BACK

Job Applicants Privacy Policy

1. About Us

This Job Application Privacy Policy (Policy) explains how msg global processes and protects your personal data during the selection process. The Policy is issued in alignment with the GDPR and other applicable data protection laws.

This Policy applies to the Job Applicants of all entities that are part of the msg global solutions group (all together msg global), a consulting, implementation, and managed services provider that helps companies improve their operational efficiency and decision-making capabilities utilizing SAP technology.

During the recruitment process msg global acts as a Controller in the processing of your personal data. msg global can also act as a joint controller in which situation – we jointly determine the purposes and means of processing of your personal data – of which you will be informed.

Questions, concerns, complaints, or disputes regarding this Policy, data privacy at msg global, or our compliance with applicable data protection laws and regulations may be sent to us by email at dataprotection@msg-global.com.    

Responsible for the collection, processing, and use of your personal data pursuant to the GDPR is:

msg global solutions ag
Eichwatt 3
8105 Regensdorf
Switzerland
E-Mail: info@msg-global.com

Our DPO is:

Erwin Kraus
msg global solutions Deutschland GmbH
Robert-Bürkle-Str. 1
85737 Ismaning
Germany<
E-mail: erwin.kraus@msg-global.com 

2. Policy Overview

2.1 Purpose of processing

Transparency and care about your personal data are core values of our business here at msg global, thus this Policy is issued in alignment with the GDPR and other relevant data protection laws.

It explains how msg global processes your personal information during the selection process in order to assess both whether you meet the criteria to become part of our team and whether your value system matches the business values of msg global.

2.1.1 Applying to open Job postings at msg global

For the purpose of applying to open job posting at msg global, we mainly use SAP SuccessFactors Recruiting tool (hereinafter: SF). SF will also be msg global’s Applicant Tracking System and will support us in the recruitment process including sourcing, recruiting, selecting, and hiring new employees.

Your personal data processed in SF is used to source, assess, select, and hire employees for msg global job openings. Applying for a job via SF means that you are either:

    
  • creating an account, yourself;
  • account is created in your name and with your approval via our own HR team manually;
  • account is created in your name and with your approval via recruiting agencies manually;
  • (all together “SF Application process”).

You can also apply to open job postings using the following methods:

    
  • by e-mail to the named person/contact (available either on website (if provided), through our employees or by other means);
  • through direct messaging in professional networks as for example LinkedIn (and not through a published LinkedIn job post);
  • through our “Job for Friends” program;
  • by postal mailing to the named msg global solutions entity as stated above.

The above-mentioned methods of applying to open job postings do not represent an extensive list and if there are any additional methods for the purposes mentioned above, you will be made aware of it.

Your personal data we receive through above mentioned other methods of applying to open job postings will be entered into SF manually by local HR representatives.

2.1.2 Background checks

We would also like to collect and process your personal data in order to conduct a background check. The purpose of this screening is to verify the information that you shared in the recruiting process or to assess if you might pose any threat to msg global, its members or its clients. Background checks are meant to reinforce a hiring decision and ensure candidates who have been selected for a job are suitable. Background checks are committed fully in compliance with applicable laws.

2.2 Scope

This Policy applies to all persons going through the selection process for potentially working in msg global on the basis of an employment contract or a non-employment contract.

2.3 Policy Statements

This Policy applies to all personal data of Job Applicants processed by msg global as a potential employer. 

The Responsible Person shall take responsibility for msg global’s ongoing compliance with this Policy and it shall be reviewed at least annually or when such a need arises. 

The Company shall register with the responsible Data Protection Authority as an organization that processes personal data – if it’s mandated by local law.

2.3.1 Data Protection Principles

We at msg global are committed to processing personal data in accordance with data protection principles as they are set out in GDPR.

We guarantee that your personal data are:

      
  1. processed lawfully, fairly and in a transparent manner in relation to you;
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  3. processed adequately, relevantly and limited to what is necessary in relation to the purposes for which they are processed (data minimization);
  4. accurate and, where necessary, kept up to date (every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased, or rectified without delay);
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by the GDPR in order to safeguard the rights and freedoms of individuals); and
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

2.3.2 Register of Processing Activities

To ensure its processing of data is lawful, fair, and transparent, msg global maintains a Register of Processing Activities. The Register of Processing Activities is reviewed at least annually or when such a need arises.

3. Lawfulness of Processing

All data processed by msg global must be done on one of the following lawful bases: consent, agreement, legal obligation, vital interests, public task or legitimate interests.

During the selection process and for the purpose of potential work engagement with msg global, we process your personal information based on:

    
  • Agreement

We process your personal data when necessary for your potential work engagement with msg global, i.e. in order to conclude an employment agreement with you or form other contractual relationship and so that you could exercise your rights under that agreement. However, before concluding a contractual relationship, it is necessary for us to assess whether you are the right person for our company, as well as it is necessary for you to conclude whether you share our values.

    
  • Consent

We will process your personal data based on your special written consent taking into full account the interests and fundamental rights of you as a data subject.

You can withdraw the consent for processing your personal data that you have given us at any time. We will act on it immediately, stop the processing and delete the personal data in any event within 3 months of receipt of the withdrawal. This is free of charge. You can send us the request for withdrawal at dataprotection@msg-global.com.

    
  • Our legal obligation

We may process your personal data when that processing is necessary for compliance with a legal obligation.

    
  • Protection of your vital interests

Also, we may process your personal data where such processing is necessary for the protection of your vital interests.

If we process your personal data based on our legal obligation or for the protection of your vital interests, we will notify you as soon as possible.

    
  • Legitimate interest

We process your data when it is in the legitimate interest of msg global to protect its employees, work processes and its physical premises. We will only use the personal data that we need for a particular purpose, and we will always try to limit the use of your personal data

You can at any moment object to the processing based on our legitimate interest by sending an e-mail to the following email address: dataprotection@msg-global.com or by post mail to the aforementioned address (see Section 2). For more information on your rights, please see Section 6 below.

4. Categories of Personal Data We Collect

In the normal course of business activities, we process the following categories of personal data:

     
  • Personal identification and location information, such as your name and surname, date of birth (if provided), gender, place of residence, home address;
  • Contact details such as email address, telephone numbers, website;
  • Publicly available data such as social media profiles (LinkedIn, Facebook profile, Xing, etc.);
  • Earliest possibility to start employment;
  • Application documents (covering letter, curriculum vitae, testimonials, certificates, etc.)
  • Immigration, right-to-work and residence status;
  • Educational and training information, such as your educational awards, certificates and licenses, vocational records and inhouse training attendance;
  • Recruitment related data, such as objectives, ratings, career history, work equipment, competencies, and other work-related qualifications;
  • Any other personal data provided during the application and recruitment process. 

The above-mentioned categories of personal data do not represent an extensive list. If there are any additional categories of personal data, we intend to process for the purposes mentioned above, you will be made aware of it.

5. Recipient of Personal Data

We may share your personal data with the following recipients:

     
  • Consultants, contractors and other recipients who are directly connected with msg global and who, on our behalf, provide services for the above purposes, such as bookkeepers, employment agencies and attorneys, etc.
  • Information technology service providers, such as cloud providers, hosting companies, support providers or software companies;
  • Other msg global entities, joint ventures, subcontractors, vendors or suppliers who perform services on our behalf, such as technical support or server usage;
  • Governmental authorities;
  • A newly formed or acquiring organization if msg global is involved in a merger, sale, transfer or any other change in ownership status of some or all of its business;
  • Any recipient, if we are required to do so, such as by applicable court order or law, including government institutions;
  • Any recipient when reasonably necessary such as in the event of a life-threatening emergency. 

When applicable, all of the abovementioned recipients are required by us to have appropriate technical and organisational measures in order to ensure the protection of your personal data. When applicable we also implemented appropriate data processing agreements in place.

For more information on our personal data recipients, you can, at any moment, send an e-mail to the following email address: dataprotection@msg-global.com and we will get back to you in a timely manner.

6. Your Rights

You may exercise certain rights related to the personal data we process about you in connection with the selection process. You can request access to your rights at any moment.

As a data subject you have the following rights:

     
  • be informed: right to know how we process your personal data (this right has been met by providing you with this Policy).
  • access: request access to your personal data we process. If your request to us for access to your data is in electronic form, we will respond in the same way, unless your request a different response.
  • rectification: ask to have inaccurate data held about you rectified without undue delay or to have incomplete personal data completed. Please notify us if your personal details change or if you become aware of any inaccuracies in the personal data, we hold about you.
  • erasure: request erasure of personal data (except to the extent as may be limited, excused or prohibited by applicable law) without undue delay.
  • Data Processing Restriction: request that we restrict processing of your data.
  • Request data portability: should the processing of your personal data be carried out by automated means and you provided that data based on consent, or the processing is necessary for the performance of a contract.
  • Object to the processing of your personal data: where the processing is carried out on the grounds of our legitimate interests, or for direct marketing, including profiling, you have a right to be informed and provided the option to object the processing.

Access to your rights will be provided by e-mail at: dataprotection@msg-global.com.

We shall provide you with the action taken without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, considering the complexity and number of requests. This period may not exceed three months of which you will be kept informed.

If your request is manifestly ill-founded or frequently repeated, we may deny it or charge you for it. Repetition is considered to be frequent when you contact us with a request to access one of your rights more than once in a year. If you contact us two or more times in a year to access the same right, we will respond to your request only if you have a valid reason.

In case you consider that any of these rights is not respected or that we act against the law, you can at any moment file a complaint with the competent Data Protection Authorities.

7. International Transfer of Personal Data

The personal data we process can be transferred to countries that are considered to have an appropriate level of personal data protection - countries signatories to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data and those countries that have been recognized by the EU, as having adequate protections for personal data.

When applicable, in order to ensure the protection of your personal data we will conclude appropriate Data Processing Agreements with all recipients of your personal data.

In the case of your personal data being shared between any and all msg global solutions subsidiaries, the transfer of such data is regulated by an Intra group Data Transfer and Processing Agreement which implements all of the TOM’s as stated in Section 10 of this Policy.

8. Storage Period

msg global retains your personal data in SF, for a maximum of 6 months counting from the moment where your status on SF is moved to either "rejected" or "hired". We will also process the personal data entered through SF for a longer period of time if you have given us consent to do so or if prescribed so by applicable local laws as stated in the table below: 

2022 10 31 storage period

If you give us the consent to process your personal data originating from your SF account – the maximum period we will process your personal data in this case is 2 years, counting from the “period of inactivity” of your account and not from the moment of providing consent. It is a fixed duration until anonymization of your personal data.

If you give us consent for processing your personal data for the purpose of keeping you informed and sending similar adequate job offers in our company (i.e., Job Newsletter), the maximum period for which we will process your personal data in this case is 2 years, counting from the “period of inactivity” of your account and not from the moment of providing consent. It is a fixed duration until anonymization of your personal data.

If you don't provide us with the consent to process your personal data, your personal data will be anonymized.

9. Personal Data Security

We take reasonable physical, administrative, procedural, and technical measures to protect personal data under our control from loss, misuse and unauthorized access, disclosure, alteration and destruction. Msg global applies the best industry standards regarding data protection. Unfortunately, no security measures can be guaranteed to be 100-percent effective. However, msg global shall ensure that personal data is stored securely using modern software that is kept-up to date. 

Access to personal data is limited to personnel who need access and appropriate security measures are in place to avoid unauthorized sharing of information. When personal data is deleted, this is done safely and in such way that the anonymisation is irrecoverable. Appropriate back-up and disaster recovery solutions are in place.

msg global continually takes appropriate security measures to protect your personal data in accordance with the GDPR and other relevant data protection laws.

10. Possible Consequences of Failure to Provide Personal Data

Submission of your personal data in the form of an application or other document is a necessary condition for us to consider you for vacancies in our company.

However, if you do not provide us with the necessary personal data, it would greatly impact our decision-making process and unable us to complete the selection process for the position you are applying for.