Axonius Global Job Candidate Privacy Notice

Effective August 12, 2024

This Privacy Notice describes Axonius, Inc. and its affiliated companies (collectively, “Axonius”, “we”, “our” or “us”) privacy practices regarding job candidates or applicants who apply or are recruited for a job with us (“Candidate”).

Axonius is a remote-first global company, with entities in the US, the UK, and Israel. While this Notice is intended to describe the broadest range of our privacy practices globally, those practices may vary based on the local legal requirements. This Notice does not create or form part of any contract for employment or otherwise.

DATA COLLECTION

We collect Personal Data directly from a Candidate (such as when a Candidate submits the job application or during the recruitment process - including interviews), indirectly from a Candidate (such as when a Candidate interacts with our website), or via third parties or sources (such as job boards and professional networking websites, Candidate’s named references, other Axonius personnel, background check providers, employment agencies and recruiters, publicly accessible sources, and our service providers). We may combine the Personal Data that the Candidate provides us with Personal Data provided via third parties and sources.

The provision of Personal Data is mostly necessary for us to consider the application (such as evidence of qualifications or work history), and we will not be able to process the application successfully if the related Personal Data is not provided. The provision of some more sensitive Personal Data is voluntary (e.g., information about ethnicity, health conditions, religious beliefs, sexual orientation, and Personal Data provided through interview recordings) and will not have an impact on our consideration of the job application.

DATA USES

Personal Data	(Business) Purposes of the processing	Legal basis
Identity and contact Data, including full name, gender, date of birth, nationality, contact details (e.g., telephone number, e-mail address and home address), veteran status, and copies of documentation proving Candidate’s identity and right to work (e.g., passport, visa, ID card or driving license) (Identifiers; Protected characteristics under California or US laws). Electronic identification Data, including user, log in and usage information with the tools we use for recruiting purposes, IP address, device/browser characteristics (Identifiers; Internet or other network activity Information). Professional, employment and education Information, including information from the job application or recruiters, interviews, recruiting exercises, resume or CV, cover letter, employment and professional history, military and reserves status, previously held directorships (if any), references, education details, professional qualifications (such as licenses, permits, certifications), desired position and compensation, location preferences and willingness to relocate (Professional or employment information and related Inferences; Education Information). Communication Data and Interview recordings, including any Personal Data contained in the correspondence with us, any Personal Data shared during interviews, as well as your voice and imagery as captured in the recording (Audio, electronic, visual or similar Information). Sensitive Personal Data^(SPD): Background check information, such as information necessary to complete background, credit, drug/alcohol and/or other checks, only where permitted by law, and information received during these checks; Information provided in connection with accommodation requests, regarding disabilities or other health conditions, racial or ethnic origin, religious or philosophical beliefs, sex/gender identity; Nationality and immigration status and other information such as residency and work permit status, state identification card and passport number, that would allow us to verify the employment eligibility; Health, travel or medical examination information, where permitted by law, in order to prevent the spread of infectious disease, such as COVID-19.	Recruitment management, which includes all the steps necessary to decide whether to enter into a contract with the Candidate, such as: processing job applications submitted through our careers website; https://www.axonius.com/company/careers or any other site or source from which we receive such applications; assessing Candidate’s skills, qualifications, and suitability for the job; conducting interviews and recruiting exercises within our recruitment process; conducting background checks and other pre-employment screenings (where applicable)^(SPD); communicating with the Candidate regarding the recruitment process.	To take steps at the request of the Candidate prior to a contract; Legal obligation; Consent where appropriate.
	Recruitment administration, such as: maintaining consistent practices and procedures with respect to the collection, use, disclosure, transfer and processing of Candidate Personal Data across Axonius; analyzing and improving our application, recruitment processes, equal opportunity and employee representation processes, also through surveys and the creation of anonymous, aggregated or de-identified data reports (analytics)^(SPD); business administrative operations related to the recruitment process.	Legitimate interest; Consent where appropriate.
	Additional communications, such as: maintaining contact with Candidates in the future and notify them of relevant job vacancies with Axonius that Candidates might be interested in; sourcing and soliciting prospect Candidates, based on their public profiles on professional networking websites.	Legitimate interest; Consent where appropriate.
	Internal employee training, such as: recording, storing, and sharing interview recordings with selected Axonius employees for recruitment training purposes.	Consent.
	Assessing and fulfilling accommodation requests and ensuring equal opportunities during the recruiting process^(SPD).	Performance of contract; Legal obligation; Obligation and Personnel’s rights in the field of Employment, Social Security, and Social Protection Law; Consent where appropriate.
	Compliance, safety and fraud prevention^(SPD), such as: complying or monitoring compliance with legal and regulatory requirements, including government reporting; complying with internal policies and procedures; protecting our Candidates’ or third parties’ rights, health, safety and property; investigating and deterring against fraudulent, harmful, unauthorized, unethical or illegal activity, or conduct in violation of our policies or procedures.	Legal obligation; Legitimate interest; Obligation and Personnel’s rights in the field of Employment, Social Security, and Social Protection Law; Consent where appropriate.
	Compliance with employment, social security and social protection law ^(SPD).	Legal obligation; Obligation and Personnel’s rights in the field of Employment, Social Security, and Social Protection Law.
	Compliance with public health, health and safety, and disability discrimination laws, including protecting the health and safety of our personnel and visitors to our premises and complying with legal obligations, government guidelines, and public health advice to prevent the spread of infectious disease ^(SPD).	Legal obligation; Obligation in the field of Employment, Social Security, and Social Protection Law; Substantial Public Interest; Consent where appropriate.
	To resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties^(SPD).	Legitimate interest; Legal Claims and Judicial Acts; Consent where appropriate.
	For any other lawful purpose, or additional purpose that Candidate consents to.	Legal obligation; Consent where appropriate.

If the Candidate is located in a territory governed by privacy laws under which “Consent” is the only or most appropriate legal basis for the processing of Personal Data as described herein, the application for a job at Axonius will be deemed to constitute consent to the processing of Personal Data for all purposes detailed in this Privacy Notice.

The categories of Personal Information listed above have been collected, processed and disclosed within the last 12 months.

Personal Data does not include aggregated or de-identified information that is maintained in a form that is not reasonably capable of being associated with or linked to the Candidate.

DATA LOCATION

We, our service providers and contractors maintain, store and process Personal Data in the US, the UK, the EEA, and Israel as well as other locations as reasonably necessary for the purposes of processing listed above, or as may be required by law.

While privacy laws may vary between jurisdictions, Axonius, its service providers and contractors are committed to handling the transfer of Personal Data in accordance with any appropriate lawful mechanisms and contractual terms, including (where appropriate) standard contractual clauses or similar mechanism adopted by the EU or the UK, to ensure an adequate level of protection.

DATA RETENTION

We retain Personal Data for as long as we deem reasonably necessary to fulfill the purposes of processing listed above, taking into account the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure, and applicable legal and regulatory requirements.

DATA SECURITY

We implement systems, applications, and procedures to safeguard Personal Data, to minimize the risks of theft, damage, loss, or unauthorized access or use of information. These measures provide robust, industry-standard security. To learn more about our cybersecurity program, please visit https://www.axonius.com/security-program.

DATA DISCLOSURE

In order to pursue the purposes of processing listed above, we may disclose Personal Data in the following ways:

Axonius affiliated companies; Change of control: We may disclose Personal Data internally within our group. In addition, should Axonius or any of its affiliates undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, or will be considered or found eligible for a governmental grant and/or a potential investment, Personal Data may be shared with the parties involved in such an event.

Service providers and contractors: We may, upon the execution of a written contract, engage selected service providers, to perform services on our behalf, or contractors, to provide complementary services that help us manage the recruiting process and operate our business and, limited to this purpose, grant them access to Personal Data as necessary. Such service providers and contractors may include or be related to job boards, recruiters, interviewing and testing services, pre-employment screening, interview travel booking and expense reimbursement (where applicable), relocation (where applicable), recruitment analytics and software providers, and our business, immigration, legal, financial and compliance advisors.

Government or law enforcement authorities: We may disclose Personal Data to government or law enforcement authorities if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request; (b) to enforce our agreements, policies, and terms of service; (c) the disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (d) such disclosure is required to protect our legitimate business interests, including the security or integrity of our assets, personnel, and rights.

Additional disclosures: We may disclose Personal Data in additional manners, pursuant to the Candidate request or consent, if we are legally obligated to do so, or if we have successfully anonymized such Personal Data.

We do not sell Candidate Personal Information, or share it with third parties for cross-context behavioral advertising purposes.

CANDIDATE RIGHTS

To the extent available in the appropriate jurisdiction, Candidates may have rights concerning their Personal Data. To exercise these privacy rights – please submit a data subject Request via our dedicated page or contact us by e-mail at [email protected].

When Candidates ask us to exercise any of their privacy rights, we may require additional information, including certain Personal Data, in order to authenticate and process the request. Such additional information may be then retained by us for legal purposes (e.g., as proof of the identity of the person submitting the request).

US Data Protection Rights

Depending on the US state of residence and applicable laws, Candidates may have the right to:

know whether or not we currently process (or have processed in the last 12 months) Personal Information, as well as information regarding our privacy practices related to the handling of Personal Information;
access and receive a copy of the Personal Information we have collected in the prior 12 months;
request that we correct inaccuracies in Personal Information;
request the deletion of Personal Information that we have collected, subject to certain conditions and exceptions;
opt-out of targeted advertising. We do not currently process Personal Information in this manner;
limit the use and disclosure of Sensitive Personal Information. We do not currently process Personal Information outside of the purposes allowed by the applicable laws;
opt-out of sale or sharing of Personal Information. We do not currently process Personal Information in this manner;
receive a copy of Personal Information in a portable and readily usable format;
not be subject to discrimination for the exercise of these privacy rights;
designate someone as an authorized agent to submit requests and act on Candidate’s behalf. To do so, the Candidate must provide us with written permission to the authorized agent.

Israel Data Protection Rights

Subject to applicable laws, Candidates may have the right to:

request confirmation of the processing of Personal Data;
request access to Personal Data;
receive copies of Personal Data;
request that we correct inaccuracies in Personal Data;
withdraw consent;
delete Personal Data.

European Economic Area (EEA) and United Kingdom (UK) Data Protection Rights

Subject to applicable laws, Candidates may have the right to:

request access to, or to receive copies of, Personal Data, as well as with information regarding our privacy practice related to the handling of Personal Data;
request rectification of any inaccuracies in Personal Data;
request, on legitimate grounds, the erasure of Personal Data;
request, on legitimate grounds, the restriction of Personal Data processing activities;
object, on grounds relating to their particular situation, to the processing of Personal Data by us or on our behalf; and the right to object to the processing of Personal Data, by us or on our behalf for direct marketing purposes;
have the Personal Data transferred to another controller, to the extent applicable;
withdraw consent, where we process the Personal Data on the basis of it;
not be subject to automated decision making, including profiling, which produces legal effects concerning the Candidate, under certain conditions;
lodge complaints with a data protection authority regarding the processing of Personal Data by us or on our behalf.

Switzerland Data Protection Rights

Subject to applicable laws, Data Subjects may have the right to:

request access to, or to receive copies of, Personal Data, as well as with information regarding our privacy practice related to the handling of Personal Data;
request rectification of any inaccuracies in Personal Data;
request the erasure, deletion, destruction or anonymization of Personal Data, to the extent applicable;
object, to the processing of Personal Data by us or on our behalf, including the right to restrict or prohibit the processing, or request the prohibition of a specific disclosure, to the extent applicable;
have the Personal Data transferred to another controller, to the extent applicable;
not be subject to automated decision making, including the right to be heard in the case of automated decision making, to the extent applicable;
have the Personal data marked as being disputed;
lodge complaints with a data protection authority regarding the processing of Personal Data by us or on our behalf, and request that any judgment be communicated to third parties or published.

ADDITIONAL INFORMATION

Updates and Amendments: We may update and amend this Privacy Notice from time to time by posting an updated version on our website. The amended version will be effective as of the date it is published.

CONTACT DETAILS

For any questions, concerns or complaint regarding this Privacy Policy or our privacy practices, Candidates are welcome to contact us at the following alternative contact points:

Data Protection Officerat: [email protected], or via post at:
- 41 Madison Ave Floor 37, New York, NY 10010, USA
- 16 Great Queen Street, Covent Garden, London, United Kingdom, WC2B 5AH
- 132 Menachem Begin Street, The Circular Tower, Floor 23 Tel Aviv, Israel 6701101.
European Representative in the EU: We have appointed Prighter Group with its local partners as our privacy representative and point of contact in the EU. To contact us via our representative, Prighter, or make use of your data subject rights, please visit the following website.

Get Started

Discover what’s achievable with a product demo, or talk to an Axonius representative.

Request a demo
Speak with sales

Get Started