We at TLScontact are committed to respecting your privacy and the protection of your personal data. TLScontact needs to use your personal data to ensure that we can meet all the requirements in relation to your application to us. We also need to ensure we comply with laws and regulations, can respond to requests from supervisory authorities, handle legal claims, detect and prevent fraud, and carry out our business activities.
Our Privacy Notice is provided to inform you of how TLScontact processes your personal data and we regularly review it to ensure that it is up to date. Please read it carefully.
Our Binding Corporate Rules & safeguarding your personal data
TLScontact is proud to be one of a small number of global companies that has received approval for its Binding Corporate Rules from the Data Protection Authorities of the EU under the GDPR (EU General Data Protection Regulation). Our Binding Corporate Rules are TLScontact Group’s global privacy framework. Our obtaining this approval reflects the importance we attach to protecting your personal data by adopting appropriate technical and organizational security measures and by the proper review of the processing we do. Approval of these Binding Corporate Rules enables us to transfer personal data within the TLScontact Group globally in a manner that we consider provides appropriate safeguards and assurance.
As a global group we need to share several processes to ensure that we are efficient and effective. Consequently, we transfer some personal data to countries, territories, or organizations that are located outside the European Economic Area. In the event of transfers to territories not recognized as ensuring an adequate level of protection by the European Commission, we rely upon our Binding Corporate Rules where appropriate and use the standard data protection clauses adopted by the European Commission or other transfer mechanisms approved under the EU General Data Protection Regulation otherwise.
TLScontact has appointed a DPO (Data Protection Officer) under the GDPR and this DPO is supported by the Privacy Office to oversee our privacy framework.
Fair, lawful and transparent processing
We process your personal data on the ground of necessity for consideration of your employment application and for the steps necessary for you to enter employment with TLScontact with respect to the processing activities such as paying salaries and arranging employee benefits.
We process your personal data on the ground of legal obligation/necessity for the performance of a task for public interest with respect to processing activities such as tax calculation and criminal history checks.
We process your personal data on the ground of legitimate interests with respect to the processing activities such as investigations, monitoring building access, and for recruitment assessment. The legitimate interests pursued include security and business efficiency.
It may be necessary to process more sensitive personal data. We process information revealing more sensitive data only when local law requires or allows. Sensitive data is defined as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. For instance, TLScontact may need to process health data for the assessment of working capacity and required reasonable adjustments.
It may be necessary to process more sensitive personal data. We process information revealing more sensitive data only when local law requires or allows. Sensitive data is defined by the GDPR as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. For instance, TLScontact may need to process health data for the assessment of working capacity and sensitive data may be relevant when supporting employees with personal or employment relations issues, (such as addressing a discrimination concern).
For any new process potentially significantly impacting personal data a privacy assessment will be completed and a full Data Protection Impact Assessment will be performed where required under the GDPR. Where applicable staff or works council representatives will be consulted.
How we process your personal data
The following are some examples of how TLScontact processes your personal data:
Maintaining basic contact information such as email address, name, home address & emergency contact information.
Processing and evaluating your application. During the application process, TLScontact processes personal information contained in various documents such as curriculum vitae, interview notes, evaluation information, recruitment administration and background check results in order to process your application and communicate with you. Failure to provide such personal information may limit our ability to consider your application.
Usage and Analysis of your personal data in order to detect and prevent fraud.
Keeping you in mind for future opportunities. Even if the opportunity you apply for doesn’t work out, we like to keep applications on file for a reasonable period in case something else comes up that may suit you. You can of course let us know if you don’t want us to do this.
Sharing your personal data
We may share such personal data to the extent there is a legitimate need to know taking into account the nature of the personal date internally, with other TLScontact subsidiaries and external organizations such as service providers needed to ensure the proper administration of your potential employment at TLScontact (such as background checking providers), or to government agencies or offices (e.g., retirement or social security agencies) as required by or permitted under local law.
Storing your personal data for no longer than is required
We will retain your personal data for as long as is necessary for the purposes set out above, or for as long as is required by law.
Exercising your rights
Click here to submit a data access rights request.
You have the following rights when it comes to your personal data:
- Access – you may request access to your personal data, free of charge;
- Rectify – you may ask TLScontact to correct personal data that is inaccurate or incomplete;
- Erase – you may ask TLScontact to erase personal data when one of the following grounds applies;
- When the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- You withdraw consent where consent has been the legal ground for the processing of your data and where there is no other legal ground for the processing;
- You object to automated decision-making and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing;
- The personal data have been unlawfully processed;
- The personal data must be erased for compliance with legal obligations in Union or Member State law to which TLScontact is subject;
- The personal data have been collected in relation to the offer of information society services.
- Restrict – you may ask TLScontact to restrict how it processes your personal data when one of the following applies;
- You contest the accuracy of your personal data, for a period enabling TLScontact to verify the accuracy of your personal data;
- The processing is unlawful and you object to the erasure of the personal data and request the restriction of its use instead;
- TLScontact no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims;
- You have objected to processing pursuant to the right to object and automated decision-making, pending the verification whether the legitimate grounds for TLScontact override those of you.
- Portability – In some specific circumstances, to be assessed in a case-by-case basis, you may ask TLScontact to receive your personal data in a structured, commonly used and machine-readable format. and have the right to transmit it to another organization
- Withdraw – you may withdraw your consent, at any time, for the processing of your personal data for which you have provided consent. However, your withdrawal of consent will not affect the data processing activities that occurred before the withdrawal.
- Object – you may object to TLScontact’s processing of your personal data for direct marketing, or in other situations in compliance with local laws,
Although we hope to resolve your concerns directly, you have the right to complain to your Data Protection Authority. The contact information is available on the European Data Protection Board link: https://edpb.europa.eu/about-edpb/board/members_en
Contact details & links:
Data protection point of contact : DP@tlscontact.com
 Information Society services are commercial services offered through electronic channels such as online retail platforms, or free websites offering a service (e.g., social media, search engines).