Candidate Privacy Notice
Last updated on 11 July 2024
Your privacy is important to Push Gaming (hereinafter "we" and/or "us" and/or “Push Gaming”). We recognise the responsibility you entrust us with when providing your personal data. This Privacy Notice explains to our prospective employees, workers and contractors (“candidate” and/or “you”) how we handle and treat their personal data when they apply to Push Gaming, including via corporate website: https://www.pushgaming.com/ or associated sites or pages (the “Website").
The purpose of this Candidate Privacy Notice (“Privacy Notice”) is to provide you with a clear explanation of what personal data we collect, when, why and how we collect, use and share your personal data and it explains your statutory rights. Please make sure you fully understand our practices in relation to personal data before you apply to our job offers. Where you have read this Privacy Notice but would like further clarification, please contact us at dataprivacy@pushgaming.com.
1. Who is the controller?
Push Gaming Limited, with company number 7395813, and registered address at 55 Bartholomew Cl, London, EC1A 7ES, United Kingdom, is the primary controller of your personal data, together with any of the following group companies, depending on the location of your job - Side Technology Limited, company no. 017129V, Fort Anne, South Quay, Douglas, IM1 5PD, Isle of Man, and/or Push Gaming Malta Limited, company no. C90728, Sonor Level 1, 66 Cathedral Street, 1524 Sliema, Malta, and/or Push Gaming Product Limited, with company number C102982, and registered address at Sonor Level 1, 66 Cathedral Street, 1524 Sliema, Malta, and/or Push (Gibraltar) Limited, with company no. 122990 and registered address at 30/1 Cornwall’s Lane, P.O.BOX 1404, GX11 1AA, Gibraltar, and Push Gaming Poland sp.z.o.o., with company number 0001091943, and registered address at ul. Rondo Daszyńskiego 2B, 00-843 WARSZAWA, Poland.
2. What personal data do we collect and how do we collect it?
Personal data is information relating to you, such as your name, email address, phone number, etc.
Information you provide to us directly:
- If you apply to one of our open positions published in our “Career” page: We and our business partners will collect your first name, last name, e-mail address, phone number, resume, and desired pay. When you apply online, we will also process your personal data in accordance with our Website Privacy Notice.
- If you apply to our job openings advertised on social media, such as LinkedIn: We collect the information you provide on your application form, including your CV and cover letter.
- If we invite you to an interview: You provide us with any information relevant to assess your suitability for our job opening.
Information collected by automated means from your browser and device through cookies and other tracking technologies:
- If you apply online to one of our open positions: We use cookies, in combination with other tracking technologies to distinguish you from other users of the Website. We will process your personal data in accordance with our Cookie Notice.
Information collected indirectly from other sources:
- Our recruitment agency: from which we collect your application form, including your CV and cover letter.
- Our background check provider: we may use third-party services to conduct background checks on our employees and workers.
Push Gaming is required to comply with legal obligations under AML regulations which includes verifying professional qualifications, vetting and screening of employees, workers and contractors.
As appropriate, to comply with such obligations, and subject to applicable local laws, we conduct so called background checks on all workers and employees using third-party provider services which include information about imposed sanctions, PEP status, pending insolvency, law enforcement actions, or adverse media and similar.
Depending on the role you have applied for, we also collect copies of criminal records (for key personnel only - such as but not limited to roles within the departments of Legal & Compliance, Finance, Technology, Information Security etc., or higher managerial roles). Candidates applying for an employment position based in the UK, are referred to the Ex-Offenders Policy for further details.
3. Why do we collect your personal data?
Having collected these personal data, we will then process them to decide whether you meet the basic requirements to be shortlisted for the role and/or eventually whether we want to offer you a job. If we decide to offer you a job, we may ask for or collect references AND/OR carry out background checks, as applicable, before confirming or as a condition of your appointment.
If you fail to provide the information or documents when requested, which is necessary for us to consider your application, we will not be able to process your application successfully and/or offer you the job. For example, if we require the completion of a background check for this role and you fail to provide us with the relevant details or documents, we will not be able to take your application further or confirm your appointment.
4. How do we use your personal data and on which legal basis?
Purposes of processing and our legal basis for doing so
To communicate with you about the recruitment process: We use your personal data to respond to your request and/or queries about the recruitment process.
- If we are legally obligated to respond to your request: our legal obligations
- If we need to do so in order to execute an employment agreement with you: contractual necessity
- In all other cases: our legitimate interests to communicate about our job offers
To assess your skills, qualifications, and suitability for the job opening: We use the information collected as part of your application and your interview.
- We need to do so in order to execute an employment agreement with you: contractual necessity
To keep records related to our hiring processes: We retain the application of unsuccessful candidates in our database, as necessary to contact you if we identify a job opening matching your profile in a reasonable period (up to 6 months) following your initial application. We also retain the application of successful candidates in our archives until the end of their employment at Push Gaming.
- If we need to do so in order to execute an employment agreement with you: contractual necessity
- In all other cases: our legitimate interests to increase our chances to recruit job applicants suitable for our job offers
To comply with legal or regulatory requirements (including background checks): We use relevant personal data we hold about you to comply with our legal or regulatory requirements relevant for our industry.
- If we are legally obligated to do so: our legal obligations
If applicable, to obtain work references: We use the information related to your qualifications or work history to verify the information you provided, including with third parties.
- We may rely on your consent or on our legitimate interests (as applicable) to ensure the reliability of our candidates.
If applicable, to disclose your personal data to a prospective or actual purchaser or seller: this may happen in the context of a merger, acquisition or other reorganisation or sale of our business or assets.
- Our legitimate interests to ensure the sustainability of our business
If applicable, to disclose your personal data to third party business partners / services providers (as listed in section 5)
- The lawful bases listed above apply to any disclosure necessary to achieve the corresponding purpose.
5. With Whom Do We Share Your Personal Data?
We share your personal data with third parties only where it is necessary, and for purposes described in this Privacy Notice. We may share your personal data with the following categories of third parties:
- Group Companies: We may share your personal data with our corporate parent, subsidiaries, and affiliated companies.
- Business Partners / Services providers: We may transfer your personal data to our business partners / service providers as necessary for them to provide services to us in connection with our fulfilment of the purpose set out above. For example, we rely on our background checks providers and recruitment agencies.
- Government Agencies, Regulators and Professional Advisors: Where permitted or required by applicable law, we may also need to transfer your personal data to government agencies and regulators (e.g., tax authorities, courts, and government authorities) to comply with our legal obligations, and to external professional advisors as necessary to defend our legal interests.
- Prospective or Actual Purchaser or Seller: In the event of a merger, reorganisation, dissolution or similar corporate event, or the sale of all or substantially all of our assets, we expect that the information that we have collected, including personal data, will be transferred to the surviving entity in a merger or the acquiring entity. Such information will be transferred in accordance with applicable law.
6. How Do We Protect Personal data?
We are committed to keeping the personal data provided to us secure and we have implemented appropriate information security policies, rules and technical measures to protect the personal data that we have under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. We have put in place procedures to deal with any suspected breach of personal data and will notify individuals and any applicable regulator of a breach where we are legally required to do so.
7. How long do we keep your personal data?
We may retain your personal data as long as necessary for the purpose for which it was collected, and beyond such time as necessary to defend us in the context of legal claims, or for compliance and legal protection purposes.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
When we no longer require the personal data, we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. If we fully anonymize your personal data (so that it can no longer be associated with you), we may use this information indefinitely.
8. Your Privacy Rights
- Right of access: you can ask us to provide you with information about our processing of your personal data and give you access to your personal data;
- Right to rectification: if the personal data we hold about you is inaccurate or incomplete, you are entitled to request to have it rectified;
- Right to erasure: you can ask us to delete or remove personal data where there is no lawful reason for us continuing to store or process it, where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons that will be notified to you, if applicable, at the time of your request;
- Right to restrict processing: you can ask us to suspend the processing of your personal data if, (i) you want us to establish the data's accuracy; (ii) where our use of the data is unlawful but you do not want us to erase it; (iii) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it;
- Right to object: where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms;
- Right to data portability: you have the right, in certain circumstances, to ask us to provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information for which you initially provided consent for us to use or where we used the information to perform a contract with you; and
- Right to withdraw consent at any time: where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the personal data or where certain exemptions apply.
To exercise any of these rights, please contact us using the contact details provided below.
Although we urge you to contact us first to find a solution for every concern you may have, you always have the right to lodge a complaint with your competent data protection authority.
9. International Data Transfers
We may transfer your personal data to recipients based outside of the European Economic Area (“EEA”) and/or United Kingdom (“UK”). Some of these recipients are located in countries in respect of which either the European Commission and/or UK Government (as and where applicable) has issued adequacy decisions, in which case, the recipient’s country is recognized as providing an adequate level of data protection under UK and/or European data protection laws (as applicable) and the transfer is therefore permitted.
Some recipients of your personal data may be located in countries outside the EEA and/or the UK for which the European Commission or UK Government (as and where applicable) has not issued adequacy decisions in respect of the level of data protection in such countries (“Restricted Countries”). For example, the United States is a Restricted Country. Should we transfer your personal data to a recipient in a Restricted Country, we will either:
- enter into appropriate data transfer agreements based on so-called Standard Contractual Clauses approved from time-to-time by the European Commission, the UK Information Commissioner’s Office or UK Government (as and where applicable); or
- rely on other appropriate means permitted by the EU/UK GDPR, which establish that such recipients will provide an adequate level of data protection and that appropriate technical and organisational security measures are in place to protect personal data against accidental or unlawful destruction, loss or alteration, unauthorised disclosure or access, and against all other unlawful forms of processing.
You may ask for a copy of such appropriate data transfer agreements, if applicable.
10. Contact us
You may contact us using the following details:
- Email address: hr@pushgaming.com
- Postal address:
Push Gaming Limited, 55 Bartholomew Close, London, EC1A 7ES, United Kingdom
Push Gaming Malta Limited, Sonor Level 1, 66 Cathedral Street, 1524 SLM, Sliema, Malta
Side Technology Limited, Fort Anne, South Quay, Douglas, IM1 5PD, Isle of Man
Push Gaming Product Limited, Sonor Level 1, 66 Cathedral Street, 1524 SLM, Sliema, Malta
Push (Gibraltar) Limited, 30/1 Cornwall’s Lane, P.O.BOX 1404, GX11 1AA, Gibraltar
Push Gaming Poland sp.z.o.o., ul. Rondo Daszyńskiego 2B, 00-843 Warszawa, Poland
11. Changes to this Privacy Notice
We may make changes to this Privacy Notice from time to time. To ensure that you are always aware of how we use your personal data we will update this Privacy Notice from time to time to reflect any changes to our use of your personal data. We may also make changes as required to comply with changes in applicable law or regulatory requirements. Please regularly check these pages for the latest version of this Privacy Notice.