This Notice sets out our approach to data protection and privacy during the recruitment process. It explains why and how we may process candidate (you, your) personal data and your rights in relation to your personal data.

‍
Isomorphic Labs Limited is a company organised under the laws of England and Wales, with registered office at 280 Bishopsgate, London, EC2M 4RB (“IsoLabs”, “us”, “we”, or “our”) and is the data controller processing your personal data in accordance with this Notice. IsoLabs is an Alphabet, Inc. company and an affiliate of Google, LLC.

‍

Types of information we collect

This Notice covers the information you share with us and/or which may be acquired or produced by IsoLabs and its affiliates during the application or recruitment process including:

• your name, address, email address, telephone number and other contact information;
• your resume or CV, cover letter, previous and/or relevant work experience or other experience, education, or other information you provide to us in support of an application and/or the application and recruitment process;
• information from interviews and phone-screenings you may have, if any;
• details of the type of employment you are or may be looking for, current and/or desired salary and
  other terms relating to compensation and benefits packages, willingness to relocate, or other job
  preferences;
• details of how you heard about the position you are applying for;
• any sensitive and/or demographic information processed during the application or recruitment
  process such as gender, information about your citizenship and/or nationality, medical or health
  information and/or your racial or ethnic origin;
• reference information and/or information received from background checks (where applicable),
  including information provided by third parties;
• information relating to any previous applications you may have made to IsoLabs and/or any
  previous employment history with IsoLabs;
• your information from publicly available sources, including online, that we believe is relevant to
  your application or a potential future application (e.g., your LinkedIn profile); and/or
• information related to any assessment you may take as part of the interview screening process.

‍

How we use information we collect

Your information will be used by IsoLabs for the purposes of carrying out its application and recruitment process which includes:

• assessing your skills, qualifications and interests against our career opportunities;
• verifying your information and carrying out reference checks and/or conducting background
  checks (where applicable) if you are offered a job;
• communications with you about the recruitment process and/or your application(s), including, in
  appropriate cases, informing you of other potential career opportunities at IsoLabs;
• creating and/or submitting reports as required under any local laws and/or regulations, where
  applicable;
• where requested by you, assisting you with obtaining an immigration visa or work permit where
  required;
• making improvements to IsoLabs’ application and/or recruitment process including improving
  diversity in recruitment practices;
  ▪ complying with applicable laws, regulations, legal processes or enforceable governmental
  requests;
• proactively conducting research about your educational and professional background and skills
  and contacting you if we think you would be suitable for a role with us; and/or
• as part of our commitment to equal opportunity employment, we may process information to
  support our diversity and inclusion efforts.

‍

We will also use your information to protect the rights and property of IsoLabs, our applicants, candidates,
employees or the public as required or permitted by law.
If you are offered and accept employment with IsoLabs, the information collected during the application
and recruitment process will become part of your employment record.

‍

How we process special categories of personal data

Right to work

We will discuss your right to work in the relevant location with you, but we will not ask you for any documentation during the recruitment process. If we decide we would like you to join IsoLabs, we will make you an offer conditional on evidencing your right to work in the relevant location with appropriate documents.

‍
Health data

We will only collect health data during the recruitment process as part of diversity monitoring as described below and as necessary for any accessibility or dietary arrangements you request or are necessary for you to attend any interviews.

‍
Criminal convictions

Depending on the role you apply for, we may ask applicants to disclose any criminal convictions. If you have one or more, we will first discuss it with you and any following actions will be determined on a case-by-case basis.

‍
Diversity and demographic information

With your explicit consent, we will invite you to volunteer diversity and demographic information about yourself as part of our recruitment process. If you choose to participate, we will ask you specific questions about certain special categories of personal data, namely your racial and ethnic background, gender identity and sexual orientation. Your answers will be separated from your application personal data to ensure they cannot be used in any way during the recruitment process or any decision making within it.

‍
The information you provide is used for several purposes:

• to check whether IsoLabs is attracting a diverse range of candidates to our roles;
• to ensure we are treating all candidates fairly, equally and without bias; and
• to monitor these and our other diversity and inclusion and related commitments.

‍

This information will only be used for these purposes and to improve IsoLabs’ diversity and inclusion wherever possible. Your information will be anonymized, such that IsoLabs will not have access to the answers you provide – rather, an anonymized report is created for each job role. If less than 5 applicants apply or do not volunteer to provide these answers, no report is created. As stated above, this processing activity can only occur if you have expressly consented and agreed to participate.

‍

If EU, EEA or UK data protection law applies to the processing of your information, our legal basis for processing your information

We collect and process your information to identify the most appropriate individuals to join our company. If we determine you may be an appropriate candidate we may invite you to interview. This is a legitimate business interest of IsoLabs, which is one of the six lawful grounds on which data controllers such as IsoLabs are permitted to process your personal data.

‍
We also collect and process your information where it is necessary in order to take steps, at your request, prior to potentially entering into a contract of employment with you.

‍

We may also seek your consent to process your personal information in specific circumstances, or process it where necessary to comply with a legal obligation or for purposes connected to legal claims. If we use your information to improve our application or recruitment process, we do so on the basis that it is in our legitimate interests to ensure we recruit the best possible candidates.

‍
The provision of your information is necessary for us to assess your capability and compatibility with IsoLabs and, if you are successful, for us to enter into and maintain a contract and relationship with you. If you choose not to or fail to provide the information we request as listed above, we may not be able to carry out this assessment or comply with our legal obligations and, as a result, we may not be able to progress your application.

‍

Who may have access to your information

Affiliates

Your information may be shared with our affiliates in the US and in other jurisdictions where we utilise shared business operational services as part of the recruitment process.

‍

If you have been referred for a job at IsoLabs by a current employee of IsoLabs or an IsoLabs affiliate, we may inform that employee about the progress of your application and let the employee know the outcome of the process. In some cases, if it is identified that you shared the same previous employer during the same period as a current IsoLabs employee we may consult with that employee for feedback on you.

‍
Third party service providers

‍

We use a third party service provider as part of our recruitment management and application tracking called ‘Greenhouse’. Your personal data is shared with this data processor under a contract, in accordance with applicable data protection law.

‍

IsoLabs may also use service providers acting on IsoLabs’ behalf to perform certain recruitment activities described above, including for:

• the purposes of the verification and background screening;
• providing and administering relevant interview assessments (such as coding assessments or
  other technical interview scenarios); and
• the purposes of distributing contracts or documents for review and signature.

‍

These service providers may be located outside the country in which you live or the country where the position you have applied for is located.

‍

Other third parties

‍
We will also share your personal information with other third parties if we have your consent (for example if you have given us permission to contact your referees), or to detect, prevent or otherwise address fraud, security or technical issues, or to protect against harm to the rights, property or safety of IsoLabs, our applicants, candidates, employees, the public or as otherwise required by law.

‍

It is your responsibility to obtain consent from referees before providing their personal information to IsoLabs.

‍
IsoLabs may sometimes be required to disclose your information to external third parties such as to local labour authorities, courts and tribunals, regulatory bodies and/or law enforcement agencies for the purpose of complying with applicable laws and regulations, or in response to legal process.

‍

Updates and communications

Our Talent Acquisition Team, and also possibly the specific Hiring Manager, will keep you up to date with your progress through our recruitment process.

‍

International data transfers

Where data is shared between our UK and Swiss offices, or with our US affiliates, we ensure that a transfer only takes place if an appropriate level of protection exists and suitable safeguards for the personal data are in place.

Your information may be stored and processed outside of the country or region where it was originally collected, including in the United States. In some of these countries, you may have fewer rights in respect of your information than you do in your country of residence. Regardless of where your information is processed, we apply the same protections described in this Notice. We comply with certain legal
frameworks relating to the transfer of data, such as the frameworks described below.

‍
Adequacy Decisions

The European Commission has determined that certain countries outside of the European Economic Area (EEA) adequately protect personal data, which means that data can be transferred from the European Union (EU) and Norway, Liechtenstein, and Iceland to those countries. The United Kingdom (UK) and Switzerland have adopted similar adequacy mechanisms. We rely on the following adequacy mechanisms:

• European Commission adequacy decisions
• UK adequacy regulations
• Swiss adequacy decisions
  

‍

Standard Contractual Clauses

The European Commission has approved the use of standard contractual clauses (SCCs) as a means of ensuring adequate protection when transferring data outside of the EEA. Such clauses have also been approved for transfers of data to countries outside the UK and Switzerland. By incorporating SCCs into a contract established between the parties transferring data, personal data is considered protected when
transferred outside the EEA, Switzerland or the UK to countries which are not covered by an adequacy decision. We rely on SCCs for our data transfers where required and in instances where they are not covered by an adequacy decision. If ou would like to obtain a copy of the SCCs, you can contact legal@isomorphiclabs.com.

‍

How we protect your personal data

IsoLabs takes appropriate measures to protect information about you that is collected, processed, and stored as part of the application and recruitment process.

‍

In addition, we limit access to your personal data to those employees and consultants who have a strict business need to access your data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

‍
Our retention of your information

If you apply for a job at IsoLabs and your application is unsuccessful (or you withdraw from the process or decline our offer), IsoLabs will retain your personal information for a period of 24 months after your application. We retain this information for various reasons, including in case we face a legal challenge in respect of a recruitment decision, to consider you for other current or future jobs at IsoLabs and to help us better understand, analyse and improve our recruitment processes.

‍

If you do not want us to retain your information for consideration for other roles, or if you would like us to update your information, please send a relevant email to legal@isomorphiclabs.com. Please note, however, that we may retain some information if required by law or as necessary to protect ourselves from legal claims. If you ask us to delete your data, you would then have to resubmit all relevant data if you wanted to apply for a new role.

‍

Your rights in respect of your information

In certain countries, you may have certain rights under data protection law. This may include the right to:

• be provided with a copy of your personal data held by us, subject to the exemptions which allow
  us not to disclose certain categories of data;
• object to the further processing of your personal data;
• request the correction of inaccurate data or erasure of your personal data held by us under
  certain circumstances;
• request that we restrict the processing of your personal data under certain circumstances (while
  we verify or investigate your concerns with this information, for example); and
• request that the personal data we hold be moved to a third party in specific limited circumstances.
  

‍

Please submit your request to legal@isomorphiclabs.com. We will respond to any requests in accordance with applicable law, and so there may be circumstances where we are not able to comply with your request. Please tell us if you have a preferred communication method. Otherwise, we will usually use email.

‍

Questions and complaints

If you have any questions, comments or requests about how we process your personal data, please contact legal@isomorphiclabs.com.
‍

If you have any concerns about how your personal data has been handled during your recruitment process, please first contact us at legal@isomorphiclabs.com, explaining your concerns. We will investigate these internally and report back to you.

‍

If you are dissatisfied with our response regarding our processing, depending on your country of residence, you may also raise any questions or concerns you have regarding your personal information with your local data protection authority. The UK's data protection regulator, the Information Commissioner's Office (ICO), can be contacted at: www.ico.org.uk.

‍

Our contact details

• Email: legal@isomorphiclabs.com
• Address: FAO Legal Team, Isomorphic Labs Limited, 280 Bishopsgate, London, EC2M 4RB,
  United Kingdom
  

‍

Changes to this Notice

We may update or change this Notice from time to time. We will post any changes to this Notice on this page.

‍

U.S. state law requirements

Some U.S. state privacy laws, such as the California Consumer Privacy Act (CCPA), require specific disclosures for state residents.

‍
This Notice is designed to help you understand how IsoLabs handles your information. In the sections above, we explain: (1) the categories of information IsoLabs collects and the sources of that information; (2) how IsoLabs uses information; (3) when IsoLabs may disclose information; and (4) how IsoLabs
retains information. IsoLabs does not sell your personal information. IsoLabs also does not “share” your personal information as that term is defined in the CCPA.

‍
State laws like the CCPA also provide the right to request information about how IsoLabs collects, uses, and discloses your information. And they may give you the right to access and correct your information, and to request that IsoLabs delete that information. Finally, the CCPA provides the right to not be discriminated against for exercising these privacy rights.

‍

If you have questions or concerns related to your rights under CCPA, or would like to exercise your rights, you (or your authorised agent) can contact IsoLabs at legal@isomorphiclabs.com. We’ll validate your request by verifying your interactions with IsoLabs, and may require that you provide us with additional information, such as any names, phone numbers or email addresses you have used when communicating with us.

‍

The CCPA also requires a description of data practices using specific categories. This table uses these categories to organize the information in this policy.