Effective Date: March 10, 2021
Please note, this Privacy Notice is available at www.icims.com and its related domains and subdomains, including, but not limited to, www.icims.com/en-gb/ (each the “Website” as applicable). Please refer to www.icims.com/legal/privacy-notice-services for the iCIMS Services Privacy Notice relating to the iCIMS Talent Acquisition Platform.
iCIMS, Inc. and its subsidiaries, iCIMS International, LLC, Jibe, Inc., TextRecruit, Inc., Opening HR Limited, EasyRecrue S.A.S., and Altru Labs, Inc. (collectively, “iCIMS,” “we,” or “us”), respects the privacy of its job applicants (“you”), and we are committed to protecting their personal data. To that end, we have put together this Job Applicant Privacy Notice to give you a better understanding of what personal data we collect about you as a job applicant, what we use that personal data for, and to whom we disclose that data (“Privacy Notice”).
For purposes of this Privacy Notice:
Please take the time to read this Privacy Notice and the related statements in their entirety to ensure you are fully informed. If you have any questions or concerns about our processing of your personal data, please contact us by using the contact details under the “Contact Information” heading below.
This Privacy Notice is a general guide on how iCIMS processes your personal data. As such, you should be aware that data protection and privacy laws can vary in different jurisdictions where iCIMS operates. iCIMS’ policy is to comply with applicable laws, including requirements in certain countries that iCIMS notify individuals in that country of its personal data practices, and in some cases, obtain consent to those practices.
Where applicable laws are stricter than the practices described in this Privacy Notice, iCIMS has adopted specific privacy practices in those locations to satisfy those stricter requirements.
As further described below, we collect personal data from you in connection with your job application with iCIMS, which includes the following:
If we ask you to provide any other personal data not described above, then the personal data we will ask you to provide, and the reasons why we ask you to provide it, will be made clear to you at the point we collect it. If we ask you to provide personal data that we consider to be mandatory for us to administer your relationship with us, we will inform you of such at the time of collection. In addition, we will also inform you of the consequences for not providing us with the mandatory personal data.
iCIMS uses your personal data for the purposes of carrying out its job application and recruitment process. Such uses include:
If you are offered and accept employment with iCIMS, the personal data collected during the job application and recruitment process may become part of your employment record.
If we need to process your personal data for an incompatible purpose not discussed in this Privacy Notice, we will provide notice to you and, if required by law, seek your consent. We may process your personal data without your knowledge or consent only where required by applicable law. Lastly, iCIMS does not subject you to automated decision-making.
iCIMS takes care to allow your personal data to be accessed only by those who need to know to perform their tasks and duties, and to third parties who have a legitimate purpose for processing or accessing it. As such, we may share your personal data as described in this Privacy Notice to the following categories of recipients:
If you are a resident of the European Economic Area (“EEA”) or the United Kingdom (“UK”), our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the context in which we collect it. However, we will normally collect and/or process your personal data pursuant to one or more of the following legal bases:
If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and let you know whether the provision of your personal data is mandatory or not (as well as the possible consequences if you do not provide it). Similarly, if we collect and use your personal data in reliance on our legitimate interests (or those of a third party) that are not listed above, we will make clear to you at the relevant time what those legitimate interests are. If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us using the contact details provided in the “Contact Information” section below.
iCIMS or its appointed service providers may collect, use, process, store and disclose your personal data outside of your home jurisdiction, including in the U.S., and in some cases, other countries. These countries may have data protection and privacy laws that are different than the laws of your home country. iCIMS only transfers personal data to another country in accordance with applicable data protection and privacy laws, provided there are legally adequate protections in place for the personal data. A list of iCIMS’ global offices is available here.
If your personal data is processed within the EEA or UK, we will protect your personal data (as defined in the European Union’s (“EU”) General Data Protection Regulation (“GDPR”)) when it is transferred outside of the EEA or UK by:
If you require further information about our international transfers of personal data, please contact us by using the contact details under the “Contact Information” heading below.
iCIMS, Inc. and certain of its subsidiaries participate in and have certified their compliance with the EU-U.S. Privacy Shield Framework. iCIMS is committed to subjecting all personal data received from the EEA and UK in reliance on the Privacy Shield Framework to the Privacy Shield Principles. To learn more about the Privacy Shield Framework and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield list
iCIMS is responsible for the processing of personal data it receives, under GDPR and the Privacy Shield Framework, and subsequent transfers to a third party acting as an agent on its behalf. iCIMS complies with GDPR and the Privacy Shield Principles for all onward transfers of personal data from the EEA and UK, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to GDPR, iCIMS is subject to the regulatory enforcement powers of the EU in conjunction with the U.S. Federal Trade Commission. For the Privacy Shield Framework, iCIMS is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain circumstances, iCIMS may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with GDPR and the Privacy Shield Principles, iCIMS commits to resolve complaints about our collection and use of your personal data. EEA and UK individuals with inquiries or complaints regarding our privacy practices should first contact iCIMS as provided in the “Contact Information” section below. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you have the right to file a complaint with a competent data protection authority, if you are a resident of an EEA member state. As such, iCIMS commits to cooperate with the panel established by the EU Data Protection authorities (“DPAs”) and comply with the advice given by the panel with regard to human resources data transferred from the EU and/or the UK in the context of the employment relationship.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
iCIMS maintains appropriate technical and organizational measures, including, but not limited to, reasonably designed administrative, physical, and technical safeguards, designed to protect the personal data obtained as discussed in this Privacy Notice from accidental or unlawful destruction, loss, alteration, unauthorized disclosure and access. iCIMS personnel and service providers with access to personal data collected as discussed in this Privacy Notice are required to keep such personal data confidential and secure.
We will retain your personal data if we have a business need to do so or for as long as is needed to fulfill the purposes outlined in this Privacy Notice, unless a longer retention period is required by law. When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymize it or, if this is not possible (e.g., because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. As such, we reserve the right to use such anonymous data for any legitimate business purpose without further notice to you or your consent.
Certain jurisdictions may provide you with privacy rights under applicable data protection or privacy law regarding your personal data. In particular, you may have the right to:
These rights may be limited, for example, if fulfilling your request would reveal personal data about another individual, or if you ask us to delete personal data which we are required by law to keep or which we need to defend claims against us.
If you are a California resident, please see our Privacy Notice for California Residents for additional disclosures and information about the personal data we have collected about you over the last 12 months and rights you may have regarding your personal data.
If you do not wish to receive our email marketing communication for promotional purposes, you may opt out by clicking on the “unsubscribe” or “opt out” link in the marketing e mails we send you.
If we process your personal data in reliance upon your consent, you can contact us at any time to withdraw your consent.
To exercise any of these rights, please contact us by using the contact details under the “Contact Information” heading below.
We will respond to such requests in accordance with the requirements of applicable data protection laws. Please note that in order to fulfil your request, we may need you to provide certain personal data to verify your identity. Depending upon applicable data protection and privacy law, individuals may also designate an authorized agent to exercise these rights on their behalf.
Various browsers allow a “do not track” (DNT) setting, which sends a signal to websites visited by an individual about their browser DNT setting. At this time, there is no general agreement on how companies, like iCIMS, should interpret DNT signals. Therefore, we do not currently commit to respond to DNT signals. We will continue to monitor developments around DNT browser technology and the implementation of a standard.
This Website may link to websites that are not owned or controlled by iCIMS. As such, this Privacy Notice does not apply to personal data collected on any third party site or by any third party application that may link to or be accessible from the Website. This Privacy Notice does not apply to personal data collected by customers, our business partners, and other third parties or third party applications or services, even if this personal data is collected using our Website or at events.
We do not knowingly collect personal data from anyone under the age of 13. If you are under 13, please do not attempt to fill out our forms or send any personal data about yourself to us. If we learn that we have collected personal data from a child under age 13, we will delete that personal data promptly.
iCIMS reserves the right to update or change this Privacy Notice from time to time. If we make material changes to this Privacy Notice, we will post it to our Website home page prior to or at the time of the change becoming effective. We ask that you review the Privacy Notice periodically to stay informed about any updates or changes that we may have made.
You can see when this Privacy Notice was last updated by checking the “Effective Date” displayed at the top of this Privacy Notice.
To ask questions or comment about this Privacy Notice and our privacy practices or if you need to update, change, or remove your personal data or exercise any other rights,