Home
/
Legal
/
GDPR Statement

GDPR Statement

When you apply to a job on this site, the personal data contained in your application will be collected by Invicti Security Ltd. (for EU Candidates), Netsparker Ltd. (for UK Candidates) or Invicti Security s.r.o (for Czech candidates) (“we”, “us” or “Controller”).  The controller (and our data protection representative, Karl Gonzi) can be contacted by emailing privacy@invicti.com.

Your personal data will be processed for the purposes of managing our recruitment related activities, which include setting up and conducting interviews of applicants,verifying references, evaluating and assessing the results thereto, and as otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of the EU and UK General Data Protection Regulations as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment.

We share personal data internally within the Invicti group of companies, with contacts and companies referred to in any personal or employment reference provided by you in connection with your application and/or our recruitment processes and externally with our third-party partners. Personal data we collect and process will be transferred or transmitted to, or stored and processed in the EU, the United States and other countries outside of where you live for the purposes as described in this Statement. These data transfers are necessary for our recruitment operations. We utilise standard contractual clauses approved by the European Commission, and rely on the European Commission’s adequacy decisions about certain countries, as applicable, for data transfers from the EEA to the United States and other countries.

Your personal data will be retained by us as long as we determine it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have the right to data portability. In addition, you may lodge a complaint with an EU/UK supervisory authority.

‍