EMPLOYMENT CANDIDATE PRIVACY NOTICE
CONCERNING PERSONAL DATA PROCESSING
Last Updated: 30 January 2024
(Also Available in Dutch, German, Spanish and French)
1. Introduction
We are committed to the protection and promotion of your privacy. In connection with your application for employment at the Clinisys group of companies, it is necessary for us to collect, store and use information about you (“Personal Data”) to administer and evaluate your application. We are the “controller” of the Personal Data you provide us and will process any such Personal Data in accordance with applicable law and the statements contained in this Employment Candidate Privacy Notice.
2. Scope
In order to promote the coordinated and secure processing of your data for purposes of administering the application process, we rely on one or more services and/or centralized human resource information systems that may be operated or administered either by us, by our parent company, Roper Technologies, or by one of its affiliates (collectively, the “Roper Group”). We also may share information about your application with other members of the Roper Group in the event that they have openings that may be a fit for your skillset. This notice (“Notice”) provides relevant information about the Personal Data that is processed using those systems.
3. Purposes for Processing Personal Data
Where required by law, we obtain your consent to use and process your Personal Data for these purposes. Otherwise, we rely on other legal bases to collect and process your Personal Data. We process your Personal Data for the following purposes:
- Qualification Assessment: We process your Personal Data to assess your skills, qualifications, and interests against our job opening requirements to further our legitimate interest in identifying qualified applicants.
- Employment Eligibility: We process your Personal Data to further our legitimate interest in verifying the information you provide us during the application process and conducting reference checks and background checks (where applicable) if you are offered a job.
- Communication: We process your Personal Data to further our legitimate interest in communicating with you about your applications and the recruitment process, informing you about other potential job opportunities within the Roper Group.
- Legal Obligations: We process your Personal Data to meet our legal obligations, including complying with applicable laws, regulations, or legal requirements, responding to legal requirements, or completing any reports required by law.
For a more complete list of the types of Personal Data we collect and our bases for processing, see Annex 1. We have not sold and do not sell any Personal Data that you provide to us as part of your employment or share that Personal Data as defined by the California Consumer Privacy Act.
4. Categories of Personal Data We Collect
We collect Personal Data to manage and administer our relationship with you beginning when you apply for a role with us, during your employment, and through your departure from the company. This may include the electronic monitoring of your use of company systems (including personal computers), specialized software, or system administrative access. The categories of data we may collect about you fall into the following categories under the California Consumer Privacy Act:
- identifiers (e.g., name, address, phone number);
- protected classifications (e.g., age, gender, gender identity);
- Audio/visual information (e.g. during the interview process)
- professional/educational information;
- sensitive personal information (including government-issued identifiers, and
- inferences drawn from any of the above.
5. Sensitive Personal Data That We Process
We collect and use certain types of sensitive information (e.g., health,) in limited circumstances where it is necessary for us to protect your interests (e.g., to provide certain job-related accommodations), where we need to do so to comply with specific legal obligations (e.g., equal opportunity or anti-discrimination legislation or employment law), or where we have your explicit consent to use it.
The purposes for which Sensitive Personal Data may be used include the following:
- compliance with equal opportunity or anti-discrimination legislation or regulations (where applicable);
- background checks for employment (where permitted by applicable laws); and
- in the course of legal proceedings (including prospective legal proceedings), complying with laws and regulations, obtaining legal advice, establishing or defending legal claims, or otherwise where strictly necessary for the administration of justice in accordance with applicable laws.
6. Sources of Information
We may collect personal data about you from the following sources:
- you, in the form of your application, resume, and other materials submitted to the company;
- your named references;
- external recruitment offices
- from publicly accessible sources, such as LinkedIn, Facebook, etc.; and job fairs, job sites, etc.; and
- from background check service providers (if we extend a conditional offer of employment).
If you fail to provide Personal Data when requested and the Personal Data is necessary for us to evaluate your application (e.g., work history), we may not be able to process your application further.
7. Recipients of Personal Data
Clinisys shares Personal Data with the Roper Group and certain third parties in furtherance of processing your application. This includes sharing your Personal Data with the Roper Group so that you can be considered for other roles within the Roper Group and with third parties when sharing is necessary for them to perform services for Clinisys related to processing your application. We will only share your Personal Data with these third parties in accordance with this policy, when otherwise required by applicable law, or with your consent. We will obtain assurances from each third party with whom we share your Personal Data that it will safeguard your Personal Data in a manner consistent with this policy. If we have knowledge that a third party is using or disclosing Personal Data in a manner contrary to this Policy, we will take reasonable steps to prevent or stop the use or disclosure.
Your Personal Data may be also disclosed or transferred to a third party in the event of any proposed or actual reorganization, sale, merger, or any other type of corporate action involving of any portion of our company or assets (including insolvency). Should such an event take place, we will direct the transferee to use Personal Data in a manner that is consistent with this Privacy Policy.
We do not sell or share Personal Data about you to unrelated companies for their independent use.
8. Your Individual Rights.
You may have certain rights relating to your Personal Data based on applicable local data protection laws., including from individual US state privacy laws (e.g., California, Virginia), Canadian privacy laws, and the EU/UK General Data Protection Regulation. Depending on the applicable laws these rights may include the right to:
- Request and receive copies of your Personal Data that we hold;
- Request additional information about how we process your Personal Data;
- Correct inaccurate or incomplete Personal Data (taking into account our use of it);
- Request deletion of your Personal Data;
- Restrict or object to our processing of your Personal Data, including restricting the sale or sharing of your data or its use for cross-context behavioral marketing. Where we process Personal Data for direct marketing purposes (either by us or third parties) or for cross-context behavioral marketing, you may not have to provide a specific reason for such objection;
- Require us (if possible) to transfer your Personal Data to another controller (i.e., data portability);
- Limit the use or disclosure of your sensitive Personal Data;
- Restrict certain disclosures of your Personal Data to third parties;
- Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects; and
- Withdraw your consent to the processing of your Personal Data (to the extent we base processing on consent and not on another lawful basis).
We will not discriminate against you in any manner prohibited by applicable law for exercising these rights. You may exercise these rights, to the extent applicable, by sending us an email at dpo@clinisys.com, by calling or writing to us at the local office to which you are applying, making the request via our website here. We will respond to any such requests within 30 days of receipt.
If you are not happy with how Clinisys handles your Personal Data and we cannot provide you with a satisfactory resolution to your request, you also have the right to lodge a complaint with a supervisory body for data protection in your jurisdiction. If you wish to pursue any of these rights, please contact us using the details set out at the end of this Notice below.
9. Transfers to Third Countries
Clinisys is an affiliate of the Roper Group, with offices located throughout the world. As a result, your Personal Data may be transferred to other Roper Group offices for the purposes identified above. Any such transfer shall take place only in accordance with and as permitted by the law of your jurisdiction, but please be aware that the laws and practices relating to the protection of Personal Data are likely to be different and, in some cases, may be weaker than those within your home jurisdiction.
Clinisys and the Roper Group have executed Standard Contractual Clauses, as approved by the European Commission and/or by the United Kingdom’s Information Commissioners’ Office. These clauses permit us (or the Roper Group) to transfer data from the EU and the UK to third countries, including the United States. Regardless, in all events, we shall apply the provisions of this Policy to your Personal Data wherever it is located.
10. Protection of Personal Data
We are committed to protecting your Personal Data. We use a variety of security measures and technologies to protect your Personal Data from unauthorized access. This includes storing the Personal Data you provide in secure areas or on secure servers and using encryption when electronically transmitting or storing highly-confidential or sensitive information.
11. Data Breaches.
While we work hard to reduce the risk of data breaches, we have dedicated controls and procedures in place for such situations, along with the procedures that are required to make notifications to you and to the relevant Supervisory Authority as appropriate.
12. Retention of Personal Data
We will keep and process your Personal Data only for as long as is necessary for the purposes for which it was collected, unless there is a legal right or obligation to retain the data for a longer period. Generally, this means that your Personal Data will be retained as documented in our corporate data retention schedule.
13.Contact Information
If you have any questions, please contact dpo@clinisys.com or Clinisys’s HR Department at HR-EU@clinisys.com or peopleoperations-US@clinisys.com.
14. Updates
We reserve the right to update this Employment Candidate Privacy Notice from time to time. When we do, we will revise the "last updated" date at the top of this Notice. If there are material changes to this Notice or in how Clinisys will use your personal data, we will use reasonable efforts to notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification.
Annex 1: Categories of Personal Data and Grounds for Processing
The Company will process the following categories of data based on legitimate grounds for processing.
Some examples of data and the legal bases for processing are set out below:
- Personal Data necessary for the evaluation of your application
- Personal Identification Details
- Identification data (e.g., name, identifying numbers, etc.)
- work and home contact details (work e-mail, phone numbers, physical address).
b. Personal History
- Resume Data
- Background check information
- Previous employment information
- Demographic Information
c) Other Information
- Demographic Information (where permitted/required by law)
- Assessment Details
- Expense Data
- Health-related information (only where required by law)
- Job interview Notes
- Travel Related Records
- Data relating to work preferences and availability
- Screening question responses
2. Personal Details necessary to comply with Company’s legal obligations.
Some examples of the legal obligations include:
- record-keeping and reporting obligations
- physical access policies
- conducting audits, compliance with government inspections and other requests from government or other public authorities
- responding to legal processes, pursuing legal rights and remedies, defending litigation and managing any internal complaints or claims, conducting investigations, and
- complying with internal policies and procedures.
The categories of Personal Data collected include:
- National insurance number
- driver’s license
- ID card data
- citizenship
- passport data
- details of residency or work permit
- disability status