Global Privacy Notice to Prospects
Last Updated: January 20, 2022
Please find alternative translations of the below notice at the bottom of this page.
When a prospect (herein “you”) is sourced for a job, personal data will be collected by Unity Technologies (herein “we”, “us”, or “our”). We are a controller of the information that is collected during the recruitment process.
- Personal Information We Collect
- Sources of Personal Information
- Purpose of Collecting Personal Information
- How Long We Retain Your Personal Information
- With Whom We Share Information
- Transfers out of Country of Collection
- Sale of Personal Information
- Your Rights
- How to Contact Us
Personal Information We Collect
We collect personal information that is relevant to recruitment related activities including:
- Information that has been made publicly available such as on social media accounts (e.g., LinkedIn), personal websites etc.
- Contact information such as name, email address, physical address, telephone number etc.
- Resume or CV, cover letter, transcripts, or other documentation provided to us in support of your referral
- Education and employment history, including referral information
- Information related to previous and current applications/ employments with Unity Technologies or its subsidiaries
In some circumstances we may collect “Sensitive Personal Information” either due to legal requirements or other legitimate recruitment purposes, examples of which are detailed in the section below. Sensitive Personal Information collected for legitimate recruitment and employment purposes. The following Personal Information is considered ‘sensitive’:
- Racial or ethnic origin, political opinions, and religious or philosophical beliefs;
- Trade-union membership;
- Genetic data and biometric data processed solely to identify a human being;
- Health-related data;
- Criminal history data; and
- Data concerning a person’s sex life or sexual orientation
Sources of Personal Information
We collect Personal Information from the following sources:
- Employment agencies and recruiters;
- Social media accounts (e.g., LinkedIn), personal websites etc.;
- Referrals; and
- Third parties with whom we engage with to assist with our recruitment efforts
Purpose of Collecting Personal Information
Where our processing activities fall within the scope of the General Data Protection Regulation 2016/679 (the “GDPR”) we must establish a legal basis for that processing.
Most commonly, we will rely on the following legal bases:
- where it is necessary to comply with a legal obligation on us;
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, Unity has a legitimate interest in the processing and group-wide transfer of Personal Data for group company internal business purposes, including to solicit, evaluate, communicate with and select applicants for employment, to manage the centralization of data processing activities, to design and improve upon efficient and workable business processes, to allow cross-company teams to work together, to make business processes more efficient and cost effective, and to assess and improve our recruitment and hiring processes.
We may also use your Personal Information in the following situations, which are likely to be rare:
- where it is necessary to protect your (or someone else's) vital interests;
- where it is necessary for reasons of public interest in the area of public health;
- where it is necessary to carry out the obligations and exercising your or Unity’s rights in the field of employment and social security and social protection law;
- in the case of Sensitive Personal Information, where it is necessary for reasons of substantial public interest;
- in the case of Sensitive Personal Information, where it is necessary for us to defend, prosecute or make a claim against you, us or a third party; and
- in the case of Sensitive Personal Information, where you have made the information manifestly public.
How Long We Retain Your Personal Information
The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you;
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
If you are hired, we will retain your applicant information as part of your employee record. If you are not hired, we may use your applicant information in considering you for other opportunities. If you do not want your information to be used for purposes other than the role you applied to, please let us know by emailing email@example.com.
We may use your Prospect Information in considering you for other opportunities. If you do not want your information to be used in this way, please let us know.
With Whom We Share Information
We may share your Prospect Information with:
- Our subsidiaries and affiliates
- The employee who referred you (if applicable)
- The information that is shared here is name of applicant, position referred for, stage in the recruitment process, and status of application.
- Providers engaged by us to help manage our recruitment and hiring process on our behalf.
- Other third parties. We may share Prospect Information with other third parties such as
- Referees, when you have given us permission to contact them
- Those who require it as needed to establish, exercise, or defend against potential, threatened or actual legal proceedings
- To those who require it for safety, security, and legal compliance: We may share your information:
- When we have a good faith belief that we are required to disclose the information in response to legal process (e.g., if we receive a court order, search warrant, subpoena, or similar legal process);
- To satisfy any applicable laws or regulations;
- When we have a good faith belief that there is a meaningful risk that poses a threat to the safety of you, another person or the public generally; and
- Acquirers and their professional advisors in business transactions or negotiations of potential transactions involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Unity.
Transfers out of Country of Collection
Unity has implemented and maintains a framework consistent with applicable law for transfers of information outside of the country of collection, including for transfers out of the EEA.
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
ADDITIONAL INFORMATION REGARDING THE EEA: Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available at: https://ec.europa.eu/info/law/law-topic/data-protection/international-d…). For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting firstname.lastname@example.org.
Sale of Personal Information
Unity does not provide your personal information in direct exchange for money. Therefore, in the literal sense, Unity does not sell your information. However, the CCPA requires Unity to disclose if it sells personal information and under the CCPA’s expansive definition of “sell”, the following activities may constitute a CCPA sale of information.
You have the right, in certain circumstances, to:
- Request access to your Personal Data.
- Request that your Personal Data be rectified or erased.
- Request that processing of your Personal Data be restricted.
- Request to receive Personal Data you have provided to Unity in a structured, commonly used, and machine-readable format for onward transmission.
- Object to the processing of your Personal Data.
- To opt out of sales of your Personal Data.
- To appoint a third-party representative to assist you with exercising your rights.
- Not to be discriminated against for exercising your rights.
- Please note that Unity does not discriminate based on you exercising your rights.
To exercise any of the above rights, please contact us using one of the methods listed below. We will consider and act upon all requests in accordance with applicable laws.
In addition, where our processing activities in respect of your Personal Data are subject to the GDPR, you may lodge a complaint with a European Union supervisory authority. If you do have a complaint, we would appreciate the chance to deal with your concerns before approaching your supervisory body, so please contact us at email@example.com if you wish to discuss any complaint. You can find your supervisory authority here.
We employ a variety of measures to safeguard the collection, transmission, and storage of the information we collect. These measures vary based on the sensitivity of the information that we collect, process, and store, and the current state of technology. Please note that no system can be guaranteed to be 100% secure. Therefore, while we strive to employ reasonable protections for your information that are appropriate to its sensitivity, we cannot guarantee or warrant the security of the information you share with us and we cannot be responsible for the theft, destruction, loss or inadvertent disclosure of your information. We have put in place procedures to deal with any suspected personal data.
How to Contact Us
Questions, comments and requests regarding this policy are welcomed and should be addressed to our Data Protection Officer at:
- Unity Technologies, 30 3rd Street, San Francisco, CA 94103 (United States contact)
- Unity Technologies ApS, Niels Hemmingsens Gade 24, 1153 Copenhagen, Denmark (European Union contact)
We reserve the right to change our practices and this policy at any time. We may also send an email or provide notice within some or all of our offerings when this policy changes. We encourage you to check this page regularly so that you know what our current practices are.