Privacy Policy for Candidates

What is the purpose of our Privacy Policy?

The confidentiality of the personal data of candidates applying for a position at eMyosound is, for us, a token of seriousness and trust.

As such, our Personal Data Privacy Policy reflects our specific commitment to ensuring compliance, within eMyosound, with applicable personal data protection rules, and more particularly those of the General Data Protection Regulation (“GDPR”).

In particular, our Privacy Policy aims to inform you about how and why we process your personal data when you apply for a position at eMyosound.

Who is our Privacy Policy addressed to?

The Privacy Policy is addressed to you, as a candidate for a position at eMyosound, throughout the entire recruitment process (e.g., applying to a job offer, spontaneous application, recruitment via an external agency, etc.), regardless of the duration or nature of the proposed contract (e.g., employee, temporary worker, intern, etc.).

Why do we process your personal data and on what legal basis?

As a recruiter, we must process your data to manage recruitment operations (e.g., interviews, application processing, salary negotiations, etc.), any travel that may occur within the context of these recruitments, and the security of our premises.

The processing is carried out on the basis of the discussions we have with you during the recruitment process and our legitimate interest in recruiting and selecting candidates.

How did we obtain your personal data?

Your data is collected directly from you through your application and your CV, and we commit to processing your data only for the reasons described above.

However, we may also obtain your personal data indirectly from recruitment agencies, provided you have given them your prior consent.

What personal data do we process and for how long?

  • Any personal and professional identification data provided in the candidate’s CV and cover letter (e.g., last name, first name, date of birth, nationality, etc.) is retained throughout the recruitment process and for a maximum period of 2 years after your application.
  • Any contact details provided in the candidate’s CV and cover letter (e.g., email address, phone number, LinkedIn link, etc.) are retained throughout the recruitment process and for a maximum period of 2 years after your application.
  • Any data relating to personal and professional life provided in the candidate’s CV and cover letter (e.g., diplomas, passions, certificates, age, marital status, driver’s license, etc.) is retained throughout the recruitment process and for a maximum period of 2 years after your application.
  • Any economic and financial data (e.g., salaries, bonuses, etc.) provided during job interviews is retained throughout the recruitment process and for a maximum period of 2 years after your application.
  • Any specific data (e.g., residence permit, etc.) provided by the candidate within the context of recruitment is retained until the end of the employment relationship in the event of hiring, and is deleted after the recruitment process in the event of rejection.
  • Any specific relevant and required data (e.g., disability status) provided in the candidate’s CV and cover letter is retained throughout the recruitment process and deleted after the end of the recruitment process.
  • Any identity document (e.g., passport or ID card) provided during the recruitment process is deleted once the decision to hire or not hire the candidate has been made.
  • If you applied through our website, connection data (e.g., IP address and logs) is retained for a maximum period of 12 months.

Upon expiration of the applicable retention periods, the deletion of your personal data is irreversible, and we will no longer be able to provide it to you after this period. At most, we may only retain anonymous data for statistical purposes.

Conversely, in the event of hiring, your data collected during the recruitment process is automatically transferred to your personal file and becomes subject to the Employee Data Privacy Policy.

Please also note that in the event of litigation, we are required to retain all personal data concerning you for the entire duration of the case’s processing, even after the expiration of the retention periods described above.

What rights do you have to control the use of your personal data?

Applicable data protection regulations grant you specific rights that you can exercise at any time and free of charge, in order to control how we use your data:

  • Right of access and copy of your personal data, provided that this request does not conflict with business secrets, confidentiality, or the secrecy of correspondence.
  • Right to rectification of personal data that is inaccurate, outdated, or incomplete.
  • Right to object to the processing of your personal data implemented for commercial prospecting purposes, as well as to processing based on our legitimate interest, unless compelling legitimate grounds justify such processing and override your interests, rights, and freedoms.
  • For consumers only, the right to register for free on the Bloctel telemarketing opt-out list at www.bloctel.gouv.fr.
  • Right to request erasure (“right to be forgotten”) of your personal data that is not essential for the proper functioning of our services.
  • Right to restriction of processing of your personal data, which allows for a temporary freeze on the use of your data in the event of a dispute over the legitimacy of a processing operation.
  • Right to data portability, which allows you to retrieve a portion of your personal data in order to store it or transmit it easily from one information system to another.
  • Right to give instructions regarding the outcome of your data in the event of death, either directly by you, through a trusted third party, or an heir.

For a request to be taken into account, it must imperatively be made directly by you or your representative at the following address: gdpr@emyosound.com.

Requests cannot originate from anyone other than you or your representative. We may therefore ask you to provide proof of identity in case of doubt regarding the applicant’s identity, as well as justification of representation.

We will respond to your request as soon as possible, subject to a maximum limit of one month from its receipt, unless the request is technically complex or if we receive numerous requests at the same time. In this case, the response period may be up to three months maximum.

Please note that we can always refuse to respond to any excessive or unfounded request, particularly regarding its repetitive nature.

Who can have access to your personal data?

Your personal data is processed by our teams and by our technical service providers for the sole purpose of operating our service.

Can your personal data be transferred outside the European Union?

Personal data processed within the context of recruitment is exclusively hosted within the European Union.

How do we protect your personal data?

We implement all necessary technical and organizational measures to guarantee the day-to-day security of your data and, in particular, to combat any risk of unauthorized destruction, loss, alteration, or disclosure of your data (e.g., secure access, antivirus, etc.).

Who can you contact for more information?

Our Data Protection Officer (“DPO”) is always at your disposal to explain in more detail how we process your data and to answer your questions on the subject at the following address: gdpr@emyosound.com.

How can you contact the CNIL?

You may contact the “Commission nationale de l’informatique et des libertés” or “CNIL” at any time using the following contact details: Service des plaintes de la CNIL, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by phone at 01.53.73.22.22.

Can the Privacy Policy be modified?

We may modify our Privacy Policy at any time to adapt it to new legal requirements as well as to new processing operations that we might implement in the future.