The Sony Interactive Entertainment (“SIE”) company you are applying to is the controller of the personal information collected from you when you submit an application to work for that company (whether as an employee, worker or contractor). For further data controller details please see Section 6 of this Candidate Privacy Notice (“Privacy Notice”).
This Privacy Notice explains what personal information we collect about you, how we collect it, why we collect it, who we share it with, where it is processed, how we handle it and what your choices and legal rights are.
It is important that you read this Privacy Notice so that you are fully aware of how and why we are using your data. This Privacy Notice supplements other notices and privacy policies and is not intended to override them.
We will comply with data protection law and principles, which means that your data will be:
• Used lawfully, fairly and in a transparent way.
• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
• Relevant to the purposes we have told you about and limited only to those purposes.
• Accurate and kept up to date.
• Kept only as long as necessary for the purposes we have told you about.
• Kept securely.
3.1. About the personal information we collect and hold about you
Personal information means any information about a person that can directly or indirectly identify that person. It does not include data where the identity has been removed (anonymous data). In connection with your application to work for us, we will collect, store, and use the following categories of personal information about you:
• Personal information you have provided to us in your curriculum vitae (“CV”) and covering letter.
• Personal information you have provided to us during the recruitment process including first and last name, employment areas of interest (type of position, industry, experience level), title, physical address, phone number, email address, gender, employment history, education history and qualifications, salary/remuneration expectations and notice period.
• Details about eligibility to work such as passport, visa, or work permit details.
• Any information you provide to us during an interview or in e-mail communications.
• The sensitive personal information referred to in section 3.5 below.
3.2. How your personal information is collected
We may collect personal information from candidates from the following sources:
• You, the candidate.
• Your named referees.
• Third party recruitment agencies.
• Background check providers (including financial and criminal backgrounds checks where applicable and legally permissible).
3.3. How and why we use your personal information
We will only use your personal information in accordance with applicable data protection laws and this Privacy Notice. Most commonly, we will use your personal information to:
• Assess your skills, qualifications, and suitability for a particular role.
• Carry out background and reference checks (including financial and criminal backgrounds checks), where applicable and legally permissible.
• Communicate with you about the recruitment process.
• Keep records related to our hiring processes.
• Comply with legal or regulatory requirements.
It is in our legitimate interests to process your personal information in order to decide whether to appoint you to a particular role as it would be beneficial to our business to fill that role. We also need to process your personal information in order to decide whether to enter into a contract with you.
Having received your CV, covering letter, your application form and, where applicable, the results of any test you have been required to take during this recruitment process, we will then process that information to decide whether you meet the basic requirements to be shortlisted for a particular role. If you do, we will decide whether your application is strong enough to invite you for an interview. If we decide to interview you, we will use the information you provide to us during your interview(s) to decide whether to offer you the role. If we decide to offer you the role, we will then take references and/or, for some roles, conduct background checks, after we make you an offer. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.
3.4. If you fail to provide personal information
If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require references for this role and you fail to provide us with relevant details, we will not be able to take your application further.
3.5. Special categories of personal information
Where permitted by applicable law, or when you consent, we may also collect, store, and use more sensitive personal information, should you choose to provide it, such as information about your race or ethnicity, sexual orientation, gender identity and information about your disability status, which are special categories of personal information. We will use this information to help us maintain equal opportunities best practice and identify barriers to workforce equality. We may also use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during your interview.
3.6. Criminal background checks
Where permitted by applicable law, we envisage that we may hold information about criminal convictions. We will only collect information about criminal convictions during the recruitment process if it is appropriate given the nature of the role and where we are legally able to do so. We will use information about criminal convictions and offences to assess suitability for a particular role and to comply with our obligations as required by law. We will have in place an appropriate policy and safeguards which we are required by law to maintain when processing such data.
3.7. Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
3.8. How long we keep your personal information
We keep your personal information during and after your participation in our recruitment process for no longer than is necessary for the purposes for which the personal information is processed and in accordance with our records retention policy. We will then securely destroy your personal information in accordance with our records retention policy and applicable laws and regulations.
3.9. Data Security
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
4.1. Who we share your personal information with
We will only share your personal information with the following third parties for the purposes of processing your application:
• Other entities in the SIE group of companies (SIE Group).
• Recruitment service providers.
• IT service providers (e.g., Greenhouse Software, Inc.).
• Professional advisors (e.g., auditors).
We may also retain, use and/or disclose any of your personal information as required or permitted by law, regulation, or order, including to the police or other appropriate authorities, to investigate complaints made by or against you, or to protect or defend ourselves, or others, against illegal, criminal, or harmful activities.
4.2. Security of personal information transferred within the SIE Group and to third parties
All our third-party service providers and other entities in the SIE Group are required to take appropriate security measures to protect your personal information in line with our policies and the applicable data protection laws.
4.3. International transfers
Your information may be processed, stored, and transferred outside your country of residence and beyond the United Kingdom (UK) and European Economic Area (EEA), for the purposes set out in this Privacy Notice, such as in the United States or Japan. Data protection laws in these countries may not offer the same level of protection as in your country (the UK or the EEA) and you may have fewer legal rights in relation to your information. Accordingly, we ensure there are adequate safeguards in place when transferring your data outside your country (the UK and the EEA), including by relying on the European Commission Standard Contractual Clauses or other lawful mechanisms or otherwise that the transfer only occurs where permitted by applicable law.
5.1. Your right to object to us processing your personal information
Where our processing of your personal information is based solely on our legitimate interests (or those of a third party), you have the right to object to that processing if you give us specific reasons why you are objecting, which are based on your particular situation. If you object, we can no longer process your personal information unless we can demonstrate legitimate grounds for the processing, which override your interests, rights and freedoms, or the processing is for the establishment, exercise, or defence of legal claims. Please contact our Data Protection Office (DPO) at email@example.com if you wish to object in this way.
5.2. Your rights to correct and access your personal information and to ask for it to be erased
Please contact our DPO at firstname.lastname@example.org if you would like to correct or request access to personal information that we hold relating to you or if you have any questions about this Privacy Notice. You also have the right to ask for your personal information that we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. Our DPO will provide you with further information about the right to be forgotten if you ask for it.
5.3. Your right to request restriction of processing of your personal data
Please contact our DPO at email@example.com if you would like to request that we restrict processing of your personal data where: (i) you want us to establish the accuracy of your personal data; (ii) you believe our use of your personal data is unlawful but you don’t want us to erase it; (iii) where you need us to hold your personal data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your personal data but we need to verify whether we have overriding legitimate grounds to use it.
5.4. Your right to withdraw consent
Where our processing of your personal information is based on your consent, you have the right to withdraw your consent. Please contact our DPO at firstname.lastname@example.org if you wish to withdraw your consent.
5.5 Your right to data portability
You could have the right to request for your personal information to be ported from one controller to another in certain circumstances. Please contact our DPO at email@example.com for further information about this right.
5.3. How to complain
We hope that our DPO can resolve any query or concern you raise about our use of your personal information, so please contact our DPO at firstname.lastname@example.org. If you are not satisfied with the resolution of your query or concern by our DPO, you do have the right to contact or lodge a complaint with your relevant supervisory authority. For further details please see Section 6 of this Privacy Notice.
5.4. Changes to this Privacy Notice
We reserve the right to update this Privacy Notice at any time, and we will provide you with a new Privacy Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
6.1. SIE companies:
• Sony Interactive Entertainment Europe Limited (“SIEE”)
10 Great Marlborough Street, London, United Kingdom, W1F 7LP
• Sony Interactive Entertainment Deutschland GmbH (“SIE Germany”)
Frankfurter Str. 190a, 63263 Neu-Isenburg, Germany
• Sony Interactive Entertainment Benelux B.V. (“SIE Benelux”)
Olympia 1, 1213 NS Hilversum, Netherlands, company number 32061972
6.2. Regional data protection authorities:
• United Kingdom: The Information Commissioner’s Office, +44 (0)303 123 1113
• Germany (Frankfurt)): The Hessian Commissioner for Data Protection and Freedom of Information, PO Box 3163, 65021 Wiesbaden, +49 611 1408-0, email@example.com
• Netherlands: The Dutch Data Protection Authority (Autoriteit Persoonsgegevens), Postbus 93374, 2509 AJ DEN HAAG, (+31) - (0)70 - 888 85 00, https://autoriteitpersoonsgegevens.nl/en