Trend Micro Europe
Recruitment Privacy Notice

1. Introduction

We respect the privacy rights of individuals and are committed to handling personal information responsibly and in accordance with applicable law. It is important that you read all of this notice carefully as it sets out how the applicable Trend Micro Europe entity:

  • Trend Micro Emea Limited
  • Trend Micro France S.A
  • Trend Micro (UK) Ltd
  • Trend Micro Deutschland GmbH
  • Trend Micro Italy S.r.l.
  • Trend Micro (Ireland) Limited
  • Trend Micro Schweiz GmbH

("the Company", "we" or "us") handles your personal information when you apply for a job or other role with us and the rights you have in connection with that information. The term "applicants" is used in this Notice to refer to anyone who applies for a job role, or is referred for a job role by a Trend Micro employee, or who otherwise seeks to carry out work with or for us (whether on a permanent or non-permanent basis). The term registrant is used in this Notice to refer to anyone who creates a profile on the platform.

If you are in any doubt, or have any comments or questions about this Notice, please contact us using the contact details set out at Section 8 below.

2. Types of personal information we collect when you apply or create a profile

Information that we collect automatically

You can visit the recruitment section of our website and search for jobs without providing personal information here.

However, we do collect certain information automatically from your device when you visit our Website. For further information, please see the privacy notice that applies to the use of our Website www.trendmicro.com/privacy.

Personal Information collected from you

The types of personal information we collect and process when you apply for a role, are referred by a Trend Micro employee, or create a profile with the Company (and during our recruitment process if applicable) includes (but is not limited to):

  • Identification data and contact details – including your name, address, email address, phone number and other contact information, gender, date of birth, nationality/ies, national identifiers (such as national ID/passport, social security number(s)). We may also require your passport to book any travel required as part of the recruitment process.
  • Employment history – such as previous employers and job titles/positions.
  • Background information – such as academic/professional qualifications, job qualifications, education, details included in your CV/résumé (which might include details of any memberships or interests constituting Sensitive Personal Information), transcripts and employment references.
  • Details of your nominated referees (including their name, contact details, employer and job role).
  • Details of your immigration/visa status.
  • to the Company's Group and/or any previous employment history with the Company's Group.
  • Other information you voluntarily provide throughout the process, including through assessment centres / exercises and interviews.

As a general rule, during the recruitment process, we try not to collect or process any of the following: information that reveals your racial or ethnic origin, religious, political or philosophical beliefs or trade union membership; genetic data; biometric data for the purposes of unique identification; or information concerning your health/sex life ("Sensitive Personal Information"), unless authorised by law or where necessary to comply with applicable laws.

However, where required we may need to collect, or request on a voluntary disclosure basis, some Sensitive Personal Information for legitimate recruitment-related purposes, for example:

  • information about your racial/ethnic origin, gender and disabilities for the purposes of equal opportunities monitoring, to comply with anti-discrimination laws and for government reporting obligations (any reports produced by us in this context would not directly identify you); or
  • information about your physical or mental condition to consider accommodations for the recruitment process and/or subsequent job role.

You may provide, on a voluntary basis, other Sensitive Personal Information during the recruitment process.

Personal information collected from other sources if required for the role

  • References provided by referees.
  • Other background information provided or confirmed by academic institutions, training or certification providers and (in some instances) providers of testing (e.g. sales or technical assessments).
  • Criminal records data obtained through criminal records checks.
  • Information provided by background checking agencies and other external database holders (for example credit reference agencies and professional / other sanctions registries).
  • Information provided by recruitment or executive search agencies.
  • Information collected from publically available sources, including any social media platforms you use or other information available online.

(in each case, where permissible and in accordance with applicable law).

3. Purposes for processing personal information

We collect and use this personal information and Sensitive Personal Information primarily for recruitment purposes – in particular, to determine your qualifications for employment and to reach a hiring decision. This includes assessing your skills, qualifications, and background for a particular role, verifying your information, carrying our reference checks or background checks (where applicable) and to generally manage the hiring process and communicate with you about it. We also use it to assist in organisational planning and to comply with legal obligations (more fully set out below).

If you are accepted for a role at the Company, the information collected during the recruitment process will be used to assist with the process of on-boarding (including establishing systems access and preparing for induction), will form part of your ongoing staff member record and will be processed in accordance with our Staff Privacy Notice.

4. Who we share your personal information with and transfers abroad

We take care to allow access to personal information only to those who require such access to perform their tasks and duties, and to an individual in one of the Trend Micro group companies or third parties who have a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the information is used in a manner consistent with this Notice and that the security and confidentiality of the information is maintained.

Transfers to individuals in one of the Trend Micro group companies

We may transfer your information to an individual in one of the Trend Micro group companies outside of the EEA, where the recruiting manager is based outside of the EEA.

Transfers to third party service providers

We may make certain personal information available to third parties who provide services relating to the recruitment process to us, including:

  • providers of technical testing and screening services
  • third parties who provide health screening / reporting on applicants
  • recruitment or executive search agencies involved in your recruitment
  • background checking providers and relevant criminal records checking agencies
  • data storage, shared services and recruitment platform providers, IT developers and support providers and providers of hosting services in relation to our careers website
  • third parties who provide support and advice including in relation to legal, financial / audit, management consultancy, insurance and health and safety issues

For a full list of third parties with whom your personal information may be transferred to in relevance to your specific application please contact Trend Micro Recruitment Personnel.

Trend Micro may change service providers over time but we will always seek to ensure that any third parties who handle your personal information or any Sensitive Personal Information that you choose to provide, will handle your personal information in a manner consistent with this Notice and in accordance with applicable data protection law. For further information about our service providers and partners, please contact us using the details set out at Section 8 below.

We may also disclose personal information to third parties on other lawful grounds, including:

  • Where you have provided your consent;
  • To comply with our legal obligations, including where necessary to abide by law, regulation or contract, or to respond to a court order, administrative or judicial process, including, but not limited to, a subpoena, government audit or search warrant;
  • In response to lawful requests by public authorities (including for tax, immigration, health and safety, national security or law enforcement purposes);
  • As necessary to establish, exercise or defend against potential, threatened or actual legal claims;
  • Where necessary to protect your vital interests or those of another person. 

In some cases, the sharing described above may result in your personal information being transferred internationally, including from the United Kingdom or the European Economic Area to a country outside it. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, some of our third-party service providers operate around the world. This means that when we collect your personal information we may process it in countries outside of the UK/EU which may not be deemed to have the same adequate protection under data protection legislation.


However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Notice. These include:

  • implementing the European Commission’s Standard Contractual Clauses (under Article 46.2 of the General Data Protection Regulation);

Our Standard Contractual Clauses can be provided on request.

5. Legal basis for processing personal information

Our legal bases for processing your personal information as part of the recruitment process include:

  • our legitimate interests (as summarised above in Section 3) (which are not overridden by your data protection interests or fundamental rights and freedoms, particularly taking into consideration the safeguards that we put in place, for example, those outlined in Section 4 above);
  • to comply with applicable legal obligations, including under immigration, health and safety and/or employment laws and regulations;
  • to take steps prior to entering an employment contract with you, where you are considered for employment;
  • in circumstances where you have made the data public;
  • where we have your consent to do so. Where we have requested your consent to process your personal data, you have the right to withdraw your consent at any time;
  • to protect the rights and interests of the Company's Group, our employees, applicants and others, as required and permitted by applicable law.

You can choose not to provide personal data to us. However, unless otherwise indicated, where we request information from you, it is necessary to comply with a legal requirement or to consider whether to enter into a contract of employment with you (or to enter into such contract as relevant to an offer being made).

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided in Section 8 below.

6. Data retention periods

Personal information will be stored in accordance with applicable laws and kept as long as needed to carry out the purposes described in this Notice or as otherwise required by applicable law. This means your personal information (and Sensitive Personal Information) will be retained

For applicants:

  • in accordance with the retention periods set out in the Company's Staff Privacy Notice (where you become our staff member);
  • in accordance with statutory or employment requirements if you are unsuccessful unless you have provided your consent to retain for longer. If you wish to withdraw your consent to the candidate pool please contact us.
  • Referral information will be retained for up to one (1) year. 

For registrants who have not applied for a role:

  • for a period of 1 year from the creation of your account

7. Your data privacy rights

You may exercise the rights available to you under applicable data protection laws as follows:

  • If you wish to request access, correction or deletion of your personal information, or that it is updated, you can do so at any time by contacting us using the contact details provided below.
  • You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided in Section 8 below.
  • If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the United Kingdom, European Economic Area, Switzerland and certain non-European countries are available on the internet)

 We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

8. Contact details

Please address any questions or requests relating to this Notice our local HR department or our European Data Protection Officer (DPO).

Our current DPO contact details are documented below;

For Europe

Lianne Harcup
Median House
IDA Business & Technology Park
Model Farm Road
Cork
Ireland
Telephone: +44 203 54 93 304
E-Mail: GDPR@Trendmicro.com

For Germany Only

HEC Harald Eul Consulting GmbH

Auf deer Höhe 34
50321 Brühl
E-Mail: Datenschutz-TrendMicro@he-c.de