Recruitment Privacy Policy

This privacy statement explains what information we collect during the application and recruitment process, the relevant lawful processing basis for the use of that information, how we use this information and for how long we will retain it. A separate privacy statement applies to employees, while all scope-specific privacy statements are add-ons on the General Privacy Statement of the company. By applying for a position with “trustilio”, you accept the terms of this privacy statement.


“trustilio” is under GDPR terminology, the “data controller” for the personal information it collects and processes. This means that we are responsible for deciding how to process (i.e. collect, preserve, use and disclose) your personal information. We are a company that provides consultancy services in the fields of cybersecurity, behaviour change and business innovation worldwide.


“trustilio” is committed to protecting the privacy and security of your personal data. By personal data we mean information which, either alone or in combination with other information available to the company, can be used for your recognition. Personal information that may be acquired or produced by us during the application or recruitment process may include, but is not limited to: your name, address, email address, telephone number and other contact information education, previous and/or relevant work experience, or other information you provide to us in support of an application while seeking a job information relating to any previous applications and/or employment history you may had with “trustilio” other personal information you may have reported in your CV and/or cover letter information from interviews and screenings you may have details of the type of your current employment or you are looking for, current and/or desired salary and other terms relating to compensation and benefits packages, or other job preferences any special category, sensitive and/or demographic information obtained during the application or recruitment process such as age, information about your citizenship and/or nationality, medical or health information and/or your race test results from tests you took as a means of our effort to evaluate your technical knowledges and skills, as well as your mental capabilities and behavioural style reference information and/or information received from tribunal or police checks (where applicable), including information provided by third parties.


We will use your information for the purposes of carrying out the application and recruitment process that includes: assessing your skills, qualifications and interests against our employment requirements, verifying your information and carrying out technical and/or behavioural tests, carrying out reference checks and/or criminal records checks (where applicable) if you are offered a job, communications with you about the recruitment process and/or your application(s), including likely future appropriate potential career opportunities at “trustilio”, complying with applicable laws and regulations, legal processes or enforceable governmental requests or in response to a legal process.


According to the GDPR, processing must be based on a legitimate basis, a sound reason for collecting, storing, using and disclosing your personal information. “trustilio” has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. The processing of your personal data throughout the recruitment process is necessary in order to assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. In some cases, we need to process data to ensure that we are complying with our legal obligations or in order to respond to and defend against legal claims.


Your personal data is shared internally within our company, between its various departments while carrying out the recruitment process. This internal disclosure is done in a safe and essential way on a need to know basis. We may also share and receive your personal data from organizations and individuals outside “trustilio”. Your personal information may be provided by us to third parties as service providers acting on our behalf to perform some of the services described above (e.g., for behavioural or technical assessments). These service providers are known as data processors and have also a legal obligation under GDPR and towards “trustilio” to take care of your personal data and use it only for the provision of the agreed services. In cases where we share your data as data controllers with another controller, the use of such information by that company will be subject to its own privacy policy. “trustilio” makes every effort to select partners who provide high quality, trust, reliability, protection and security services but is not responsible for the use of information from these companies. These partners can use your personal information to communicate directly with you. Your personal information may also be disclosed to external third parties such as employment bodies, insurance organizations or companies and other regulatory authorities. Beyond the above, your information will not be traded/leased or communicated to third parties for any other reason.


Your personal data may be transferred outside of the European Economic Area. While some countries have been identified by the European Commission as having adequate legal protection for personal data, in other countries it will be necessary to take extra measures in order to ensure adequate safeguards for the information such as contractual obligations.


In some areas, in order to improve the efficiency of our services, our company may use automated decision-making processes, including profiling. When an automated decision that is taken for you is important (one that may have legal impact or otherwise may significantly affect you), you will be warned about this from us, along with your rights to challenge this decision.


It is important that the personal information we keep for you is accurate and up-to-date. For this reason, in case some of your information changes or is in error, please let us know as soon as possible, so as to proceed to the necessary rectifications.


We will retain your information for the following periods: Selected candidates: if you are offered and accept employment with “trustilio”, the information collected during the application and recruitment process will become part of your employment archives. Most of this information will be retained for 6 months after our collaboration comes to an end. For compliance and regulatory issues (e.g., accounting, tax, insurance matters), some information will be kept for at least 5 years. Interviewed candidates: if you have been interviewed, your personal information which will include additional data like test results, criminal records/police checks, interview notes and any other relevant information supplied by you will be kept for up to 6 months from the last contact we had with you. Rejected candidates: if your application has been rejected from the early stages of the process, your data will be retained for up to 3 months after receipt of your initial application.


We review this privacy statement regularly and we therefore have the ability to modify it at any time.

This Privacy Notice was last updated in June 2021.