1. Introduction
This Job Applicant Privacy Notice ("Notice") describes the steps that Banjo Corporation, 150 Banjo Drive, Crawfordsville, IN 47933, United States ("Company"), part of IDEX Corporation ("IDEX"), takes to protect the Personal Data that we Process about job applicants. The Company is committed to the protection of the Personal Data that we Process about you consistent with the data protection principles set out in all applicable Data Protection Law. This Notice informs you how we Process your Personal Data if you apply for a position with Banjo Corporation.
In regard to the Processing of Personal Data of website users, please see our Website Privacy Notice, which you may access here. Please note that in the course of the application process data may also be processed by the respective operator of the network or platform through which you came across one of our job postings, such as LinkedIn. For such Processing, the respective operator of the network or platform is the Data Controller. Please consult the privacy policy of the respective operator of the respective network or platform for details.
This Notice may be amended from time to time. We will post any change to this Notice a reasonable period of time in advance of the effective date of the change.
2. Definitions
The following terms are used within this Notice and are defined as follows:
TERM | DEFINITION |
Consent | Any freely given, specific, informed and unambiguous indication of the Data Subject's wishes by which he/she, by a statement or by a clear affirmative action, signifies agreement to the specific processing of his/her Personal Data. It has to be a clear affirmative act ("Opt-In"). Silence or inactivity are not sufficient. Consent may be withdrawn at any time with effect for the future. |
Data Controller | The natural or legal person or other body which alone, or jointly with others, determines the purposes and means of the Data Processing. |
Data Processing | Any operation, or set of operations, which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
Data Processor | A natural or legal person, public authority, agency or other body, which processes Personal Data on behalf of the Data Controller (Article 28 GDPR). |
Data Protection Law | All applicable state, local and federal/national laws related to data protection including, but not limited to, GDPR. |
Data Protection Officer ("DPO") | The person which is appointed by the Company (only where required by law) to protect the Data Subjects' rights and to act as the point of contact between the Company and you in order to ensure that the Company complies with all applicable Data Protection Law. |
Data Subject | Any person to whom the respective Personal Data refers. |
European Economic Area ("EEA") | The Member States of the European Union, plus Norway, Iceland and Lichtenstein. |
GDPR | The EU General Data Protection Regulation 2016/679. |
Personal Data | Any information relating to an identified or identifiable natural person (Article 4 GDPR). |
Sensitive Data | Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation (Article 9 GDPR). |
Supervisory Authority | An independent public authority, which is established by a European Union Member State (Article 51 GDPR) or any other public authority which is responsible for monitoring the application of Data Protection Law. |
3. Identity and Contact Details of the Data Center
The Company is responsible for Processing your Personal Data and is the Data Controller.
If you have any questions about this Notice, please contact us at:
Banjo Corporation
150 Banjo Drive, Crawfordsville, IN 47933 United States
bnjmarketing@idexcorp.com
4. Categories and Sources of Personal Data Processed
The Company Processes different categories of Personal Data that is provided to us through your application and during your application process. These may include:
We may also obtain the above data about you from other sources, including recruitment agencies, the references you provide, websites and other publicly available information on the Internet. This includes, for example, Personal Data that you have made public in the context of an online profile. We may also receive information that you submit to us through third-party websites, such as LinkedIn.
5. Purposes for Data Processing
The Company Processes Personal Data of job applicants for various business purposes that are necessary:
6. Legal Basis for Processing Personal Data
The Company Processes Personal Data of its job applicants based on multiple different legal bases:
7. Your Rights
The GDPR provides you with rights relating to the Processing of your Personal Data. These rights include:
Object to the Processing of your Personal Data in certain circumstances.
This right may apply where the Processing of your Personal Data is based on the legitimate interests of Company, as described in Annex 1, or where decisions about you are based solely on automated processing, including profiling.
Notwithstanding, you have the right to object at any time to Processing of your Personal Data for direct marketing purposes.
These rights are not absolute and are subject to various conditions under Data Protection Law and any other applicable laws and regulations.
You may exercise these rights by contacting your Privacy Lead (see Section 3). You also have the right to lodge a complaint with a Supervisory Authority.
8. Data Sharing and International Data Transfers: Intra-Group and External Third Parties
Intra-group transfers
As a member of a multinational enterprise operating under a decentralized management structure, the Company may share Personal Data of job applicants with other IDEX affiliates/BUs listed here, for the purposes set out in this Notice. Please note that the Company only shares Personal Data of job applicants with those companies where this is covered by a lawful basis for such Processing.
These transfers are protected by the obligations set out in intra-group agreements that we have entered into between the various IDEX legal entities. International transfers within the IDEX are governed by EU Commission-approved Standard Contractual Clauses for Data Controllers and, where relevant, for Data Processors. You may receive a copy of these Standard Contractual Clauses used in our intra-group agreements by contacting and requesting same from the Company.
External Third Parties
The Company may share Personal Data with external vendors whom we engage to perform services or functions on our behalf and under our instructions. Where applicable, their Processing of your Personal Data will be subject to the GDPR requirements. The Company will also ensure that its contracts with these parties ensure they only Process Personal Data in accordance with our instructions and in order to provide the agreed services and protect the integrity and confidentiality of the Personal Data entrusted to them, in line with the GDPR requirements.
For the purposes set out in this Notice, we may also disclose your Personal Data to our IT service providers, auditors, lawyers, consultants, law enforcement, courts and tribunals and other public authorities, such as tax and social security bodies. Some of these recipients are themselves responsible to determine the purposes and means of the Processing and for the lawfulness of the Processing on their end. Where necessary, we will ensure that appropriate contractual measures are in place to ensure the protection of your Personal Data.
Some of the third parties we engage to Process your Personal Data are located outside the European Economic Area. We will ensure that these transfers are either:
9. Retention of Personal Data
The Company will keep and Process your Personal Data only for as long as is necessary for the purposes for which it was collected or for legal obligations. Such legal obligations may arise particularly under tax and commercial law. If your data is no longer necessary for the fulfilment of contractual or legal obligations, it will be deleted; unless it is needed to secure, assert or enforce legal claims. In this case, we will retain the date in accordance with the regular limitation period. During this period, this data is blocked and is no longer available for any other use.
In general, application data will be deleted three months after the application proceeding has ended at the latest.
10. Statutory/Contractual Requirements
You may choose to not provide us with your Personal Data and/or provide incomplete Personal Data. However, please be aware that, in certain cases, we may not be able to proceed with your application process as your Personal Data may be required for administrative purposes and/or to fulfill statutory requirements.
11. Automated Decision-Making and Profiling
Your Personal Data will not be used for automated decision-making and/or profiling.