Sheryl Altman

[PDF] BREVILLE GROUP JOB CANDIDATE DATA PRIVACY PROTECTION ...www.sageappliances.com › legal

[PDF] BREVILLE GROUP JOB CANDIDATE DATA PRIVACY ... - Sage Applianceswww.sageappliances.com › legal

PDF Viewing Options

Not Your Device? Search For Manuals or Datasheets below:


File Info : application/pdf, 9 Pages, 156.54KB

Document DEVICE REPORTJob Candidate Protection Policy 2022 05 03 final EU
BREVILLE GROUP

JOB CANDIDATE DATA PRIVACY PROTECTION POLICY

Objective

Last updated: May, 3rd 2022

The following Job Candidate Data Protection Privacy Policy (the "Policy") applies to each individual who

applies for a job at an entity that is part of the of the Breville Group of Companies (hereinafter,

collectively referred to as "Breville") which includes:

Breville Pty Limited Breville New Zealand Limited Breville USA, Inc. Breville Canada, L.P. BRG Appliances Limited Sage Appliances GmbH HWI International Limited Breville Services (Shenzhen) Company Limited Breville Mexiko, S. A. de C.V. Sage Appliances France Breville Korea limited including the brands Baratza, Beanz, ChefSteps, ControlFreak, FoodThinker, and PolyScience Culinary (hereinafter referred to individually as a "Breville Entity", collectively as "Breville entities")

The purpose of this policy (the "Policy") is to provide adequate and consistent safeguards for the handling of candidate data by all Breville entities.
The Privacy Policies explain how we collect, use or otherwise process personal data when you access or use the Breville websites, mobile applications, and other products and services (collectively, the "Services"), or when you otherwise interact with us.
The identifiable information about yourself that you provide to a Breville entity as a job seeker for a position with a Breville entity (the "Candidate Data" or "Data") will be used for recruitment purposes, and the Candidate Data will be protected in accordance with the Policy outlined below and all applicable laws.
By submitting your Candidate Data, you confirm and agree that:
· you have reviewed the Policy;
· Breville may process the Candidate Data according to the recruitment purposes set out in the Policy; and

· the Candidate Data may be transferred worldwide consistent with the Policy.
Your consent is required in order to complete the submittal process. In order to continue, you must click actively on the x in the consent box. By clicking the consent box you are hereby consenting and agreeing that you are freely providing the information required for the application process.
This Policy does not form part of any contract of employment offered to successful hires.
Contact details
If you have any questions or complaints in relation to the use of your personal information, or this Notice, you can contact our Data Protection Officer at [email protected] or [email protected].
Scope
This Policy applies to all Breville entities that process Candidate Data.
Processing refers to any action that is performed on Candidate Data, whether in whole or in part by automated means, such as collecting, recording, organizing, storing, modifying, using, disclosing, or deleting such data.
Candidate Data is defined as any identifiable information about you that you or someone else provides on your behalf in the context of applying for a position with a Breville entity.
This Policy does not cover data rendered anonymous or where pseudonyms are used. Data is rendered anonymous if individual persons are no longer identifiable or are identifiable only with a disproportionately large expense in time, cost, or labor. The use of pseudonyms involves the replacement of names or other identifiers with substitutes, so that identification of individual persons is either impossible or at least rendered considerably more difficult. If Data rendered anonymous becomes no longer anonymous (i.e., individual persons are again identifiable), or if pseudonyms are used and the pseudonyms allow identification of individual persons, then this Policy will again apply.
Application of Local Laws
This Policy is designed to provide a uniform minimum compliant standard for every Breviile entity with respect to its protection of Candidate Data worldwide. Breville recognizes that certain laws may require stricter Policy than those described in this Policy. Each Breville entity will handle Candidate Data in accordance with local law applicable at the place where the Candidate Data is processed. Where applicable local law provides a lower level of protection of Candidate Data than that established by this Policy, then the requirements of the Policy shall apply.
Principles for Processing Candidate Data
Breville respects the privacy rights and interests of each individual. Each Breville entity will observe the following principles when processing Candidate Data:
· Data will be processed fairly and lawfully

· Data will be collected for specified, legitimate purposes and not processed further in ways incompatible with those purposes
· Data will be relevant to and not excessive for the purposes for which they are collected and used. For example, Data may be rendered anonymous when feasible and appropriate, depending on the nature of the Data and the risks associated with the intended uses
· Data will be accurate and, where necessary, kept up-to-date. Reasonable steps will be taken to rectify or delete Candidate Data that is inaccurate or incomplete
· Data will be kept only as long as it is necessary for the purposes for which it was collected and processed
· Data will be processed in accordance with the individual's legal rights (as described in these Policy or as provided by law)
· Appropriate technical, physical, and organizational measures will be taken to prevent unauthorized access, unlawful processing, and unauthorized or accidental loss, destruction, or damage to Data
Data Collection
You may use various methods to submit your Candidate Data to Breville. These methods may include: (a) e-mail or paper submission to Breville personnel; (b) online submittal of Candidate Data processed by a third-party service provider into an electronic database based in UK accessible by Breville authorized personnel; or (c) via a Breville employment application.
Breville may periodically collect further information with your consent or in accordance with applicable laws. For example, Breville may collect your feedback and opinions (e.g., surveys) for business purposes, such as improving processes. You may respond to these surveys voluntarily or may elect not to respond and will not suffer reprisals for your decision. This Policy will be applicable to any further information collected including any responses to such surveys.
Purposes and Access for Candidate Data Processing
Each Breville entity processes Candidate Data for legitimate human resources purposes. Such processing will be conducted within such purpose limitations and in accordance with applicable law. These principal purposes include:
Identifying and/or evaluating candidates for Breville positions; making a decision about whether the individual should be hired; maintaining appropriate record-keeping related to hiring practices; analyzing the hiring process and outcomes; and conducting background investigations, where permitted by law (the "Purposes ").
If a Breville entity processes your Candidate Data for purposes that go beyond the Purposes described

above, such Breville entity responsible for the new purpose will ensure that you are informed of the new purposes for which your Candidate Data is to be used, and the categories of recipients of your Candidate Data.
Your Data will be accessed and processed by individuals who are involved in the hiring process for Breville and who have a legitimate need to access and process your Data for the Purposes.
Types of Candidate Data
The types of Candidate Data processed includes such as: · Candidate status
· Work history/job data
· Education Compensation
· Employer feedback
· Online questionnaire results
· Candidate contact information
· Previous addresses or names of the Candidate
· Additional information provided by the Candidate (e.g., a cover letter)
· Driver's license number, as needed for certain positions
· References
· Criminal history, where permitted by law
Special Categories of Data
To the limited extent a Breville entity needs to collect any Special Data (such as data containing personal information about racial or ethnic origin, political opinions, religious or political beliefs, trade-union membership, health or medical records, or criminal records), such Breville entity will ensure that the individual is informed of such collection and processing. Where required by law, the person's explicit consent to the processing and particularly to the transfer of such data to non- Breville entities will be obtained. Appropriate security and protection measures (e.g., physical security devices, encryption, and access restrictions) will be provided depending on the nature of these categories of data and the risks associated with the intended uses.
Security and Confidentiality
Each Breville entity is committed to taking appropriate technical, physical, and organizational measures to protect Candidate Data against unauthorized access, unlawful processing, accidental loss or damage and unauthorized destruction.
Equipment and Information Security

To safeguard against unauthorized access to Candidate Data by third parties outside Breville, all electronic Candidate Data held by Breville entities are maintained on systems that are protected by secure network architectures that contain firewalls and intrusion detection devices. The servers holding Candidate Data are "backed up" (i.e., the data are recorded on separate media) on a regular basis to avoid the consequences of any inadvertent erasure or destruction of data. The servers are stored in facilities with comprehensive security and fire detection and response systems. Access Security Each Breville entity limits access to internal systems that hold Candidate Data to a select group of authorized users who are given access to such systems through the use of a unique identifier and password. Access to Candidate Data is limited to and provided to individuals for the purpose of performing their job duties (e.g., a human resources manager may need access to a Candidate's contact information for the purposes of setting up an interview). Compliance with these provisions will be required of third-party administrators who may access certain Candidate Data, as described in the Transferring Data section.
Training Breville will conduct training regarding the lawful and intended purposes of processing Candidate Data, the need to protect and keep information accurate and up-to-date, and the need to maintain the confidentiality of the Data to which employees have access. Authorized users will comply with this Policy, and each Breville entity will take appropriate disciplinary actions, in accordance with applicable law, if Candidate Data are accessed, processed, or used in any way that is inconsistent with the requirements of this Policy.
Rights of Data Subjects
Any person may inquire as to the nature of the Candidate Data stored or processed about him or her by any Breville entity. You will be provided access to Candidate Data as is required by law in your home country, regardless of the location of the data processing and storage. A Breville entity processing such data will cooperate in providing such access either directly or through another Breville entity. All such requests for access may be made by sending a request in writing to:
The Data Protection Officer at privacy @breville.com or at [email protected]
Candidate Data will be available for access for a reasonable period of time, and Breville will allow you to view your Candidate Data upon reasonable notice and at reasonable times.
You may also contact the Human Resource Manager at the relevant Breville entity to ask questions regarding this Policy or your Candidate Data or withdraw your consent.
If access or rectification is denied, the reason for the denial will be communicated and a written record will be made of the request and reason for denial.
If you demonstrate that the purpose for which the data is being processed is no longer legal or appropriate, the data will be deleted, unless the law requires otherwise.

If any Candidate Data is inaccurate or incomplete, you may request that the data be amended by submitting a new resume/CV with the updated information (e.g., new home address or change of name).

In addition, you may email the Data Protection Officer to request to withdraw consent at [email protected] or [email protected]
Transferring Data
Transfers to other Breville entities Breville strives to ensure a consistent and adequate level of protection for Candidate Data that is processed and/or transferred between Breville entities. A transfer of Candidate Data to another Breville entity is considered a transfer between two different entities, which means that even in such "intragroup" cases, a data transfer shall be carried out only if applicable legal requirements are met and if:
· The transfer is based on a clear business need;
· The receiving entity provides appropriate security for the data; and
· The receiving entity ensures compliance with this Policy for the transfer and any subsequent processing
Transfers to non-Breville entities At times, Breville may be required to transfer Candidate Data to selected external third parties that they have hired to perform certain employment-related services on their behalf. These third parties may process the data in accordance with the Breville's instructions or make decisions regarding the data as part of the delivery of their services. In either instance, Breville will select reliable suppliers who undertake, by contract or other legally binding and permissible means, to put in place appropriate security measures to ensure an adequate level of protection. Breville will require external third-party suppliers to comply with these Policy or to guarantee the same levels of protection as Breville when handling Candidate Data. Such selected third parties will have access to Candidate Data solely for the purposes of performing the services specified in the applicable service contract. If Breville concludes that a supplier is not complying with these obligations, it will promptly take appropriate actions.
Breville may be required to disclose certain Candidate Data to other third parties (1) as a matter of law (e.g., to tax and social security authorities); (2) to protect Breville's legal rights (e.g., to defend a litigation suit); or (3) in an emergency where the health or security of a Candidate is endangered (e.g., a fire).
Direct Marketing
Breville will not disclose Candidate Data outside Breville to offer any products or services to a Candidate for personal or familial consumption ("direct marketing") without his or her prior consent.

The restrictions in this section apply only to contact data obtained in the context of applying for a position with Breville. They do not apply to contact data obtained in the context of a consumer or customer relationship.
Enforcement Rights and Mechanisms
Each Breville entity entities will ensure that this Policy is observed. All persons who have access to Candidate Data must comply with these Policy. In some countries, violations of data protection regulations may lead to penalties and/or claims for damages.
If at any time, a person believes that Candidate Data relating to him or her has been processed in violation of this Policy, he or she may report the concern to the Data Protection Officer. The Data Protection Officer may be contacted by email at [email protected] or [email protected], The processes described in this Policy supplement any other remedies and dispute resolution processes provided by Breville and/or available under applicable law.
Audit Procedures
To further ensure enforcement of this Policy, Breville's Data Protection Officer will audit compliance of this policy from time to time to ensure compliance with this Policy. In the event the Data Protection Officer determines that there are matters that cannot be adequately handled with Breville's own resources, Breville will appoint an independent third party to conduct an investigation/audit of any procedures or issues involving Candidate or employment Data under the Policy.
Communication About the Policy
Breville will communicate this Policy to current and new employees by posting them on selected internal Breville web sites and by providing a link to the Policy, where Candidate Data are collected or processed.
Obligations Toward Data Protection Authorities
Breville will respond diligently and appropriately to requests from data protection authorities about this Policy or compliance with applicable data protection and privacy laws and regulations. Breville employees who receive such requests should contact the General Counsel. Breville will, upon request, provide data protection authorities with names and contact details of relevant contact persons. With regard to transfers of Candidate Data between Breville entities, the importing and exporting Breville entities will (i) co-operate with inquiries from the data protection authority responsible for the entity exporting the data, and (ii) respect its decisions, consistent with applicable law and due process rights.
Addendum
Rights and Obligations with Respect to Candidate Data Collected within the EU/EEA/UK and Processed Elsewhere
In addition to any rights and obligations that are set forth in this Candidate Data Protection Policy or that otherwise exist, the following principles established in light of the General Data Protection Regulation (GDPR) will apply to Candidate Data collected by Breville entities in the European Union/European Economic Area and processed elsewhere. In jurisdictions where this Addendum applies, the enforcement

rights and mechanisms mentioned in the Policy also apply to the provisions of this Addendum. The following are not intended to grant employees further rights or establish further obligations beyond those already provided under the European GDPR:
1. Any transfer of the applicants' personal data to a third country may take place according to Art. 45 GDPR. Breville ensures that the level of protection of natural persons guaranteed by the GDPR is not undermined.
2. If any of the terms or definitions used in the Policy are ambiguous, the definitions established under applicable local law within the relevant EU/EEA member state shall apply or where there are no such definitions under applicable local law, the definitions of the European Data Protection Directive shall apply.
Changes to this Policy
We may change this policy from time to time. We will post any changes to this policy on this page. Each version of this policy is identified at the bottom of the page by its effective date.


Microsoft Word for Microsoft 365

Search Any Device: