This Privacy Summary is intended to help you understand what data we collect, why we collect it and what we do with it when you apply for a job with us. More information is provided in our Public Privacy Notice. We take your privacy very seriously. Please read this document carefully.
DigiCert, Inc., registered at 2801 N Thanksgiving Way, Lehi, UT 84043-5296, United States, and its direct and indirect subsidiaries (“DigiCert Group”, “DigiCert”,“we”, “us” or “our”) are the data controller, as defined under relevant data privacy law, including the General Data Protection Regulation (“GDPR”) in the EU and other relevant local legislation (“Data Privacy Laws”). We are committed to protecting and respecting your privacy. This policy sets out the basis on which we will process any personal data that you provide to us through our career portal (the “DigiCert Portal”).
The types of data we receive and how we use it
How we share your information
We will share your information with members of the DigiCert Group for the purpose of processing your application and, if you are successful, creating an employment record.
We will also use third parties to assist us in managing the DigiCert Portal, identifying you and evaluating your application. We will therefore share your information with, for example, background check providers and referees from your previous jobs. A full list of the categories of third parties who may have access to your information is provided here.
Where we store your information
Unless you are located in the United States, the information that we collect will be transferred to and stored in locations outside of your country and outside of the European Economic Area (“EEA”). We take appropriate steps to ensure an adequate level of protection for any of your data that is transferred to another country.
We will retain your information while we are processing your job application and, thereafter, in accordance with our Public Privacy Notice. If you are successful in your application, your data will be retained in accordance with policies applicable to our employees.
You have certain rights in relation to the personal data we hold about you. Some will apply only in certain circumstances. Broadly speaking, these rights pertain to a right of access, portability, correction, erasure, restriction of processing, objection and a right to complain to the relevant regulatory or supervisory authority.
Right To Appeal
On a limited basis and where there is a legitimate reason permitted under the law, we may be unable to take action on a request pursuant to your rights described above. If this is the case, we will inform you as to the reason why we were unable to fulfill your request. Depending on the state or country where you reside, you may have a right to appeal if we are unable to take action on your request. You may file an appeal by emailing firstname.lastname@example.org.
Designating an Agent
Depending on the state or country where you reside, you may have a right to designate an authorized agent to make requests, described under paragraph 5 above, on your behalf. In the United States and potentially other states/countries, you may provide a power of attorney to designate your authorized agent. If you do not have a power of attorney, you may contact email@example.com to receive a form that you will need to fill out to designate your authorized agent. Please note that there may be additional steps required to verify your identity and to designate an authorized agent.
We will post any future changes to this policy on this page. Please check back frequently to see any updates or changes to this policy. Questions, comments and requests regarding this policy are welcomed and should be addressed to DigiCert’s People Data Privacy Champion at firstname.lastname@example.org. General questions regarding DigiCert’s privacy policies can also be directed to DigiCert’s Data Privacy Officer at email@example.com.
DigiCert Candidate Portal Privacy Notice
DigiCert Parent, Inc., registered at 2801 N Thanksgiving Way, Lehi, UT 84043-5296, United States, and its direct and indirect subsidiaries (including the subsidiaries noted below) (“DigiCert Group”, “DigiCert”, “we”, “us” or “our”) are the data controller , as defined under relevant data privacy law, including the General Data Protection Regulation (“GDPR”) in the EU and other relevant local legislation (“Data Privacy Laws”).. We are committed to protecting and respecting your privacy.
This policy sets out the basis on which we process any personal data that you provide to us through our careers portal (the “DigiCert Portal”) and other data we receive from you or third parties (such as referees) in connection with your job application. Please read the following carefully to understand our views and practices regarding your data and how we will handle it. By using the DigiCert Portal, you acknowledge and agree to the practices described in this policy.
For all data privacy inquiries and any questions or concerns you have about this policy, please contact our People Data Privacy Champion (“Data Privacy Contact”) at:
Phone: (801) 896-7973
Post: DigiCert, Inc. Attention People Data Privacy Champion, 2801 N Thanksgiving Way, Lehi, UT 84043-5296, USA.
The types of data we receive and how we use it
We will receive, collect and use information about you when you use the DigiCert Portal, submit a job application to us and, if you are successful, become one of our employees.
Information we collect about your usage of the portal. We automatically collect certain data from you when you use the DigiCert Portal, including IP address or other unique device identifiers, information collected by cookies on your usage of the DigiCert Portal, mobile carrier (if applicable), time zone setting, operating system and platform and information regarding your use of the DigiCert Portal (“Usage Information”). As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organisation, we will use your information to:
In order for us to process your job application with a view to entering into an employment contract with you, we will ask you to provide information including:
Information you may choose to provide for equal opportunities monitoring. Where permitted by local law, you have the option of providing us with certain sensitive personal data, such as, race or ethnic origin, or whether you have a disability. If you provide us with this data, you consent to us using this data for the purposes of equal opportunities monitoring. You can withdraw your consent at any time by contacting us at firstname.lastname@example.org. Such information is not used by or available to those who evaluate your application but is used solely for equal opportunities monitoring. If you decide not to provide this data, your application will not be prejudiced.
Information you provide, and information we collect, to keep you informed. As it is in our legitimate interests to communicate with candidates in relation to employment positions applied for and, where applicable, notify applicants of other positions which we think may be of interest to them, we will process your Identity Information to keep you informed in relation to your application and send you notifications of new positions what we think may interest you.
How we share your information:
We use third parties to help us run the DigiCert Portal and help us manage the job applications we receive. We share your information with selected recipients as necessary for them to provide us with their services. We have contracts in place with these third parties and they cannot do anything with your personal data unless we have instructed them to do so. These categories of recipients include:
We will carry out reference checks by contacting your referees. We will, for the purpose of obtaining an employment reference and verifying information that you have provided to us in your application, contact your named referee and share your name, the position you have applied for and the Work Information you have provided to us.
We will share your information if we are required to do so for legal reasons. We will share your information with law enforcement agencies, public authorities or other organizations if such disclosure is reasonably necessary to:
We will share your information with a third party involved in any merger, acquisition or asset sale with DigiCert. In the case of a sale, merger of change of control of DigiCert, or in preparation of any of these events, we will share your information with the relevant third party under appropriate obligations of confidentiality.
Where we store your information
The information that we collect from you may be transferred to, and stored in, locations outside of your country and outside of the European Economic Area (“EEA”) as described below.
Transfers within the DigiCert Group
We (your employer) are part of the DigiCert group of companies with our parent company based in the United States, with hub offices in South Africa, Ireland, Japan, India and Australia. As well as in your home country (or within the EEA, if you work within the EEA), your Personal Data will be accessible from and will be transferred to the United States, South Africa, Ireland, Japan, India and Australia, where the DigiCert Group centralizes its data processing and human resources administration.
The DigiCert Group takes all necessary security and legal precautions to ensure the safety and integrity of Personal Data that is transferred within the DigiCert Group. With respect to EU data protection law, DigiCert has executed intra-group agreements between DigiCert entities embodying and incorporating the Standard Contractual Clauses adopted pursuant to European Commission Decisions 2004/915/EC and 2010/87/EU for the lawful transfer of Personal Data under GDPR. Where you have a dispute or complaint regarding DigiCert’s collection, storage, or use of your personal information, you may make a complaint to DigiCert by sending it to email@example.com or firstname.lastname@example.org. Where the dispute or complaint is not satisfactorily resolved or you don’t receive a timely response, if you are an EU resident or where provided by privacy law in your jurisdiction, you may escalate the matter to your European data protection authority or other applicable regulatory authority free of charge, and DigiCert commits to cooperate with the relevant European data protection authority or other applicable regulatory authority and will comply with the advice given by this authority with regard to your information which was transferred from the European Union or your home country in the context of our employment relationship.
Transfers to third-party service providers
Your personal data is also processed by third-party service providers operating outside the EEA in the United States, who work for us or for one of our suppliers. The personal data is transferred to staff in this country by way of the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decisions 2004/915/EC and 2010/87/EU. Such staff are engaged in, among other things, the processing of your application.
You may request to obtain information about the safeguards that have been put in place by contacting DigiCert’s People Data Privacy Champion by email at email@example.com, or DigiCert’s Data Privacy Officer at firstname.lastname@example.org. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this policy.
The security of your information
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted through the DigiCert Portal; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal data against loss, theft and unauthorised use, access or modification.
How long we store your information
Information you provide, and information we collect from third parties, as part of your job application. We retain your information for so long as we are evaluating your job application. Thereafter, we retain your information as follows:
Information you may choose to provide for equal opportunities monitoring. We retain this information for so long as we are evaluating your job application. Thereafter, we retain your information in an aggregated and anonymized format.
Information you provide, and information we collect, to keep you informed. We retain this data for 12 months.
Your information will be retained for longer if required by law or a court order and/or as needed to defend or pursue legal claims.
You have certain rights in relation to the personal data we hold about you. Some of these only apply in certain circumstances as set out in more detail below or in certain jurisdictions as required by applicable Data Privacy Laws. We also set out how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights. We must respond to a request by you to exercise those rights without undue delay and at least within one month (although this may be extended by a further two months in certain circumstances). To exercise any of your rights, please complete this webform.
Also note that you may exercise your right to restrict our processing of your personal data whilst we consider your request as described below. Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure. We will retain the personal data if there are valid grounds under law for us to do so (e.g., for the defence of legal claims or freedom of expression) but we will let you know if that is the case.
In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at email@example.com (or you can contact our Data Privacy Officer at firstname.lastname@example.org) and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim under applicable Data Privacy Laws to the appropriate regulatory authority in the country or state in which you live or work where you think we have infringed applicable Data Privacy Laws.
We will post any future changes to this policy on this page. Please check back frequently to see any updates or changes to this policy.
Questions, comments and requests regarding this policy are welcomed and should be addressed to DigiCert’s People Data Protection Champion at email@example.com.