1. GENERAL INFORMATION

This is Neo4j’s (“we” or “us”) statement on how we process personal data when recruiting new personnel.

When recruiting new personnel, we need to process personal data. Personal data includes all information that by itself, or together with other information, can be used to identify a currently living person. To be able to submit an application for a position at us, certain personal data must be presented by the applicant in order to carry out the recruitment process.

This information is applicable if you are applying for a job at one of the following Neo4j entities:

  • Neo4j Sweden AB, company reg. no. 556713-1106 (“Sweden office”); or
  • Neo4j UK Limited, company reg. no. 10922328 (“UK office”).

The entity to which you have applied to as your potential employer is the personal data controller for the processing of personal data in connection with the recruitment process.

Please note that additional personal data may be required from you in order to finalise the recruitment if you are hired by Neo4j. Information concerning this will be provided in a separate privacy notice.

2. HOW TO CONTACT US

Each entity above is the personal data controller for the processing of personal data in relation to their respective recruitment process, meaning that they are responsible for the processing of personal data concerning to you. Most central administrative functions are carried out in the Sweden office, whereas the UK office has a smaller, local HR program.

Please direct your communication to the Sweden office, using the details below:
hr@neo4j.com

You may also directly contact our data protection officer, at:
Mattias Olsson
DPONeo4j@neo4j.com

3. THE PERSONAL DATA THAT WE PROCESSES

Listed below is the personal data we process about you, along with information regarding our purposes and legal grounds:

Purpose

Personal data

Legal ground

To recruit the candidate most suited for the vacant position Name, email address, telephone number, portrait, CV, cover letter, certificates and similar documentation, internal notes regarding the recruitment process Our legitimate interests
To verify the candidate’s merits and suitability for the position applied Name, CV, personal letter, certificates and similar documentation Our legitimate interests
To communicate with the candidate Name, email address and telephone number Our legitimate interests
To consider the application in respect of other roles that are available Name, email address, telephone number, portrait, CV, personal letter, certificates and similar documentation Our legitimate interests

3.1 Our legitimate interests

Neo4j’s legitimate interest is to recruit the most suitable for the vacant position at hand, in order to remain a competitive company and a great place to work at. Also, we store applications from candidates for a year in order to for our legitimate interest to contact them regarding other opportunities to work at Neo4j if they are not selected for the position they applied for.

We cannot pursue our legitimate interests without processing the personal data set out above, but we believe that we can process your personal data to pursue our legitimate interests in a way that does not interfere with your interests, rights and freedoms.

We take all necessary steps to keep your personal data disclosed to only a minimum of Neo4j employees, and that it is securely protected.

Our assessment is that the processing of personal data in connection with our legitimate interests is normal and what can be expected in a recruitment process.

4. THIRD PARTIES THAT RECEIVE PERSONAL DATA

We make use of several service providers, so that we can focus on doing what we are good at. This means that we transfer personal data to third parties. These consists of the following categories:

other Neo4j entities (these being: Neo4j in Sweden, the UK, and the U.S.);

Google Ireland Limited, which provides the recruitment tool used in our process (Google Hire);

recruitment agencies engaged by Neo4j to find suitable candidates; and

third parties that provide other services that enables us to focus on our core activities.

4.1 Transfers to countries outside of the EU/EEA

We will transfer personal data to countries outside of the EU and the EEA, since the U.S. office will have access to the recruitment information, and since Google’s services are provided globally. For transfers of personal data, adequate safeguards such as standard contractual

clauses and certification under the EU – U.S. Privacy Shield are used. Please contact us to learn more about this, and if you want, obtain a copy of the relevant safeguard.

5. STORING OF PERSONAL DATA

We will store information contained in job applications for one year after the recruitment process has ended. If you do not want us to do this, please let us know and we will delete the information. Certain personal data may be stored longer due to legal obligations of Neo4j or for the establishment or defence against legal claims.

6. YOUR RIGHTS

You have a right to:

  • receive confirmation whether personal data concerning the person in question is being processed by us, to receive information about the processing and to access the personal data, and to obtain a copy of the personal data;
  • object to our processing of personal data;
  • have personal data concerning you deleted, and to have incorrect data about you corrected, and to restrict the processing of data concerning you;
  • data portability, meaning that you in certain cases have a right to receive personal data concerning you in a commonly used format, or to have it transmitted to another personal data controller in accordance with your specification; and to

Please note that these rights are not absolute, and that for some rights certain criteria must be at hand for the right to exercised, or that certain exceptions might be applicable.

7. THE RIGHT TO LODGE A COMPLAINT AT A SUPERVISORY AUTHORITY

If you believe that our processing of personal data in conflict with the General Data Protection Regulation (GDPR), you may lodge a complaint at the relevant supervisory authority. The supervisory authorities are as follows:

Sweden

Datainspektionen (DI)

https://www.datainspektionen.se/

UK

The Information Commissioner’s office (ICO)

https://ico.org.uk/

Germany

Datenschutzaufsichtsbehörden für den nicht-öffentlichen Bereich

https://www.ldi.nrw.de/mainmenu_S ervice/submenu_Links/Inhalt2/Aufsic htsbehoerden/Aufsichtsbehoerden.php