playstation.com

Legal

Candidate Privacy Notice

1. About Us and this Privacy Notice

Sony Interactive Entertainment LLC (“SIE”) knows your privacy is important to you, and we take your data and personal information seriously. The SIE company you are applying to is the controller of the Personal Information (“PI”) collected from you when you submit an application to work for that company (whether as an employee, worker, or contractor).

This Candidate Privacy Notice (“Privacy Notice”) explains when we collect information about you, including PI, what we collect, why we collect it, how we use it, who we share it with, where it is processed, how we handle it, and what your choices and legal rights are. 

It is important that you read this Privacy Notice so that you are fully aware of how and why we are using your data. This Privacy Notice supplements other notices and privacy policies and is not intended to override them.

2. Data Collection and Handling

2.1. About the Personal Information we collect and hold about you

Personal Information means any information about a person that can directly or indirectly identify that person. It does not include data where the identity has been removed (anonymous data). In connection with your application to work for us, we will collect, store, and use the following categories of Personal Information about you:

  • Personal information you have provided to us in your resume (or curriculum vitae (“CV”)) and cover letter.
  • Personal information you have provided to us during the recruitment process including first and last name, employment areas of interest (type of position, industry, experience level), title, physical address, phone number, email address, gender, employment history, education history and qualifications, salary/remuneration expectations and notice period.
  • Details about eligibility to work such as passport, visa, or work permit details.
  • Any information you provide to us during an interview or in email communications.
  • The Sensitive Personal Information referred to in section 3.5 below.

2.2. How your Personal Information is collected

We may collect Personal Information from candidates from the following sources:

  • You, the candidate.
  • Your named referees.
  • Third party recruitment agencies.
  • Background check providers (including financial and criminal backgrounds checks where applicable and legally permissible).

2.3. How and why we use your Personal Information

We will only use your Personal Information in accordance with applicable data protection laws and this Privacy Notice. Most commonly, we will use your Personal Information to:

  • Assess your skills, qualifications, and suitability for a particular role.
  • Communicate with you about the recruitment process and about future opportunities.
  • Keep records related to our hiring processes.
  • Comply with legal or regulatory requirements.
  • Carry out background and reference checks with your consent and where legally permissible.
  • Carry out criminal and financial background with your consent, if it is appropriate given the nature of the role and where we are legally able to do so.
  • To provide appropriate adjustments/accommodations during the recruitment process.
  • To ensure meaningful equal opportunity monitoring and reporting, where applicable and legally permissible.

It is in our legitimate interests and/or allowable business purpose to process your Personal Information to decide whether to appoint you to a particular role as it would be beneficial to our business to fill that role. We also need to process your Personal Information to decide whether to enter into a contract with you.

Having received your CV, resume, cover letter, your application form and, where applicable, the results of any test you have been required to take during this recruitment process, we will then process that information to decide whether you meet the basic requirements to be shortlisted for a particular role. If you do, we will decide whether your application is strong enough to invite you for an interview. If we decide to interview you, we will use the information you provide to us during your interview(s) to decide whether to offer you the role. If we decide to offer you the role, we will then take references and/or, for some roles, conduct background checks, after we make you an offer. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

2.4. If you fail to provide Personal Information

If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require references for this role and you fail to provide us with relevant details, we will not be able to take your application further.

2.5. Sensitive Personal Information

Where permitted by applicable law, or when you consent, we may also collect, store, and use more sensitive Personal Information, should you choose to provide it, such as information about your race or ethnicity, sexual orientation, gender identity and information about your disability status, which are special or sensitive categories of personal information. We will use this information to help us maintain equal opportunities best practice and identify barriers to workforce equality. We may also use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during your interview.

2.6. Criminal background checks

Where permitted by applicable law, we envisage that we may hold information about criminal convictions. We will only collect information about criminal convictions during the recruitment process if it is appropriate given the nature of the role and where we are legally able to do so. We will use information about criminal convictions and offences to assess suitability for a particular role and to comply with our obligations as required by law. We will have in place an appropriate policy and safeguards which we are required by law to maintain when processing such data.

2.7. Change of purpose

We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

2.8. How long we keep your Personal Information

We keep your Personal Information during and after your participation in our recruitment process for no longer than is necessary for the purposes for which the Personal Information is processed and in accordance with our records retention policy. We will then securely destroy your Personal Information in accordance with our records retention policy and applicable laws and regulations. If we wish to retain your Personal Information, on the basis that a further opportunity may arise in the future and we may wish to consider you for that, we will seek your explicit consent to retain your Personal Information for a fixed period of time on that basis. You may withdraw your consent at any time by contacting us as described in Section 4.2.

2.9. Data Security

We have put in place appropriate security measures to prevent your Personal Information from being accidentally lost, used, or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Information on our instructions, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

3. Data Sharing

3.1. With whom we share your Personal Information

We will only share your Personal Information with the following third parties for the purposes of processing your application:

·         Other entities in the SIE group of companies (SIE Group).

·         Recruitment service providers.

·         IT service providers (e.g., Greenhouse Software, Inc.).

·         Professional advisors (e.g., auditors)

·         Background check providers

We may also retain, use and/or disclose any of your Personal Information as required or permitted by law, regulation, or order, including to the police or other appropriate authorities, to investigate complaints made by or against you, or to protect or defend ourselves, or others, against illegal, criminal, or harmful activities.

3.2. Security of Personal Information transferred within the SIE Group and to third parties

All our third-party service providers and other entities in the SIE Group are required to take appropriate security measures to protect your Personal Information in line with our policies and the applicable data protection laws.

3.3. International transfers

Your information may be processed, stored, and transferred outside your country of residence, for the purposes set out in this Privacy Notice. Data protection laws in these countries may not offer the same level of protection as in your country and you may have fewer legal rights in relation to your information.  Accordingly, we ensure there are adequate safeguards in place when transferring your data outside your country, including by relying on the European Commission Standard Contractual Clauses or other lawful mechanisms or otherwise that the transfer only occurs where permitted by applicable law.

4. Your Privacy Rights

4.1 General Privacy Rights

Subject to applicable law, all Candidates have the following rights to their Personal Information in their Candidate Record.

If you are a California resident, you may additionally have the following California-specific privacy rights, as provided under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, “CCPA”):

  • Right to Know: You have the right to submit a verifiable request to know specific pieces of your personal information, as defined by CCPA, collected for a 12-month period (beginning on or after January 1, 2022) and maintained by SIE, and for information about SIE’s collection, use, and disclosure of your Personnel Information during that same 12-month time period.
  • Right to Delete: You have the right to submit a verifiable request the deletion of personal information that you have provided to SIE, subject to exceptions provided under applicable law. 
  • Right to Correct: You have the right to submit a verifiable request for the correction of inaccurate personal information maintained by SIE, taking into account the nature of the personal information and the purposes of processing the personal information.
  • Right to Restrict Use and Disclosure of Sensitive Personal Information: You have the right to restrict SIE’s use and disclosure of your sensitive personal information (as that term is defined under the CCPA) to the extent your sensitive personal information is used to infer characteristics about you.  We are permitted under the CCPA to process your sensitive personal information for permitted purposes, such as security, quality control, uses required by law, and disclosures to vendors in support of the permitted purposes.  SIE does not collect or process your sensitive personal information for the purpose inferring characteristics, and therefore this right does not apply.
  • No Selling or Sharing: SIE does not sell the personal information of any employees, nor does it disclose their personal information for cross-context behavioral advertising.

4.2 How to Exercise Your Rights

SIE will respond to requests know, delete, and correct in accordance with applicable law if it can verify the identity of the individual submitting the request. You can exercise these rights by emailing: SIE-Privacy-Questions@sony.com.

When making your request by email, please use the phrase “Employee Rights Request” in the subject line of the email.

SIE will always verify your identity before providing any personal information.

4.3 Legal Limitations to Your Privacy Rights?

Please note that your privacy rights under CCPA are not absolute and may be subject to limitations.

As described below, your right to know specific pieces of personal information may not afford you access to all documents and records containing your personal information. Moreover, you have a right to know categories of sources of personal information and categories of external recipients to which personal information is disclosed, but not the individual sources or recipients. SIE does not always track individualized sources or recipients.  Your right to know may additionally be limited in scope based on the following considerations and legal factors:  

  • Privileges 
  • The information is an unstructured format and is not reasonably searchable 
  • The information would reveal the personal information of another person 
  • The disclosure would reveal trade secrets 
  • The request would require a disproportionate effort 
  • The request is manifestly unfounded or is excessive 

SIE may retain your personal information after completing a deletion request for the following retention purposes: 

  • To complete a transaction or perform a contract with you 
  • To help ensure security and integrity 
  • To identify bugs and repair errors 
  • To enable internal uses consistent with your expectations and compatible with the collection 
  • To comply with legal and compliance obligations not expressly exempted from the CCPA  
  • As set forth under applicable law 

Moreover, certain personal information is exempted from the CCPA, such as personal information covered by the Confidentiality of Medical Information Act (“CMIA”), the Health Insurance Portability and Accountability Act (“HIPAA”), Fair Credit Reporting Act (“FCRA”). Aggregated and deidentified information also is excluded.

4.4 How We Will Verify Your Request:

The processes that we follow to verify your identity when you make a valid request under the CCPA are described below.  The relevant process depends on how and why the request is submitted.

  1. Requests to Know Categories or Purposes:  We will match at least two data points that you provide with your request, or in response to our verification request, against information about you that we already have in our records and that we have determined to be reliable for purposes of verifying your identity. Examples of relevant data points include your mobile phone number, your zip code, or your employee identification number.
  2. Requests to Know Specific Pieces of Personal Information:  We will match at least three data points that you provide with your request, or in response to our request for verification information, against information that we already have about you in our records and that we have determined to be reliable for purposes of verifying your identity. In addition, we may require you to sign a declaration under penalty of perjury that you are the individual whose personal information is the subject of the request.  
  3. Requests to Correct or Delete or Restrict Personal Information:  Our process for verifying your identity will depend on the sensitivity (as determined by SIE in reference to applicable legal definitions) of the personal information that you ask us to correct or delete. For less sensitive personal information, we will require a match of two data points as described in Point No. 1, above. For more sensitive personal information, we will require a match of three data points and a signed declaration as described in Point No. 2, above.

If we cannot verify your identity based on the processes described above, we may ask you for additional verification information. If we do so, we will not use that information for any purpose other than verification. If we cannot verify your identity to a sufficient level of certainty, we will let you know promptly and explain why we cannot process your request.

4.5 Authorized Agents

If an authorized agent submits on your behalf a request to know, correct or delete, the authorized agent must submit with the request either (a) a power of attorney, signed by you, that is valid under California law; or (b) another document signed by you that authorizes the authorized agent to submit the request on your behalf. In addition, please note that we may contact you directly to independently validate that you have authorized the agent to submit a request on your behalf if a valid power of attorney is not provided.  

5. NON-DISCRIMINATION AND NON-RETALIATION

SIE will not unlawfully discriminate or retaliate against you for exercising your privacy rights under applicable law.  

6. CHANGES TO THIS PRIVACY NOTICE

If we change this Privacy Notice, we will post those changes on this page and update the Privacy Notice modification date below. If we materially change this Privacy Notice in a way that affects how we use or disclose your Personal Information, we will provide a prominent notice of such changes and the effective date of the changes before making them. 

7. QUESTIONS

If you have any questions about this Notice, please contact SIE’s Privacy Officer at SIE-Privacy-Questions@sony.com. 

Effective: January 1, 2020
Last Updated July 10, 2023