Privacy Policies Hub

CANDIDATE PRIVACY NOTICE

 

Version: 1.3

Effective as of April 09, 2026

 

TABLE OF CONTENTS:

1. Introduction
2. Who we are
3. How is your personal data processed
4. What personal data do we process
5. How we use your personal data
6. How we share your personal data
7. International data transfers
8. Data security
9. Data retention
10. Your data protection rights
11. Use of AI-assisted technologies and automated decision-making tool
12. Changes to this Privacy Notice
13. Contacting us

1.    INTRODUCTION

We are committed to protecting the privacy of your personal data. This Candidate Privacy Notice (“Notice”) applies to all candidates (“Candidate,” “You,” “Your”) of Cloud Linux Software, Inc. (“Us,” “We,” or “Our”) whose personal data is processed during the recruitment process.

This Global Privacy Notice applies to information collected from candidates in any country where they are located and describes how we collect, use, store, and disclose personal data about individuals applying for open positions, those we contact regarding employment and contractual relationship opportunities, individuals expressing interest in such opportunities, attendees of recruitment events, and those undergoing interviews or assessments. It also outlines the rights Candidates may have concerning the personal data we process about them.

As used in this Notice, “Personal Data” or “Personal Information” refers to any information that relates to, identifies, or can reasonably be used to identify an individual, directly or indirectly.

This Notice does not cover:

• Your interactions with our non-career websites or when you engage with our products and services;
• Our processing of your personal data as an employee or contractor.

These processing activities are governed by other privacy notices, which will be provided to you as applicable. We recommend reading this entire Notice to ensure you are fully informed about how we collect, use, store, disclose, or otherwise process your personal information, as well as your privacy rights.

2.    WHO WE ARE

The Data Controller, responsible for determining how your personal data is processed, is Cloud Linux Software, Inc.

You can contact us:

• by mail to: 20791 Three Oaks Pkwy, #980, Estero, FL 33929, USA; or
• by email to: [email protected].

If you have any questions about this Privacy Notice or want to know more about how we handle your personal data, please contact our Data Protection Officer (DPO) via email at [email protected].

3.    HOW IS YOUR PERSONAL DATA PROCESSED

In most cases, we collect personal data directly from you. We may also receive information from third parties (e.g., referrers, recruiting agencies, previous employers, and background check providers). Additionally, we use publicly available sources like social networking platforms to contact potential candidates. You are not legally required to provide us with your personal data. However, failure to provide certain information may prevent us from processing your application (e.g., if we cannot verify your right to work in the relevant country). Accurate and complete information is essential for the recruitment process.

4.    WHAT PERSONAL DATA WE PROCESS

Subject to applicable law, we may collect the following categories of personal information during the application and recruitment process:

• Identity and Contact Data: Full name, date of birth, gender, contact details (e.g., phone number, email address, messenger), photograph, work and personal references, and other similar contact data.
• National Identifiers and Work Eligibility Information: This may include your national identification number, social insurance number, government-issued ID, nationality, visa status, residency, work permit status, and immigration information, where permitted by law.
• Employment History and Recruitment Data: This includes your resume, work history, skills, qualifications, assessments completed, interview notes, social media profiles (if applicable), and information related to the outcome of application, details of any offers made, and executed offer.
• Background Check and Criminal Data: Depending on the position and your location, we may process verification information. This includes identity details (name, date of birth, nationality, and government-issued ID), professional history, and references. Where permitted by local law and justified by the nature of the role, we may also process information regarding criminal convictions and offenses.
• Educational Information: Your academic history, degrees, certifications, training, and transcript information.
• Video Interviews and Recording: We conduct candidate interviews using video technology, which may be used at various stages of the recruitment process. The Company may record live video interviews. However, Candidates have the right to decline the recording of their interview, and doing so will not negatively impact their opportunity to interview with our company.
• Communication Data: Communications via our websites, including our chat, email, phone, messengers, and social media accounts.
• Online Data: Publicly available information, such as LinkedIn profiles or other sources.
• Usage Data: This information may pertain to you, your preferences, or your device, and is collected during your interactions with our websites. While it typically does not directly identify you, it can improve and personalize your browsing experience.
• Other Information: Any other information you voluntarily submit during your application (e.g., compensation history, professional portfolio).

5.    HOW WE USE YOUR PERSONAL DATA

We will use your personal data for the following purposes and related lawful bases:

 

Purpose of processing	Lawful basis	Types of personal data
To process job applications and manage our recruitment process, including reviewing information on application forms or CVs, shortlisting, setting up and conducting interviews and tests for applicants, evaluating and assessing the results, communicating with applicants, and using AI-assisted tools to support recruitment activities such as application review, candidate matching, and other recruiter support tasks.	Legitimate interest Consent	Identity and Contact Data National Identifiers and Work Eligibility Information Employment History and Recruitment Data Educational Information Communication data Online Data
For pre-engagement verification, conducting reference checks and background screening (if and to the extent allowed by applicable law).	Consent Legitimate interest Legal obligations	Identity and Contact Data National Identifiers and Work Eligibility Information Employment History and Recruitment Data Background Check and Criminal Data
To enter into a contract with applicants	Contract	Identity and Contact Data Employment History and Recruitment Data
To record and store video interviews with Candidates as part of our recruitment process for evaluation, internal assessment, and record-keeping purposes	Consent Legitimate interest	Video Interviews Communication Data Online Data
To assess the Candidate’s suitability for other roles and provide information about other job opportunities that we consider may be of interest to applicants	Legitimate interest	Identity and Contact Data Communication Data Online Data Employment History and Recruitment Data
To defend against legal claims and potential litigation	Legitimate interests	Any information relevant or potentially relevant to a dispute or legal proceeding affecting us
For compliance with applicable legal, regulatory, and corporate obligations, including applicable licensing and other regulatory requirements imposed by relevant government authorities	Legal obligations Legitimate interests	Identity and Contact Data National Identifiers and Work Eligibility Information Employment History and Recruitment Data Other information
To assess effectiveness and improve our recruitment processes, analyzing and discovering trends	Legitimate interests (e.g., to effectively organize our recruitment)	Identity and Contact Data Employment History and Recruitment Data Other information

6.    HOW WE SHARE YOUR PERSONAL DATA

6.1. Sharing with service providers. Your personal information may be disclosed to service providers who assist us with recruitment, background checks, or technological services. These providers are required to protect your data under strict contractual terms.

 

Type of service provider	Purpose of sharing
Applicant Tracking System, AI-assisted recruitment tools and other related technology service providers	To manage and streamline the recruitment process, including receiving, reviewing, and processing applications, and to support recruiters with AI-assisted tools.
IT and Data Storage Services	For secure storage and maintenance of Personal Data, ensuring accessibility and data integrity throughout the recruitment process
Background Checks Providers	To perform pre-engagement checks, including verification of employment history, education, and, where applicable, criminal records
Audit, Legal and Compliance Services	To comply with legal obligations, audits, and any internal or external compliance reviews
Electronic Signature Services	To facilitate the signing of contractual relationship-related documents, such as contracts and agreements, in a secure and legally binding manner

6.2. Sharing under legal or regulatory obligations We may disclose your data to comply with legal requirements, court orders, or in the event of a merger or acquisition.

 

7.    INTERNATIONAL DATA TRANSFERS

We work with providers globally and may transfer your data to countries outside the European Economic Area or the United Kingdom. To ensure an adequate level of data protection, we implement the following measures:

 

Transfer Mechanism	Description
Adequacy decision	We may transfer personal data to countries that have been officially recognized as providing an adequate level of data protection by the relevant regulatory authorities. For more information about “Adequacy decisions” for the European Economic Area, click here. For information on “Adequacy regulations” for the United Kingdom, click here.
Appropriate safeguards	We ensure appropriate safeguards by implementing binding standard data protection clauses approved by regulatory authorities. These clauses are enforceable by individuals within the United Kingdom and/or the European Economic Area.   For more information about the Standard Contractual Clauses for the European Economic Area, click here. For more information about the international data transfer addendum and international data transfer agreement for the United Kingdom, click here.
Derogations	In certain cases, we may also transfer personal data based on specific derogations, such as the explicit consent of the individual, the necessity for contract performance involving the data subject, significant public interest, or the establishment, exercise, or defense of legal claims.

8.    DATA SECURITY

We implement appropriate security, technical, and organizational measures to protect your personal data against theft, loss, or unauthorized access. We limit access to your data on a genuine business need-to-know basis. If you suspect that your personal data has been compromised, please contact us immediately for an investigation. We have established procedures to address potential data security breaches and will inform you and any relevant regulator of a suspected breach, as legally required.

 

9.    DATA RETENTION

We do not retain your personal data longer than necessary. The duration for which we keep your personal data varies depending on many factors. To determine the appropriate retention period for personal data, we consider the volume, nature, and sensitivity of the personal data, the risk of harm from unauthorized use or disclosure, the processing purposes, and whether these purposes can be achieved by other means, along with legal requirements.

When determining the relevant retention periods for your personal data, we will take into account factors including:

• Legal obligations under applicable law;
• Our legitimate interests (e.g., to protect our business against potential legal claims);
• Guidelines issued by relevant data protection authorities.

For instance, the default data retention period for most processing activities is 3 years. However, please be aware that the specific retention period may vary depending on the country you are applying to work in. You can request information about the retention period applicable to you by contacting us at [email protected].

You have the right to ask for your data to be deleted at any time. When we no longer need to keep your personal data, we delete or anonymize it following applicable security standards, so it can never be linked back to an individual.

If your recruitment process is successful and you join us, your personal data will be retained as outlined in our Employee Privacy Policy, which will be provided to you upon joining us.

 

10.YOUR DATA PROTECTION RIGHTS

Under the applicable data protection laws, you have the following rights regarding your personal data:

• Right to access. You have the right to obtain confirmation that your personal data is processed and to obtain a copy of your personal data.
• Right to rectification. You have the right to ask us to rectify data you think is inaccurate. You also have the right to ask us to complete the data you think is incomplete.
• Right to erasure. You have the right to ask us to delete your personal data in certain circumstances.
• Right to restriction of processing. You have the right to ask us to restrict the processing of your personal data in certain circumstances, but we need to verify whether we have overriding legitimate grounds to use it.
• Right to object to processing. You have the right to object to processing if we are able to process your data based on our legitimate interests. Please note that in some cases, we may demonstrate that we have legitimate grounds to process your data, which override your rights and freedoms.
• Right to data portability. You have the right to ask that we transfer the information you gave us from one organization to another, or give it to you. The right only applies if we are processing information based on your consent, or under, or in talks about entering into a contract, and the processing is automated.
• Right to withdraw consent. When we rely on consent to process your personal data, you have the right to withdraw your consent at any time.
• Right to complain. If you have concerns about how we handle your personal data, you can contact our Data Protection Officer (DPO) for assistance.

You are not required to pay any charge for exercising your data protection rights. We have one month to respond to you. Please contact us at [email protected] if you wish to exercise your data protection rights. We may need to request specific information from you to confirm your identity before complying with your request.

When you submit a request to exercise your rights, such as to access, change, correct, or delete your personal data, we will respond to your request and notify you of the action we have taken, in line with applicable legal requirements. In some instances, your rights may be subject to limitations. For example, fulfilling your request may be limited if it would adversely affect the rights and freedoms of others, require the disclosure of our internal and confidential information (such as proprietary processes or business-sensitive data), or impair our ability to comply with our legal obligations and enforce our legal rights. We will inform you if any such limitations apply to your request.

 

11.USE OF AI-ASSISTED TECHNOLOGIES AND AUTOMATED DECISION-MAKING TOOL

We may use AI-based tools to support certain stages of the recruitment process, including reviewing applications and identifying candidates whose profiles may be relevant to a role. These tools assist our recruiters by helping to organize and prioritize information – they do not make hiring decisions.

While these tools involve automated processing of personal data, they do not produce decisions on their own. All hiring decisions are made by our recruiters and hiring managers, who evaluate candidates individually and are not bound by AI-generated outputs. AI-assisted tools provide one input among several considered during the recruitment process.

We do not make recruitment decisions based solely on automated processing where those decisions would significantly affect your application outcome.

If you would like more information about how AI tools were used in the assessment of your application, or if you wish to request a human review of any decision affecting your application, please contact us at [email protected].

 

12.CHANGES TO THIS NOTICE

We may, from time to time, change or update this Notice. All changes to this Notice will be published on this page. We recommend that you revisit and read this Notice regularly to ensure that you are up-to-date. In case of substantial changes to this Notice, we will take additional steps to ensure you are aware of them.

 

13.CONTACTING US

If you have any questions or comments about this Notice or want to know more about how we use your personal data, please contact our Data Protection Officer (DPO) via email at [email protected].

Our Representative in the European Union (EU)

In accordance with Article 27 of the General Data Protection Regulation (GDPR), we have appointed a representative in the EU to act as a point of contact for data subjects and supervisory authorities. You can contact our EU representative at:

IT.LAW GmbH

• Cloud Linux Software Inc – Colmantstraße 15 53115 Bonn Germany
• E-Mail: [email protected]

Our Representative in the United Kingdom (UK)

In accordance with Article 27 of the UK General Data Protection Regulation (UK-GDPR), we have appointed a representative in the UK to act as a point of contact for data subjects and supervisory authorities. You can contact our UK representative at:

Rickert Services Ltd UK

• Cloud Linux Software Inc – PO Box 1487 Peterborough PE1 9XX United Kingdom
• E-Mail: [email protected]