Ferrero International S.A. (hereinafter “Ferrero”) is committed to protecting the privacy of users of the Ferrero Careers website (hereinafter the “Website”) and will do everything in its power to ensure that users’ Personal Data is treated with respect to their fundamental rights and freedoms as well as personal dignity, with particular reference to confidentiality and personal information. We require users to provide certain personal information and details in order to provide our services, and we would therefore like to explain the procedures and ways in which we handle data supplied to us.
In general, any information and data which you provide, or which is otherwise gathered by Ferrero in the context of the Website, will be used by Ferrero in compliance with Regulation (EU) 2016/679 (hereinafter the “GDPR”). This means, in particular, that any Personal Data processing carried out by Ferrero will respect the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, data minimization, accuracy, integrity and confidentiality.
1. Data Controller
The Data Controller regarding all Personal Data processing operations carried out through the Website is Ferrero, with registered offices at 16, Route de Trèves L-2633 Senningerberg Luxembourg.
Ferrero has appointed a Data Protection Officer (“DPO”). For any information regarding the processing of Personal Data by Ferrero, including a list of Ferrero’s data processors, or to excercize your right with regard to Ferrero’s processing of your data, you can send your request to our postal address herein above or via email to email@example.com.
2. Personal Data processed
As you use the Website and, in particular, as you provide information and upload documents to the Website in order to access the Website’s services, Ferrero may collect and process information related to you as an individual and which allows you to be identified, either directly or together with additional information (hereinafter Personal Data).
Personal Data which may be processed by Ferrero through the Website are as follows:
a. Name, contact details and other Personal Data
When creating an account on the Website, you will be asked to provide information such as your name (first and last), referral sources, email address, telephone number, country of residence, physical address (state, city, zip / postal code, street) and professional qualifications and history – namely by uploading your CV / résumé. This information will allow Ferrero to adequately manage your application for possible recruitment purposes.
Ferrero may also collect and process Personal Data disclosed in applicants’ professional social media profiles (e.g., LinkedIn), whenever this is considered necessary and relevant to the performance of the job being applied for.
b. Special categories of Personal Data
When creating an account on the Website, you will be allowed to upload documents to the Website to be received by Ferrero as your CV / résumé. These documents may contain Personal Data – in particular, they may disclose (inadvertently or not) special categories of Personal Data – i.e. “[...] data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation”, as defined by Article 9 of the GDPR.
Ferrero asks that you do not disclose any Personal Data belonging to said categories in these documents, or in any other section of the Website, unless you consider this to be strictly necessary. If you do, then this Personal Data may be processed by Ferrero based on your explicit consent – Article 9(1)(a) GDPR.
c. Browsing data
The Website’s operation, as is standard with any website on the Internet, involves the use of computer systems and software procedures, which collect information about the Website’s users as part of their routine operation. While Ferrero does not collect this information in order to link it to specific users, it may still be possible to identify those users either directly via that information, or by using other information collected – as such, this information is also considered Personal Data.
This information includes several parameters related to your operating system and IT environment, including your IP address, location (country), the domain names of your computer, the URI (Uniform Resource Identifier) addresses of resources you request on the Website, the time of requests, the method used to submit requests to the server, the dimensions of the file obtained in response to a request, the numerical code indicating the status of the response sent by the server (successful, error, etc.), and so on.
This data is used exclusively to compile anonymous, statistical information on the use of the Website, as well as to ensure its correct operation and identify any faults and/or abuse of the Website.
Definitions, characteristics and application of standards
Cookies are small text files that may be sent to and r egistered on your computer or mobile device by the websites you visit, to then be re-sent to those same sites when you visit them again. It is thanks to these cookies that those websites can “remember” your actions and preferences (e.g., login data, language, font size, other display settings, etc.), so that you do not need to configure them again when you next visit the website, or when you change pages within a website.
When browsing a website, you may also receive cookies from websites or web servers other than the website being visited (i.e. third-party cookies).
There are various types of cookies, depending on their characteristics and functions, which may be stored on your computer or mobile device for different periods of time: “session cookies”, which are automatically deleted when you close your browser, and “persistent cookies”, which will remain on your device until their pre-set expiration period passes.
According to the law which may be applicable to you, your consent may not always be necessary for cookies to be used through the Website. In particular, “technical cookies” – i.e. cookies used exclusively to transmit communication messages through an electronic communications network, or otherwise strictly necessary to provide a service specifically requested by you – typically do not require this consent. In other words, cookies which are indispensable for operation of the Website or required to perform activities you request may be used without your consent. This may include cookies used for analytics purposes (used to collect aggregated information on the number of users of a website, and how those users visit the website), browsing or session cookies (used to allow users to login) and function cookies (used to allow memorisation of choices made by a user when accessing the website, such as language or products selected for purchase, in order to improve the user’s experience).
On the other hand, “profiling cookies” – i.e., cookies used to create profiles on users and to send advertising messages in line with the preferences revealed by users while browsing websites – typically require specific consent from users, although this may vary according to the applicable law.
Types of cookies used by the Website
The Website uses the following types of cookies:
- Browsing or session cookies, which are strictly necessary for the Website’s operation and/or to allow you to use the Website’s content and services.
- Analytics cookies, which allow Ferrero to understand how users make use of the Website, and to track traffic to and from the Website. The information collected by these cookies is processed in an aggregate and anonymous form, with no information on your specific ID being collected – therefore, the use of these cookies does not involve the use of your Personal Data.
- Function cookies, which are used to activate specific Website functions and to configure the Website according to your choices (e.g., language), in order to improve your experience.
- Profiling cookies, which are used to observe the preferences you reveal through your use of the Website and to send you advertising messages in line with those preferences.
Ferrero also relies on third-party cookies – i.e. cookies from websites / web servers other than the Website, and which are used for specific purposes of the third parties owning those websites / webservers (including profiling of users). These third parties will typically be considered independent data controllers regarding their cookies, and therefore you must refer to their privacy policies, information notices or other materials to obtain more information on them. Ferrero cannot control or ascertain the use which may be made, by these third parties, of third-party cookies, nor their exact characteristics or purpose.
The following section lists the links to information on third-party cookies:
Cookies present on the Website
In detail, the cookies present on the Website are as follows:
Cookie type, function and purpose Duration
The user's encrypted e-mail address, if known. Initially created whenever a new user visits an Recruiting Marketing site and a session is created. Updated when the user provides us with an e-mail address.
The encrypted ID of the user if one exists. Initially created whenever a new user visits a Recruiting Marketing site and a session is created. Updated when the user logs in or becomes a member and is assigned a user ID.
Whether or not to prefill the Subscribe box with the user's e-mail address, in order to avoid the user having to re-enter their e-mail address. Initially created whenever a new user visits a Recruiting Marketing site and a session is created. Updated when the user modifies their remember me preference.
A number that indicates if the user has acknowledged the cookies policy banner. If the cookie is not set, then the banner may be presented. If they cookie is set and its value is 1, the banner may be suppressed. This cookie will persist across user sessions, no matter which type of cookies are enabled sitewide. Created as a persistent cookies when the user acknowledges the cookies policy banner by either viewing the cookies policy or choose to dismiss the banner.
Cookie for session stickiness preventing a user from bouncing from one instance to another.
You can block or delete all or some of the cookies used on the Website via your browser options. Your cookie preferences will be reset if different browsers are used to access the Website. For more information on how to set the preferences for cookies via your browser, refer to the following instructions:
CAUTION: If you block or delete technical and/or function cookies used by the Website, the Website may become impossible to browse, certain services or functions of the Website may become unavailable or other malfunctions may occur, in which case you will have to modify or manually enter some information or preferences every time you visit the Website.
Ferrero uses Google Analytics on the Website. This is a tool developed by Google and used to collect information, which permits evaluation of the use of the Website, analysis of your behaviour and improvement of your experience with the Website. You can obtain more information about how to opt out of Google Analytics at: https://tools.google.com/dlpage/gaoptout.
3. Purposes of the processing
Ferrero intends to use your Personal Data, collected through the Website, in order to manage submitted applications for possible recruitment to positions within the Ferrero Group.
4. Legal basis and mandatory / discretionary nature of the processing
Ferrero’s legal basis for processing your Personal Data, for the abovementioned purposes, is your consent – Article 6(1)(a) GDPR.
Ferrero may also rely on its legitimate interests when assessing the professional social media profiles of candidates applying for certain jobs, when this is necessary and relevant for the performance of those jobs – Article 6(1)(f) GDPR. Ferrero’s interest in this assessment is to ensure that the candidate has the appropriate qualifications, professional background and competence to perform the tasks applied for.
It is not mandatory for you to give Ferrero your Personal Data for these purposes; however, if you do not, Ferrero will not be able to manage any applications you submit to us.
Additionally, any special categories of Personal Data which you choose to submit to Ferrero (as mentioned in Section 2(b) above) will be processed by Ferrero based on your explicit consent – Article 9(1)(a) GDPR.
5. Recipients of Personal Data
Your Personal Data may be shared, for the purposes listed in Section 3, with the following persons / entities (hereinafter the Recipients):
- Other companies within the Ferrero Group which may be interested in your application;
- SAP SuccessFactors (a company outside of the Ferrero Group) and Ferrero’s technical subcontractors acting as data processors for Ferrero and only upon instruction of Ferrero;
- Public entities, bodies or authorities to whom your Personal Data must be disclosed, under the applicable law or following binding orders from those entities, bodies or authorities;
- Persons authorized by Ferrero to process Personal Data needed to carry out activities related to the provision of services through the Website, who have undertaken an obligation of confidentiality or are subject to an appropriate legal obligation of confidentiality (e.g., employees of Ferrero);
6. Transfers of Personal Data outside of the European Union
Some of your Personal Data is shared with Recipients who may be located outside the European Economic Area. Ferrero ensures that your Personal Data is processed by these Recipients in accordance with the GDPR. Under the GDPR, these transfers can be based, among other mechanisms, on an adequacy decision or on agreements including standard data protection clauses approved by the European Commission.
Further information can be requested to Ferrero’s DPO at firstname.lastname@example.org.
7. Retention of Personal Data
Your Personal Data, together with your account, will be stored by Ferrero for a period of 18 months from the time they are entered onto the Website or from the most recent modification you make. After this period, your Personal Data will be destroyed or anonymized for statistical purposes.
Additionally, whenever it becomes clear that an offer of employment will not be made to a candidate, or that an offer of employment made to a candidate is not accepted, your Personal Data will be destroyed.
Ferrero may, occasionally, offer part-time or seasonal work which is suitable for minors.
If parents / guardians would like to prevent a minor from accessing the Website, there are programs available which enable control over access to the Internet or specific websites.
9. Security of Personal Data
All Personal Data collected through the Website will be stored and processed so as to minimize the risk of destruction, loss (including accidental loss), unauthorized access / use or use not compatible with the initial purpose of collection. This is achieved by the technical and organizational security measures put in place by Ferrero.
To request an updated list of the security measures adopted for the Website you may send a request at Ferrero’s DPO at email@example.com.
10. Data subjects’ rights
Under Articles 15 and following of the GDPR, you, as a data subject, are entitled to request from Ferrero, at any time, access to your Personal Data, the correction and erasure of your Personal Data, as well as to object to its processing. You are also entitled to request the restriction of the processing of your Personal Data in the cases set out in Article 18 of the GDPR, as well as to obtain the Personal Data you have provided to Ferrero in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the GDPR.
Requests should be made in writing to Ferrero at: firstname.lastname@example.org.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Finally, you are entitled to file complaints to your local EU Data Protection Authority or to the data protection authority of Luxembourg (CNPD at https://cnpd.public.lu/fr/support/contact.html), if you believe that we have handled your information in an unlawful manner.