Candidate privacy policy

Introduction

This Candidate Privacy Policy outlines how we, TheyDo BV, collect, use, and protect your personal data throughout the candidate journey. This policy also describes the rights that Candidates may have in relation to the personal data that we process about them. As used in this policy, “personal data” means any information that relates to, identifies, or reasonably could be used to identify an individual, directly or indirectly. Our data processing practices may be more restricted in certain jurisdictions due to local legal requirements. In such cases, we modify our internal practices to comply with the applicable local laws. For personal data collected under this policy, the controller will be TheyDo BV.


Definitions

  • What is personal data? Personal data refers to any information that directly or indirectly identifies an individual. Examples include:

    • Name

    • Contact number

    • Personal email address

    • Home address

    • Date of birth

    • Employment history

    • Education details

  • What is sensitive personal data? Sensitive personal data is a subset of personal data that is more sensitive in nature, such as:

    • Racial or ethnic origin

    • Gender Identity

    • Sexual orientation

    • Health information

    • Medical information

    • Disability

    • Nationality

At TheyDo, we are committed to fostering a diverse, inclusive, and equitable workplace. We strictly adhere to a policy of non-discrimination on any grounds, including but not limited to those listed under sensitive personal data above.

We value the unique perspectives and backgrounds of all individuals and strive to create an environment where everyone feels respected and empowered. Sensitive personal data is collected solely with your consent if shared with us directly, to ensure that we can provide appropriate accommodations during the recruitment process. For example disability information, to be able to facilitate necessary adjustments and/or to provide a comfortable interview setting.

We handle all personal data with the utmost care and confidentiality, using it only for the intended purposes and in compliance with applicable laws and regulations. We always aim to create an inclusive hiring process that respects and supports every candidate's individual needs. We believe that diversity drives innovation and strengthens our organization, and we are dedicated to ensuring that our recruitment practices reflect these values.


Data collection

  • What personal data do we collect? We collect various types of personal data about you. This could be by directly inputting the information from your side on our TheyDo website application, Applicant Tracking System (ATS) Ashby, via the resume documentation you provide, LinkedIn or any other social links you provide, including:

    • Name

    • Contact information (phone number, email address)

    • Home address (Optional)

    • Date of birth

    • Employment history

    • Education information

    • Professional certifications

    • Interview notes

    • References

  • How is data collected? We collect personal data directly from you during the candidate journey including information provided through our Applicant Tracking System (ATS) Ashby, via email, or during interviews and alternative third parties.


Use of candidate personal data

We may process your personal data for the following purposes:

TheyDo

Disclosure of personal information

We may disclose your personal information to third parties in accordance with GDPR and other applicable laws, including:

  • Service providers and vendors assisting with our hiring activities

  • Government authorities and regulatory bodies as required by law

  • Other parties with your consent or as permitted by law


Security of personal information

TheyDo BV implements appropriate technical and organizational measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. Access to your personal information is restricted to authorized individuals only, and all employees handling personal information are trained in data protection principles.


Retention of personal information

  • Candidates not hired: Personal data of candidates who are not hired will be deleted following one year or retained for a maximum of two years with your consent, as per application form for future opportunities.

  • Hired candidates Once hired, your personal data will be transferred to your employee record and will be retained in accordance with our People Privacy Policy.


Rights of candidates

You have the following rights regarding your personal data:

  • Access your data: You can request to see the personal information that we hold about you, including the purpose of processing and the recipients of the data.

  • Rectify your data: If you believe that any personal information we hold about you is incorrect or incomplete, you can request that we correct or update it.

  • Erase your data: You can request the deletion of your personal information under certain conditions, such as if the data is no longer necessary for the purposes for which it was collected.

  • Withdraw consent: If you have given consent for the processing of your personal data, you have the right to withdraw your consent at any time.


How to make a request

To exercise any of these rights, please contact us at privacy@theydo.com. When making a request, please:

  • Provide sufficient information to verify your identity: Include your full name and any other relevant details that will help us identify you in our records. For example, include details such as the position you applied for and the date of your application.

  • Provide details of your request: Specify the exact data you wish to access, rectify, or erase, or any other details relevant to your request.

This will help us process your request efficiently.

We will respond to your request within one month. If we need more time to process your request, we will inform you and explain the reason for the delay.


Updates to this policy

We may update this Candidate Privacy Policy to reflect changes in our practices or legal requirements. Any updates will be communicated to all candidates and reflected in this policy page.


Contact information

If you have any questions or concerns about this Candidate Privacy Policy or our data protection practices, please reach out to privacy@theydo.com.


Additional information

For more details about our general data protection practices, please refer to our Privacy Policy and Terms of Use available on our TheyDo website.