Privacy and information security are of very high priority to Sitoo. We comply with the General Data Protection Regulation (GDPR) giving you control of your personal data.
Effective Date: 2024-02-23
Privacy and information security are of very high priority to Sitoo. We comply with the General Data Protection Regulation (GDPR) giving you control of your personal data.
Effective Date: 2024-02-23
We value your privacy and take our responsibility to handle your personal data seriously, in line with the law. It is essential that you understand this Notice fully, as it explains how Sitoo AB (also referred to as "Sitoo," "Company," "we," or "us") manages your personal data when you apply for a job or any other role with us. It also details the rights you have concerning your information.
In this Notice, the term "applicants" refers to anyone seeking a job, internship, vacation scheme, or any kind of work with us, whether it is permanent or temporary.
If you are unsure about anything, or if you have any questions or comments regarding this Notice, please feel free to contact us using the contact details provided below.
Information that we collect automatically
You're welcome to explore the job listings in the 'Recruitment' section of our website at https://careers.sitoo.com/ without giving us any personal information. But you should know that we automatically gather some data from your device whenever you visit our site. For more details on this, please check out our Privacy Notice that governs the use of our website.
Personal Information collected from you
When you apply for a role with Sitoo, we collect different types of personal information to process your application. Here is what we collect:
Contact and Identification Information: This includes your name, address, email, phone number, gender, date of birth, nationalities, and national identifiers like your ID or passport number, and social security number.
Employment History: We gather information about your previous jobs, employers, and the positions you held.
Background Information: This includes your academic and professional qualifications, job qualifications, education, details from your CV or resume (which might contain sensitive information like memberships or interests), transcripts, and employment references.
Referee Details: We ask for information about your nominated referees, like their name, contact details, employer, and job role.
Immigration Status: We need information about your immigration or visa status.
Previous Interactions with Sitoo: If you have applied to our company before or have worked with us, we collect information related to those experiences.
Professional Information: We collect information about your professional history, such as the date of your professional admission, where you qualified, and any complaints made against you to a regulatory body.
Criminal Offense Information: We need to know if you have any criminal convictions.
Voluntarily Provided Information: Any other information you provide during the application process, including through assessment centers, exercises, and interviews.
Personal information collected from other sources
We also collect information from other sources:
References: Information provided by your referees.
Background Information: Confirmed by academic institutions and training or certification providers.
Criminal Records: Obtained through criminal records checks.
External Database Holders: Information provided by background checking agencies, credit reference agencies, professional sanctions registries.
Recruitment Agencies: Information from recruitment or executive search agencies.
Public Sources: Information collected from public sources, like social media platforms or other online resources.
Please note, we only collect these types of information where it is permissible and in accordance with applicable laws.
We collect and use your personal information mainly to help with our recruitment process. This means we use it to see if you are qualified for the job and to help us make a hiring decision. We check your skills, qualifications, and background to see if they match the role, and to assess your suitability for the role. We also verify the information you have given us and may do reference or background checks if needed. These checks will only be conducted for legitimate purposes and will be necessary for the specific job role. The scope of the background check will be proportionate to the job role and the risks involved and will only include information that is relevant to the specific job role.
The reason we process your personal information during the recruitment process is based on:
Information Categories Used
Contact and Identification Information
Why and How We Process This Information
To assess your previous work experience and performance in relation to the role you are applying for.
Legal Basis for Processing
Our legitimate interests
Information Categories Used
Academic and Professional Qualifications
Why and How We Process This Information
To verify your qualifications and ensure they align with the requirements of the role.
Legal Basis for Processing
Pre-contractual obligations
Information Categories Used
Right to Work Information
Why and How We Process This Information
To ensure compliance with immigration and employment eligibility laws.
Legal Basis for Processing
Legal and regulatory compliance
Information Categories Used
Publicly Available Information
Why and How We Process This Information
To access additional information that may aid in the assessment of your candidacy for employment, which you have chosen to make public.
Legal Basis for Processing
Our legitimate interests
Information Categories Used
Voluntary Information
Why and How We Process This Information
To consider any additional information you provide voluntarily during the recruitment process that may be relevant to your potential employment.
Legal Basis for Processing
Our legitimate interests
Information Categories Used
Information Necessary for Employment Contract
Why and How We Process This Information
If we are considering you for employment, we need to take certain steps before we can enter into a contract with you.
Legal Basis for Processing
Pre-contractual obligations
Information Categories Used
Reference Checking
Why and How We Process This Information
Before employment, we might check references provided by you to confirm your work history and qualifications.
Legal Basis for Processing
Pre-contractual obligations
Information Categories Used
Data Protection and Security Measures
Why and How We Process This Information
To ensure the security and confidentiality of your personal data during the recruitment process.
Legal Basis for Processing
Legal and regulatory compliance
Information Categories Used
Compliance with Legal Obligations
Why and How We Process This Information
We process personal information to comply with various legal obligations, such as employment, tax, and safety laws, as required by applicable law.
Legal Basis for Processing
Legal and regulatory compliance
Information Categories Used
Protection of Rights and Interests
Why and How We Process This Information
We process personal information to protect the rights and interests of our company, our employees, applicants, and others, as required and allowed by applicable law.
Legal Basis for Processing
Legal and regulatory compliance
Our legitimate interests include ensuring that we can assess qualifications for roles effectively, maintaining records for legal purposes, and managing our workforce. We balance these interests against your data protection rights by implementing appropriate safeguards such as secure data storage and limited access to your personal data. We have carefully considered the potential impact of our processing on your rights and freedoms and have concluded that our legitimate interests do not override your rights.
Legal Requirement or Contract
If we need you to provide personal information due to a legal requirement or to fulfill a contract, we will tell you at the appropriate time. We will also let you know if it is mandatory to provide your personal information and the potential consequences if you choose not to.
If you have any questions or need more information about why we collect and use your personal information, you can contact us using the details provided below.
Teamtailor
We use Teamtailor to manage and process recruitment data. The information categories processed include all categories mentioned above.
Microsoft 365
We use Microsoft 365 for general email communications and storage of recruitment-related personal data. Information categories managed include contact and identification information, which are processed within Microsoft's data centers.
Background Checks
Information categories utilized includes background information verified through checking agencies or provided by referees. Background checks are performed to assess an applicant's suitability for the role and ensure the safety and legal compliance of the hiring process.
We store your personal information under relevant laws and keep it as long as it is needed for the purposes explained in this Notice or as long as required by the law. Generally, this means we will hold onto your personal information in one of two ways:
If You Become Our Employee: We retain your personal information according to our Privacy Policy.
If You Apply But Don't Become Our Employee: We will retain your personal information for 12 months following the date of your application to comply with our legal obligations and for potential future opportunities that might match your profile. This time may be extended as necessary to comply with the law. Should you prefer not to be considered for other roles or simply wish to have your personal data deleted sooner, you may request this at any time by contacting us.
You have certain rights related to your personal information:
Access, Correct, Update, or Delete: You have the right to request access to your personal information that we process. If you find that this information is incorrect or incomplete, you can request to have it corrected or updated. Additionally, you may request the deletion of your personal information at any point. To exercise any of these rights, please send us an email detailing your request to privacy@sitoo.com or contact us via the additional methods provided below.
Object, Restrict, or Request Portability: You can object to us processing your personal information, ask us to limit how we are using your personal information, or request a copy of your personal information. You can exercise these rights by contacting us via email.
Opt-Out of Marketing: You can choose not to receive marketing communications from us at any time. For emails, just click the "unsubscribe" or "opt-out" link. For other types of marketing (like postal mail or telemarketing), just send us an email.
Withdraw Consent: If we are processing your personal information because you gave us your consent, you can withdraw your consent at any time. Remember, withdrawing your consent will not impact any processing we did before you withdrew your consent. It also will not affect any processing of your personal information done based on other lawful reasons besides consent.
Complaint: You can file a complaint with a data protection authority about how we are collecting and using your personal information. You can contact your local data protection authority for more information.
We will respond to any requests from people who want to exercise their data protection rights, as per the relevant data protection laws.
We might need to change this Privacy Notice occasionally due to legal, technical, or business changes. Whenever we make updates to our Privacy Notice, we will make sure to let you know in a way that matches the importance of the changes.
You can check when we last updated this Privacy Notice by looking at the "last updated" date shown at the end of the Notice.
For more information or if you have any questions, please contact us at privacy@sitoo.com.