Recruitment Policy




7, avenue Gallieni – 94257 Gentilly Cedex – France

+33 (0)1 41 24 30 00

(hereafter ”we” or ”Biocodex”)


Contact person for register matters 

Data Privacy Officer

7, avenue Gallieni – 94257 Gentilly Cedex – France

+33 (0)1 41 24 30 00


name of register

Recruitment Data Register


What is the legal basis for and purpose of the processing of personal data?


Biocodex Oy, and its subsidiaries and affiliates (“Biocodex”, “us” or “we”), understand that your privacy is important to you. Biocodex and its subsidiaries may process your personal data in their capacity as data controllers. We are committed to respecting your privacy and protecting your personal data, which is any information that is capable of identifying you as an individual person. This Recruitment Policy (“Privacy Notice”) describes how we handle and protect your personal data in connection with Biocodex’s recruiting processes.


This Privacy Notice only applies to the personal data of job applicants, potential candidates for employment, and our optional recruiting programs and events. It does not apply to our employees, contractors or clients, or other personal data that Biocodex collects for other purposes.

As used in this Privacy Notice, “personal data” means information that identifies job applicants and potential candidates for employment with us, submitted through channels such as professional recruiting firms or direct applications.


We will process your personal data in accordance with this Privacy Notice, unless such processing conflicts with the requirements of applicable law, in which case, applicable law will prevail.

By submitting your personal data to us, you acknowledge that:

  • You have read and understood this Privacy Notice and agree to the use of your personal data as set out herein.
  • We may transfer your personal data between our subsidiaries and affiliates, and also through our partners within and outside the EU/EEA.
  • You are not required to provide any requested information to us but failing to do so may result in not being able to continue your candidacy for the job for which you have applied.
  • All your representations are true and correct to the best of your knowledge and belief, and you have not knowingly omitted any related information of an adverse nature. Providing any inaccurate information may make you ineligible for employment.

This Privacy Notice does not form part of any contract of employment offered to candidates hired by Biocodex.

We collect and use your personal data for legitimate human resources reasons including:

  • identifying and evaluating candidates for potential employment, as well as for future roles that may become available;
  • recordkeeping in relation to recruiting and hiring;
  • ensuring compliance with legal requirements, including diversity and inclusion requirements and practices;
  • conducting criminal history checks as permitted by applicable law;
  • protecting our legal rights to the extent authorized or permitted by law; or
  • emergency situations where the health or safety of one or more individuals may be endangered.

We may also analyze your personal data or aggregated/pseudonymized data to improve our recruitment processes.


what data do we process?

The types of personal data that we request from you and the ways that we process it are determined by the requirements of the country in which the position is located. Should you apply to more than one location or should the role to which you apply be available in more than one country, the types of personal data we request from you and the ways that we process it are determined by the requirements of all the countries in which the position is located.

Sensitive personal data is a subset of personal data and includes ethnicity, health, trade union membership, religious beliefs, sexual orientation, as well as other categories as allowed by law. We do not seek to obtain and will not collect such data about a candidate.

We process the following personal data of the Job Applicants in connection with the Recruitment Data Register:

  • basic information of the data subject such as name;
  • contact information of the data subject such as email address, phone number, home address;
  • work and educational history, achievements, in the form of curriculum vitae
  • other possible information relevant to the application in question


from where do we receive information?

We usually collect personal data directly from you when you apply for a role with us, such as your name, address, contact information, work and educational history, and achievements.

We also may collect personal data about you from third parties, such as your references, Biocodex employees with whom you have interviewed, and employment background check providers, to the extent this is permitted by applicable law. Finally, we may also collect and process your personal data from publicly available social media profiles e.g. Linkedin.


To whom do we disclose data and do we transfer data outside of EU or EEA?

Biocodex has business partners and third-party service partners within the European Economic Area (the “EEA”). We may transfer your personal data between our subsidiaries and affiliates, and also through our partners within and outside the EU/EEA.


How do we protect the data and how Long do we store them?

Only those of our employees, who on behalf of their work are entitled to process customer data, are entitled to use a system containing personal data. Each user has a personal username and password to the systems. The information is collected into databases that are protected by firewalls, passwords and other technical measures. The databases and the backup copies of them are in locked premises and can be accessed only by certain pre-designated persons.

We store the personal data for as long as is necessary considering the purpose of the processing. We may retain your personal data to consider you for future employment opportunities.

We regularly assess the need for data retention in light of the applicable legislation. In addition, we take reasonable measures to ensure that the personal data in the register is not incompatible, obsolete or inaccurate considering the purpose of the processing. We rectify or delete such information without delay.


what are your rights as a data subject?

As a data subject you have a right to inspect the personal data concerning yourself, which is stored in the register, and a right to require rectification or erasure of the data, provided that the request has a legal basis. You also have a right to withdraw or change your consent.

As a data subject, you have a right, according to EU’s General Data Protection Regulation (applied from 25.5.2018) to object processing or request restricting the processing and lodge a complaint with a supervisory authority responsible for processing personal data.


who can you be in contact with?

All contacts and requests concerning this privacy notice must be submitted in writing or in person to the person mentioned in section “Contact person for register matters”.


changes in the privacy notice

Should we make amendments to this privacy notice we will place the amended statement on our website, with an indication of the amendment date. If the amendments are significant, we may also inform you about this by other means, for example by sending an email or placing a bulletin on our homepage. We recommend that you regularly visit out webpage and notice possible amendments to this privacy notice. review these privacy protection principles from time to time to ensure you are aware of any amendments made.