Candidate Data Privacy
Last Edited: July 21st, 2020
Blinkist’s application management system is a service of Blinks Labs GmbH.
The protection and legally correct collection, processing, and use of your personal data are important for us. In order for you to feel safe when completing and sending us your online application, we comply with all legal data protection requirements when handling your application. By sending us your application data, you consent to the Blinks Labs GmbH storing your data.
Please read the following information about our data protection regulations:
The entity responsible for collecting, processing, and using your personal data in accordance with the General Data Protection Regulation (GDPR) is the Blinks Labs GmbH, Sonnenallee 223, 12059 Berlin, Germany.
COLLECTING, PROCESSING, AND USING YOUR PERSONAL DATA
Personal data means any information about material or personal circumstances of a specific and identifiable natural person. This includes, but is not limited to your name, your telephone number, your address, as well as all application data that you share with us in the course of your application.
COLLECTING, PROCESSING, AND USING PERSONAL DATA
For the purposes of managing your online application, we will collect, process, and use your personal data that you have disclosed to us via the online application form if you have expressly consented pursuant to Art. 6 (1) (a) GDPR. With the exception of the mandatory fields marked with asterisks, you decide yourself which data you are willing to enter and share with us. The mandatory fields include your first name and last name, email address, resume, cover letter.
Your data will be transmitted to the People & Organization department in charge and used exclusively for the purposes of the application process. This also includes using the data to contact you. Your data will not be disclosed to any third party – other than in the context of data processing commissions, especially those mentioned in section 2.3 – without your express consent.
We are also happy to pass on your application to other persons in charge of departments with vacancies or other functional areas that fit your applicant profile. Please notify us if you do not consent to this.
STORING OF YOUR APPLICATION DATA BY LEVER
For our application management we use the services of Lever, Inc., 155 5th St, San Francisco, CA 94103, United States of America. For this purpose, your data is being stored and processed on servers of Lever located in the USA. Although, it may be the case that the level of data privacy in the USA does not equal the standards of German privacy regulation, the storage is happening within the framework of the General Data Protection Regulation (GDPR) and Lever is a certified participant of the so-called "Privacy Shield Framework" and thus provides appropriate guarantees for an appropriate level of data protection. Lever was selected with due care and assured us to fully respect applicable data protection rules. Additionally, we have entered into a so-called "Data Processing Agreement" with Lever, in which we commit Lever to protect the data of our applicants and not to disclose them to third parties.
STORING OF YOUR APPLICATION DATA BY ONCEHUB
For appointment scheduling with applicants we use the services of OnceHub, Inc., 340 S. Lemon Ave., Walnut, CA 91789, USA. For this purpose, your data is being stored and processed on servers of OnceHub located in the USA. Although, it may be the case that the level of data privacy in the USA does not equal the standards of German privacy regulation, the storage is happening within the framework of the General Data Protection Regulation (GDPR) and OnceHub is a certified participant of the so-called "Privacy Shield Framework" and thus provides appropriate guarantees for an appropriate level of data protection. OnceHub was selected with due care and assured us to fully respect applicable data protection rules. Additionally, we have entered into a so-called "Data Processing Agreement" with OnceHub, in which we commit OnceHub to protect the data of our applicants and not to disclose them to third parties.
AGGREGATED STATISTICS BY AIRTABLE AND CODA
For aggregated statistics of anonymized application data we use the services of Airtable, a service of Formagrid, Inc., 799 Market St, San Francisco, CA 94103, USA and of Coda a service of Coda Project, Inc., 444 Castro Str., Mountain View, CA 94041, USA. For this purpose, anonymized and aggregated data is being stored and processed on servers of Airtable and Coda located in the USA. Although the processed data is not considered to be personal data, it is important to us only cooperate with trustworthy partners when it comes to application management. Airtable and Coda were selected with due care and both assured us to fully respect applicable data protection rules. Additionally, we have entered into a separate so-called "Data Processing Agreement" with Airtable and Coda, in which we commit Airtable and Coda to protect the data and not to disclose them to third parties.
DELETING PERSONAL DATA
Upon submitting your application, you have the option to let Blinkist store your data so that we can contact you about future job opportunities. In this case, your data will be anonymized 2 years after the day of your application. If you do not allow Blinkist to store your data for 2 years, your data will be anonymized at the end of the recruiting process. Please note that you won’t get notified once your data is anonymized. You can always request us to delete your data by sending a mail to [email protected] Please note that doing so means that you are withdrawing from any still on-going application processes.
CONTACT FORM AND ZENDESK
If you send us inquiries via contact form or by using our public, non-personal e-mail addresses (e.g. [email protected]), your details from the inquiry form, including the contact details given there, will be stored with us for processing the request and in case of follow-up questions via the Zendesk ticketing system. We will not share this information without your consent. The data processing is based on your request and, in the context of answering a contact request, is based on our legitimate interests, in order to be able to handle requests in a meaningful way (Art. 6 para. 1 sentence 1 lit. f DSGVO).
YOU HAVE THE FOLLOWING RIGHTS
- Pursuant to Article 7(3) GDPR, you have the right to revoke at any time any consent declaration you may have given to us before. Consequently, we may no longer continue the respective activity.
Pursuant to Article 15 GDPR, you have the right to demand information on your personal data which we have processed. In particular, you have the right to information on the following:
- Purposes of the data processing
- The category of personal data
- The categories of recipients to which we disclosed or will disclose your data
- The planned storage periods of data
- The existence of the right to correction, deletion, restriction of processing and objection
- The right to appeal
- The right to know the origin of your data in the event that we did not collect these data
- The right to meaningful and detailed information on the existence of automated decision-making including profiling and, if applicable, relevant information on the details thereof
- Pursuant to Article 16 GDPR, you have the right to the immediate correction of incorrect personal data and/or the completion of incomplete personal data in storage at the Blinks Labs GmbH.
- Pursuant to Article 17 GDPR, you have the right to the deletion of your personal data unless the deletion interferes with the execution of the right to the free expression of opinions and to information, with the compliance with legal obligations, is necessary in the public interest or for establishing, exercising or defending legal claims.
- Pursuant to Article 18 GDPR, you have the right to restrict the processing of your personal data if you contest or challenge the accuracy of these data, the processing of the data is illegal, but you reject the deletion of these data and we no longer need the data while you still need the data to establish, exercise or defend legal claims or you have raised an objection against the data processing pursuant to Article 21 GDPR.
- Pursuant to Article 20 GDPR, you have the right to receive the personal data you provided to us in a structured, customary and machine-readable format or to demand the transfer to another authority.
- Pursuant to Article 77 GDPR, you have the right to complain to a superior authority. As a rule, you may find such authority at your place of residence, your workplace or our company domicile.
RIGHT TO INFORMATION / CONTACT
In accordance with the General Data Protection Regulation (GDPR), you have a right to be informed about all your personal details stored by us and, where applicable, a right to request their amendment, blocking, or deletion.
We take the protection of your personal data very seriously. Please send your requests by email or post with proof of identity to our data protection officer Benjamin Kühn, HC Plus, Geneststraße 5, D-10829 Berlin, [email protected]
We transmit all your personal data using the widely used and secure TLS (Transport Layer Security) encryption standard. The TLS protocol is a proven and secure standard that is also used in online banking transactions. You will recognise a secure TLS connection by the “s” following the http (https://...) in your browser URL or by the lock symbol in the lower section of your browser.
Moreover, we use suitable technical and organisational safety procedures to protect your data against accidental or wilful manipulation, partial or complete loss, destruction or against the unauthorised access by third parties. We constantly improve these security measures as the technology advances.