Personal data we collect
We, at Genpact, may collect certain personal data directly from you as well as from other available sources to the extent relevant and permitted by applicable local law. The categories of personal data that are typically collected and processed in the recruitment context are:
- Name, gender, address, personal and/or business telephone number, personal and/or business email address, date of birth and other contact details;
Competences, skills (including cognitive abilities and language speaking abilities as a result of any assessments carried out during the recruitment process), experience and education, e.g. your CV or resume, previous employments, educational details and qualifications, third-party references.
- Languages spoken, Citizenship and Nationality to enable us to check your suitability for a specific role and working location.
- Preferences, e.g. preferred country of employment, areas of interest as well as your preferred ways to be contacted by Genpact);
- Your online user identity, e.g. user names and other such information used in connection with authenticating you to our online recruitment management system.
- Information collected during interviews: As part of our interview process we may maintain audio/ video records of the interview (in case of telephone interviews or video enabled interviews) as well as comments noted by our interviewers.
- Information collected from online assessments proctoring: as part of the recruitment process we may ask you to take certain tests which are necessary for assessing your suitability for a certain position. Such assessments can also be taken online, without your actual presence at
- Genpact’s headquarters. In such cases, we may also collect snapshots and/or audio/video recordings of you to ensure that integrity of the tests is maintained. No biometric data will be collected of you.
- Other information, such as information found from public sources as well as information related to reference checks, depending on the position you are applying for, and where necessary for the recruitment activities.
- Additionally, once you have been shortlisted, we may collect additional information such as copy of Government ID, expectation of compensation and remuneration details, information relating to your family members (for benefits administration), passport, visa and work permit (in case of expatriate), background check reports including educational, employment and criminal checks etc. as permitted under applicable laws. Also, in certain cases, we may collect your bank account details, details of the expense incurred and relevant bills to reimburse any expenses incurred by you during the interview processes.
The special categories of personal data (by which we mean either special category personal data or data relating to criminal convictions and offences) collected may include:
- Information relating to your Health: In certain instances, we may receive information related to health such as disability status in order to make any necessary accommodations during our interview process.
- Accommodation for disabilities – In certain instances we may receive or request for information related to health such as disability status in order to make any necessary accommodations during our interview process. Genpact shall process such information only based on your explicit consent.
- Data relating to criminal convictions and offences collected from background checks, as permitted under applicable laws.
- Information related to racial, ethnic origin or religious beliefs collected as a result of diversity surveys, as permitted under applicable laws.
The legal basis for processing sensitive personal data is as defined under the art. 9 para. 2 letter b) of GDPR.
This information will be collected by us in a number of ways through multiple channels during the recruitment process and over time during our relationship with you:
- Directly from you (when you apply online or via email or in person);
- Through referrals from your friends, family of professional connects who work at/ with Genpact;
- From third-parties (through recruitment agencies and background verification agencies), which may also include public sources such as professional networking platforms;
Purposes of processing your personal data and the legal basis for processing
We, at Genpact, are required to collect and process your personal data for the purposes of Genpact’s recruitment or resourcing activities. The legal basis for processing the personal data is legitimate business interest. When you apply for a role with Genpact you do so voluntarily and can at any time withdraw your application. Your personal data shall be utilized in the following ways:
- Communicating with you, in context of recruitment activities in accordance with the legitimate business interests of the company:
- To obtain additional information about your suitability for the role where necessary;
- To inform you of available vacancies;
- To provide you with information relating to your application and to fulfil your requests.
- Managing recruitment and resourcing activities, including activities related to organizational planning. In the course of recruitment activities, we may use your information, in accordance with our legitimate business interests:
- To set up and conduct interviews and assessments;
- To evaluate, select and recruit applicants;
- To contact third-party referees provided by you to evaluate your previous performances.
- In the event your profile is shortlisted, we may collect additional personal data (as mentioned in the previous section), to carry out background checks (in accordance with local law), facilitate travel for face to face interviews and to roll-out an employment offer letter.
- Carrying out online aptitude tests and language assessments. For certain positions, candidates must have a certain set of soft skills and/or language abilities, in addition to the subject-matter expertise. Consequently, we have a legitimate interest to test your cognitive abilities and/or language abilities, so that we can assess your suitability for a certain position within Genpact and ultimately increase the quality of hires, reduce the bias in the recruitment process and improve your overall recruitment experience. Tests have been calibrated and benchmarked by our team of experts, against a significant number of data points, to ensure accuracy and fairness. We will provide you with detailed information on each type of assessment that you may have to take in the email invitation that we send you for before taking the test.
- Proctoring of assessments to prevent fraud: When taking online assessments without any supervision (such as online cognitive assessment tests, online language abilities test) we have a legitimate interest to take snapshots and/or video recordings of you during the test, in order to prevent and identify any fraud and ultimately maintain the integrity of the test. An AI algorithm will be used to identify potential fraud within the taken snapshots/video recordings and will highlight them to the responsible recruiter, which shall review them manually in order to reach a decision. The proctoring activity is implemented in the least intrusive manner possible, does not involve processing of any sensitive personal data (such as biometric data) and all technical and organizational measures have been implemented to ensure minimization, security and confidentiality of the processed personal data. We will inform you in detail of any proctoring carried out before any assessment that you may take.
- Monitoring and development of our recruitment process – We may use your personal data to develop and improve our recruitment processes, websites and other related services. This is in accordance with our legitimate business interests to improve the services we provide. Where feasible, we shall use aggregated anonymous information in the context of such development activities.
- Audit Compliance – We may process personal data as part of our audit processes and engage third-party auditors, from time to time in accordance with the legitimate business interests of the company and/or where necessary in defence or exercise of our legal rights.
- Prevention of fraud – We may process your personal data for the purpose of fraud prevention in pursuit of the legitimate interests of the company.
New employment opportunities – If you have expressed an interest in working for us in the future we may retain relevant documents collected during the recruitment process containing your personal data for future employment related opportunities
In the future, if we intend to process your personal data for a purpose other than that mentioned above, we will provide you with any other relevant information and obtain your consent where it is necessary to do so.
We have implemented industry standard security measures to keep your personal data secure and confidential, including and not limited to:
- Limiting access to your personal data, to Genpact employees strictly on a need to know basis, such as to respond to your inquiry or request.
- Implemented physical, electronic, administrative, technical and procedural safeguards that comply with all applicable laws and regulations to protect your personal data from unauthorized or inappropriate access, alteration, disclosure and destruction. It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when you are done using a shared computer.
- Genpact employees who misuse personal data are subject to strict disciplinary action, as it is a violation of the Integrity Policy of Genpact.
Who we may share your personal data with (the recipients or categories of recipients of the personal data)
- We may use carefully selected third-parties to carry out certain activities to help us to run our business (such as cloud service providers, IT support vendors), to facilitate abilities tests and language tests (language assessment agencies, online test providers etc.), to carry out background checks (background verification agencies), as permitted by applicable laws, to facilitate your travel and expense (travel and immigration vendors), to facilitate on-boarding at the time of joining Genpact and to facilitate audits (third-party auditors). For information on the third-party vendors partnered with Genpact, please visit https://www.genpact.com/downloadable-content/genpact-list-of-associated-partners-and-suppliers.pdf.
- We have offices and operations in a number of international locations and we share information between our group companies for business and administrative purposes. Your information could be, shared with our internal staff for screening and interview purposes. To the extent the Protection of Personal Information Act, Act No. 4 of 2013 (“POPIA”) applies, where required, we will obtain your informed consent.
- Where required for your role, your CV and business contact details may be shared with clients, as permitted under applicable laws.
- Where required or permitted by law, information may be provided to others, such as regulators and law enforcement agencies.
- From time to time, we may consider corporate transactions such as a merger, acquisition, reorganisation, asset sale, or similar. In these instances, we may transfer or allow access to information to enable the assessment and undertaking of that transaction. If we buy or sell any business or assets, personal data may be transferred to a third-party involved in the transaction.
International and group company transfers of personal data
We are part of an international group of companies and, as such, transfer personal data concerning you to countries outside the European Union (EU). Please visit https://www.genpact.com/about-us/regions to see a list of the locations within our corporate group.
We transfer personal data between our group companies and data centres for the purposes described above. We may also transfer personal data to our third-party vendors outside of the EU as described above. Your personal data may be stored in databases located outside of the EU including in India. The database is controlled by our administrative staff located outside of the EU including in India and can be accessed electronically.
Where we transfer personal data outside of EU, or, to the extent that POPIA applies, outside of the country in which Genpact is established, we either transfer personal data to countries that provide an adequate level of protection (as determined by the European Commission or the applicable data protection legislation) or we have appropriate safeguards in place. Appropriate safeguards to cover these transfers are in the form of standard contractual / data protection clauses adopted by the European Commission or as permitted under the applicable data protection legislation. Please visit https://eur-lex.europa.eu/eli/ to know more about standard contractual/data protection clauses.
Where we transfer personal data between our group companies we have covered these transfers by entering into standard contractual clauses adopted by the European Commission or, to the extent that POPIA applies, as permitted under applicable data protection laws. If you would like more information on the any of the data transfer mechanisms on which we rely please contact our Data Protection Officer, details available in the contact section below.
Period for which the personal data will be stored
Your personal data will be retained for as long as necessary in order to achieve the purpose for which the information was collected namely to enable us to contact you in future about potential employment opportunities at Genpact, if any, in line with our Data Retention policies and any legal or regulatory requirements . You may choose to opt-out by writing to us at [email protected] and [email protected]. Once you opt-out Genpact will stop processing your personal data and delete it from our systems and hard copy documents.
For candidates who have accepted employment positions, we shall retain the personal data in line with our Data Retention policies, available on our Genpact intranet portal – https://genpactonline.sharepoint.com/sites/DataPrivacy and any legal or regulatory requirements.
Existence of Automated Profiling and Decision Making
We use automated profiling, in limited circumstances as explained below:
- In certain instances, while hiring individuals for senior leadership roles, we utilise a Genpact managed tool that aggregates publicly available data about the individual, analyses the text content, detects communication style, makes personality assumptions, and provides personality predictions, based on the person's writing style. This information shall be utilized by the recruitment team pursuant to our legitimate business interest in order to tailor our interview processes and communicate better with the candidate.
- While hiring individuals for entry level positions, we utilise a Genpact managed web-based tool to facilitate the interview & recruitment process. The tool maintains video records of the interview process to create a Big Five psychology profile of candidate through voice & movement & vocabulary analysis. The Big Five psychology profile provides the analysis under 5 key personality traits such as ‘openness to experience’, ‘conscientiousness’, ‘extraversion’, ‘agreeableness’, and ‘neuroticism’. These insights of the profiling are utilised by the recruitment team pursuant to our legitimate business interest in order to help us take informed decisions while shortlisting our candidates.
You may in some circumstances have the right to obtain human intervention where automated profiling has taken place and a right to express your views.
You have a right to:
- Request access to your personal data and request details of the processing activities conducted by Genpact and, to the extent that POPIA applies, by third parties, within a reasonable time and at a prescribed fee, if any.
- Request that your personal data is rectified if it is inaccurate or incomplete and, to the extent that POPIA applies, irrelevant, excessive, out of date, misleading or obtained unlawfully.
- Request erasure of your personal data in certain circumstances.
- Request the destruction or de-identification of your personal data where Genpact is no longer authorised to retain the information, to the extent POPIA applies.
- Request restriction of the processing of your personal data by Genpact in certain circumstances.
- Object to the processing of your personal data in certain circumstances.
- Receive your personal data in a structured, commonly used and machine-readable format in certain circumstances.
- Lodge a complaint with the relevant supervisory authority or the Information Regulator, to the extent POPIA applies.
- Object to, and not to be subject to a decision based solely on, automated processing (including profiling), which produces legal effects or significantly affects you.
- Withdraw any consent you have provided to us at any time by contacting us.
To exercise the rights outlined above in respect of your personal data you may submit a data subject request on our portal – https://app-eu.onetrust.com/app/#/webform/6f529743-657b-472f-9f18-b4a49d9cd6a2. In case you face any issues in accessing our portal, you may also write to us at [email protected].
Genpact is the controller of data for the purposes of GDPR.
If you have any concerns as to how your data is processed you can contact our Data Protection Officer by writing to [email protected].