Ambassador Applicants Privacy Notice
As a responsible company, we are aware that it is very important to you to understand how we collect, store, share and use your personal data as an applicant for a Crypto.com Ambassador. We are committed to ensuring that the personal data of our Ambassador applicants is handled in accordance with the principles set out in the applicable legislation.
This privacy notice applies to our Ambassador applicants. However, the information we will process about you will vary depending on your personal circumstances. The purpose of the notice is to tell you what to expect when the company from the Crypto.com group with which you have negotiated or concluded a contract collects personal data about you. Such a company is the data user or data controller for this information unless this notice specifically states otherwise.
Please review this privacy notice carefully before applying to become an Ambassador with us having in mind that you should read it in conjunction with any other additional documents we may address to you. Please note that this privacy notice does not grant you any contractual rights, nor creates legal obligations for us. When appropriate we will provide a “just in time” notice to cover any additional processing activities not mentioned in this notice. For further questions, you may contact our Data Protection Officer at [email protected].
Effective Date: 06 Aug 2023
How do we get your information
We may get information about you from the following sources:
- directly from you;
- from referees, either external or internal;
- public sources, such as professionally related social networks.
What personal data we process and why
This privacy notice applies to any personal data concerning you, regardless of the form they are incorporated in – such as emails, hard copies of documents or electronic documents. The categories of personal data will depend on the stage of the application process.
We do not envisage processing any sensitive data (or special categories of personal data) concerning you, such as health information. In case such processing is necessary, we will comply with the respective statutory requirements.
Application stage
You may apply to become an Ambassador with us by using our online application system available on our website, where your details will be collected on our behalf by a specialized service provider.
At this stage we may process the following personal data concerning you:
- personal contact details such as your first and last name, contact phone number and personal email address, Telegram username;
- professional or social media profile;
- your age and gender;
- your nationality, country of residence, city of residence and occupation;
- your previous experience, qualifications and skills;
- data concerning your motivation and expectations regarding the role of an Ambassador;
a photo of you; - video and voice recordings;
- other information you may provide us with.
Access to the above information will be provided to carefully selected members of our team involved in the application management process.
Assessments
We may ask you to attend an interview or more than one interview. This process will involve that one or more members of our team involved in the application management process review the information provided by you. During the interviews we may ask you additional questions in order to assess whether you are a suitable fit for the role.
Onboarding
If you are selected to be part of our Ambassador Program, we will need you to confirm part of the information already provided and we will collect some additional information from you in order to prepare the contractual documentation for your engagement:
- full legal name;
- Telegram username;
- Crypto.com registered email address;
- identification document details;
- passport picture.
We do not use your data for automated individual decision making, which means we do not take decisions about you by way of technological means and without personal participation.
Lawful basis for processing your personal data
Note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data. You may contact us if you need details about the specific legal basis we are relying on to process your personal data:
- processing is necessary to take steps at your request prior to entering into a contract (for instance, in order to administer your application);
- processing is necessary for compliance with a legal obligation to which we are subject;
- processing is necessary for the purposes of the legitimate interests pursued by us as contracting entity and our interests do not contradict your interests, fundamental rights or freedoms (for instance, the interest in assessing your suitability for the role, organizing and conducting of interviews, selection of the most suitable applicants).
We do not usually need your consent for processing personal data concerning you. If we need it, we will ask for it and provide you with the respective information as required by law. Depending on the applicable data protection framework, for example, if you are a resident of the European Economic Area (“EEA”) or the United Kingdom (“UK”), you may also have the right to withdraw your consent at any time, but please note that this will not affect the lawfulness of processing based on your consent before its withdrawal.
What will we do with the information you give us?
We will use all the information you provide to manage your application with a view to assess your suitability for the role, offer a role as an Ambassador and to fulfill legal requirements, if necessary.
We may use any feedback you provide about your application process to develop and improve our future application campaigns.
We will not share any of the information you provide with any third parties for marketing purposes.
How long we keep your personal data
Our general approach is to keep your personal data for as long as necessary in order to meet the purpose for which they have been collected by us.
In some cases the period for which we may keep your data is provided by law.
For more information you may contact our Data Protection Officer at [email protected].
How we protect your personal data
We follow the necessary physical, technical and administrative security standards with the aim to protect your personal data from loss, misuse, alteration, destruction or damage, as required by law.
If you need more information on our security and privacy practices, we would be glad to give you more details – please contact our Data Protection Officer at [email protected]. Do not forget that you also play a major role in the process of protection of your personal data and shall observe to whom you share your data and how you protect your communications and devices.
Data sharing
In some circumstances, such as under a court order, we may disclose your personal data to specific categories of persons, entities, state bodies or other organizations. We may also share information about you with third parties including external auditors further described below.
Our service providers
We use service providers in order to facilitate the management of our business. Such may be, for example, lawyers or other legal advisors – in case of disputes or in regard to other legal procedures; experts – in order to comply with our obligations; other service providers, such as IT maintenance and platforms management; other business partners.
Our service providers have access to your data and may use it only for the completion of the respective tasks assigned to them and based on our instructions.
Companies from our corporate group
Since we are an international business, we may need to share your personal data within our corporate group.
Data recipients upon reorganization and changes to our business
In case we are part of sale negotiations concerning our business or a part thereof, merging our business with other business, we are acquired by other business or we are subject to other kind of reorganization, we may have to share your personal data or a part thereof to the respective business or to its legal consultants as part of any due diligence process for the purposes of the analyzing of the proposed sale or reorganization. We may need to share your data to the reorganized business structure or to a third structure after the reorganization has been finalized.
State bodies
If provided by law and upon compliance with the statutory provided procedure, we may share your personal data to the respective state bodies.
Do we use any data processors
Yes - a list of our current data processors can be found at Annex A – Data Processors.
Your rights in relation to this processing
As an individual you have certain rights regarding our processing of your personal data. The rights available to you depend on our reason for processing your personal data. If you need more detailed information or wish to exercise any of the rights set out below, please contact our Data Protection Officer at [email protected].
If you are an EEA resident, you may find more information on your rights here (attention: a link to a third-party website). You may make a complaint about the way we process your personal data to the supervisory authority in the EEA Member State of your habitual residence, place of work or place of the alleged infringement. Information about your supervisory authority could be found here (attention: a link to a third-party website).
If you are a UK resident, you may find more information on your rights here (attention: a link to a third-party website). You may make a complaint about the way we process your personal data to the Information Commissioner’s Office.
If you do not reside in an EEA Member State or the UK, your rights provided by law may be more limited. However, we will strive to make sure you enjoy to the maximum extent the rights available to EEA and UK residents. You may contact your local data protection regulatory authority as regards your right to make a complaint. The local data protection regulatory authority for Hong Kong is the Office of the Privacy Commissioner for Personal Data.
You may also seek a defense of legal claims before the competent court.
We would, however, appreciate the chance to deal with your concerns before you approach a data protection regulatory authority, so please feel free to contact us in the first instance.
Please also note that depending on the applicable data protection framework, we may have different time periods to respond to your request. We usually have one month for EEA and UK residents (which may be extended by two further months where necessary, taking into account the complexity and number of the requests) and we strive to comply with the same period even if the respective applicable law provides for a longer period. If the law provides for a period shorter than one month, we will act accordingly.
Transfers of personal data
We share your personal data within our group. This will involve transferring your personal data outside Hong Kong, EEA, the UK or the origin of where your data is collected.
We follow the specific legal framework applicable to such transfers. For example, whenever we transfer your personal data out of the EEA or the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- the country to which we transfer your personal data has been deemed to provide an adequate level of protection (attention: a link to a third-party website) for personal data by the European Commission;
- a specific contract approved by the European Commission which gives safeguards to the processing of personal data, the so-called Standard Contractual Clauses;
- a specific contract approved by the UK Parliamentary, which gives safeguards of the processing of personal data, the so-called International data transfer agreement (IDTA).
Please contact our Data Protection Officer at [email protected] if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA or the UK.
Further information
Confidential references
In the course of your application for our Ambassador Program we may give or receive references about you. We usually treat such references as confidential. Please note that the personal data included in such confidential reference may be exempt from the right of access.
Annex A – Data Processors
Data processors are third parties who provide certain parts of our staff services for us. We have contracts in place with them and they cannot do anything with your personal data unless we have instructed them to do so. You may find below more specific information in this respect. If you have any additional questions in this regard, please do not hesitate to contact our Data Protection Officer at [email protected].
Data Processor
Purpose
Privacy Policy