All Belgian member companies of Grant Thornton International Ltd (hereinafter collectively, ‘Grant Thornton,’ ‘we,’ ‘us’ and ‘our’) understand how important privacy is to you and respect your privacy.
This privacy statement explains how Grant Thornton, as Data Controller, processes job applicants’ personal data in the context of its operations. We may amend this statement from time to time, should the need arise.
Below is an overview of the various Belgian companies of Grant Thornton.
The company to which the vacancy belongs acts as the Data Controller:
| Identity and contact details of the Data Controller | ||
| Grant Thornton Belgium CVBA (+34 (0)474 684049) | Uitbreidingstraat 72 bus 7, 2600 Antwerp | Contact: HR Department, hr@be.gt.com |
| Grant Thornton Accountancy, Tax & Legal BV (+34 (0) 439 926375) | ||
| Grant Thornton Efficiëntia CVBA ( +34 (0) 407 420487) | ||
| Grant Thornton Bedrijfsrevisoren CVBA (+34 (0) 439 814 826) | ||
The personal data we process includes, but is not limited to:
· personal information and contact details, such as name, first name, gender, address, phone number, email, etc.
· recruitment data, such as CVs and/or job application letters, references, and interview notes
· current and previous professional activities
· academic curriculum
· professional experience
· desired salary, expense allowances, bonuses, benefits in kind granted and other allowances, such as company car, meal vouchers, telecom subscription, etc.
· data relating to professional competence, such as diplomas and certificates obtained, etc.
· data relating to licences, authorisations and permits, etc.
· photos
· psychological descriptions, such as assessments
· immigration status, only if required in the context of assessing the possibility of recruitment
· other data you may provide to us of your own accord, if applicable.
As a general rule, we collect personal data directly from you.
However, we may, in certain circumstances, also receive personal data from third parties (such as an applicant referred by a head-hunting firm, references from persons you specify, etc.) or generate them ourselves (such as our own interview notes, etc.).
From time to time, we may use the services of third parties (including other group entities) in the course of our recruitment and may also receive personal data about you collected by these third parties in the course of performing their services for us or otherwise. Where this is the case, we will, where appropriate, take all steps required by applicable law or regulation to ensure that such third parties have assured us that they have the right to disclose your personal data to us and we will not use such personal data for any purpose other than the purposes for which it was collected.
We will only collect, process, or use personal data to the extent permitted or required by applicable laws or regulations and considering the purposes for which it was collected.
In particular, but not limited to, we may process your personal data for the following purposes:
· determining your suitability for employment, including verification of references and qualifications
· assessment of the qualifications required for a particular job or task (assessment)
· compliance with applicable labour or employment regulations
· other purposes reasonably necessary in connection with your future employment.
We may process your personal data on the following legal grounds:
· assessing the expediency of concluding an employment contract and other related contracts
· the fulfilment of our legal obligations
· your consent, such as for data that we do not request but that you provide to us of your own accord or for adding your profile to our recruitment reserve list, etc.
· our legitimate interests, such as complying with our administrative and corporate law obligations, etc.
To the extent permitted by applicable law or regulation, we may share your personal data with, among others:
· our employees involved in the application and assessment of candidacies
· our service providers (including, our IT providers and providers of services under employment law) and
· other parties (including other Grant Thornton entities) that require your personal data.
Any transfer of personal data outside the European Economic Area (EEA) is subject to safeguards and/or agreements to ensure the security of your data.
If there is no Commission adequacy decision for the destination country, we will use appropriate safeguards as described in Article 46 of the GDPR when transferring personal data, and such transfers and technical and organisational security measures will be documented in accordance with Article 30 of the GDPR. For example, we use standard contractual clauses to protect the transfer of personal data to countries outside the European Economic Area (EEA), and to ensure that an equivalent level of data protection applies to your personal data even if EU data protection laws are not directly applicable.
We have implemented technical and organisational measures to ensure the confidentiality, availability and integrity of personal data processed by us, which include, but are not limited to:
· creating and maintaining policy and procedural documents related to information security and data protection
· assessing and managing risks and incidents
· performing technical security controls, such as using information classification, access control and authentication methods, physical/environment/network/perimeter controls, technologies such as encryption, anonymisation, pseudonymisation or segmentation, intrusion detection and prevention technologies, monitoring, and anti-malware software; data backup, business continuity and disaster recovery, etc.
· examining suppliers’ information security programmes
· organising awareness training
· participating in security certification process and conducting audits
· etc.
Applicant data will be kept for a maximum of 180 days from the day of application.
Depending on the processing and the legal basis, you as a Data Subject have a number of options to maintain control over your personal data:
· Right to access your data
· Right to amend your data
· Right to object to the processing of your personal data
· Right to restrict data processing
· Right to have your data erased
· Right to withdraw your previously given consent
· Right to transfer your data
· Right to lodge complaints with the competent data protection authority.
We should inform you that these rights are not always absolute, that in certain circumstances we are entitled or even required by law to further process your personal data and that we cannot therefore always (fully) comply with your request. In that case, we will inform you accordingly.
You may exercise these rights free of charge, except in cases of abuse and in which case we are entitled to charge administration fees to comply with your request.
If you have any questions about this privacy statement, if you are concerned about how we manage your personal data, or if you wish to exercise your rights, please contact the HR Department by email: hr@be.gt.com.
For any other questions, please feel free to contact our data protection and privacy experts via: privacyrights@be.gt.com