Privacy policy for candidates

1. When does this privacy policy apply?

This privacy policy applies to all data we collect, use and store from our applicants and other users of the Join Picnic website.

There’s one exception: on Picnic’s website you can find a few links to third-party websites. The processing of your data on these websites is the responsibility of these third parties, so Picnic’s privacy policy does not apply in those situations.

2. Who is Picnic?

Picnic is a tech company in the retail industry. You can find our head office on the Van Marwijk Kooystraat 15, 1114 AG in Amsterdam, The Netherlands.

Depending on the location you’ll be employed, different Picnic companies can be responsible for the processing of your personal data as explained in this privacy policy. All Picnic companies can be contacted by emailing privacy@picnic.nl or sending a WhatsApp message to 088-3742642.

When you use our app and website, we collect three types of data:

• Data you’ve provided yourself

  Among other things, this is the information you give us when you apply for a job at Picnic. For example, your name, email address and phone number, so we know who you are and can contact you if necessary. You also provide us with information if you call, email or send us a message on WhatsApp.

• Automatically generated data

  To make our app and website function properly, we also collect automatically generated information. This means we collect things like your IP-address, the pages you view in our app or websites and how long you spend on them, the browser you use and the version number, and the Uniform Resource Locators-clickstream. That last part means that we save which page you came from and which one you go to after you visit our website. We also save the phone number you use to call our customer service, so we can call you back if we need to.

• Information from other sources

  When processing your application, we sometimes use information from external sources, such as references listed on your CV. It’s also possible that we receive your information from recruitment agencies or headhunters. If you come into contact with us through one of these agencies, we always make sure you know how your information was passed on to us.

Want to know what we use this data for? Read on in part 4. You can find even more information relating to the data categories listed above.

4. For which purposes does Picnic use this data?

Your application

The first step in your job application with Picnic is to enter your information on our website. This requires a valid first and last name, email address, phone number, CV and availability- and other preliminary information. Without this information we can’t process your application properly. You can always edit the information you pass on to us.

Your use of the app and websites

If you visit our website, we use automatically generated user data.

Our main reason for doing this is so we can keep the app and website functioning properly. We use software to measure and collect user data, such as response times, errors and interaction data (such as scroll and click behaviour). This data is also used for keeping Picnic secure.

Finally, we also connect this data with information you gave us earlier. For example, if you’ve applied for a job with Picnic before.

Reviews

Some positions require specific skills, which we’ll ask you to demonstrate during the application process. If, for example, you’re applying for a position in analytics, we could ask you to perform a small analytics test. We only use these tests to make sure the right people end up in the right positions, and we always keep you posted about your results.

Social media

By using a so-called social plugin you can share things from our website with others through social media (Twitter, Facebook, WhatsApp and Instagram). The social plugin allows third parties to place cookies. We’ll tell you more about that in our cookie policy. Instead of our own privacy policy, the placement and use of cookies by these third parties are subject to the privacy policies of the social media platforms in question.

Conversely, you can also contact us via your social media accounts. For example by messaging us through Facebook Messenger or WhatsApp. By messaging us, you could give us personal data. We use this information to respond to your message, but also save this information and add it to other data we’ve collected about you so we know what we’ve spoken to you about in the past.

What are the legal grounds for the use of my data?

This next part is going to be full of lawyer-speak. If you don’t care or don’t understand, you can skip this part. We’ve already told you everything you need to know about the purpose of our data collection in part 4.

We process your data based on the following legal grounds: on the basis of your permission (which you can always revoke), necessity for the execution of an agreement made with you or a (pre)contractual obligation (such as the use of your email address to confirm an order) and the ‘legitimate interests’ of Picnic or a third party. We can also have a legal obligation to process your information, for example when we suspect fraud.

When we process your data based on a ‘legitimate interest’ we believe that Picnic or a third party’s interests justify the processing of this data. Naturally, we’ll take steps to prevent other considered interests (such as your privacy) from being unnecessarily harmed. ‘Legitimate interest’, for example, is the legal basis for our analysis of customers’ responses to special offers, to improve our service and direct marketing. In part 4 we explain how we use your data to do this. Another example of how we use information on the grounds of ‘legitimate interests’ is how we process data to secure our website and app.

If you have any questions about the processing of your data on these grounds or wish to use your right to object (because you have this right, naturally, for example if you feel we’re not keeping your best interests at heart), you can always email us at privacy@teampicnic.com.

6. What about cookies?

Just like any other website, Picnic websites also use cookies. Cookies are small data files that your computer or mobile device saves when you use a website.

Many cookies exist so you can use a website properly. Thanks to cookies you don’t have to keep logging in or download the same information every time you visit a website. Other cookies help us to see how our website is used, or to be able to communicate with users more effectively.

By using Picnic websites cookies can be placed on your device, and those cookies can be accessed. Cookies placed by Picnic cannot damage your computer, phone or tablet or the files stored on these devices.

Important to know: Picnic works just fine if you choose to not allow any cookies (including those coming from Picnic). We only place or use advertising cookies if you’ve given us permission to do so. Whether you do that or not is completely up to you. However, we can make Picnic more user-friendly if you do accept them.

In our cookie policy you can find more information about the cookies we use, what their purpose is and how you can decide which types of cookies we can use. You can also find more information about advertisement-ID’s, what we use them for and how you can disable them.

7. Which third parties have access to my data?

Your private information will always remain private. That means we never share your information with third parties for marketing purposes without your consent.

The only parties we share your information with without your consent are:

Our own Picnic group companies

Of course we want all administration within Picnic to check out. That’s why we share your information with Picnic B.V., Picnic Fulfilment B.V., Picnic Hubs B.V., Picnic Services B.V., Picnic Technologies B.V. and Picnic International B.V.

1. Picnic B.V. manages the online store through which customers can order their groceries
2. Picnic Fulfillment B.V. is responsible for the processing, storing and packaging of products.
3. Picnic Hubs B.V. delivers products to customers’ homes.
4. Picnic Services B.V. concerns itself with our activities at our HQ.
5. Picnic Technologies B.V. develops and manages our software.
6. Picnic International B.V. is our parent company.

Trusted subcontractors and service providers

We make detailed agreements with these parties about how we protect your privacy and that of other customers.

With a party which wants to take over Picnic or merge with us

In the very unlikely event that this will ever happen :)

Supervisory bodies, tax authorities or investigative agencies

If we think we’re required to do this based on legal grounds.

Judges and counterparties

In a court case in which your data is considered evidence.

If your personal data is transferred to countries outside of the European Union, we also make sure that your privacy is protected the best we can. In that case we work with European model contracts that have been created specifically for these situations.

8. How do you secure my data?

We think it’s important that your data is stored as securely as possible. That’s why we have taken serious technical and organizational measures to secure your data against loss or any form of unlawful processing. We secure our systems and applications according to the current standards for information protection, such as Control Objectives for Information and related Technology (CobiT) and the Standard of Good Practice for Information Security (ISF).

9. How long do you store my data for?

We don’t store your data any longer than is necessary. For example, we don’t store complaints (and the contact information attached to them) longer than two years, except if the nature of the complaint necessitates longer storage. If you have any questions about the specific storage terms of certain types of data, please send us an email at privacy@teampicnic.com.

10. How do you handle the data of minors?

In order to be eligible to work for Picnic, you have to be 18 years or older. This means we don’t collect data on persons younger than 18 years of age for data processing that requires permission.

11. How can I view, edit, correct or delete my data?

You are obviously in charge of your own data. That’s why you can request to view the data about you that we’ve stored and use at any time. You can also always edit or delete information. Finally, you also have the right to object to our processing of your data.

To make everything easier, you can request a special form in which we help you to easily formulate such a request. Of course you can also email your request to us in your own words, or send a request through the mail.

If you make a request or exercise your right to object, we’ll ask you to send a valid form of identification along with your request. That way we can make sure it’s you and prevent someone else from accessing your data. For security reasons, we’ll ask you to blur out your photo and social security number.

Have any other questions about our privacy policy? You can always email us at privacy@teampicnic.com. Not satisfied with the way we handled your privacy request? In that case you can always file a complaint with the Data Protection Authority.

12. Can this privacy policy be changed?

This privacy policy could potentially be changed. This could happen in the event of new legislation concerning privacy. The current version of the privacy policy can be found at https://join.picnic.app/privacy. We’ll also include the last date on which the policy was edited. If we change things in our policy that are relevant to you, then we’ll let you know through more direct channels, such as via email or in the app.