In Telia Company we recognize that privacy is important to our job applicants and we are committed to respect and safeguard their privacy. They trust us with their private information and we are responsible for living up to this trust placed in us every day. We have developed this Applicant Privacy Notice to:
- Demonstrate Telia Company’s commitment and accountability to protect and respect your privacy,
- Explain how we collect, use and safeguard your personal data, and
- Help you to understand how your personal data is collected and used and what rights you have.
When processing your personal data, we comply with applicable national legislation and the mandatory regulations and instructions issued by the competent authorities.
1. What personal data do we collect about you?
When you apply for a position within Telia Company, you will be asked to provide certain personal information, such as your name and contact information, your education, work skills, employment history etc. You are also able to upload documents such as CVs and cover letters, containing personal data.
In some cases, you may be asked to take a cognitive ability test or a personality test. We will process the results from these tests in order to make hiring decisions.
Additionally, you may be asked to provide a declaration of interests. This is done for certain categories of applicants whose positions require a high level of impartiality in the performance of their duties.
We may also collect information about you from other sources; for example from publicly available registers, e.g. if we decide to do a background check later on in the recruitment process.
2. How do we use your personal data and what is the legal basis for it?
When you apply for a position at Telia Company, we will use the information you supply to us for the purposes expressly set forth below:
- Evaluating your job application;
- Reviewing your qualifications and making hiring decisions;
- Communicating with you; for instance providing information about potential interview dates.
- Preparing basic information material for use in the event you get hired
In the above cases we process your personal data based on that it is necessary in order to take steps at your request prior to entering in to an employment contract according to article 6.1(b) of Regulation (EU) 2016/679 of the European Parliament and Council (the GDPR).
In certain cases, the processing may also be necessary for compliance with legal and regulatory obligations according to article 6.1(c) of the GDPR.
For us to make hiring decisions, you may be asked to take a cognitive ability test or a personality test. These tests will be conducted by third parties, which are data controllers regarding the processing of personal data that these tests entail. However, the results from tests will be shared with us, and we are data controllers regarding this information. The processing of personal data in this case will be based on a legitimate interest pursued by Telia Company according to article 6.1(f) of the GDPR. You may object to being part of these tests and also object to us getting the results from these tests. As a result, however, you may then not be eligible for the applied position.
At a later stage in the recruitment process, you may also be asked to provide a declaration of interests. This is done for certain categories of applicants whose positions require a high level of impartiality in the performance of their duties. The personal data you provide allows us to ascertain whether there is a conflict of interest at hand and outline adequate mitigation actions. The processing of personal data in this case will be based on a legitimate interest pursued by Telia Company according to article 6.1(f) of the GDPR.
You may object to the processing of personal data for this purpose. As a result, however, you may then not be eligible for the applied position. You may also be subject to a pre-employment screening (PES) later on in the recruitment process. If so, additional information about the processing of personal data that this will entail will be given to you prior to the screening. The processing of personal data in this case will be based on a legitimate interest pursued by Telia Company according to article 6.1(f) of the GDPR. You may object to the processing of personal data for this purpose. As a result, however, you may then not be eligible for the applied position.
Additionally, we may also process your personal data for the following purposes:
- Producing recruitment statistics;
- Resolving disputes and/or as a part of a legal defense, if necessary;
- In order to ensure the information security of all our Services and communications networks
In the above cases the processing of personal data is necessary for the purposes of a legitimate interest pursued by Telia Company according to article 6.1(f) of the GDPR.
Finally, we may also process your personal data for any other purpose you have given your consent to according to article 6.1(a) of the GDPR; for instance, we may want to retain your application for future job opportunities. In these cases, consent will be requested separately and defined in more detail at the time of the request.
All qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality or sex.
In all of the above cases, we process personal and data only to the extent necessary for the purpose, always taking into account the protection of your privacy.
3. How do we safeguard your data?
Safeguarding your personal data is of the utmost importance to us.
Telia Company continuously works to protect our applicant´s interests. Our security work embraces protection for personnel, information, IT infrastructure, internal and public networks, as well as office buildings and technical facilities. Special attention is given to information such as your personal data.
Our security work aims to balance risk exposure, business value, available technology, vulnerabilities, and threats to comply with applicable laws, regulations as well as with contractual demands.
Information security and ensuring appropriate protection of information about job applicants is vital for us. We strive to implement security measures to set appropriate level of protection of information and to prevent and detect disclosure of personal data to unauthorized parties.
4. With whom do we share your information?
We may share your information with:
- Telia Company group companies within the limits of applicable law. Our subsidiaries may only use your information for the purposes described above in this document.
- Subcontractors (“data processors”) working for us and processing your data on behalf of Telia Company. These third parties may not use the personal data for any other purpose than for providing the service agreed with us. When using subcontractors, we take appropriate care to ensure that also our subcontractors operate in accordance with this Notice. Companies that perform these services may be located outside the European Union or the European Economic Area. If we transfer your personal data this way, we will take the appropriate steps in line with applicable laws to ensure that your right to privacy is continued to be protected. We may also share your information:
- In response to legal process or authority request in order to comply with applicable law or court order or in connection with judicial proceedings or other legal process. We also disclose data to competent authorities (e.g. to the police or emergency services) when required by law and always in accordance with strict predefined processes.
- As required or otherwise authorized by law.
- In connection with business transfers such as part of any merger, acquisition, sale of Telia Company assets or transition of service to another company.
5. How long do we retain your data?
We will retain your personal data for 3 months to fulfill the recruitment purpose outlined above in this privacy notice, unless a longer retention period is required or permitted by applicable law or that you dispute to the specific recruitment process where you have been involved. In that case your personal data will be retained as a maximum for 2 years.
In case you do not get hired we will erase your personal data without undue delay after the hiring process has ended. We may, however, want to keep the personal data that you have provided to us for future job opportunities, but only based on your consent. The period for which we will retain your data will be defined in more detail, when consent is asked from you.
We aim not to keep outdated or unnecessary information and to make sure that the personal data and other customer information are up-to-date and correct.
6. What are your choices and rights?
You have the right to:
- check what information we have collected and retained about you, unless applicable laws otherwise stipulate.
- receive the personal data that you have provided to us in a structured, commonly used and machine-readable format and have the right to also have those data transferred to another data controller (e.g. a company or a public authority)
- require that incorrect, unnecessary, defective or outdated personal data are corrected or removed.
- withdraw any consent given by you.
- object to the processing of your personal data in situations where the data is processed on a legitimate interest, see section 2 above. Note, however, that this may lead to us not being able to proceed with your job application.
- We may use automated decision making in regard to your personal data throughout the application process, for instance you may be presented with precreated questionnaires and your answers to those questions may automatically produce an overall score that may disqualify you from the further application process. You can request a manual review of the accuracy of such an automated decision that you are unhappy with. We will explicitly inform you in advance when it comes to such automated decision making so that you can exercise your rights.
If you are concerned that Telia Company has not complied with this Privacy Notice or applicable privacy laws you may make a complaint to Telia Company, using the contact information below in section 8.
You also have the right to lodge a complaint with a supervisory authority, for instance the Swedish Data Inspection Board (Datainspektionen), www.datainspektionen.se. or Office of the Data Protection Ombudsman, www.tietosuoja.fi. For references to other supervisory authorities in Europe, please go to https://edpb.europa.eu/about-edpb/board/members_en
7. How to find out about changes to this Notice?
We may need to update this Notice as our operations and services develop, and therefore we encourage you to check for the latest version of this Privacy Notice regularly on our website.Contact Information
We encourage you to contact us using the contact information provided below for any questions about this Privacy Notice or processing of your personal data:
Telia Company Employee Privacy Officer