In addition to the above, we may collect Sensitive Candidate Personal Information. For example, we may collect criminal background information when we perform background and criminal checks where permitted by law. We may also process other Sensitive Candidate Personal Information, such as citizenship or nationality information or health information, in order to evaluate a potential reasonable accommodation in the talent acquisition and hiring process where requested, for equal opportunity monitoring, when relevant for a position and permitted by law. We process Sensitive Candidate Data for these purposes when we are required to do so by law or if you have given your explicit consent.

If you have a disability and would like Us to consider a reasonable accommodation, you may provide that information during the talent acquisition process.

How We Use Candidate Personal Information

We process Candidate Personal Information for legitimate human resources and business management purposes.  These include identifying and evaluating candidates for Our positions; communicating with you including notifying you of relevant additional vacancies that may interest you; record-keeping related to hiring processes; analyzing the hiring process and outcomes; and conducting background checks, where permitted by law. We process Candidate Personal Information for these purposes because it is necessary for our legitimate interests in recruiting talent and administering our hiring processes. In addition, Candidate Personal Information may be used to comply with Our legal, regulatory, and corporate governance requirements. 

Why & With Whom We Disclose or Share Candidate Personal Information

We may share your Candidate Personal Information internally within Cloud Software Group and/or its affiliates for the purposes described in this notice.

We may transfer Candidate Personal Information to external third-party service providers performing certain services on behalf of Cloud Software Group. Third-party service providers include talent acquisition operations, communication, and verification providers used for the purposes of managing, coordinating, documenting and analyzing our talent acquisition efforts, facilitating communications, marketing, and employment verification. Third-party service providers may also include external advisors (e.g., auditors and legal advisors), insurance carriers, benefits providers, and  compliance and investigation teams (including external advisers appointed to conduct internal investigations).  Such third-party service providers have access to Candidate Personal Information solely for the purpose of performing the services specified in the applicable service contract, and We require the service providers to undertake security measures consistent with the protections specified in this Notice.

We may be required to disclose certain Candidate Personal Information to other third parties (1) as required by law, regulation, or legal process (such as a court order or subpoena) in or outside of your home country; (2) to law enforcement authorities or other government officials to comply with a legitimate legal request; (3) to establish, exercise, or defend our legal rights, and in connection with an investigation of suspected or actual fraud, illegal activity, security or technical issues; or (4) in an emergency where the health or safety of a candidate or other individual may be endangered. In addition, in the event of a reorganization, merger, sale, joint venture, assignment, or other transfer or disposition of all or any portion of Our business, We may transfer Candidate Personal Information to successor entities or parties.

International Data Transfers

Cloud Software Group is a global organization. Accordingly, Candidate Personal Information may be transferred by Us to, and store such data in, other countries in which Cloud Software Group and its service providers operate, including the United States, which may have different data protection laws than the country in which the information was provided. If we do so, we will transfer Candidate Personal Information only for the purposes described in this Privacy Notice. To the extent required by applicable law, when we transfer your Candidate Personal Information to recipients in other countries, we will take measures to protect that information including, as appropriate, by executing data transfer agreements based on the European Commission’s Standard Contractual Clauses pursuant to article 46 of the General Data Protection Regulation (GDPR) or by putting in place other appropriate data transfer mechanism(s).

Your Privacy Rights and Choices

To the extent provided by the law of your jurisdiction, you may have privacy rights to access, correct, update, amend, delete, or restrict the processing of your Candidate Personal Information, and object to automated decision-making based on your Candidate Personal Information.

You may exercise such rights by completing a Privacy Request formor  by contacting us using the information under the How To Contact Us section of this Privacy Statement, or, where applicable, by accessing your Cloud Software Group candidate portal account. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. To the extent permitted by applicable law, a charge may apply before we provide you with a copy of any of your Candidate Personal Information that we maintain. Depending on your location, you may have the right to file a complaint with a government regulator if you are not satisfied with our response.

The processes described in this Notice supplement any other remedies and dispute resolution processes provided by Us and/or available under applicable law.

How We Protect Personal Information

We employ technical and organizational measures designed to protect the confidentiality, integrity, and availability of Candidate Personal Information, and to comply with applicable legal requirements for information security.

How Long We Retain Personal Information

In addition to using Candidate Personal Information for the position for which you have applied, We may retain and use your Candidate Personal Information to consider you for other positions. If you do not want to be considered for other positions, you may contact our Talent Acquisition Operations team by email at AskHR@cloud.com. Unless required for tax or other legal purposes or in connection with employment as specified above, or some other retention period is required by local law, we will retain your Candidate Personal Information for a period of 2 years after we have communicated to you our decision about whether to appoint you to a role to which you have applied. We retain your Candidate Personal Information for the purposes specified in this section, including without limitation so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted our talent acquisition and hiring processes in compliance with applicable law.

If your application for employment is successful, Candidate Personal Information gathered during the talent acquisition and hiring process will be transferred to your Human Resources file (electronic and paper) and processed in accordance with Our Internal Privacy Notice for employees.

Supplemental Notice to California Residents

This section applies solely to California consumers and is intended to address the relevant notice requirements of the California Consumer Privacy Act of 2018, Cal. Civ. Code § 1798.100 et seq. (the “CCPA”). Certain terms used herein have the meaning given to them in the CCPA.

Collection, Use, and Sharing

During the prior 12-month period, we may have collected, used, and shared Candidate Personal Information as described in this Notice. Each category of Candidate Personal Information we may use or share with third parties is outlined in this Notice.

We Do Not Sell Your Personal Information

Candidates who are California residents have the right to know whether Candidate Personal Information is being sold. Your Candidate Personal Information is “sold” when it is provided to a third party for monetary or other valuable consideration for a purpose that is not a “business purpose” as set forth in the CCPA. We do not sell Candidate Personal Information.

Your California Privacy Rights

California residents have the privacy right to:

• Know what specific pieces of Candidate Personal Information we have collected and retained about you over the previous 12 months;
• Correct inaccurate Candidate Personal Information we may have retained;
• Receive a copy of your Candidate Personal Information;
• Delete your Candidate Personal Information;
• Limit our use of your Sensitive Candidate Personal Information; and
• Opt out of our sharing of your Candidate Personal Information.

To submit a request related to your other California privacy rights, you may complete a Privacy Request form or contact us as specified in the How To Contact Us section below. To help protect your privacy and maintain security, we take steps to verify your identity before granting you access to your Candidate Personal Information or complying with your request.

To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.

Changes to this Notice

This Notice may be updated periodically to reflect changes in our privacy practices. We will indicate at the top of this Notice when it was most recently updated. However, if we make any material change, we will notify you by means of a notice on this website or by other means prior to the change becoming effective. By continuing to engage in our talent acquisition and hiring process after such revisions are in effect, you accept and agree to our revised Notice. We encourage you to periodically review this Notice for the latest information on our privacy practices.

How to Contact Us

For questions or comments about our privacy practices, this Notice, or your privacy rights and preferences, you may reach out to our Talent Acquisition Operations team by email at AskHR@cloud.com or to our Privacy Team by email at:

Cloud Software Group
Attn: Chief Privacy Officer (CPO)
851 W Cypress Creek Rd
Fort Lauderdale, FL 33309
United States
privacy@cloud.com

In addition to our above internal contact information, we have appointed a Data Protection Officer (DPO) for the EU, UK, Germany, and Singapore. If you wish to contact them, their details are as follows:

Bird & Bird Privacy Solutions
Bird & Bird DPO Services SRL
Avenue Louise 235 Box 1
1050 Brussels
Belgium
DPO.Cloud@twobirds.com