Privacy Notice for Calendar Sync with Self Scheduling (EU)
Last Updated 25 April 2022
Contact Us
If you have any questions about our privacy practices or this Privacy Notice, please contact SHL via: dpo@shl.com
SHL uses the following third party sub-processor to collect the calendar information as further described in this notice: Nylas, Inc. (“Nylas”) For more information about Nylas, please see their website https://www.nylas.com/company/about/.
The type of personal information we collect
By connecting your calendar, Nylas will collect and process the following information:
- Personal identifiers (for example, name and email address) of those users who choose to connect their calendars.
- IP address
- Calendar Data – This includes your full calendar information as well as any other calendars that have been shared with you. Full calendar information includes:
- Appointment name
- Appointment Description
- Appointment Location
- Appointment Owner (email address and name)
- Appointment participants (email address and names)
- Appointment rooms booked
How we get the personal information and why we have it
Nylas will process the personal information described above, because you have provided permission to sync your calendar. Connecting your calendars will provide you with the ability to view availability and book meetings for the SHL online interview products.
Nylas will use the personal information described above in order to run algorithms to provide Free/Busy slots to SHL.
The lawful bases we rely on for processing this personal information is:
- Your consent. You are able to remove your consent at any time by un-syncing your calendar.
How we store your personal information
Your information is securely stored. Nylas will store personal information collected via the calendar sync for a maximum of 30 days, as data collected by Nylas will be deleted on a 30 day rolling basis.
Where your information is stored
All information collected will remain stored within the European Union.
Your information will be accessed outside the European Union for the purposes of Nylas providing support and maintenance. These countries may not have equivalent privacy and data protection laws to the data protection laws of the European Union.
In order to provide access to information outside the European Union, Nylas uses the standard contractual data protection clauses, which have been approved by the European Commission to safeguard the transfer of information from the European Economic Area, the United Kingdom and Switzerland.
Nylas does use subprocessors, a list of the most up to date subprocessors used can be found at https://www.nylas.com/privacy-policy/
Your data protection rights
Under data protection law, you have rights including:
- Your right to withdraw consent - You have the right to withdraw consent at any time and once consent has been revoked, we will erase your personal information within 30 days including all synced calendar information provided.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at the start of this notice.
Supervisory Authority
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law.