Applicant Privacy Statement

Effective September 21, 2022

CrashPlan Group, LLC. (“CrashPlan”) knows that you care about your personal data, and your privacy is important to us. This Applicant Privacy Statement explains what personal data we collect in connection with employee recruiting, how we use that data and your privacy rights. For information about how we collect and use personal data collected through our website (which occurs while you are applying for a position), see our Privacy Statement. This Applicant Privacy Statement provides the following information:

1. Personal data that we collect
2. How we use personal data
3. When we share personal data
4. How long we retain personal data
5. When we transfer personal data internationally
6. How we secure personal data
7. Your privacy rights
8. Changes to this Applicant Privacy Statement
9. How to contact us

1. Personal data that we collect

To process your application, we ask you to provide personal data. You provide this information voluntarily, and you determine what information to provide. However, some information is required to complete our evaluation of your application, and without sufficient information we will have only a limited ability to evaluate you as a candidate. We also receive information from other sources. The following are types of personal data that we use for employee recruiting:

  • Personal data that you provide: We request personal data, including information about your educational and employment background, contact information and preferences, job qualifications and job interests. You may provide additional information like your CV, resume, transcripts, references and compensation request.
  • Sensitive personal data that you provide: If permitted or required by applicable law, we also request information treated as sensitive personal data. This may include your government-issued identification number (such as a social security number or driver’s license number), information relating to your race or ethnic origin, physical or mental health or condition, sexual orientation, trade union membership, and any related legal actions. If you provide this information, it will not be viewable during the selection or hiring process.
  • Data we receive from other sources: We obtain information about you from other sources, to the extent permitted by applicable law. We receive information from third parties such as employment research firms, recruiters, identity verification services, and other websites on the Internet (for example, LinkedIn). In addition, where permitted by law, we use a third party to carry out a background check to determine your suitability for a position.

2. How we use personal data

CrashPlan uses your personal data collected in connection with recruiting. For EU data subjects, we process your personal data as a data controller pursuant to your request that we consider you for employment and our legitimate interest in doing so. We use your personal data:

  • to process and evaluate your application and make hiring decisions
  • to communicate with you and inform you of current and future career or scholarship opportunities (unless you tell us that you do not want us to keep your data for that purpose)
  • to manage and evaluate the effectiveness of our recruiting and hiring processes
  • to conduct reference and background checks where required or permitted by applicable local law
  • for compliance with corporate governance and legal and regulatory requirements

If you are hired, your personal data will be used as part of your employee record under our Employee Privacy Statement.

3.When we share personal data

We share your personal data only as necessary to evaluate your application. We do not sell your information to others or share it except as described below.

  • CrashPlan affiliates: If you will be employed by a CrashPlan affiliate, for example if you are located in the United Kingdom or Germany, CrashPlan will share your personal data with that affiliate to process your application and notify you of other opportunities. Our affiliates will process your data as data controllers and will treat your personal data in accordance with this Applicant Privacy Statement. See “CrashPlan affiliates” below for more information.
  • Service providers: CrashPlan uses other companies and individuals to provide services on its behalf. We use vendors to assist with recruiting, employment consulting, legal review and background checking. Those service providers have access to the personal data required to provide their services and are prohibited from using the personal data for any other purpose.
  • Business transfers: In the event that CrashPlan or substantially all of its assets are acquired, the personal data held by CrashPlan will be one of the transferred assets.
  • Protection of CrashPlan and others: CrashPlan shares personal data when required by law or to respond to legal process, to protect others, and to protect the rights or property of CrashPlan.
  • With your consent: Except as described above, we will provide you with notice when your personal data will be shared with third parties, and you may choose not to share that information.

4. How long we retain personal data

If you are hired, your personal data will be used as part of your employee record under our Employee Privacy Statement. If you are not hired, CrashPlan will retain your personal data for three (3) years. You can request deletion of your personal data at any time (see “Your Privacy Rights” for further information) and we will consider your request in accordance with applicable laws.
When we have no justifiable business need to process your personal data, we will either delete or anonymize it. If this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
5. When we transfer personal data internationally

CrashPlan is headquartered in the United States, and we have entities, operations and service providers in the United States and throughout the world. We and our service providers may transfer your personal data to, or access it from, counties other than the one in which you are located. Some of these countries might have data protection laws less stringent than, or different from, the laws in effect in the country in which you are located. We will take steps to ensure that your personal data receives an adequate level of protection where it is processed.

6. How we secure personal data

CrashPlan uses administrative, organizational, technical and physical safeguards to protect your personal data. We use physical access controls, encryption, Internet firewalls, intrusion detection and network monitoring depending on the type of data. We require our service providers to use appropriate security measures.
7. Your privacy rights

Updating Your Information: If you would like to update personal data that you have provided to us, please login to our online applicant portal, such as Jobvite, and update your profile. You must ensure that the information you provide to us is honest, accurate and not misleading in any way.

Additional Rights for the EEA and Certain Other Territories: If you are located in certain territories (such as the European Economic Area), you have the right to exercise other privacy rights available to you under applicable laws. These additional rights are described below:

  • Right of access: You may have the right to access the personal data that we hold about you.
  • Right of erasure: In certain circumstances, you have the right to the erasure of personal data (for example if it is no longer necessary for the purposes for which it was originally collected).
  • Right to object to processing: You have the right to request that CrashPlan stop processing your personal data, and we will do so if we rely on our legitimate interest to process your personal data – unless we demonstrate compelling legitimate grounds to continue the processing.
  • Right to rectification: You have the right to require us to correct any inaccurate or incomplete personal data.
  • Right to restrict processing: You have the right to request that we restrict processing of your personal data in certain circumstances (for example, where you believe that the personal data we hold about you is not accurate or lawfully held).
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal data, you can report your concerns to the data protection authority that is authorized to hear those concerns.

If you would like to exercise any of the above rights, please contact privacy@crashplan.com so that we can consider your request under applicable law, and we will respond to your request within a reasonable timeframe. To protect your privacy and security, we will take steps to verify your identity before complying with the request.

8.Changes to this Applicant Privacy Statement

Our business changes constantly, and our Applicant Privacy Statement will change also. We may e-mail periodic reminders of our Applicant Privacy Statement, but you should check our website frequently to see recent changes. If you are located in certain territories (such as the European Economic Area), we will notify you of any material changes to this Applicant Privacy Statement as required by applicable law.

Unless stated otherwise, our current Applicant Privacy Statement applies to all information that we have about you. But we will never materially change our policies and practices to make them less protective of personal data collected in the past without the consent of affected individuals.

9. How to contact us

If you have any questions about this Applicant Privacy Statement, you can write to us or any of our affiliates at privacy@crashplan.com or by mail at:
CrashPlan Group, LLC.
400 S 4th St Suite 410
PMB 31083
Minneapolis, MN 55415-1419
United States
Attn: General Counsel

Our EU Data Representative is CrashPlan Group, LLC.. You can contact our EU Data Representative at privacy@crashplan.com or by mail at:
CrashPlan Group UK Ltd
Floor 2, Building 220
Wharfedale Road
Winnersh
RG41 5TP
GB

End of Document