Recruitment Privacy Policy for Applicants | Silverfin
Silverfin's Recruitment Privacy Policy, last amended on December 3, 2021, outlines how Silverfin NV and its affiliates collect, store, and process personal data of job applicants in compliance with GDPR and related privacy laws, specifying that data such as names and email addresses are used solely for recruitment purposes without profiling or automated decision-making, while detailing applicants' rights and data protection measures.
Privacy Policy Recruitment
Date of last amendment: 3 December 2021
This privacy policy is applicable to job applicants who have (been) contacted (by) Silverfin in relation to possible job vacancies/opportunities.
About this privacy policy
If you have submitted a job application (either spontaneously or in response to a specific vacancy) via the Silverfin website or have been contacted by Silverfin regarding such an application, Silverfin may collect, store, and process your personal data as a data controller.
This privacy policy describes:
- 1.How Silverfin collects, treats, and stores your personal data
- 2.The rights you can exercise in relation to your personal data
- 3.The measures taken to protect and secure your personal data
Silverfin strives to act in accordance with applicable privacy legislation, including but not limited to:
- General Data Protection Regulation 2016/679 (GDPR)
- United Kingdom Data Protection Act 2018
- Belgian Privacy Law of 30 July 2018
- ePrivacy Directive 2002/58/EC
- Any future national legislation regarding the implementation of the GDPR
1. Silverfin is the data controller
Silverfin NV and its affiliates are the data controllers of your personal data:
- Silverfin NV, Gaston Crommenlaan 12, 9050 Gent, Belgium
- Silverfin Software Ltd., 8 Northumberland Avenue, WC2N 5BY London, United Kingdom
- Silverfin Software B.V., James Wattstraat 100, 6V 1097 DM Amsterdam, Netherlands
- Silverfin Software Aps, Højbro Plads 10, 1200 Copenhagen, Denmark
Silverfin is responsible for your personal data for the purposes described in this privacy policy.
2. Purpose and description of the processing activity
Silverfin processes your personal data as a job applicant solely in the context of your job application, whether you applied via the recruitment page, via email, or were contacted by Silverfin. No profiling or automatic decision-making is performed.
Personal data processed may include:
- First name
- Last name
- Email address
- Phone number
- Financial data (e.g., wage and legal benefits)
- Education (e.g., alma mater, degree, training)
- Professional information (e.g., previous employers)
- Voluntarily provided information (in resume, cover letter, etc.)
- Information on business social media platforms (e.g., LinkedIn)
- Our assessment regarding your application (interviews, etc.)
Personal data is primarily received directly from you, but may also be received from third parties such as recruitment agencies.
If you apply via the recruitment page, cookies may also collect personal data. See the Cookie Policy for more information.
3. Legal grounds
By submitting your application or interacting with Silverfin, you consent to the processing of your personal data for the purposes described.
4. Retention periods
- Personal data is retained for the duration of the recruitment process.
- If your application is successful, data is processed for onboarding.
- If your application is rejected, data is deleted unless:
- There is a legal obligation to retain it, or
- You consent to Silverfin storing your data for future opportunities (in which case, data is stored for three years after notification of the decision).
5. Disclosure of personal data to third parties
Silverfin does not disclose your personal data to third parties except:
- The provider of recruitment software
- Hosting, software, and cloud providers supporting the website and systems
Contracts are in place to ensure these third parties comply with privacy legislation. Data may also be transferred to authorities if required by law or to safeguard Silverfin's rights.
6. Cross-border processing of personal data
If third parties or recipients are outside the European Economic Area, Silverfin ensures EU-approved safeguards are in place, such as:
- European Commission adequacy decision
- Data transfer agreements (e.g., Standard Contractual Clauses)
- Binding corporate rules
- Certification mechanisms
7. Your privacy rights
Under privacy legislation, you have the following rights regarding your personal data:
- Access: Request confirmation and copies of your personal data
- Rectification: Request correction or completion of inaccurate/incomplete data
- Erasure: Request deletion of your personal data under certain conditions
- Objection: Object to processing under certain conditions
- Restriction of processing: Request restriction of processing unless legitimate interests prevail
- Data portability: Request transfer of your data to another organization or to yourself in a structured, commonly used, machine-readable format
You can exercise these rights by contacting Silverfin or using the Data Subject’s Rights Form.
8. Security
Silverfin takes reasonable physical, technological, and organizational precautions to prevent unauthorized access, loss, misuse, or alteration of your personal data. See the Security Policy for more details.
Absolute security cannot be guaranteed, as no method of transmission or storage is 100% secure. The security of your account also depends on the confidentiality and complexity of your password. Silverfin will never ask for your password.
9. Updates
Silverfin may update this privacy policy by posting a new version on the website, with the revision date indicated at the top. It is recommended to regularly consult the website for changes.
10. Notifications and questions
Notifications (such as exercising your rights) and questions regarding this privacy policy should be directed to legal@silverfin.com.
11. Complaints
If you are dissatisfied with how your personal data is handled, contact Silverfin as above. You also have the right to lodge a complaint with the Belgian Data Protection Authority or the data protection authority of your residence or workplace.