- Ingenico ePayments / Ogone platform
- Ingenico ePayments / GlobalCollect platform
INGENICO (BE) CANDIDATE PRIVACY NOTICE
What is the purpose of this document?
As you have applied for a job at Ingenico (whether as an employee, worker or contractor; whether permanent, fixed-term or temporary), you have provided Ingenico with your personal information. Ingenico will handle your information in accordance with this Privacy Notice. For the purpose of this recruitment process Ingenico acts as a "Data Controller" in accordance with the General Data Protection Regulation ((EU) 2016/679) (“GDPR”). This means that Ingenico is responsible for deciding how we hold and use personal information about you and this Privacy Notice has been designed to outline our legal obligations, how and why your personal data will be used for the purposes of Ingenico’s recruitment process, and how long it will usually be retained for.
How did your personal data reach Ingenico?
Your personal information may have been communicated to Ingenico through various channels:
§ Spontaneous solicitation: you have spontaneously applied and provided personal information that will be processed for matching possible current or future open position(s) at companies of the Ingenico group;
§ Job posting: you have applied for an open job position published by Ingenico on a web site or social media;
§ External recruitment agencies: you provided your personal information to a recruitment agency partnered with Ingenico.
In these cases the lawfulness of the data processing is based on your explicit consent to provide your personal data.
§ Referral scheme: you have been referred by an employee of Ingenico as a potential candidate for a current open job position;
§ Former employee: Ingenico had your personal information because you are a former employee, worker or contractor of one of Ingenico group entities.
In these cases the lawfulness of the processing is based on our legitimate interest to hire the best possible profiles.
What are the data protection principles observed by Ingenico?
In the frame of its recruitment process, Ingenico will process your personal data in observance of GDPR obligations, which means that your data will be kept securely and:
§ Used lawfully, fairly and in a transparent way;
§ Collected only for valid, clearly-explained purposes and not used in any way that is incompatible with those purposes;
§ Relevant to, and limited only to, those purposes;
§ Accurate and every step will be taken to keep it up to date (whilst in our possession);
§ Kept only as long as necessary for the purposes Ingenico have informed you about.
What information do we collect?
Ingenico will collect, store, and use the following categories of your personal information:
§ The information you have provided to us in your CV/Resume and/or covering text message/letter, including (amongst other things) your identification information (f.i.name, surname, gender, nationality), your biographical information (previous job history,…), your contact information (f.i. address, telephone number and personal email address,…);
§ Any information you provide to us during an interview;
§ At final stage, part of the background check, an integrity check is performed based on the criminal records provided by the candidate.
How Ingenico will use information about you
Ingenico will use the personal information we collect about you to:
§ Assess your skills, qualifications, and suitability for the role you applied for or any current or future open position at an Ingenico company;
§ Communicate with you about the recruitment process;
§ Contact your references to perform a background verification;
§ Keep records related to our hiring processes;
§ Prepare the contractual arrangements in case you accepted a job offer;
§ Comply with legal or regulatory requirements.
§ Build reports and statistics on our recruitment process
As a candidate, you will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.
What if you fail to provide personal information?
If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), Ingenico will not be able to process your application successfully. For example, if you fail to provide us with relevant details in order to perform our background or reference checks Ingenico will not be able to take your application further.
How does Ingenico use sensitive personal information?
Ingenico will use your particularly sensitive personal information in the following ways:
§ Ingenico will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment or interview processes;
§ Ingenico is entitled to carry out a criminal records check in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the role. In particular: Employment at Ingenico requires a high degree of trust and integrity as it involves dealing with payment and transaction technology and data - any breach of Ingenico's operational safeguards due to criminal or fraudulent activity could result in significant financial and reputational damage. For that reason Ingenico must seek a basic disclosure of your criminal records history. Criminal records allowing this integrity check are not kept or stored by Ingenico. Rather it is immediately returned to the candidate or shredded after the verification
Why might Ingenico share your personal information with third parties?
Ingenico will only share your personal information with the following third parties for the purposes of processing your application: recruitment software providers, other Ingenico companies and pre-employment testing service providers. Ingenico ensures that all such third-party service providers and other Ingenico companies are under obligation to take appropriate security measures to protect your personal information. Ingenico does not allow our third-party service providers to use your personal data for their own purposes and only permits them to process your personal data for specified purposes and in accordance with our instructions.
Ingenico stores your personal data inside the European Economic Area and makes sure that its Data Processors keep your personal data in countries offering an adequate level of protection.
How does Ingenico protect your personal data?
Ingenico has put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal information to those employees, agents, contractors and other third parties on a strictly need-to-know basis. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
Ingenico also have procedures for dealing with suspected data security breaches and making the relevant notifications where legally required to do so.
How long will Ingenico use and store your personal information?
Candidate information is stored for a period of 24 months then erased except if during this period you have been appointed by Ingenico. In this case your personal information will be retained as part of your employee details for the period of your employment and the legal period of retention once your contract has ended. At the end of the retention period, we will securely erase or destroy your personal information in accordance with Group Personal Data Retention Principles and applicable laws and regulations.
What are your rights in connection with personal information?
You have the right to:
§ Request access to your personal information via a data subject access request following which you will receive a copy of the personal information Ingenico holds about you;
§ Request correction by Ingenico of any incomplete or inaccurate personal information that we hold about you;
§ Request erasure of your personal information by asking Ingenico to delete or remove personal information where there is no valid reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
§ Object to processing of your personal information where Ingenico is relying on a legitimate interest and your particular situation makes you want to object to processing on this ground;
§ Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
§ Request the transfer of your personal information to another party in a portable data format;
§ Withdraw your consent: When you provided your personal information spontaneously or in the frame of a referral scheme or any other channel, you provided consent for us to process your personal information for our recruitment purposes. Once Ingenico has received notification that you have withdrawn your consent, Ingenico will no longer process your application and, subject to our retention principles, will dispose of your personal data securely.
If you want to exercise your rights as described above, you can send us your dated and signed request, along with a copy of your identity card, as accurately as possible, in writing at Human Resources Director, HR Department, Ingenico, Boulevard de la Woluwe / Woluwedal 102, 1200 Brussels – Belgium;
Data protection officer
Ingenico has appointed a data protection officer (DPO) to oversee data compliance, including compliance with this privacy notice. If you have any questions about this privacy notice or how Ingenico handles your personal information please contact the Data Protection Office at [email protected].
Pursuant to article 13 of the GDPR, we inform you that, if you are not satisfied with the answer to your query, you have the right to lodge a complaint to a Supervisory Authority. The Belgian Data Protection Authority web site is https://www.dataprotectionauthority.be .