Candidate Data Privacy

Last Edited: February 11, 2021

Blinkist’s application management system is a service of Blinks Labs GmbH.

The protection and legally correct collection, processing, and use of your personal data are important for us. In order for you to feel safe when completing and sending us your online application, we comply with all legal data protection requirements when handling your application. By sending us your application data, you consent to the Blinks Labs GmbH storing your data.

Please read the following information about our data protection regulations:

RESPONSIBLE ENTITY

The entity responsible for collecting, processing, and using your personal data in accordance with the General Data Protection Regulation (GDPR) is the Blinks Labs GmbH, Sonnenallee 223, 12059 Berlin, Germany.

COLLECTING, PROCESSING, AND USING YOUR PERSONAL DATA

PERSONAL DATA

Personal data means any information about material or personal circumstances of a specific and identifiable natural person. This includes, but is not limited to your name, your telephone number, your address, as well as all application data that you share with us in the course of your application.

COLLECTING, PROCESSING, AND USING PERSONAL DATA

For the purposes of managing your online application, we will collect, process, and use your personal data that you have disclosed to us via the online application form if you have expressly consented pursuant to Art. 6 (1) (a) GDPR. With the exception of the mandatory fields marked with asterisks, you decide yourself which data you are willing to enter and share with us. The mandatory fields include your first name and last name, email address, resume, cover letter.

Your data will be transmitted to the People & Organization department in charge and used exclusively for the purposes of the application process. This also includes using the data to contact you. Your data will not be disclosed to any third party – other than in the context of data processing commissions without your express consent.

We are also happy to pass on your application to other persons in charge of departments with vacancies or other functional areas that fit your applicant profile. Please notify us if you do not consent to this.

STORING OF YOUR APPLICATION DATA BY LEVER

For our application management we use the services of Lever, Inc., 155 5th St, San Francisco, CA 94103, United States of America ("Lever"). For this purpose, your data is being stored and processed on servers of Lever located in the USA. Although it may be the case that the level of data privacy in the USA does not equal the standards of German privacy regulation, the storage is happening within the framework of the General Data Protection Regulation (GDPR). We have entered into a so-called "Data Processing Agreement" with Lever, in which we commit Lever to protect the data of our applicants, to not disclose them to third parties and to comply with the provisions of the standard contractual clauses according to Art. 46 GDPR in the case of a transfer of personal data to the USA.

STORING OF YOUR APPLICATION DATA BY COMEET

For our application management we use the services of Comeet Technologies, Inc., 550 California Ave, Palo Alto, CA 94306, United States of America (Comeet”). For this purpose, your data is being stored and processed on servers of Comeet located in the USA. Although it may be the case that the level of data privacy in the USA does not equal the standards of German privacy regulation, the storage is happening within the framework of the General Data Protection Regulation (GDPR). We have entered into a so-called "Data Processing Agreement" with Comeet, in which we commit Comeet to protect the data of our applicants, to not disclose them to third parties and to comply with the provisions of the standard contractual clauses according to Art. 46 GDPR in the case of a transfer of personal data to the USA.

STORING OF YOUR APPLICATION DATA BY NOTION

For our application management we use the services of Notion Labs, Inc., 548 Market St #74567, San Francisco, CA 94104, United States of America (Notion”). For this purpose, your data is being stored and processed on servers of Notion located in the USA. Although it may be the case that the level of data privacy in the USA does not equal the standards of German privacy regulation, the storage is happening within the framework of the General Data Protection Regulation (GDPR). We have entered into a so-called "Data Processing Agreement" with Notion, in which we commit Notion to protect the data of our applicants, to not disclose them to third parties and to comply with the provisions of the standard contractual clauses according to Art. 46 GDPR in the case of a transfer of personal data to the USA.

STORING OF YOUR APPLICATION DATA BY BRYQ

For our application assessment management we use the service “Bryq” provided by Idalto Limited, 1 Lamousas Street, 1095 Nicosia, Cyprus (“Bryq”). For this purpose, your data is being stored and processed on servers of Bryq. We have entered into a so-called "Data Processing Agreement" with Bryq, in which we commit Bryq to protect the data of our applicants, to not disclose them to third parties and to comply with the provisions of the standard contractual clauses according to Art. 46 GDPR in the case of a transfer of personal data to the USA.

DELETING PERSONAL DATA

Upon submitting your application, you have the option to let Blinkist store your data so that we can contact you about future job opportunities. In this case, your data will be anonymized 2 years after the day of your application. If you do not allow Blinkist to store your data for 2 years, your data will be anonymized at the end of the recruiting process. Please note that you won’t get notified once your data is anonymized. You can always request us to delete your data by sending a mail to [email protected] Please note that doing so means that you are withdrawing from any still on-going application processes.

CONTACT FORM AND ZENDESK

We use the Zendesk ticket system to handle customer inquiries, a customer service platform of Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102 (USA). We have entered into a so-called "Data Processing Agreement" with Zendesk, in which we commit Zendesk to protect the data of our applicants, to not disclose them to third parties and to comply with the provisions of the standard contractual clauses according to Art. 46 GDPR in the case of a transfer of personal data to the USA.

If you send us inquiries via contact form or by using our public, non-personal e-mail addresses (e.g. [email protected]), your details from the inquiry form, including the contact details given there, will be stored with us for processing the request and in case of follow-up questions via the Zendesk ticketing system. We will not share this information without your consent. The data processing is based on your request and, in the context of answering a contact request, is based on our legitimate interests, in order to be able to handle requests in a meaningful way (Art. 6 para. 1 sentence 1 lit. f DSGVO).

YOU HAVE THE FOLLOWING RIGHTS

• Pursuant to Article 7(3) GDPR, you have the right to revoke at any time any consent declaration you may have given to us before. Consequently, we may no longer continue the respective activity.
• Pursuant to Article 15 GDPR, you have the right to demand information on your personal data which we have processed. In particular, you have the right to information on the following:
  • Purposes of the data processing
  • The category of personal data
  • The categories of recipients to which we disclosed or will disclose your data
  • The planned storage periods of data
  • The existence of the right to correction, deletion, restriction of processing and objection
  • The right to appeal
  • The right to know the origin of your data in the event that we did not collect these data
  • The right to meaningful and detailed information on the existence of automated decision-making including profiling and, if applicable, relevant information on the details thereof
• Pursuant to Article 16 GDPR, you have the right to the immediate correction of incorrect personal data and/or the completion of incomplete personal data in storage at the Blinks Labs GmbH.
• Pursuant to Article 17 GDPR, you have the right to the deletion of your personal data unless the deletion interferes with the execution of the right to the free expression of opinions and to information, with the compliance with legal obligations, is necessary in the public interest or for establishing, exercising or defending legal claims.
• Pursuant to Article 18 GDPR, you have the right to restrict the processing of your personal data if you contest or challenge the accuracy of these data, the processing of the data is illegal, but you reject the deletion of these data and we no longer need the data while you still need the data to establish, exercise or defend legal claims or you have raised an objection against the data processing pursuant to Article 21 GDPR.
• Pursuant to Article 20 GDPR, you have the right to receive the personal data you provided to us in a structured, customary and machine-readable format or to demand the transfer to another authority.
• Pursuant to Article 77 GDPR, you have the right to complain to a superior authority. As a rule, you may find such authority at your place of residence, your workplace or our company domicile.

RIGHT TO INFORMATION / CONTACT

In accordance with the General Data Protection Regulation (GDPR), you have a right to be informed about all your personal details stored by us and, where applicable, a right to request their amendment, blocking, or deletion.

We take the protection of your personal data very seriously. Please send your requests by email or post with proof of identity to our data protection officer Benjamin Kühn, HC Plus, Geneststraße 5, D-10829 Berlin, [email protected]

DATA SECURITY

We transmit all your personal data using the widely used and secure TLS (Transport Layer Security) encryption standard. The TLS protocol is a proven and secure standard that is also used in online banking transactions. You will recognise a secure TLS connection by the “s” following the http (https://...) in your browser URL or by the lock symbol in the lower section of your browser.

Moreover, we use suitable technical and organisational safety procedures to protect your data against accidental or wilful manipulation, partial or complete loss, destruction or against the unauthorised access by third parties. We constantly improve these security measures as the technology advances.

CCPA INFORMATION

The following passages are deemed valid for California residents that apply for an open position at Blinkist.

California Privacy Rights

We take the data protection regulations of the California Consumer Privacy Act (“CCPA”) and the California Civil Code seriously and respect the resulting rights for California residents as stated in the following paragraphs. We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our services or provide you a lower quality of services if you exercise your rights under the CCPA.

Shine the Light / Opt-Out

California residents have the right to request information about their personal data that we have shared with third parties once a calendar year and to have this data deleted by us. In addition, California residents have the right to opt-out of the disclosure of their personal data to third parties (“opt-out”). To exercise the right to information and / or deletion and/ or opt-out, an informal email to us ([email protected]) is sufficient, along with proof of identity and place of residence. We will respond to verified requests within 30 days. California residents also have the right to opt-out of the sale of their personal data. We do not offer this option, because we generally do not sell personal data.

Purposes of data processing of California residents

We collect and process personal data of California residents only for the purposes stated in this privacy policy, in particular in order to manage your online application in a technically flawless and optimal manner. We do not sell personal data of California residents, we only pass them on to processors to fulfill our purposes as stated above and in the privacy policy.

Categories of personal data of California residents

We collect and process personal data from California residents from the following categories: (i) personal data (e.g. name), (ii) identifiers (e.g. name, email address), (iii) personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e), (iv) characteristics of protected classifications under California or federal law, (v) professional or employment-related information. The categories of third parties to whom we may share California residents' personal information are: (i) processors to handle your application data, (ii) analytics and hosting providers. We have no knowledge of disclosing personal data of minors under 16 years of age to third parties.