As you may have contacted or previously contacted GenesisCrest about potential opportunities, submitted your resume to us or GenesisCrest has contacted you about a potential job opportunity which you have discussed and shown interest in, then this policy applies to you.
GenesisCrest is committed to processing your data transparently and securely. This privacy policyinforms about the type of data that we collect and hold on you as a candidate or job applicant. It also sets out how we use that information, how long we keep it for and other relevant information about your data.
The Company is aware of its obligations to data protection including General Data Protection Regulation (GDPR) and this privacy notice complies with the requirements of GDPR.
This notice applies to all individuals who the company has had correspondence with regarding potential work or job opportunities. This includes the persons who have approached us or have been approached by us.
GenesisCrest as a company determines the processes to be used when using your personal data and ensure your data is stored and processed in accordance with this privacy notice. Our data protection personnel can be contacted at infosec@genesiscrest.com
We will keep certain data about you depending on our conversation together regarding job opportunities, and may include:
We collect data about you in a variety of ways including the information you would normally provideon a CV/resume or a job application cover letter, from your professional network and/or job board profile, notes made by our recruiting officers during an interview and other selection activities. Further information will be collected directly from you when you will complete forms at the start of your employment, for example, your bank and next of kin details. Other details may be collected directly from you in the form of official documentation such as your driving licence, passport or other right to work evidence.
In some cases, we will collect data about you from third parties, such as employment or recruitment agencies, former employers while verifying references, criminal records checks, credit reference agencies or where appropriate.
Personal data is kept in recruitment files and/or within the Company’s CRM, Applicant Tracking and IT systems.
The data protection law allows us to process your data to certain extent for reasons as detailed below. The same reasons are applicable globally as well:
All the personal data processing carried out by us falls into one of the permitted reasons.We need to process data to take necessary steps at your request prior to entering into anemploymentcontract and other contracts with you. We need to collect your data to ensure we are complying with legal requirements such as:
We also collect data so that we can carry out activities which are in the legitimate interests of the Company. We have set these out below:
As we operate in a specific sector, in case if you are unsuccessful in obtaining employment, we will hold your data to contact you if other suitable job opportunities arise in the Company for which we think you may wish to apply.
Special categories of data are data relating to yourhealth, religion, race, ethnicity, sexual orientation, political orientation, trade union membership.
We must process special categories of data in accordance with more stringent guidelines. Most commonly, we will process special categories of data when the following applies:
We will use your special category data:
We do not need your consent if we use special categories of personal data to carry out our legal obligations or exercise specific rights under employment law. However, we may ask for your consent to allow us to process certain particularly sensitive data. If this occurs, you will be made fully aware of the reasons for the processing. As with all cases of seeking consent from you, you will have full control over your decision to give or withhold consent and there will be no consequences where consent is withheld. Consent, once given, may be withdrawn at any time. There will be no consequences where consent is withdrawn.
One of the reasons for processing your data is to allow us to carry out an effective recruitment process. Whilst you are under no obligation to provide us with your data, we may not able to process, or continue with (as appropriate), your application in the absence of this information.
Your data will be shared with colleagues within the Company where it is necessary for them to undertake their duties with regard to recruitment. This includes, for example, Company managers, Recruiters, HR, those in the department where the vacancy is who responsible for screening your application and interviewing you. Your data may also be shared externally with our clients for purposes of assessing your suitability for a role, and/or IT contractors where you require access to our systems and our HR consultants who may support us in our recruitment and selection processes.
In some cases, we will collect data about you from third parties, such as employment or recruitment agencies.
Your data will be shared with third parties if you are successful in your job application. In these circumstances, we will share your data in order to obtain references, personality profiling, to obtain a criminal record check or credit check as appropriate as part of the recruitment process.
As a globally operating organisation with headquarters based in the India, the Company may be required to transfer personal data to countries outside of the India, outside of the USA and outside of the EEA. We have put the following measures in place to ensure that your data is transferred securely and that the bodies who receive the data that we have transferred process it in a way required by data protection laws including GDPR:
We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such. e.g. backing up our servers, firewalls, access control for personal information, using password protected documents and encryption when transferring sensitive data, hard drive encryption on all laptops, ensuring our IT systems that process personal information are secure to GDPR standards.
Where we share your data with third parties, we provide written instructions to them to ensure that your data is held securely and in line with GDPR requirements. Third parties must implement appropriate technical and organisational measures to ensure the security of your data. Where needed, a separate Non-Disclosure Agreement (NDA) is also signed.
Where we share you CV/resume with clients for business development purposes, we ensure that the client is aware of their obligations to ensure the security of your data.
For residents and citizens of India, we will keep your data for a period of 10 years for the purpose of contacting you for future work opportunities if your application is not successful.
For residents and citizens of the EU under GDPR, we only keep your data for as long as we need it for and this will depend on whether or not you are successful in obtaining employment/work with us. If your application is not successful we will keep your data for the purpose of contacting you for future work opportunities for a period of 5 years once the recruitment exercise ends. At the end of this period, we will delete or destroy your data, unless you grant us specific consent to our processing of your data for a further period.
In all cases, if your application is successful, your data will be kept and transferred to the systems we administer for employees, workers and sub-contractors. We have a separate privacy notice for employees, workers and sub-contractors, which will be provided to you.
Your rights in relation to the data we hold under GDPR are:
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.
If you wish to exercise any of the rights explained above, please contact data privacy executives as mentioned above.
If you think your data protection rights under GDPR have been breached in any way by us, you are able to make a complaint to a supervisory authority in India or EU.