Last updated: April 6, 2026
I. Introduction
This privacy notice should be read together with the General Privacy Policy available here.
Personal data / personal information – all information related to you that we process. For example: first name, last name, e-mail address, telephone number, information about your education and professional experience, etc.
Processing – all activities performed in regard to your personal data. For example: collecting, retaining, or updating data, sending messages to you, deleting data.
In addition to this Global Recruitment Privacy Notice:
– if you are a California resident, please see here,
– for information specific to countries and regions where GlobalLogic operates, please see a relevant section under “VIII. Local regulations” at the end of this document.
In case of any discrepancies between this Global Recruitment Privacy Notice and Section VII hereto (Local regulations), the latter shall prevail.
II. Information about GlobalLogic – the data controller
We are Method – a GlobalLogic company and part of Hitachi Group, which includes GlobalLogic Inc., its parents, subsidiaries, and affiliated entities (“GlobalLogic”).
E-mail address for contact: privacy@globallogic.com
The data controller is the GlobalLogic company based in the country where the position you applied for is located – you can find company details, including post address, here.
III. Scope of personal data we collect, the purpose and legal basis for processing that data
The scope of personal data we process depends on what information you provide in connection with your application, especially: name, surname, email, phone number, work experience and education. It includes the content of documents, information on how you submit them, your feedback on the recruitment process as well as the content of our possible further communication and conclusions from the recruitment process. Provision of all data is voluntary, but if you decide not to provide us with some of them, we might not be able to assess your application, and as a consequence you might be excluded from the recruitment process.
Our processing may also include information we collect directly or through a third party, such as a recruitment agency, e.g. if we are conducting background checks (including upon request of our clients or pursuant to a legal obligation) in order to verify your personal suitability for a certain position. Such information may include for example output of background checks, other information publicly available, internal notes further to your interview with us.
We process your personal data in line with applicable data privacy requirements including, when legally required, basing the processing on an appropriate legal basis. Such a legal basis can be, for example, your consent, a legal obligation to which we are subject, or another legal basis as regulated by applicable laws.
The purposes for which we are processing your personal data are:
- to assess your candidacy in respect of requirements for the position for which you have submitted your application, and/or for future recruitments for which a similar skill set and experience is required; this may also include a background check and the screening of relevant sanctions and restrictions lists;
- to verify your identity;
- to share your application with the Globallogic company that is best suited to consider your application and hire you;
- to contact you regarding your application and possible employment opportunities;
- if you meet the requirements for a position – to present you an offer of employment and to conclude a contract;
- to demonstrate that the recruitment process is compliant with applicable laws;
- to ensure safety of our property – we may introduce video monitoring (CCTV) in our offices, placing the cameras in places requiring special protection, including the entrances to offices and communication routes. Thus, if you visit our offices e.g. for an interview, we may process your image captured on the video recordings. The monitored areas are appropriately designated and the recordings are stored for the time necessary for operational purposes depending on local specifics (unless they constitute or may need to constitute evidence in legal proceedings, in such case we may keep them until the proceedings have been closed).
As we operate in an international environment, we may collect your residence, citizenship and nationality data for the following purposes:
- to verify that you hold a residence permit entitling you to work in the territory in which we operate,
- to prevent the establishment of relationships with individuals on sanction lists published by authorized national and international authorities,
- to ensure compliance with applicable legal regulations, in particular US export control regulations (due to the fact that our technologies and deliverables, as well as certain of the products, including software source code, and technologies that we receive from our customers and suppliers, are subject to US export control regulations, as a company group with its headquarters in the United States, we must ensure that our global business operations are conducted in full conformance with the regulations).
Where legally allowed, some of the personal data provided by you, for example your name, surname, contact address and feedback, may be used by us also for operational and marketing purposes, such as sending you thank you notes, seasonal greetings, satisfaction surveys, etc. or improve our recruitment process.
We may also process your data for statistical purposes, in relation to defense against claims and to share your personal data with our group member companies listed here.
You may provide gender data to help us ensure a fair and compliant work environment for all employees. Our goal is to create an inclusive work environment where every candidate feels accepted, supported and free from any form of discrimination based on gender or any other protected characteristic. Furthermore, processing gender data supports our commitment to equitable and transparent pay practices within our organization.
IV. Retention period
We will process your data for no more than 3 years, unless earlier you withdraw your consent or the purpose of data processing is fulfilled.
The exception to the above rule is when you are in the European Economic Area (EEA, including the EU), the UK or Mexico and you decide to apply to a single vacancy only. In such a case we will process your data for 6 months.
The above retention periods are counted from the last activity in your candidate profile: you applying to a vacancy, interview with you; presenting you with an offer and closing the recruitment process.
If we hire you, we will continue retaining your data for the duration of the employment relationship and possibly thereafter in compliance with local laws, as described in the applicable Employee Privacy Notice.
The periods described above may be extended as appropriate in the event of any claims or court proceedings – for the duration of such proceedings and their settlement – and if the law obliges us in certain cases to process such data for a longer period of time.
V. Who has access to your personal data
GlobalLogic operates internationally and, therefore, personal data may be used in countries outside of your country, which may not have data protection regulations as stringent as those in your country. We will transfer your data to third countries only in accordance with applicable privacy laws. This includes in particular data transfers to countries in which GlobalLogic conducts business, or has a service provider, for the purposes set out in this document.
GlobalLogic applies all required safeguards, including standard data protection clauses adopted pursuant to decisions of the European Commission or relevant data protection authorities, where needed. We may also transfer your data to a country that is deemed ‘adequate’ by the European Commission in relation to data protection pursuant to the GDPR.
Access to your personal data will be given exclusively to appropriately authorized employees or associates of GlobalLogic, vendors, partners, consultant or auditors and only to the extent necessary to perform their responsibilities. Your data may be transferred, for example, to providers of hosting services or ICT services, other entities that provide to us technical or organizational assistance and support of our recruitment process, including communication with candidates (e.g. recruitment agencies) or distribution of invitations / documentation etc. (e.g. couriers). GlobalLogic may also be required – if there is a legal basis to do so – to provide certain information to public authorities, for purposes related to proceedings they are conducting.
Our staff may work directly with our clients, that is why our client may be also involved in the recruitment process. In the final stages of the recruitment process we may share your data with our clients who could potentially work with you in the future.
VI. Your rights related to processing of your personal data
To exercise your rights please contact us at privacy@globallogic.com or by other means as convenient for you.
GlobalLogic respects all applicable privacy laws and your rights under the applicable legislation – in particular you can request that we delete your data or withdraw your consent for personal data processing. You can also opt-out of receiving marketing communication by using the “unsubscribe” link included in the emails we send you, or by contacting us as described below.
For more details on your rights please see below additional information for the residents of the particular countries and regions.
Please note that we are legally obliged to confirm your identity before we can process your request, so you may be asked to provide some further information.
VII. No automated decision-making. Use of tools, including artificial intelligence (AI)
You will not be subject to a decision based solely on automated decision-making, including profiling, which produces legal effects that concern you or significantly affect you.
However, we use tools, including systems incorporating AI, to support us in our processes and enhance our activities, for example by helping us sort information, recommending content, listing in specific order, filtering, grouping, etc. Some of these actions may constitute soft profiling. We ensure that all significant decisions regarding you are made by our personnel and not by a computer system.
VIII. Local regulations
ADDITIONAL INFORMATION FOR RESIDENTS OF CANADA
No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN ECONOMIC AREA (EEA, INCLUDING THE EUROPEAN UNION) AND THE UK
This section applies to the processing of personal data by a GlobalLogic group company that has its seat or establishment within the EEA (including the EU) or the UK. In case of any doubts please contact us at privacy@globallogic.com.
Joint Controllers
If you apply for a position or share data for the purpose of future openings located in several countries within the EEA or the UK, the GlobalLogic companies based in those countries will be processing your data as joint controllers – you can find company details here. If you apply for a position or share data for the purpose of future openings in the EEA or UK where a country location is not specified, GlobalLogic Poland Sp. z o.o. will be processing your data as joint controller together with the GlobalLogic company/ies that might be hiring you.
GlobalLogic companies have entered into an agreement that reflects their respective roles and relationships as joint controllers and determines their responsibilities for complying with their obligations under applicable data protection laws. A summary of the most important terms of that agreement will be made available to you upon your request.
Recruitment via third party (supplier, outsourcing/recruitment company, etc.)
If we received your personal data from a third party that you work with or that you applied with, the name of that party will be specified in our email correspondence with you.
The scope of data processed by GlobalLogic depends on the data you provided the third party with and includes, in particular, data identifying you, as well as information on your education, experience, professional qualifications, and conclusions from the recruitment process.
In case you get involved in one of our projects via a third party, we will also process data on your access to our buildings and systems, information about the project you are working on, your tasks and assessment of your work.
We may process some of your data (name, surname, email and the third party we got your data from) due to the contractual obligations towards that third party.
Source of personal data
We may also receive your personal data from our staff who may recommend you for a vacancy (“referral”). In order to start a recruitment process, GlobalLogic will confirm if you consent to participate in it. If we do not receive confirmation within 5 business days, we will delete your data. Otherwise, we will store your personal data in line with retention periods specified in this notice.
Who has access to your personal data?
If you were recommended as a referral, the person who recommended you may receive information on the stage of your recruitment process.
If our client is involved in your recruitment process, we will inform you each time before we transfer your data to them. If you do not agree, please object to our action immediately. Please note, however, that if you make such an objection, we will not be able to further process your application.
What is a legal basis of processing?
The legal basis for the processing of your personal data is your consent (Article 6(1)(a) GDPR/UK GDPR) and taking steps at the request of the data subject prior to entering into a contract with you (Article 6.1(b) GDPR/UK GDPR or the relevant provisions of national data protection legislation, such as § 26 (1) of the German Data Protection Act).
In case we are processing your data for operational or marketing purposes, the legal basis for such processing is our legitimate interest (Article 6(1)(f) GDPR/UK GDPR) – maintaining our relationship and promoting GlobalLogic brand – or, where we have obtained your explicit consent for processing your data for operational or marketing purposes, your consent (Article 6(1)(a) GDPR/UK GDPR).
Our legitimate interest (Article 6(1)(f) GDPR/UK GDPR) is also the legal basis for processing your personal data for statistical purposes, for defense against claims, for optimizing our processes re. management of candidates (please read also point VII above), for sharing your personal data with our group member companies and/or our clients involved in the recruitment process or due to contractual obligations towards third parties.
To ensure the best standards, each application is verified by our recruiter. Please note, that considering the need to handle many applications and our legitimate interest, as part of our recruitment process we use the OCR technology for more efficient introduction of applications to our system, followed by an internal search engine that allows us to find suitable applications. If you do not agree to such actions, please do not take part in our recruitment process.
The processing of your personal data for background checks and screenings of relevant sanctions and restrictions lists is based on our legal obligation (Article 6(1)c GDPR/UK GDPR) where we are legally obliged to run these checks or screenings.
For residents of Northern Ireland, the processing of your personal data for the purposes of monitoring community background and gender background checks and providing returns to the Northern Ireland Equality Commission is based on our legal obligation (Article 6(1)c GDPR/UK GDPR) where we are legally obliged to undertake such monitoring.
In other cases, we process your personal data on basis of your consent (Article 6(1)(a) GDPR/UK GDPR) or legitimate interest (Article 6(1)(f) GDPR/UK GDPR) – ensuring the integrity, security and compliance of GlobalLogic and its group companies and business partners with their regulatory requirements (in particular due to the fact that each GlobalLogic company must comply with the requirements applicable to the capital group as a whole).
Where processing of your data is based on consent, we remind you that you can withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. If your data is processed on the ground of our legitimate interest, you have the right to object to such processing.
You can find a description of your rights below.
How long do we process your personal data
As a rule, personal data will be processed:
- for the purposes of conclusion and performance of a contract – for the duration of the contract and its settlement;
- on the basis of our legitimate interest – until the objection to such processing or the fulfilment of the purpose for which the data has been processed;
- on the basis of your consent – until withdrawal of such consent or fulfilment of the purpose for which it was given;
- on the basis of legal obligation – for as long as is necessary to comply with the applicable legal obligations;
unless the law requires that we process such data for a longer period, or in case of potential claims, for such claim’s limitation period specified by law – whichever is longer.
Your rights related to processing of your personal data
You have the following rights:
- Access to your personal data – you may ask us at any time to provide information regarding:
- whether we are processing your personal data;
- for what purpose;
- what categories of data we are processing;
- who is the recipient of your data;
- what is the planned duration of processing (if possible), and if we are not able to say, the criteria for determining that duration;
- if the personal data has not been given by you – all available information about the source of the data.
You can also receive access to all of your personal data that we are processing (data copy).
- Data rectification – if information about you is or has become inaccurate or incomplete, you have the right to demand that data is rectified or made complete.
- Consent withdrawal – you may withdraw your consent to the processing of your data at any time and it will not affect the lawfulness of processing based on consent before its withdrawal.
- Data erasure – in certain situations, GDPR gives you the “right to be forgotten.” You can invoke this right where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdrew consent to the processing of personal data and there is no other legal ground for continuing to process it;
- you object to the processing of your personal data when there are no overriding legitimate grounds for processing;
- you object to the processing of your personal data for marketing purposes;
- your data is processed unlawfully;
- the personal data have to be erased for compliance with a legal obligation.
- Restriction of processing – you can demand that we restrict our activities in principle only to storing information about you when:
- you contest the accuracy of personal data we are processing – for a period of time that allows us to verify the accuracy of the personal data;
- the processing of your personal data violates the law, but you prefer that processing be restricted rather than the data be erased;
- GlobalLogic no longer needs your personal data for the purposes of processing, but you need it for the establishment, exercise or defence of legal claims;
- you have objected to the processing of your personal data – only until such time as it is determined whether our legitimate grounds override yours.
- Data portability – you have the right to receive your data in a structured, commonly-used and machine-readable format , and also to transmit your data to another data controller, if:
- the processing is based on your consent or on a contract; and
- the processing is carried out by automated means.
- Objection – you have the right to object to some operations we perform on your personal data on grounds related to your particular situation, particularly in the following cases:
- when our processing is based on our legitimate interest;
- when we process your personal data for purposes related to scientific or historical research, or for statistical purposes.
When despite your objection we find that there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or basis for the establishment, exercise or defence of legal claims, we will continue to process data covered by the objection to the extent necessary. If you disagree with such an assessment of the situation, you can exercise your right to file a complaint with the relevant public authority (more information below).
Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing. Where you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
- Complaints to the relevant public authority – in connection with our actions as the controller of your personal data, you are entitled to lodge a complaint to the relevant supervisory authority. You can find a list of local authorities responsible for data protection across the EU and their contact details at: https://edpb.europa.eu/about-edpb/board/members_en. The relevant public authority in the UK is the Information Commissioner’s Office https://ico.org.uk/global/contact-us/. Of course, we encourage you to first contact us at privacy@globallogic.com.
- You can obtain a copy of the security measures we apply for the transfer of personal data to third countries by contacting us at privacy@globallogic.com.