Applicant Privacy Notice

Legal Hub Overview

• Terms of Service
• Privacy Policy
• Cookie Policy
• GDPR
• 3rd Party Services
• Data Processing Agreement
• Service-level Agreement
• Data Security
• Applicant Privacy Notice
• Dixa’s Global Feedback Panelist

Last update: 5 September 2022

This Privacy Policy describes the information that Dixa ApS and its affiliated legal entities (hereinafter “Dixa,” “us” and “we”) as the data controller may collect for the purposes of the recruitment process, how we use and disclose your personal data, and the measures we take to protect it. By submitting your application, you accept the practices described in this Policy.

Our entities include:

Dixa ApS
Vimmelskaftet 41 A, 1st floor
1161 Copenhagen K
Denmark

Dixa Estonia Oü
Harjumaa, Tallinn linn
Põhja pst 25 10415
Estonia

Dixa Ltd.
823 Salisbury House
29 Finsbury Circus
London, EC2M 5QQ
England

Dixa Inc.
Industrious Fulton Market
171 N Aberdeen Street
Chicago, IL 60607
The United States

Elevio Pty Ltd
L1 2 Mill Place
Melbourne, 3000 Victoria
Australia

Solvemate GmbH
Friedrichstraße 114
A10117 Berlin
Germany

Miuros SAS
92 Cours Lafayette – CS 53515
69489 Lyon CEDEX 3
France

1. Information we collect and legal basis

As part of the recruitment activities, we process (e.g. collect, analyse, store, use, consult, anonymise or delete) different types of personal data based on either our legitimate interest (i.e pre-contractual measures), for the establishment, exercise or defence of legal claims, and/or with your prior consent. Furthermore, your personal data may be processed in order to comply with legal obligations.

General personal data

Dixa may process the following general personal data:

• Full Name
• E-Mail address
• Phone number
• Any other information you provide, such as information in CV or cover letters
• Employment history
• Right to work documentation (e.g. visa, work permit)
• Competence assessment results
• Current base salary and salary expectation, if applicable
• Personal data provided to us about you by references, if applicable
• Criminal record, if relevant for position

System Information

Dixa, or its system provider vendors, may collect the following information of your device when you use the systems in order for them to function and in order to be accountable in relation to security and data protection compliance:

• Log Data (IP-Address, browser type, browsing history on the website, date and time stamps etc.)
• Location data (General geographic area)

For further details, please consult https://www.lever.co/privacy.

2. Collection of your personal data

We may collect your personal data either directly from you, or third parties, such as professional networks as Xing and LinkedIn, or receive them from assessment providers (e.g. personality test providers), or employment agencies. We also may collect additional information about you through third parties such as former employers, however only with your prior consent.

3. Usage of personal data

We will use the personal data we collect about you to:

• Assess your suitability for the position
• Communicate with you about the recruitment process
• Conduct background or reference checks (if applicable)
• Check your entitlement to work in the country you have applied for
• Comply with our legal requirements

4. Storage/Retention

We keep your application and any other information you have provided to us until the recruitment process has been completed. Your personal data will be stored beyond this period for the purpose of allowing us to respond to legal claims to be established, asserted or defended, for the period of 3 years. We will also process your personal data if you wish to be considered for further job openings, provided that you have given your prior consent.

5. Sharing of personal data

We may share your personal data with our employees involved in the recruitment process on a business need-to-know basis. Furthermore, your personal data may be shared with third parties who assist us in the recruitment process, such as providers of assessment tests. In these circumstances, however, we make sure that your personal data is limited to the extent necessary. All our third-party service providers are required to take appropriate security measures to protect your personal data. Additionally, we restrict our third-party service providers to use your personal data for their own purposes and they are only permitted to process your personal data for specified purposes that are in accordance with our instructions. Lastly, your personal data may be shared if we are required to do so in order to comply with the law or court order.

6. Security

We have implemented technical and organisational measures which ensure that your personal data is kept securely and protected against unauthorised access or unlawful processing. Our carefully selected service providers also safeguard your data according to the state of the art with technical and organisational measures. We will notify you and any applicable supervisory authority of a suspected data breach whenever we are legally required to do so.

7. Third country transfers

In certain cases, Dixa may transfer your personal data to a third country outside the EU/EEA, which do not offer the same level of protection of your personal data, as the laws in the EU/EEA do. In connection with such transfers Dixa will ensure that an appropriate level of protection is ensured. Such appropriate level of protection is currently ensured through EU Standard Contractual Clauses, and/or Binding Corporate Rules.

8. Your rights

You have the following rights in relation to your personal data being processed by Dixa, however under certain circumstances some rights are subject to limitation:Right of access You may request access to the personal data processed by Dixa.

Right of rectification:
You may request that your personal data is corrected in case it is incorrect.

Right of objection:
If you believe Dixa is processing your personal data unlawfully or you do not otherwise believe Dixa is entitled to process some of your personal data, you may send an objection.

Right of erasure:
You may request that Dixa deletes your personal data

Right of data portability:
You may ask Dixa to export some of your personal data

Right to revoke your consent:
You can at any time revoke a consent you have given to process your personal data. This will however only affect future processing’s and does not affect the lawfulness of previously processed personal data.

9. Who can I get in contact with?

If you have questions regarding this policy or you wish to exercise your rights, you can contact the following departments in writing:

Privacy or DPO

• privacy@dixa.com
• dpo@dixa.com

10. Complaint

You can generally complain to Dixa or the Danish Data Protection Authority in relation to the processing of your personal data as governed by this privacy notice.

In relation to local labour specific processing activities, pertaining to the relationship between you as the applicant and the local Dixa entity/subsidiary who is in the application process with you, you may also submit a complaint to that local data protection agency:

Dixa ApS – DK Danish Data Protection Authority https://datatilsynet.dk/kontakt/skriv-til-os

Dixa Ltd. – UK Information Commissioner’s Office https://ico.org.uk/make-a-complaint/