Applicant Privacy Notice
Active candidates are those who are actively seeking employment with Aptiv. This notice is intended for use in the hiring process, for example, after they have applied or at the time of application.
Aptiv Global Operations Limited and its affiliates and related entities (“Aptiv”), as a Data Controller, is committed to protecting the privacy and security of your Personal Data. “Affiliates” includes all entities controlled by, under common control with, or controlling Aptiv Global Operations Limited, provided that control will mean direct or indirect control or ownership of more than 50% of the voting stock or equity of such entity. This Privacy Notice applies to all Aptiv job applicants.
This Applicant Privacy Notice describes how we collect and process your Personal Data during the recruitment process. It describes our purpose, lawful bases, retention period, how your Personal Data will be shared, and the rights you have regarding your Personal Data.
We will only process your Personal Data as described in this Privacy Notice unless otherwise required by applicable law. We take steps to ensure that the Personal Data that we collect about you is adequate, relevant, not excessive, and processed for limited purposes. This notice is intended to comply with all applicable laws. If any provision below conflicts with a legal requirement, then Aptiv will comply with the applicable law.
The types of Personal Data that Aptiv may collect, and process may vary, depending on regional/country requirements, and may include, among others:
- Identification and contact data – such as your full name; personal email address; IP address; physical address; phone numbers and country of residence.
- CV/resume-related data – such as your educational and professional qualifications; previous work experience; work referees; languages etc.
- Voluntary disclosure – such as your gender and other data that might be considered sensitive, which we are required to collect in certain jurisdictions such as your race, ethnicity, and veteran status etc.
- Other information – such as your login credentials; current notice period, eligibility to work etc.
Depending on your jurisdiction, applicable law, and role you applied for, the purposes for which we will process your Personal Data might include the following:
- To receive and process your application;
- To uniquely identify you;
- To assess your suitability (through testing, proctoring and other applicable means);
- To verify your eligibility for hiring;
- To screen and shortlist you;
- To communicate with you;
- To communicate with your referees (only if you are successful);
- To facilitate any of your special needs or make reasonable adjustments;
- To compile statistical information;
- To comply with our relevant legal or compliance obligations;
- To consider you for any of our future vacancies (where you have consented to it), and/or
- To fulfil purposes associated with or related to the above purposes.
We obtain your Personal Data either directly or indirectly from you: directly, when you submit it to us through our different recruitment channels and systems; indirectly, when we obtain it from other Third Parties, such as external recruitment agencies and recruitment platforms such as LinkedIn etc.
Our lawful bases for processing your Personal Data will be appropriate for the purpose of processing, the type of data involved, and applicable law. During the recruitment process, we rely on either of the following lawful bases to process your Personal Data, when it is necessary for:
- The performance of a contract to which you are a party or in order to take steps at your request prior to entering a contract;
- Carrying out our legal and compliance obligations, including the establishment, exercise or defense of legal claims, and/or
- Carrying out our legitimate interests or that of a Third Party.
There are also instances where candidates consent to have their Personal Data kept on file in order to be considered for other future vacancies, we will rely on this consent as the lawful basis for processing the Personal Data for this purpose.
Your Personal Data will not be used for additional purposes that are incompatible with the purposes listed above, unless we provide you with notice of those additional purposes.
We will disclose your Personal Data to Third Parties only where we have a legal obligation to do so, where we have a legitimate interest in doing so, or where you have given your consent. For example, where we are required by law to disclose certain information to comply with Equality legislation or where we engage Third Parties to help us in the recruitment process or where you have given us your consent to disclose certain information to certain Third Parties.
Depending on the circumstance, Third Parties may process your data on our behalf (i.e., as Processor, for example, recruitment agencies etc.).
Our Third Parties are required to take appropriate Technical and Organisational measures to protect your Personal Data based on the associate risks and are subject to a duty of confidentiality. We require Third Parties to respect the security of your Personal Data and to treat it in accordance with applicable law.
We may be required to transfer your Personal Data across International borders, in line with applicable law. To ensure that International Transfers of Personal Data are adequately protected, we have put in place appropriate safeguards with our group companies, service providers, contractors, distributors, business partners and agents.
We take appropriate Contractual, Technical, Organisational measures, and conduct Transfer Impact Risk Assessments, as required, to protect your Personal Data and Your Rights. For International Data Transfers, we comply with the requirements of applicable law, including safeguards such as Standard Contractual Clauses (SCCs) where required (e.g., for transfers of EU Personal Data outside of EU (and areas deemed to provide Adequate Protection), SCCs in accordance with Article 46(2) of the GDPR). For more information on the appropriate safeguards in place to protect your Personal Data, please contact us using the details at the end of this statement.
We will retain your Personal Data only as long as necessary to fulfil the purpose(s) for which it was collected, or as required by law. Retention periods will depend on country/regional requirements and upon the outcome of your application. Successful applicants who become employees will subsequently have their personal data retained for a range of employment purposes.
We retain your Personal Data in accordance with applicable laws and our Records Management Policy and Retention Schedule. Otherwise, we aim to keep our files current and will make reasonable efforts to remove Personal Data that is no longer relevant for the purposes for which it was collected.
Aptiv is committed to safeguarding the security of your Personal Data. We have implemented appropriate security measures in order to protect your Personal Data from unauthorized access, use, copying, modification, disclosure, destruction, and alteration. We abide by the key principles of Data Protection and Privacy in our Personal Data collection and handling, namely: accountability; lawfulness, fairness, and transparency; data minimisation; purpose limitation; storage limitation; managing the confidentiality, integrity, and accuracy of Personal Data.
In accordance with applicable law, in certain circumstances, you have the following rights regarding the processing of your Personal Data.
- The right to be informed about the processing of your data.
- The right to access your data.
- The right to correct your data if it is incorrect.
- The right to have your data erased/deleted.
- The right to restrict processing of your data.
- The right to object to processing, including the right to object to direct marketing.
- The right to have a copy of your data transferred to different Third Party.
In the US, these rights are limited to California residents. The right to object (including direct marketing) is not applicable in California because we do not sell or share your Personal Data, or use your sensitive Personal Data, for any purposes that are incompatible with the purposes listed in the Notice, unless we provide you with notice of those additional purposes.
You may exercise Your Rights via our online form here. In some jurisdictions, you may also designate an authorized agent to make a request on your behalf.
To protect your data from unauthorized access, all requests regarding your Personal Data will be subject to verification of the identity of the requesting individual.
The response time for Data Subject Rights Requests varies depending on your jurisdiction and applicable law. If we require more time to respond to your Request, we will inform you.
Automated decision-making takes place when an electronic system uses Personal Data to make a decision without human intervention.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.
Depending on your jurisdiction, you also have a right to make a complaint at any time to your local Data Protection Supervisory Authority. You can find a list of EEA Authorities here or https://www.edpb.europa.eu/about-edpb/about-edpb/members_en. Aptiv Global Operations Limited is an Irish Company, and it’s lead EU Regulator is the Irish Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD 28, Ireland or by e-mailing info@dataprotection.ie.