California Applicant Privacy Notice

We are committed to being transparent about the personal data we collect and process relating to job applicants.

Effective Date: August 1, 2023

  1. General
  2. How we collect, use, and retain your data
  3. To whom we may transfer your data
  4. Application for further positions
  5. How to access and control your data
  6. How we protect your data
  7. Contact details and responsible entity for your data
  8. Contact details of the Data Protection Officer

California Consumer Privacy Act HR Applicant Supplement for California Residents

1. General

We are pleased that you are interested in us and are applying or have applied for a position within the Verve Group. Depending on which of the Verve Group companies you are applying to, the company you are applying to is referred to as “us”, “we” or “our” in this Policy.

You can see all Verve Group companies and the contact details for data subject access requests below:

Verve Group Europe GmbH
Karl-Liebknecht-Str. 32, 10178 Berlin, Germany
moc.e1714210590vrev@1714210590ycavi1714210590rp1714210590

Verve Group, Inc. 350 Fifth Ave. Ste. 7700, New York, NY 10118 USA
moc.e1714210590vrev@1714210590ycavi1714210590rp1714210590

VGI CTV, Inc.
350 Fifth Ave. Ste. 7700, New York, NY 10118 USA
moc.e1714210590vrev@1714210590ycavi1714210590rp1714210590

Dataseat Ltd.
Flat 2, 33 Hyde Park Square, London, United Kingdom, W2 2NW
moc.t1714210590aesat1714210590ad@yc1714210590avirp1714210590

Match2One AB
Stureplan 6, 11435 Stockholm, Sweden
moc.e1714210590no2hc1714210590tam@y1714210590cavir1714210590p.ata1714210590d1714210590

Platform 161 B.V.
Weteringschans 89, 1017 RZ Amsterdam, The Netherlands
moc.1171421059061mro1714210590ftalp1714210590@ycav1714210590irp1714210590

Smaato Inc.
350 Fifth Ave. Ste. 7700, New York, NY 10118 US
and
Barcastraße 5, 1st Floor, 22087 Hamburg, Germany
moc.o1714210590taams1714210590@ycav1714210590irp1714210590

In this CCPA Applicant Privacy Notice (“Privacy Notice”), we would like to provide you with information on the processing of your personal data in connection with your application. Please note that this Privacy Notice applies to Verve Group Candidates who are California Residents (“you”) in addition to our general Privacy Policy, California Privacy Notice, and Cookie Policy for this website.

This Privacy Notice describes the categories of personal information and sensitive personal information (as indicated below) we collect and the purposes for which we process that information.

You, as an applicant, are responsible for ensuring that the data you submit to us is correct and true. You are under no statutory or contractual obligation to provide personal data to Verve Group during the recruitment process. However, if you do not provide the information, we may not be able to process your application properly or at all. Your personal data will be treated as strictly confidential.

This Privacy Notice may be subject to modification from time to time, notably in the event of changes to legislation or the introduction of new laws. Any changes will be published on our website. We therefore recommend that you check this Privacy Notice regularly.

How We Collect, Share, and Retain Your Data

We have set out below the categories of personal information we may have collected about California residents in the preceding twelve (12) months and, for each category of personal information that may have been collected, the categories of sources from which that information may have been collected, and the categories of third parties as defined under the CCPA with whom we may have shared the personal information.

Category of Personal Information We have collected such personal information from the following categories of sources: We shared such personal information with the following categories of third parties:
Identifiers: e.g., real name, alias, postal address, unique personal identifier (Sensitive Personal Information), online identifier, Internet Protocol address, email address, account name, social security number, passport number, or other similar identifiers (Sensitive Personal Information).
  • Directly from you, e.g., from forms you completed.
  • Indirectly from you, e.g., information you authorized a third-party or service provider to provide to us.
  • From service providers that interacted with us in connection with the services performed (e.g., background screening and verification including education, past employment, criminal background, references).
  • From a public source (i.e., the internet or public records).
  • Outplacement firms/career transition
  • Public entities and institutions (e.g., regulatory, quasi-regulatory, tax or other authorities, law enforcement agencies, courts, arbitrational bodies, fraud prevention agencies)
  • Professional advisors including law firms, accountants, auditors, insurers, and tax advisors.

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)): e.g., name, contact information, insurance policy number, education, employment, employment history, financial information, medical information, and health insurance information (Sensitive Personal Information).

Some personal information included in this category may overlap with other categories.

Characteristics of protected classifications under California or federal law: e.g., sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), age, race, religion (Sensitive Personal Information), national origin, disability, medical conditions and information, citizenship, immigration status and marital status; veteran or military status.

Professional or employment-related information: e.g.,

Employee pre-hire documents, such as job applications, resumes, background check forms and results, job interview notes, and candidate evaluation records; work history and prior employer, human resources data like performance evaluations and data necessary for benefits and related administrative services;

Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99): e.g., student records.

Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Internet or network activity information: e.g., interactions with our website, applications, or systems.

Please see our California Consumer Privacy Act Notice for California Residents, including website users, located here for more information.
Geolocation data: e.g., IP address

2. We Also May Share Any of the Personal Information We Collect as Follows:

Sharing for Legal Purposes: We may share personal information with third parties in order to: (a) comply with a legal process or a regulatory investigation (e.g., a subpoena or court order); (b) enforce our Terms of Service, this Privacy Notice, or other contracts with our business partners, including investigation of potential violations thereof; (c) respond to claims that any content violates the rights of third parties; and/or (d) protect the rights, property or personal safety of us, our platform, our business partners, our agents and affiliates, its users and/or the public. We likewise may provide information to other companies and organizations (including law enforcement) for fraud protection, and spam/malware prevention, and similar purposes.

Sharing In the Event of a Corporate Transaction:  We may also share personal information in the event of a corporate transaction, including for example a merger, investment, acquisition, reorganization, consolidation, bankruptcy, liquidation, or sale of some or all of our assets, for purposes of due diligence connected with any such transaction or transition of service to another provider. In such cases, your personal information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

Sharing With Service Providers:  We share any personal information we collect with our service providers, which may include (for instance) providers involved in technical or customer support, operations including payroll, benefits and/or pension, insurance, travel, background screening, search firms who submit candidate information to us, recruiting, web or data hosting, billing, accounting, auditing, legal consultancy, security, marketing, or otherwise assisting us to provide, develop, maintain, and improve our company and our services.

Sharing of Aggregate Information: We may aggregate and/or de-identify any information collected so that such information can no longer be linked to a single person (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors, in our discretion.

For Which Business Purposes Smaato Collects, Uses, Discloses, and Retains Your Data

We may collect, use, disclose and retain your personal information for one or more of the following business or commercial purposes (each, a “Business Purpose”):

  • To evaluate applications for employment or internal promotion.
  • To attract, maintain, motivate, and administer the employment relationship of Smaato employees, including, but not limited to the following: recruitment and staffing, creating and maintaining an employee contact directory, compensation and payroll, succession planning and management, reorganization, performance assessment, promotion and career management, administering bonus, award and recognition programs, administering employee enrollment and participation in activities and programs offered to eligible employees, training and development, employee benefits administration, pension plan administration, 401k and/or retirement plans, health insurance benefits, business travel and expenses, relocating and transferring employees, compliance with applicable legal and regulatory requirements, and communication with applicants and employees.
  • To comply with regulatory and legal obligations such as (i) fulfilling control and reporting obligations under applicable financial regulations, including securities regulations; (ii) complying with investor protection or conduct of business regulation (such as carrying out suitability or appropriateness assessments; (iii) comply with state and federal law requiring employers to maintain certain records.
  • Other internal purposes, for example authorizing, granting, administering, monitoring, and terminating access to or use of company systems, software, facilities, records, property, and infrastructure.
  • To protect the company, its employees, and the public against injury, theft, legal liability, fraud or abuse, internal research, internal operations, auditing, detecting security incidents, debugging, short-term and transient use, quality control, and legal compliance.
  • To provide you with information, products, or services that you request from us.
  • As necessary or appropriate to protect the rights, property, or safety of us, our clients, or others

3. Retention of Personal Information

Personal information will not be kept for longer than is necessary for the Business Purpose for which it is collected and processed and will be retained in accordance with our internal document retention policies. In certain cases, laws or regulations require us to keep records for specific periods of time, including following termination of the employment relationship. In other cases, records are retained in order to administer the employment relationship or to resolve queries or disputes which arise from time to time.

4. Disclosure of Personal Information, No Sale or Share

Over the preceding twelve (12) months, we disclosed certain categories of California residents’ personal information to the categories of third parties as shown in the table above. We do not and will not sell or share California residents’ personal information.

5. Application for Further Positions

Occasionally we also have an interest in and need for competent applicants in other areas and would be happy to consider your application for other vacancies. With your application you agree that other recruiters from Smaato and/or its affiliated companies may also view your applicant data, including any sensitive data contained therein, and take it into account when filling vacancies.

Should you appear to be suitable for the vacancy, we would approach you to inquire whether you would be interested in participating in the selection process for the position to be filled.

6. How to Access and Control Your Data

YOUR CALIFORNIA RIGHTS AND CHOICES

Without being discriminated against for exercising these rights, California residents have the right to request that we disclose what personal information we collect from you, to delete that information, and to opt-out of the sale of your personal information, subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests, to the extent Smaato acts as a “business” (as opposed to a “service provider”) for purposes of handling personal information.  (To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.)

a. Right to Opt-Out of the Sale of Your Personal Information.

In general, California residents may opt-out of the “sale” or sharing of their personal information. California law broadly defines what constitutes a “sale” – including in the definition making available a wide variety of information in exchange for “valuable consideration” (sharing). However, at Smaato we do not, and will not, sell or share your personal information.

b. Right to Request Limited Use of Sensitive Personal Information

The categories of sensitive information we collect is detailed in Section 1, above. If you wish to limit the use of your sensitive personal information, you may do so by following the instructions below. Note that Smaato only uses your sensitive personal information to the extent necessary to process your application.

c. Right to Request Deletion of Your Personal Information

You may also request that we delete any personal information that we have collected directly from you, such as if you have been a business partner of ours (note that this is different from your right to “opt-out” of us selling your personal information, which is described above). However, we may retain personal information for certain important purposes, such as (a) to protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality (such as de-bugging purposes), (c) as necessary for us, or others, to exercise their free speech or other rights, (d) to comply with law enforcement requests pursuant to lawful process, (e) for scientific or historical research, (f) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations.  If you ask us to delete it, you may no longer be able to apply at Smaato.

d. Right to Request Access to Your Personal Information

California residents also have the right to request that we disclose what categories of your personal information we collect, use, or sell.  As a California resident, you may request access to the specific pieces of personal information that we have collected from you.

California residents may learn more how to exercise these rights of information access by sending an email to datarights(at)smaato.com, or submitting a request to our online web form  or by calling toll free at 1-866-I-OPT-OUT [tel:18664678688] and entering Service Code 255, or by clicking here. We will only use the information you submit to respond to your request, and we may need to identify you and your state of residence before we can respond.

However, we may withhold some personal information where the risk to you or our business is too great to disclose the information, or where we cannot verify your identity in relation to such personal information. Thus, for security purposes (and as required under California law), we will verify your identity – partly by requesting certain information from you – when you request to exercise certain of your California privacy rights.

Once we have verified your identity, we will respond to your request as appropriate:

  • Where you have requested the categories of personal information that we have collected about you, we will provide a list of those categories.
  • Where you have requested specific pieces of personal information, we will provide the information you have requested, to the extent required under the CCPA and provided we do not believe there is an overriding privacy or security concern by doing so.

If we are unable to complete your requests fully for any of the reasons above, we will provide you with additional information about the reasons why we could not comply with your request.

e. Right to Nondiscrimination. We do not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.

f. Information About Persons Under 16 Years of Age

We do not knowingly collect personal information from minors under 16 years of age in California unless we have received legal consent to do so. If we learn that personal information from such California residents has been collected, we will take reasonable steps to remove their information from our database (or to obtain legally required consent).

g. Authorized Agents

You may also designate an agent to make requests to exercise your rights under CCPA as described above. We will take steps to verify the identity of the person seeking to exercise their rights as listed above, and to verify that your agent has been authorized to make a request on your behalf by providing us with a signed written authorization or a copy of a power of attorney.

7. How Smaato Protects Your Data

We offer you an SSL (secure socket layer) security procedure together with a 256-bit encryption on our Smaato Career Portal and Smaato website. You can recognize the transfer of encrypted data by the picture of a closed key or lock symbol at the top or bottom of your browser.

We apply a high level of care and appropriate security standards in order to protect your personal data against unauthorized access or loss. We would like to point out that data transfer via the internet (for example, in the case of unencrypted communication by email) can pose security risks.

8. Contact Details

You have the possibility to contact us in several ways. By email, telephone, or mail. If you contact us, we will use the personal data that you voluntarily provide to us for the sole purpose of contacting you and processing your enquiry. In order to answer your request, it may be necessary to forward it together with your personal data to one of our affiliated companies.

If you have any questions or complaints about Verve Group’s privacy practices, we encourage you to contact us at moc.e1714210590vrev@1714210590ycavi1714210590rp1714210590 and we will work with you to resolve your issue.

9. Contact Details of the Data Protection Officer

Smaato, Inc.
Data Protection Officer
350 Fifth Ave. Suite 7700
New York, NY 10118
E-mail: moc.e1714210590vrev@1714210590ycavi1714210590rp1714210590