This Job Applicant Privacy Notice describes how we, Scantinel GmbH, Söflinger Straße 100, 89077 Ulm, Germany, use, disclose and otherwise process personal data that we receive when you apply for a job with us, as well as rights you may with respect to your personal data. If you submit your job application via a third-party recruiting platform or service provider, please refer to that party’s privacy disclosures for information about how that third party processes your personal data.
Job Applicant Privacy Notice Scantinel GmbH
Application Data: When you choose to submit a job application to us, we collect your name, contact details, education and work experience, contact details of your former/current employer, information about your educational background, your work and other professional experience, and any other information you voluntarily submit, such as the information you provide in an application form, CV or resume or public profile you share with us.
Interview Data: If your job application progresses, we may collect information that you choose to provide during any interviews with us.
Background Check Data: Subject to applicable law and with your express consent, we may collect information through any background or reference checks we perform on you.
Onboarding Data: If we extend an offer to you, we may request and collect information from you that we need to enter into a work relationship with you in compliance with the law, such as proof of eligibility to work in country (e.g., a passport or visa), tax information, bank account information, and benefits eligibility information.
We recommend that you not disclose sensitive personal characteristics (e.g., religion, philosophical or political beliefs, or financial data) in your resume/CV or any materials you initially submit in support of your application. If you provide information about others (e.g., reference contact details), please first ensure you have informed them that you will be providing their information and that they are happy for you to provide it to us.
What personal data do we collect?
You are not required by law or contract to provide us with your personal data. However, if you do not provide us with the personal data that we request from you and reasonably need to evaluate your application and decide whether to hire you, we may no longer consider you for the job you have applied for.
For what purposes do we process your personal data and on what lawful bases?
The following table explains the purposes for which we use your personal data and the lawful bases on which we process your personal data. The table refers to the classifications of data listed in the prior section above.
Category of Data
Purpose of Processing
Lawful Basis of Processing
Application Data
We process your personal data to determine your suitability for the role for which you have applied or for similar roles within our group of affiliates, contact you about your application if we have questions or would like to schedule an interview.
The processing is necessary for hiring decisions according to Sec. 26 (1) German Federal Data Protection Act ("FDPA").
Interview Data
We process your personal data to determine your suitability for a role within our group of affiliates and decide whether to extend a work offer to you.
The processing is necessary for hiring decisions according to Sec. 26 (1) FDPA.
Background Check Data
We process your personal data to determine your suitability for a role within our group of affiliates and decide whether to extend a work offer to you.
The processing is necessary for hiring decisions according to Sec. 26 (1) FDPA.
Onboarding Data
We process your personal data to take steps to start a work relationship with you.
Some of this processing may be necessary to comply with applicable immigration, employment and tax laws per Article 6(1)(c) of the GDPR. This processing is otherwise necessary for hiring decisions according to Sec. 26 (1) FDPA.
We may also use any or all of the personal data we collect from you to comply with applicable laws and administer our compliance with such requirements (such as under employment and immigration laws), and to exercise or defend our legal rights. In these cases, the processing is necessary to comply with such laws, per Article 6(1)(c) of the GDPR, or to pursue legitimate interests that are not overridden by your interests or fundamental rights and freedoms which require protection of personal data—namely, to protect, defend and advance our legal interests—per Article 6(1)(f) of the GDPR. If the business for which you applied to work may be sold or transferred in whole or in part (or such a sale or transfer is being contemplated), your personal data may be transferred to another company as part of the transfer itself, or as part of an initial review for such transfer (i.e. due diligence), subject to any rights provided by applicable law, including jurisdictions where the new employer or potential new employer are located.
To whom do we disclose your personal data?
We only disclose personal data as follows:
To our affiliated companies: In some cases, it is necessary to share your personal data with our affiliated companies, including with MicroVision, Inc. in the United States and MicroVision GmbH in Hamburg, Germany. The EU DPO of our affiliated companies is Thorsten Ihler (privacy@microvision.com). As our affiliated companies are also involved in our recruiting activities to ensure that any employees we hire can help to achieve our regional and global objectives. MicroVision, Inc. and MicroVision GmbH process your personal data for the same purposes as those set forth in this Privacy Notice and on the basis of the same lawful bases of processing. Access to your personal data is provided to MicroVision, Inc. and MicroVision GmbH only on a need-to-know-basis.
Third-party service providers: Certain third-party service providers will receive your personal data to process such data under appropriate instructions as necessary for the processing purposes, in particular to carry out certain IT-related tasks (e.g., data storage). These service providers will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard your personal data, and to process your personal data only as instructed.
Where is your personal data processed and on what basis do we transfer personal data across borders?
We disclose your personal data to our parent company, MicroVision, Inc. in the United States. We also rely on service providers in the United States and Germany to assist us with the data processing activities described above. We take measures to ensure that service providers in the United States and Germany provide an adequate level of data protection by entering into appropriate data transfer agreements based on Standard Contractual Clauses and performing data protection assessments of data transfer arrangements as appropriate. Data transfer agreements are accessible upon request by contacting us at the details shown further below.
For how long do we retain your data?
If we extend and you accept an offer from us, your personal data will form part of your personnel file and we will retain it in accordance with a separate notice that we will provide to you. If we do not extend an offer to you or you do not accept an offer from us, we will retain your personal information for at least 6 months so we can keep you informed of additional opportunities with us and take your information into account should you apply for a position with us again. If applicable laws require us to retain certain personal information for a longer period, we will retain the information for at least such period. In addition, where personal information is relevant to potential legal claims by or against us, we will retain it for as long as the legal claims can be made or, if one has been made, for as long as the personal information is relevant to its resolution or any appeal thereof.
Your Statutory Rights
Under the conditions set out under applicable law, you may have the following rights:
1. Right of access:
The right to obtain from us confirmation as to whether your personal data is being processed, and, where that is the case, to request access to the personal data. The access information includes – inter alia – the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. You also have the right to obtain a copy of the personal data undergoing processing. Subject to applicable law, we may charge a reasonable fee for copies, based on administrative costs. The right of access is not an absolute right and the interests of other individuals may restrict your right of access.
2. Right to rectification:
The right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, the right to have incomplete personal data completed, including by means of providing a supplementary statement.
3. Right to erasure (to be forgotten):
The right to ask us to erase your personal data. However, such right to erasure may be limited.
4. Right to restriction of processing:
The right to request restriction of processing of your personal data, in which case, and if the requirements are met, it would be marked and processed by us only for certain purposes.
5. Right to data portability:
Under certain circumstances, the right to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format and the right to transmit the personal data to another entity without hindrance from us.
6. Right to object: The right to object, on grounds relating to your particular situation, at any time to the processing of your personal data by us, where we rely on either our legitimate interests (or those of a third party) or where processing is necessary for the performance of a task carried out in the public interest, as the legal basis, and we can be required to no longer process your personal data. If you have a right to object and you exercise this right, your personal data will no longer be processed for such purposes by us. Exercising this right will not incur any cost. Such a right to object may not exist, in particular, if the processing of your personal data is necessary to take steps prior to entering into a contract or to perform a contract already concluded.
Please note that these rights might also be limited under the FDPA.
Right to Lodge a Complaint with a Supervisory Authority:
You also have the right to lodge a complaint with the supervisory authority. Before you do so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy. You may view a list of supervisory authorities in the EEA and their respective contact information here: https://edpb.europa.eu/about-edpb/board/members_en. We are the controller of your personal data. To exercise your rights, or if you have any questions or concerns regarding the contents of this Privacy Notice, please contact privacy@scantinel.com. Our Data Protection Officer is Thorsten Ihler (privacy@scantinel.com). Kindly note that any requests sent through the aforementioned email will be distributed to members of the Scantinel’s privacy team based on their need to know, and subsequently forwarded to the DPO.
