Recruitment Privacy Notice
This Recruitment Privacy Notice provides you with an overview on how Lilium GmbH, together with all of its affiliates (referred to collectively herein as “Lilium”, the “Company”, “Our” or “We”) treat and use your Personal Data as a job applicant and, if applicable, through the hiring process, including (i) the information included in your individual application, (ii) as someone who has referred a job applicant to us, (iii) and/or as a third person who is mentioned in another person’s job application.
This Recruitment Privacy Notice applies to all job applicants to Lilium including: (i) those active job seekers who register via our Careers-section on lilium.com or lilium-jobs.com (collectively, our “Website”), via the Lilium internal job board, and/or apply to a role that we have advertised, including via a business social network; (ii) individuals referred to us via a third party (such as a head-hunter or internal referral); and/or (iii) individuals we identify as a potential job seeker through external resources that are publicly available (e.g., a business social network).
Protecting the confidentiality, integrity and availability of Personal Data is a critical responsibility that Lilium takes seriously. We will ensure that Personal Data is processed in accordance with applicable data protection regulations.
Unless otherwise expressly stated, terms in this Recruitment Privacy Notice have the same meaning as defined in our Website Privacy Notice.
I.Personal Data, Processing of Personal Data definitions and applicable legal provisions
Personal Data is any information relating to an identified or identifiable natural person, including e.g., name, email address or telephone number, work experience, and/or information about hobbies.
Special categories of Personal Data mean Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and genetic data, biometric data for the purpose of uniquely identifying a natural person, and data concerning health or data concerning a natural person’s sex life or sexual orientation.
Data processing means any operation or set of operations that is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Applicable legal provisions. This Recruitment Privacy Notice applies globally. As data protection laws may differ, some sections of this Recruitment Privacy Notice may or not be applicable to you, depending on the country you are located and/or you are applying for. This Recruitment Privacy Notice is applicable, amongst local regulations (e.g., the German Federal Data Protection Act (Bundesdatenschutzgesetz, "BDSG")), according to the regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2016 on the protection of individuals with regards to the processing of Personal Data, on the free movement of such data (“General Data Protection Regulation”, "GDPR"). To the extent that the processing of Personal Data is (also) subject to UK, Swiss, and/or U.S. data protection laws, the country-specific Addendums respectively set out in Annex 2 will (also) apply.
II. Who is the Data Controller/s of my Personal Data?
Lilium GmbH centrally manages the application process and the related processing of Personal Data at the Company.
Claude-Dornier Str. 1, Geb. 335, 82234 Wessling, registered with the commercial register of the local court (Amtsgericht) Munich under HRB 216921, represented by its managing director.
phone front desk: +49 1757539269
There are instances where Lilium GmbH may share your Personal Data with other (relevant) Lilium affiliates. This is especially the case if your application relates to a job position at one of these affiliates or for a team whose supervisor(s) or team members are located at one or several of the affiliates.
Lilium GmbH and its respectively relevant affiliates have: (i) jointly determined the purposes and means of processing in relation to such sharing of Personal Data including subsequent processing in these instances (excluding processing of Personal Data which is exclusively performed by one affiliate and where the purposes and means have not been jointly determined with other affiliates); and (ii) are jointly performing such processing.
The affiliates have agreed that the relevant obligations under the GDPR will in relation to the joint processing generally performed by Lilium GmbH. Therefore, Lilium GmbH will inter alia provide you with this Recruitment Privacy Notice and primarily handle your requests to exercise your rights as set out under “Your Rights” below.
Relevant affiliates of Lilium GmbH are located in the Netherlands, Germany, Switzerland, the UK, Spain, and the United States of America.
In relation to the affiliates located outside of the EU, the following applies:
Whenever your Personal Data is shared with Lilium’s affiliates in the United States, Switzerland, or the UK, we rely on the respective adequacy decisions of the European Commission regarding the United States (commercial organisations participating in the EU-US Data Privacy Framework), Switzerland and the UK, through which these territories are deemed to provide an adequate level of data protection. The decisions may be found respectively here, here and here.
Whenever your Personal Data is shared with Lilium’s affiliate in the United States (for commercial organisations not participating in the EU-US Data Privacy Framework), we rely on Standard Contractual Clauses issued by the European Commission, as published here, as appropriate safeguards to protect your Personal Data when it is processed outside of the European Union (“EU”).
Please kindly note that whenever this Recruitment Privacy Notice refers to the European Union (or the EU) or its Member States, the respective reference shall also incorporate the European Economic Area (“EEA”) or its respective Member States.
Lilium may also share your Personal Data with other independent Data Controllers, i.e., controllers responsible independently from Lilium for data protection obligations regarding the processing of your Personal Data. In such case, for privacy and data protection, you should directly contact this independent Data Controller. The Data Controller(s) is/are listed in Exhibit 1.2. In such cases, Lilium will ensure the inclusion of confidentiality and security measures provisions in the agreement between Lilium and such Data Controller(s).
III. Data Protection Officer
Lilium GmbH and Lilium eAircraft GmbH have appointed a data protection officer. Our data protection officer can be reached via:
Data Protection Officer
Claude-Dornier Str. 1, Geb. 335, 82234 Wessling, email: email@example.com
IV. What kind of Personal Data will Lilium process in connection with the recruitment process?
When you apply for a job at Lilium via our career page on the Website, we request your full name, email address, and resume to process your job application. Additionally, we ask you to shortly inform the reason why you would like to work at Lilium and to confirm that your resume has been submitted in English. You can provide other information, including, your phone number, additional documents, such as certificates, and business social network link.
Depending on the information you include in your job application other categories of Personal Data may be processed, including your career history, qualifications, country of residence, language skills and any other Personal Data (e.g., citizenship, education certificates). We may also ask for additional information to assist with our recruitment process and in the event that you are offered a job (e.g., passport, date of birth and work documents).
You may also share details of other people with us, e.g., if someone referred the job to you (someone you know at Lilium or otherwise). In that case, please confirm they agree for you to share their Personal Data with us, and for us to use it in accordance with this Recruitment Privacy Notice.
Special Categories of Personal Data (as defined above) are not required to submit your application and we strongly recommend that you do not submit them in your application. If any Special Categories of Personal Data are submitted with your application as part of your CV, they will not be processed for recruiting purposes. Additionally, we will try to redact any Special Categories of Personal Data that are identified in your application. Please note that after the application phase, for the purpose of concluding an employment contract, some Special Categories of Personal Data may be required, such as information about religion for tax purposes, in accordance with applicable law.
V. For which purposes do we use your Personal Data, and which is the legal basis?
We process your Personal Data:
- to contact you, communicate with you, update you, and to assist with your job application; to make decisions related to the recruitment process; to offer an online application system that is connected to our Website; to respond to your questions or concerns; and/or to verify your identity and get agreements signed with you. The legal basis for processing your Personal Data as described above is to fulfill our contractual or pre-contractual obligations (based on Art. 6 (1) 1 b. GDPR) or – as applicable – for the purpose of the commencement or performance of the employment relationship with you (Section 26 (1) 1 BDSG).
- if you are someone other than the job applicant, for example, individuals mentioned in the job application or someone who refers a job applicant to us – to and for our legitimate interest to perform the job application process (based on Art. 6 (1) 1 f. GDPR).
- for the establishment, exercise, or defense of legal claims (based on Art. 6 (1) 1 f. GDPR and, in case of special categories of Personal Data, based on Art. 9 (2) f. GDPR).
- to comply with our legal obligations (based on Art. 6 (1) 1 c. GDPR), such as, but not limited to, applicable export control and economic sanctions regulations, by checking whether you are listed on any applicable government promulgated economic sanctions and/or trade restriction lists.
- for employment-related purposes and in relation to special categories of Personal Data – if it is necessary to exercise rights or comply with legal obligations based on labor law, social security, and social protection law and if there is no reason to assume that you do not have an overriding legitimate interest for the data not to be processed (based on Section 26 (3) 1 BDSG).
- to comply with our legal obligations (based on Art. 6 (1) 1 f. GDPR and our legitimate interest to achieve compliance with legal obligations) where the basis for the processing is not laid down by EU or Member State law that may especially apply to non-EU laws to which our affiliates are subject to (for example, if we are required to provide Personal Data of a U.S. job applicant to a U.S. governmental entity).
- with your explicit consent (based on Art. 6 (1) 1 a. GDPR, Art. 9 (2) a. GDPR or Section 26 (2) and (3) 2 BDSG, as applicable), for example, to store your information to keep you informed about other opportunities if you wish us to do so (such as Lilium’s Talent Pool via our Career Portal, i.e., your Personal Data is kept so you can be considered for future suitable opportunities at Lilium). You may withdraw such consent with effect for the future at any time via email to firstname.lastname@example.org.
- to understand the usage of our services on our Website as described in the Website Privacy Notice, Cookie Notice and Social Media Privacy Notice. The Personal Data we collect for this purpose, including your feedback on the recruitment process and to improve the quality of our service is based on our legitimate interest according to Art. 6 (1) 1 f. GDPR – (if and to the extent such data is considered Personal Data).
VI. Am I required to provide my Personal Data?
In general, you are not legally or contractually required to provide your Personal Data to us as an applicant. However, if you do not provide your Personal Data, we will not be able to consider your application and you will likely face certain disadvantages in securing a job at Lilium.
VII. Third Parties processing your Personal Data
We use third-party providers and hosting partners to provide the necessary administration, accounting, software, storage, outsourced IT services and related technology required to run our recruiting processes. Please see the list of third-party providers we utilize to run our recruiting processes in Annex 1 and the reasons we may share your Personal Data with them.
We will never share your Personal Data with a third party without a legal basis (e.g., your prior consent). For further information you may contact us any time via email to email@example.com.
VII. Is my Personal Data processed outside the EU?
From time to time, Personal Data is transferred outside the EU in some cases due to the integration of cloud/hosting, mailing and career management services who work on our behalf and assist us in carrying out our business activities. Such providers that process data outside the EU are identified in Annex 1.
If your Personal Data is transferred to countries outside the EU for which the European Commission has not (yet) adopted a decision constituting an adequate level of data protection, in cooperation with the service provider, we rely on appropriate safeguards by concluding the Standard Contractual Clauses issued by the European Commission, as published here. For transfer of Personal Data for the U.S. we may rely in the EU-U.S. Data Privacy Framework, if applicable. For more information, please access adequacy decision for safe EU-US data flows (europa.eu) and https://www.dataprivacyframework.gov/s/. Please find further information about the transfer of Personal Data to countries outside the EU in our Website Privacy Notice and Cookie Notice. If not publicly available, we grant you a copy of the respective appropriate safeguards or provide further information where they have been made available.
Your Personal Data will also be processed by us as well as the respective social media provider (such as Facebook, LinkedIn, Twitter, YouTube, Instagram) in and outside the EU when you visit and use our social media pages. For more information on data processing on our social media pages please also refer to our Social Media Privacy Notice.
VIII. Information we collect from other sources
We may collect some Personal Data about you from public sources to verify the details that you provide to us. Such public sources may include Google, LinkedIn, Twitter, or other social media websites. The data collected from public sources is not used to create a personality profile.
In cases where you, as a job applicant, are referred to us via a third party (such as a head-hunter), the third-party may provide us with some of the Personal Data that is described above, such as the Personal Data included in your CV.
In cases where we identify you as a potential job seeker through external resources (e.g., a business social network), which could be publicly available, we obtain your Personal Data from such sources.
In cases where you refer a job applicant to us or you are mentioned in the job application of someone else (e.g., as referral), we may obtain your Personal Data from the job applicant or the third party (such as a head-hunter) who has shared a job application with us.
The job posting management tool from the service provider VONQ uses anonymized data to understand which recruitment channels (e.g., business social network) the candidacy is coming from. To anonymize the IP, the IP address information is collected and anonymized by a sub processor of VONQ’s Job Marketing Platform. Lilium does not collect or process any Personal Data for this purpose and only receives anonymized data for the purposes of analytics and reporting. Raw data (non-anonymised IP addresses) is deleted after one week by the Job Marketing Platform service provider. For more information, please refer to Annex 1 below.
IX. Your Rights
According to Art. 15 GDPR, you have the right to obtain confirmation from us as to whether Personal Data concerning you is being processed by us. Where that is the case, you have a right to access your Personal Data and obtain further information.
According to Art. 16 GDPR, you may have the right to obtain the rectification of inaccurate Personal Data concerning you without undue delay.
According to Art. 17 GDPR, you may have the right to obtain erasure of Personal Data concerning you if:
- it is no longer necessary in relation to the purpose for which it is collected;
- you have withdrawn your consent on which the processing is based;
- you have objected to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21 (2) GDPR;
- your Personal Data has been unlawfully processed;
- your Personal Data must be erased for compliance with a legal obligation to which Lilium is subject; and/or
- your Personal Data has been collected in relation to the offer of information society services pursuant to Art. 8 (1) GDPR.
We will refrain from deleting your Personal Data, where we have a legal right or are under a legal obligation not to do so.
Note: Even after you request your Personal Data to be deleted by Lilium, Lilium will retain your Personal Data as follows:
(i) for 6 (six) months from the latter of communication of candidacy rejection or last action in your recruitment process (e.g., candidacy withdraw), based on Article 17 para. 3 lit. e) GDPR (for the establishment, exercise, or defense of legal claims). If applicable, Personal Data can be kept longer than 6 (six) months if actually required for the establishment, exercise, or defense of legal claims.
(ii) for 3 (three) years, the Personal Data provided by you in your deletion request and included in our reply to your deletion request, based on Article 6 para. 1 subpara. 1 lit. c) GDPR (compliance with legal obligations), for the sole purpose of demonstrating compliance with data privacy regulations (e.g., Recital 59 GDPR).
After the aforementioned retention periods, the respective Personal Data will be deleted. If you request the erasure of your Personal Data, we will consider that you no longer want to be considered for Lilium’s Talent Pool via our Career Portal, and have withdrawn your consent for this purpose, unless you inform us otherwise.
In case you request the deletion of your Personal Data, but you are participating in a still on-going job position recruitment process, we may reach out to you to confirm whether you also want the Personal Data for this on-going recruitment process to be deleted or not; or if your Personal Data should be kept for the conclusion of the on-going recruitment process.
According to Art. 18 GDPR, you may have the right to obtain the restriction of processing. Such right shall exist if:
- you contested the accuracy of the Personal Data;
- the processing is unlawful, and you oppose the erasure of the Personal Data and request the restriction of its use instead;
- the Personal Data is no longer needed for the purposes of the processing, but it is required by you for the establishment, exercise, or defense of legal claims; and/or
- you have objected to processing pursuant to Art. 21(1) GDPR pending the verification of whether our grounds legitimately override yours.
According to Art. 19 GDPR, you have the right to obtain information about the recipients of data to whom the rectification, erasure, or restriction of processing has been communicated, upon your request.
According to Art. 20 GDPR, you have the right to obtain Personal Data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit the data to another Controller. Insofar as this is technically feasible, you can request that we transfer the data directly to another Data Controller.
ACCORDING TO ARTICLE 21 (1) GDPR, YOU HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION AT ANY TIME; TO PROCESSING OF PERSONAL DATA CONCERNING YOU, WHICH IS BASED ON YOUR LEGITIMATE INTERESTS, INCLUDING PROFILING (E.G., CREDIT RATING). WE SHALL NO LONGER PROCESS THE PERSONAL DATA UNLESS WE DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE THE INTERESTS, RIGHTS, AND FREEDOMS OF YOU, OR FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS.
ACCORDING TO ARTICLE 21 (2) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSES OF DIRECT MARKETING, WHICH INCLUDES PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT TO THE PROCESSING FOR DIRECT MARKETING PURPOSES, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR SUCH PURPOSES.
You also have the right, without prejudice to any other administrative or judicial remedy and to complain to a supervisory authority in the EU Member State of your usual residence, place of work or place of the alleged infringement. An overview of the supervisory authorities in Germany and the EU may be found here or here.
To exercise your rights under this paragraph, you can contact us by sending an email to firstname.lastname@example.org.
X. How long do we keep your information?
We only keep your Personal Data for as long as we need to, to be able to use it for the reasons given in this Recruitment Privacy Notice, and for as long as we are required to keep it by law (for example due to legal retention periods, such as set forth in the German Commercial Code (Handelsgesetzbuch, HGB) or German Fiscal Code (Abgabenordnung, AO). We have defined specific retention times for the Personal Data processed that we can share upon request. Unless otherwise required by law, based on your consent and/or if you do not obtain an employment with us, Lilium deletes the application data it stores after 6 months following the end of the application process.
Consent for Storing your Data
With your explicit consent, we will keep your information on our Career Portal for up to 730 days from your consent in case any other job opportunities become available that you might be interested in, or we may consider to be a good fit considering your job profile (Lilium’s Talent Pool). Assuming you do not obtain employment with us, we will automatically delete your account on our Career Portal and the Personal Data associated with it after 24 months of inactivity on your account. You may withdraw such consent with effect for the future at any time via email to email@example.com
XI. How to reach out?
If you have any questions, comments, or concerns about any aspect of this Recruitment Privacy Notice or how Lilium handles your Personal Data please email our team by sending an email to firstname.lastname@example.org.
Annex 1: Third Parties Processing Personal Data
Annex 1: Third Parties Processing Personal Data
3rd party provider
Potential processing outside EEA
Greenhouse Software, Inc., 110 Fifth Avenue, 3rd Floor, New York, NY 10011, USA
Receiving and Managing Job Applications via our Website
In the “Careers” section of our Website interested individuals are forwarded to the Greenhouse Software website www.greenhouse.io and may apply for job openings and submit and upload related Personal Data, such as name, email address, LinkedIn-profile, information on why you would like to join, your CV and other documents.
Such data may be processed on servers outside the EU and provided to us or the Greenhouse Software after you clicked the respective ‘submit application’ button on the Greenhouse website www.greenhouse.io
“MS Teams” by Microsoft, 1 Microsoft Way, Redmond, WA 98052, USA
Any Personal Data you share in a video or related chat will be processed by the engaged third-party platform (MS Teams) for using their service and will be shared with Lilium for the purpose of and as part of the recruitment process. If you do not want to share your data via video call with us, please let us know and we will arrange a meeting in person or a phone call instead.
For more information: Microsoft Privacy Statement – Microsoft privacy
“Calendly LLC”, 88 N Avondale Rd #603, Avondale Estates, GA 30002,
Scheduling of Interviews
For more information: Calendly Privacy Notice
TravelPerk S.L, Avinguda Catedral 6-8 1ª Planta, 08002 Barcelona, Spain”
Management of travel (if required for interview process)
“Workday Inc.” 6110 Stoneridge Mall Rd · 94588 Pleasanton, CA, USA
For more information: Privacy Statement | Workday
Amazon Web Services, Inc., 410 Terry Avenue North Seattle, WA 98109, USA (“AWS”)
Hosting your Personal Data provided on the Website
For more information: AWS Privacy (amazon.com)
“Saint Elmo´s Hamburg”, GmbH & Co KG, Steinhöft 9, 20459 Hamburg
Hosting your Personal Data provided on the Website (German Career Page)
For more information: Saint Elmos Privacy
“DocuSign” by DocuSign Inc., 221 Main St., Suite 1000, San Francisco, CA 94105, USA
For more information: Privacy Notice | DocuSign
“Friday Media Group Ltd”, 80 East Street, Brighton, England
Support Recruitment Activities
For more information: FMG Privacy
“Talentspring (Suhm Recruiting & HR Services GmbH)”, Salzachstr. 60B 14129 Berlin, Germany (Get Your Talent)
Support Recruitment Activities
For more information: Get Your Talent Privacy
“Pontoon Solutions GmbH”, Fritz-Vomfeld-Str. 26, 40547, Düsseldorf, Germany
Support Recruitment Activities
For more information: https://www.pontoonsolutions.com/en/privacy/
“VONQ B.V.“, Beursplein 37, (3011 AA) Rotterdam, Netherlands
Job Posting Management Tool (Job Marketing Platform)
Annex 1.2: Third Parties Independent Controllers
Boston Air GmbH, Hahnenkamp 1, 22765, Hamburg, Germany
Annex 2: Country-specific Addendums
The Lilium UK Addendum (the “UK Addendum”) supplements the Lilium Recruitment Privacy Notice and applies to any processing of Personal Data subject to UK Data Protection Laws. We adopt this notice to comply with UK Data Protection Laws.
Interpretation of this Addendum
Where this Addendum uses terms that are defined in the Recruitment Privacy Notice those terms shall have the same meaning as in the Recruitment Privacy Notice. In addition, the following terms have the following meanings:
This Addendum shall mean the UK Addendum.
UK Data Protection Laws shall mean all laws relating to data protection, the processing of Personal Data, privacy and/or electronic communications in force from time to time in the UK, including the UK GDPR and the Data Protection Act 2018.
UK GDPR shall mean the UK GDPR, as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018.
UK ICO shall mean the UK Information Commissioner’s Office.
UK shall mean the United Kingdom.
UK Specific Provisions
In relation to any processing of Personal Data subject to UK Data Protection Laws, this Addendum amends the Recruitment Privacy Notice as follows:
- The reference to “Applicable legal provisions” shall refer to the “UK Data Protection Laws and such other laws as may be applicable from time to time”.
- References to the “GDPR” in the Recruitment Privacy Notice shall be replaced by references to the “UK GDPR”.
- References to the “European Union”, “EU”, "European Economic Area", “EEA”, “EU Member State” and "Member State/s" are all replaced with the “UK”.
- References to the "European Commission" shall be replaced with the "UK ICO".
- In relation to transfers of Personal Data to Lilium Aviation Inc., the relevant paragraph shall be amended as follows:
“Wherever your Personal Data is shared with Lilium Aviation Inc., we rely on (i) EU Standard Contractual Clauses issued by the European Commission, as published here, as amended by a UK Addendum or (ii) UK Standard Contractual Clauses respectively issued by the UK ICO as appropriate safeguards to protect your Personal Data when processed outside of the UK or such other appropriate safeguards as may be required from time to time. If not publicly available, we grant you a copy of the respective appropriate safeguards or provide further information where they have been made available.”
- In relation to the section "Is my Personal Data processed outside the EU?" of the Recruitment Privacy Notice, the following half sentence “Standard Contractual Clauses issued by the European Commission, as published here” shall be replaced with the words "(i) EU Standard Contractual Clauses issued by the European Commission, as published here, as amended by a UK Addendum or (ii) UK Standard Contractual Clauses respectively issued by the UK ICO".
- In relation to your right to lodge a complaint to a supervisory authority, the following wording shall be incorporated: “If you are in the UK, you may contact the UK ICO to lodge a complaint.”
These country-specific amendments shall apply to job applications and other recruitment-related contacts and communications with our Swiss-based affiliate, Lilium Schweiz GmbH (our “Swiss Affiliate”), by job applicants and other third parties involved in a particular job application (e.g., referral, previous employer), regardless of their nationality.
In such cases, the above Recruitment Privacy Notice shall apply with the following additions:
- References to the GDPR shall include references to the Swiss Federal Act on Data Protection (“Swiss DPA”), as amended from time to time;
- References to transfers outside the EU shall include transfers outside of Switzerland;
- References to the adequacy decisions of the European Commission shall include references to the equivalent adequacy assessment by the Swiss Federal Data Protection and Information Commissioner or the Swiss Federal Council, as applicable;
- Job applicants' Personal Data may be processed in Europe and Switzerland as well as in any country in the world (please see the list of our third-party providers and their locations in Annex 1 above); and
- Where a recipient of Personal Data is located in a country that does not provide an adequate level of data protection, the Swiss Affiliate will rely on appropriate safeguards, unless it can rely on an exception (e.g., legal proceedings abroad or consent of the job applicants).
United States Addendum
The following information may apply to you if you are located in the United States.
Note this Recruitment Privacy Notice is not a contract and does not create any legal rights or obligations. This Recruitment Privacy Notice also is not intended to replace other notices or disclosures we may provide to you in connection with your application for a job or eventual role in our organization, which will supersede any conflicting disclosures contained in this Recruitment Privacy Notice.
Definition of Personal Information. Personal information means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you within the context of you acting as a job applicant. It does not include aggregated or deidentified information that is maintained in a form that is not capable of being associated with or reasonably linked to you.
Applicable legal provisions. In relation to the processing of Personal Information set out in this Recruitment Privacy Notice, the applicable regulation includes all applicable laws, rules, regulations, and governmental requirements currently in effect, or as they become effective, relating in any way to the privacy, confidentiality, or security of Personal Data, including but not limited to the California Consumer Privacy Act of 2018, Cal. Civ. Code §§ 1798.100 et seq., and the California Privacy Rights Act of 2020, including any amendments and implementing regulations thereto that are effective on or become effective after the effective date of this Recruitment Privacy Notice, (respectively the “CCPA” and the “CPRA”), the Virginia Consumer Data Protection Act, Va. Code Ann. §§ 59.1-571 et seq., (the “VCDPA”), and the Colorado Privacy Act, Colo. Rev. Stat. §§ 6-1-1301 et seq. (the “CPA”), in each case as amended, replaced or superseded from time to time.
Collection of Personal Information. In addition to the information outlined in the What kind of Personal Data will Lilium process in connection with the recruitment process? section of this Recruitment Privacy Notice, we also collect the following information:
- Background Check Information: when permitted by applicable law, we may choose to conduct a background check in connection with your application such as to verify professional and educational history and qualifications or identify criminal history that may be relevant for a position with us. The results of the background check may include personal information we do not already have about you.
- Equal Opportunity Information: with your consent, we may also process information such as age, race, ethnicity, national origin, citizenship, sex, gender identity, sexual orientation, religion, disability, or accommodation request, or marital or veteran status when you choose to provide it, but it will not be used in the hiring decision (unless specifically permitted by law). This data will be whenever permissible by applicable law processed on an aggregate basis.
Note that video backgrounds may inadvertently provide sensitive Personal Information such as your political affiliation, medical condition, religious belief, gender identity and sexual identification, biometric information, and genetic information to the extent there are posters, art, photos, or other background material. As such, please be mindful of your surroundings when selecting your interview location.
Although we often collect the Personal Information described above directly from you, we may also collect certain information from references, recruiters, job-related social media sites (such as LinkedIn), and publicly available sources. In addition, we may also collect this information through service providers and other third parties that collect it on our behalf, such as communications providers, scheduling providers and application providers. Publicly available information alone will not be considered to determine the hiring decision.
Last Modified: October 2023