Candidate Privacy Notice
29 August 2022
Dematic Job Applicant Privacy Notice
This privacy notice sets out how Dematic Group Limited and any of our related affiliates and subsidiaries worldwide (collectively, "Dematic" or "we") use and protect your personal data in accordance with current data protection law.
Data We Collect
If you apply for a job with us, we will collect, use and store personal data about you. To the extent permitted by law, this may include:
Data You Provide to Us
- contact details (name, address, phone numbers, email, etc.);
- qualification details (such as resume, CV, cover letter, work experience, education, transcripts);
- application information (such as expected income, type of job wanted, availability, references);
- identification details (such as passport number, nationality and residence, government ID numbers (e.g. Social Security Number), immigration status; and
- any other data you submit to us, including any correspondence between you and Dematic exchanged during the application process.
Data from other sources: we may also obtain data about you from other sources, such as recruiters, market research companies, job fairs, referrals, identity verification providers, [and information accessible on the Internet and third-party websites, including LinkedIn, Twitter, referrals]. If you have consented to background checks and/or where permitted by law, we may also collect details of professional registrations, sanctions with professional bodies, financial checks or criminal convictions.
Automatically collected information: When you apply using the application portal on our website, we may gather information from your computer, mobile phone or other device. This includes, but is not limited to, data about the pages you access and information such as your computer IP address, device identifiers, operating system, location, mobile network, standard web log data, browser type and traffic to and from our site.
Purposes and Legal Bases
Dematic may access, use and store your personal data for the reasons set out below:
- Where this is necessary for Dematic to review and assess your application for employment including:
- assessing your skills and interest in career opportunities at Dematic;
- processing your application;
- analysing your qualifications;
- verifying your identity and your eligibility for employment; and
- communicating with you about your application, to respond to your inquiries and schedule interviews.
- Where necessary for Dematic's legitimate interests, as listed below, and where our interests are not overridden by your data protection rights, including:
- protecting our legitimate business interests and legal rights, such as use in connection with legal claims, compliance, regulatory, auditing, investigative and disciplinary purposes (including disclosure of such information in connection with legal process or litigation) and other ethics and compliance reporting requirements; and
- maintaining the security and integrity of our facilities, equipment and electronic platforms, such as administering access rights, monitoring compliance with company protocols, and where permitted by local law and in accordance with relevant policies, for investigations and disciplinary actions.
- Where necessary to comply with a legal obligation.
- Disclosures to law enforcement agencies or in connection with legal claims, or regulatory purposes (including disclosure of such information in connection with legal process or litigation).
- Where you have given consent.
- For example, we may ask for your permission to conduct a criminal background check.
Disclosure to Third Parties
Where necessary for business purposes, we may share personal data with the KION Group AG, and its direct and/or indirect subsidiaries including but not limited to affiliates of Dematic.
Personal information may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the protection of Dematic's legitimate interests in compliance with applicable laws.
Personal data may also be shared with third party service providers who will process it on behalf of Dematic for the purposes above.
In the event that Dematic is sold or integrated with another business, your details may be disclosed to Dematic advisers and any prospective purchaser's adviser and will be passed to the new owners of the business.
Retention of Your Data
We will retain your personal data in a form that identifies you for no longer than is necessary for the purposes needed for the application. If your application is successful, the information provided may be retained for purposes of your employment. If it is not successful, we will retain your personal information for a reasonable time so that we can consider you for other positions that may be of interest to you, unless you indicated that you do not wish for this to happen.
We use the following categories of cookies on our website:
[Category 1: Strictly Necessary Cookies
These cookies are essential in order to enable you to move around the website and use its features. Without these cookies, services you have asked for such as remembering your login details cannot be provided.]
[Category 2: Performance Cookies
These cookies collect anonymous information on how people use our website to help us understand how customers arrive at our site, browse or use our site and highlight areas where we can improve such as navigation. The data stored by these cookies never shows personal details from which your individual identity can be established.]
[Category 3: Functionality Cookies
These cookies remember choices you make such as the country you visit our website from, language and search parameters. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored and pleasant. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.]
Your Choices and Rights
For California (US) Residents
Dematic collects and maintains different types of personal information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“Personal Information”) about its employees, job applicants and candidates in accordance with applicable law. There are eleven general categories of Personal Information as follows:
- Identifiers. For example, real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
- Personal Information categories, for example, a name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
- Protected classification characteristics. For example, race (which includes historically associated traits, such as hair styles and protective hair styles, e.g., braids, locks, and twists), religious creed (which includes religious dress and grooming practices), color, national origin (which includes, but is not limited to, national origin groups and aspects of national origin, such as height, weight, accent, or language proficiency), ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (which includes pregnancy, childbirth, breastfeeding, and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, military or veteran status (including state and federal active and reserve members as well as those ordered to duty or training), immigration/citizenship status or related protected activities (which includes undocumented individuals and human trafficking), protected medical leaves, domestic violence victim status, political affiliation, or any other category or activity protected by federal, state, or local laws, ordinances, or regulations.
- Commercial information. For example, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Biometric information. For example, genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
- Internet or other similar network activity. For example, browsing history, search history, personal social media activity, personal email, online transactions, information on a consumer’s interaction with a website, application, or advertisement.
- Geolocation data. For example, physical location or movements.
- Sensory data. For example, audio, electronic, visual, thermal, olfactory, or similar information.
- Professional or employment-related information. For example, current or past job history or performance evaluations.
- Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). For example, education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
- Inferences drawn from other personal information. For example, profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
For Employees Within the European Union
If you wish to access your personal data you should contact Norbert Moeren.
You have the right to ask Dematic to rectify, block or restrict access to, complete and delete your personal data. You can also ‘port’ your personal data (that is, to ask us to provide it to you in a structured, commonly used and machine readable format and to transmit it directly to another organisation). You have the right to request further information about the handling of your personal data.
In some circumstances you can also object to us processing of your data and, where we have asked for consent to process your data, you may be able to withdraw this consent.
All requests will be dealt with at the earliest opportunity and any delay will be kept to a minimum. In any event, we will not exceed the statutory time limit.
However, there are exceptions to these rights. For example, access to personal data may be denied in some circumstances if making the information available would reveal personal information about another person or if Dematic are legally prevented from disclosing such information. In addition, Dematic may be able to retain data even if you withdraw your consent, where Dematic can demonstrate that it has a legal requirement to process your data. We will inform you of relevant exemptions we rely upon when responding to any request you make.
If you have unresolved concerns, you have the right to complain to a data protection authority in the country where you live, where you work or where you consider that a breach of data protection has occurred.
We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests. You can obtain information on any of our balancing tests by contacting us using the contact details set out below.
Transfer Outside EEA
We share your personal data within the KION Group AG, including its direct and indirect subsidiaries, including affiliates of Dematic. This will involve transferring your data outside the European Economic Area (EEA).
We ensure your personal data is protected by requiring all our group companies to follow the same rules when processing your personal data. These rules are called “binding corporate rules”. For further details, see European Commission: Binding corporate rules.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented: We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
Please contact the DPO if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Updates to this Privacy Notice
This privacy notice may be updated periodically to reflect changes in our data practices. We will post a notice on our applicable websites, applications or materials to advise of any significant changes to our Privacy Notice and indicate in the notice when it was most recently updated.
The data controller for your personal data is Dematic Group Limited. If you have a privacy question, concern or request, please contact us using the contact details below.
Do not use these contact details for questions concerning job applications!
KION Group AG Data Privacy Officer:
Thea-Rasche-Strasse 8, 60549
This notice (“Notice”) provides information to candidates about how Dematic and its subsidiaries, affiliates, and other related companies (“Dematic”) gather and process candidate personal information in order to support employee recruitment.
By making your personal information available to Dematic, you confirm that:
- You agree that Dematic may process your personal information in accordance with this Notice;
- You have obtained any necessary consent needed to provide information about other persons, such as your employment references; and
- Your personal information may be transferred and processed across international borders, including within the US and other countries that may not maintain laws requiring the same level of data protection as your home country, for the purposes identified in this Notice.
Dematic will process your personal information in accordance with this Notice, consistent with local applicable law, in which case local law will prevail.
Your consent to this Notice is required in order to submit or make available your personal information to Dematic. If you decline to submit or make available your personal information, it may impact your ability to apply for or receive an offer of employment from Dematic.
This Notice may not be considered an offer or contract of employment.
Personal Information is identifiable information about a natural person in connection with the Dematic recruiting process. Dematic may collect personal information directly from a candidate or from other third parties, for example, in connection with a background or employment check or employment reference. Personal information may include a variety of information, such as candidate background, employment history, education, compensation, contact information, previous addresses or names, and any other additional information provided by the candidate. In some instances, Dematic may request a candidate’s criminal history, driver’s license number, or other government ID number, only where permitted by applicable local law and when necessary for certain types of positions.
Processing refers to any action performed with personal information, such as collecting, recording, organizing, storing, transferring, modifying, using, disclosing, or deleting that information.
Sensitive Personal Information refers to data concerning certain legally identified information, such as race or ethnic origin, criminal history, religion, sexual orientation, or trade union membership. Dematic does not request or consider information concerning religion, sex life or political opinions in connection with recruiting.
Collection of Personal Information
By consenting to this notice, you agree that Dematic may collect personal information from you and third parties, such as background check providers, recruiters, or references, subject to your consent where required by applicable local law.
Processing and Retention of Personal Information
Dematic processes personal information for legitimate Human Resources and business purposes, such as identifying and evaluating candidates for Dematic positions, maintaining personnel files, analyzing the Dematic hiring process, and conducting background checks, where permitted by applicable local law. In addition, personal information may be used to comply with Dematic’s legal and regulatory requirements. If a candidate is hired, Dematic may use an employee’s personal information in accordance with Dematic’s employment data protection policies.
Unless otherwise informed, Dematic may retain and use your personal information to consider you for other positions. To have your personal information removed, you may contact the Dematic Data Privacy & Protection Program. Personal information will be retained for a maximum of three years or less where required by law.
Transfer of Personal Information
Dematic may transfer personal information to third-parties to enable them to perform certain services for Dematic. Such third-parties have access to personal information solely for the purposes of performing contracted services. Dematic requires third parties to undertake security measures consistent with the data privacy protections specified in this Notice.
Dematic may be required to disclose certain personal information to other third parties, such as to law enforcement authorities when permitted by applicable local law or in an emergency where health or safety necessitates disclosure.
International Data Transfers
Dematic is a global corporation that operates in over 26 countries. Personal information may be transferred to and processed in the US and other countries that may not maintain laws at the same level of data protection as your home country. Dematic maintains and applies employment data protection standards globally consistent with this Notice.
Sensitive Personal Information
In some circumstances, Dematic may perform employment background and criminal checks where permitted by applicable local law, and may process other sensitive personal information, such as race or ethnic origin, criminal history, religion, sexual orientation, or trade union membership, , when relevant for a position and permitted by law. You will be provided notice and the opportunity to consent. If you have a disability and would like Dematic to consider an accommodation, you may provide that information during the recruitment process. If you make sensitive personal information available to Dematic, you consent to the collection and processing of such sensitive data.
Security and Confidentiality
Dematic takes security and organizational measures to protect the integrity, confidentiality, and availability of personal information. Dematic limits access to internal systems that hold candidate personal information to individuals who need access for a legitimate business purpose, such as HR support.
Available Candidate Actions
Dematic candidates may monitor Dematic’s use, including by requesting access to their personal information or revoking consent for Dematic’s use. For example, you may take any of the following actions:
Request Access, Correction and Deletion: Dematic will provide you access to your personal information to the extent required by law in your home country. You may request correction or deletion of your personal information, except where retention is required by your contractual relationship with Dematic, in the context of a legal dispute, or as otherwise required by applicable local law. If your request for access, correction or deletion is denied, the reason for the denial will be communicated to you.
Submit Complaints and/or Objections: You may withdraw consent to the processing of your personal information or submit questions, complaints and/or objections to the processing of your personal information by sending a request in writing to: Dematic Data Privacy & Protection Program Administrator, 2727 Paces Ferry Rd., SE, Atlanta, GA, 30339 or by email at Compliance@Dematic.com.
Modifications to this Notice
Dematic reserves the right to modify this Notice by posting changes to Dematic websites. If you submit additional personal information or request to be considered for a Dematic position following the effective date of a modified Notice, your personal information will be handled in accordance with the Notice in effect at that time.