Policy for candidates

What is the purpose of our Privacy Policy?

The confidentiality of the personal data of candidates for a position with Dipeeo SAS is, for us, a guarantee of seriousness and trust.

As such, our Personal Data Confidentiality Policy precisely testifies to our desire to ensure compliance, within Dipeeo SAS, with the rules applicable to the protection of personal data and, more specifically, those of the General Data Protection Regulation (“GDPR”).

In particular, our Privacy Policy aims to inform you about how and why we process your personal data as part of the services we provide to you.

Your personal data is processed by our teams and by our technical service providers for the sole purpose of operating our service.

Who can benefit from our Privacy Policy?

The Privacy Policy applies to you, as a candidate for a position with Dipeeo SAS, throughout the entire recruitment process (e.g. application to a job offer, unsolicited application, recruitment via an external firm, etc.), regardless of the duration or nature of the proposed contract (e.g. salaried position, temporary worker, trainee, etc.).

Why do we process your personal data and on what basis?

As a recruiter, we are necessarily required to process your data in order to manage recruitment (e.g. interviews, processing of applications, salary negotiations, etc.), any travel that may occur in connection with such recruitment and the security of our premises.

Processing is carried out on the basis of discussions we have with you during the recruitment process and our legitimate interest in recruiting and selecting candidates.

How did we obtain your personal data?

Your data is collected directly from you via your application and CV, and we undertake to process your data only for the purposes described above.

However, we may also obtain your personal data indirectly from recruitment agencies if you have given your prior consent to such agencies.

What personal data do we process and for how long?

  • any personal and professional identification data provided in the candidate’s CV and cover letter (e.g. surname, first name, date of birth, nationality, etc.) retained for the duration of the recruitment process and for a maximum of 2 years after your application.
  • all details provided in the candidate’s CV and cover letter (e.g. e-mail address, telephone number, Linkedin link, etc.) retained for the duration of the recruitment process and for a maximum of 2 years after your application.
  • any data relating to personal and professional life provided in the candidate’s CV and cover letter (e.g. diplomas, hobbies, certificates, age, marital status, driving license, etc.) kept for the duration of the recruitment process and for a maximum of 2 years after your application.
  • all economic and financial data (e.g. salaries, bonuses, etc.) provided during job interviews, retained for the duration of the recruitment process and for a maximum of 2 years after your application.
  • any specific data (e.g. residence permit, etc.) provided by the applicant as part of the recruitment process retained until the end of the employment relationship in the event of recruitment, and deleted after the recruitment process in the event of refusal.
  • any specific relevant and required data (e.g. disability status) provided in the candidate’s CV and cover letter retained for the duration of the recruitment process and deleted after the recruitment process has ended.
  • any identity document (e.g. passport or ID card) provided as part of the recruitment process deleted after the candidate has been recruited or not.
  • if you have applied for a job via our website, connection data (e.g. IP address and logs) will be kept for a maximum of 12 months.

Once the applicable retention periods have expired, the deletion of your personal data is irreversible and we will no longer be able to communicate it to you. At most, we can only keep anonymous data for statistical purposes.

On the other hand, in the event of hiring, your data collected during the recruitment process is automatically transferred to your personal file and becomes subject to the Employee Data Privacy Policy.

Please also note that in the event of litigation, we are obliged to retain all your personal data for the duration of the case, even after the expiry of the retention periods described above.

What rights do you have to control the use of your personal data?

The applicable data protection regulations grant you specific rights which you may exercise, at any time and free of charge, in order to control the use we make of your data.

  • Right to access and copy your personal data, provided this request does not conflict with business secrecy, confidentiality or the secrecy of correspondence.
  • Right to rectify personal data that is incorrect, outdated or incomplete.
  • The right to object to the processing of your personal data for commercial prospecting purposes.
  • The right to request the deletion (“right to be forgotten”) of personal data that is not essential to the proper functioning of our services.
  • The right to limit the use of your personal data, which allows you to photograph the use of your data in the event of a dispute over the legitimacy of processing.
  • The right to data portability, which enables you to recover part of your personal data so that it can be easily stored or transmitted from one information system to another.
  • The right to give instructions on what to do with your data in the event of your death, either through you or through a trusted third party or beneficiary.

For a request to be taken into account, it must be sent directly by you to dpo@dipeeo.com. Any request that is not made in this way cannot be processed.

Requests cannot come from anyone other than you. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the person making the request.

We will respond to your request as quickly as possible, subject to a maximum of three months from receipt if the request is technically complex or if we receive many requests at the same time.

Please note that we can always refuse to respond to any excessive or unfounded request, particularly in view of its repetitive nature.

Who can access your personal data?

Your personal data is processed by our teams for the sole purpose of managing applications.

Can your personal data be transferred outside the European Union?

All personal data processed for recruitment purposes is hosted exclusively within the European Union.

How do we protect your personal data?

We implement all the technical and organizational means required to guarantee the security of your data on a day-to-day basis and, in particular, to combat any risk of unauthorized destruction, loss, alteration or disclosure of your data (e.g. secure access, antivirus, etc.).

Who can you contact for more information?

Our Data Protection Officer (“DPO”) is always available to explain in more detail how we process your data and to answer any questions you may have on the subject at the following address: dpo@dipeeo.com.

How can you contact the CNIL?

You may at any time contact the “Commission nationale de l’informatique et des libertés” or “CNIL” at the following address: CNIL Complaints Department, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.

Can the Privacy Policy be modified?

We may modify our Privacy Policy at any time to adapt it to new legal requirements and to new processing operations that we may implement in the future.

Certified by Dipeeo®.