Privacy statement relating to ING’s recruitment and selection procedure
This privacy statement applies to all candidates who participate in the ING recruitment and selection procedure. It outlines how ING handles your personal data during that procedure.
1. Who is responsible for processing your personal data?
ING is responsible for processing your personal data. The contact details of ING are:
- Physical address: Bijlmerplein 888, 1102 MG Amsterdam ZO, The Netherlands
- Postal address: PO Box 1800, 1000 BV Amsterdam, The Netherlands
2. Data protection officer
ING has a data protection officer who oversees the application of and compliance with privacy laws within the ING organisation. The data protection officer can be reached on: firstname.lastname@example.org.
3. Origin of personal data
ING can obtain your personal data in the following ways:
- You provide us with the data directly,
- You provide us with the data via third parties, e.g. through a recruitment agency or a reference,
- Through public sources such as search engines and areas of social media that are not set to ‘private’,
- Through sourcing, e.g. LinkedIn.
4. The basic principles for the processing of your personal data.
We process your personal data on the basis of several principles:
- Based on your explicit permission. Needless to say, you can retract this at any time.
- Based on legitimate interest, i.e. the recruitment and selection of suitable and competent employees.
- If you are hired: based on a legal obligation, e.g. making and storing a copy of your proof of ID in the context of tax laws, and/or based on drawing up an employment contract.
5. Reasons for processing your personal data
We only use your personal data for legitimate business purposes, such as:
- Human resources and personnel management
As your (future) employer we process information about you as necessary in order to meet our obligations related to your employment contract or any other agreement with us (or based on your request to take the necessary steps in order to enter into such an agreement). We also process information about you as necessary for administrative purposes and in order to maintain our relationship with you, e.g. for the purpose of recruitment and secondment, reimbursement, payment, tax issues, career and talent development, insider trading laws, performance appraisals, training, travel expenses and other expenses, employee communication, workforce analysis, international assignments, conflict resolution and legal procedures.
- Company processes and internal management
We can process information about you for the purpose of matters such as work schedules, time registration, management of company property, central processing for efficiency reasons, internal audits and studies, implementation of insider trading laws and other similar regulations, the implementation of business controls and the facilitation of efficient and effective electronic communication within ING.
- Health, safety and security
We process data about you for the purpose of being able to check your employee status, access rights and compliance with the rules that apply within ING. We do this in order to be able to offer you a safe and healthy working environment and to protect the property, products, services and reputation of ING.
- Organisational analysis & developments and management reports
This covers purposes such as holding employee surveys, managing mergers, acquisitions and divestments and the processing of your personal data for the purpose of management reports and analysis.
- Legal obligations
We are legally obliged to process certain personal data in order to comply with all laws and regulations, including the sector-specific regulations that apply to ING.
- Protecting your vital interests
It may be necessary to process your personal data in order to protect your vital interests, e.g. in the case of urgent medical assistance.
- Fraud prevention and detection and data security
We are obliged to safeguard the security and integrity of ING and of the financial sector as a whole. This means that we gather information that enables us to detect, prevent and investigate activities with negative consequences for ING or other financial institutions. It also means that we gather information in order to tackle, prevent and trace actual or attempted incidences of criminal or undesirable activity, and that we participate in and utilise sector-specific and other warning systems and comply with our legal obligations and with regulations relating to combating money laundering and terrorism financing.
6. External parties
IBM handles part of ING’s personnel administration on ING’s behalf. That means that IBM will also process your data. The IBM employees are based in countries within Europe. ING remains responsible for the processing of your personal data by IBM.
If you are hired by ING, your personal data can be shared with ING entities abroad, including outside of Europe, in the following cases:
- If you apply for a role at an ING entity abroad. In that case the information will be passed on based on the Global Data Protection Policy for Employee Data which has been drawn up by ING and approved by the Dutch Data Protection Authority.
- If ING works with IT suppliers that are based outside of Europe. In that case, ING will ensure that the information is passed on in line with the privacy laws.
7. How long do we keep your personal data?
If you are rejected, we keep your personal data for one year with a view to future vacancies, unless you have indicated that we may no longer keep them for longer than a month.
If you are hired, we keep your personal data for as long as you are employed by us and then for some time afterwards. We may only keep your personal data for as long as it is necessary in order to fulfil the purpose for which the data was originally gathered, or if you have given us permission to keep your data.
8. How can you exercise your rights?
As an applicant you have the right to see, correct, limit, delete and/or transfer your personal data and the right to lodge a complaint. For a complete overview of your rights, please refer to the international privacy statement for ING employees. This will be sent to you on request. Our privacy statement is intended to provide a clear and simple explanation of what data we gather about you and how we process it. The statement applies to all former, current and future employees of ING.
Changes to the privacy statement
New data processing activities may result in the use of personal data changing over time. Please see our website for the most current version.