STARBUCKS PRIVACY STATEMENT
Last Revised: 24 January 2018
This Privacy Statement ("Statement") applies to applicant employment data collected via the Milan Starbucks Reserve Roastery Careers website at starbucksreservecareers.it. The website will provide information about the Starbucks Milan Roastery, working at the Roastery, roles within the Roastery and shall also advertise live vacancies for which candidates may.
Please note that where you are an existing employee or become an employee of Starbucks or its subsidiaries, licensees or affiliated companies, the privacy statement that applies to the use of your personal data in relation to that employment can be found in your relevant staff handbook. All data you submit or that is obtained by us in relation to your use of this website and the services will be treated in accordance with this Statement.
In this Statement, the terms "Starbucks", "we", "our" and "us" refer to Starbucks Italy S.r.l., with registered office in Via Monte Napoleone 29, Milan, acting in its capacity as data controller that can be contacted at the details in Section 16 below and its respective subsidiaries and affiliated companies. The term “your device” refers to any computer, tablet, smart phone or other device you are using to access our website. Our website may contain links to websites that are owned and operated by other companies. This Statement does not apply to websites and services that are owned and operated by third parties.
This Statement came into effect on the date indicated at the top of this webpage. We may update this Statement from time to time and in particular following the applicability date of the EU Regulation 679/2016 (the "General Data Protection Regulation"). If we make changes, we will post the updated Statement on this page and change the date at the top of this Statement webpage. We encourage you to look for updates and changes to this Statement by checking this date when you access our website. We will notify you of any modifications to this Statement that might affect the way we use or disclose your personal information prior to the change becoming effective by means of a message on this website.
PART I - GENERAL INFORMATION
1. Information We Collect and Legal Basis for the Collection
As you use our website we collect information about you and the services you use for the purposes described below in Section 2 of this Statement. The information we collect falls into three different categories: (1) information you give us; (2) information we collect from you automatically; and (3) information we collect from other sources. Some examples of when we collect this information include when you visit our website, create a user profile, use our website to submit an application for employment or participate in a survey.
a) Information You Give Us
Some information we collect is provided by you when you use our services. This may include, for instance, your first and last name, username, password, email address, postal address, phone number, demographic information (such as your gender), job experience and history, educational background, skills, interests, position(s) you are interested in, and any other information you choose to give us in your C.V., cover letter or similar.
b) Information We Collect Automatically
Some information is collected by us automatically, including when you access our website or otherwise use our services. This information, whose collection might require your consent, includes:
Location Information - As part of your application process you might be required to provide your geo-location in order to allow us to relocate you in case of a specific request.
c) Information We Collect from Other Sources
Some information we collect is publicly available. For example, with your prior consent, we may collect information you submit to a blog, a chat room, or a social network like Facebook, Twitter, LinkedIn or Google+. We may also collect information about you from other companies and organisations. By gathering additional information about you, we can correct inaccurate information, give you job recommendations that are more likely to interest you (provided you have consented).
2. How We Use Your Information and on What Legal Basis
We may use the information we collect about you for the following purposes:
a) to process your application;
b) to communicate with you about your application and/or any positions that may be of interestto you;
c) to respond to your enquiries and requests for information;
d) to maintain appropriate records required under applicable laws and for internal administrativepurposes;
e) to detect, prevent, or investigate security breaches or fraud and protect the rights of Starbucksand others, in particular to: (i) protect, enforce or defend the legal rights, privacy, safety orproperty of Starbucks, our company subsidiaries or affiliates or their employees andcontractors; (ii) protect the safety, privacy and security of users of Starbucks services; (iii)comply with the law or legal process; and (iv) respond to requests from public andgovernment authorities;
f) to conduct applicant and employment-related statistical evaluation in an aggregate mannerand record keeping; and
g) to complete a merger or sale of assets. In this respect, if Starbucks sells all or part of itsbusiness or makes a sale or transfer of its assets or is otherwise involved in a merger ortransfer of all or a material part of its business, Starbucks may transfer your information to theparty or parties involved in the transaction as part of that transaction;
h) within the limits provided by the provisions on cookies, and other similar technologies below, to: (i) maintain, improve, and analyse our website; and (ii) facilitate the functionality of our website;
i) to perform aggregated analytics to improve the applicant and partner experience.
The disclosure of your personal data for the purposes indicated in paragraphs 2.a) to g) of this Statement is compulsory since necessary for the provision of the requested service and the refusal to provide the information for the purposes indicated in paragraphs 2.a) to f) would make it impossible for Starbucks to provide the required services., The processing of information for the purpose of paragraphs 2. letter g) is not compulsory and is performed in compliance with applicable laws and the legitimate interest of Starbucks and its counterparties to perform such transactions, adequately balanced with your interests. You can object to such data processing by contacting us through the modalities indicated in Section 16 below, but if you object to such data processing activity, your data cannot be used for this purpose.
The disclosure of your personal data for the purposes of letters h) and i) is discretionary, save for the technical cookies indicated in the sections below which are mandatory. The refusal to provide the information requested for the purpose of letter h) above may result in the provision of a lower level of service, while the refusal to provide the information requested for the purpose of letter i) above would prevent us performing aggregated analytics.
With regard to the above-mentioned purposes, your information may be processed by Starbucks by way of electronic and non-electronic means.
3. How We Share Your Information
We may share your information with the following categories of entities outside of Starbucks situated both in the EEA and, within the limits of Section 15 below, outside the EEA, which process your personal data in their capacity of data controller or data processors depending on the circumstances, in the following circumstances:
a) When We Work Together – We may share information between and among Starbucks Corporation, its subsidiaries, its licensees and/or affiliated companies for the purposes of management, analysis and decision making, and for use by those companies for the other purposes described in Section 2 above.
b) When We Work with Service Providers – We may share your information with service providers that provide us with support services such as such as applicant management, skills and background analysis, employment administration, and to communicate with you and for other services such as website hosting, email and postal delivery, marketing of new candidates roles or analytics services. We require the companies to refrain from collecting, using and disclosing your information except when they are performing work for us or when the disclosure of your information is required by law.
c) When We Work on Business Transactions – If we become involved with a merger or another situation involving the transfer of some or all of our business assets, we may share your information with business entities or people involved in the negotiation or transfer.
d) When Sharing Helps Us Protect Lawful Interests – We may disclose your information if we believe that the disclosure is required by law, if we believe that the disclosure is necessary to enforce our agreements or policies, or if we believe that the disclosure will help us protect the rights, property, or safety of Starbucks or our customers or partners.
e) When You Give Consent – We may share information about you with other companies if you give us permission or direct us to share the information.
f) When the Information Does Not Identify You – We may share your information in an anonymous format. For example, we may share information about your use of our website in a manner that does not directly or indirectly identify you or may combine information about you or the use of the services with similar information about other people and share the aggregated information for statistical analysis and other business purposes in a way that does not link your information to you.
g) To Collect Information on How Our Websites and Services Are Used – We allow certain service providers to use the information collected on our website and via our services to help us learn about our audience and how people use our website. The companies that use this information for this purpose do not match the information to individual users, nor it crosses / enrich the data collected with other data. In other words, statistical information collected by third parties regarding website usage or performance is not matched or linked to you.
Starbucks has appointed as external data processor Jupiter Advertising Limited to provide services in relation to its recruitment website. A list of all the external data processors appointed by Starbucks is available at its registered office.
4. What are Your Rights with regard to Your Personal Data?
You have the right at any time in relation to your personal data to:
a) obtain confirmation as to whether or not your personal data exists and to be informed of its content and source, verify its accuracy or request integration, updates or amendments;
b) request the deletion, conversion to an anonymous form or restriction of your personal data processed in breach of the applicable law; and
c) oppose its processing, in all cases, for legitimate reasons.
You may also revoke your consent, at any time, to the receipt of any marketing communications and to profiling activities.
In addition to the above, from May 25th, 2018, the date of applicability of the General Data Protection Regulation, you will also have the right set out in Section 15(b) below.
In order to exercise the rights above, you can contact us as described in the "Contact Us" Section of this Privacy Statement. In your request, please include your email address, name, address, and telephone number.
5. Cookies and Similar Technologies
Cookies – Cookies are small data files that are sent from a website’s server and are stored on your device’s hard drive either for only the duration of your visit ("session cookies") or for a fixed period of time ("persistent cookies"). Cookies contain information that can later be read by a web server.
These and similar technologies are used for the following purposes:
Services and Functionality – Some of these technologies are required to allow you to access and use our website and the various services and functionality we offer. Without these technologies some of the services and functionality on our website would not work properly.
Performance Monitoring – Some of these technologies help us analyse and estimate traffic and assess the volume of use of services and functionality on our website. They show us how visitors and candidates interact with our website, whether there are any errors, the degree to which certain web pages, applications, services or functionality are accessed and used and how they are performing or operating. When these technologies are used for performance monitoring, no information that identifies you is collected and these technologies are only used to help us improve how our website and understand user interests.
User Convenience – Some of these technologies enhance the ease of use of our website and the services and functionality they make available by accelerating load and refresh times and remembering information that you have provided on prior visits to our website or when you last used a website service or functionality. For example, a cookie may remember your username to save you time in entering this information when you log in to your account.
The above cookies are considered to be technical cookies and the following technical cookies are used on our website:
You may disable the technical cookies set out in the table above by clicking on the relevant links.
Please note however that, by disabling the cookies, your use of the website might be compromised.
Third party cookies - The following cookies installed by third parties other than Starbucks are used on our website:
You may deny consent to the placing of the above cookies in the context of profiling advertisements as distributed by Starbucks by clicking on the relevant links.
6. Retention of Your Data
We will generally retain your information for six (6) months from the date of your application or as long as your user profile and account is active or as required by law or as needed to provide your requested services. You have the opportunity to review Starbucks policy regarding the retention, disposition, access and confidentiality of the information collected in the application process, before applying for employment.
PART II - YOUR CHOICES
7. Communication Choices
In order for us or our affiliated companies or licensees to successfully process your job application, we (or where applicable our affiliated companies or licensees) shall be required to communicate with you in relation to your job application only, using the contact details you provide to us.
8. Cookies and Similar Technologies
In addition to the information provided above, you may be able to reject cookies by adjusting the appropriate settings in your browser. Each browser is different, but many common browsers (Internet Explorer, Chrome, Firefox, and Safari) have preferences or options that may be adjusted to allow you either to accept or reject cookies and certain other technologies before they are set or installed or allow you to remove or reject the use or installation of certain technologies altogether. If you want to learn the correct way to modify your browser settings, please use the Help menu in your browser or visit the following links:
Google Chrome: https://support.google.com/chrome/answer/95647
Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
9. "Do Not Track" Technology
Subject to this Privacy Statement, some newer web browsers have a "Do Not Track" preference that transmits a "Do Not Track" header to the websites you visit with information indicating that you do not want your activity to be tracked. We currently do not respond to browser "Do Not Track" signals.
10. How to Manage Your Account Information
Information can be changed or removed from Starbucks accounts where required by law. As required by law, there are instances whereby we are unable to delete an account completely.
11. Use by Minors
We do not intend for our website or online services to be used by anyone under the age of sixteen (16). If you are a parent or guardian and believe we may have collected information about your child, please contact us as described in the "Contact Us" Section of this Statement.
12. Transfer of Data Abroad / EU-U.S. Privacy Shield
The information you provide us is stored and processed on servers owned by Starbucks and our respective service providers located throughout the European Economic Area (EEA). Your personal data may be transferred to countries within the European Economic Area or outside the EEA and in particular to the U.S.A whose data protection laws may be less stringent than your country’s. Starbucks will ensure that appropriate and suitable safeguards are in place to protect your personal data and that transfer of your personal data is in compliance with applicable data protection laws (and in particular article 46 of the General Data Protection Regulation) and this Statement.
You have the right to request a copy of your personal data, to know where your personal data is stored, or to request rectification to any inaccurate data we hold by contacting Starbucks at the address indicated in this Statement.
In any case note that Starbucks Corporation participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Starbucks is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List here: https://www.privacyshield.gov/list.
Starbucks is responsible for the processing of personal data it receives, and subsequently transfers to a third party acting as an agent on its behalf, under the Privacy Shield Framework. Starbucks complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Starbucks is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Starbucks may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website here: https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
13. Contact us
We welcome your questions, comments and concerns about privacy. You can contact Starbucks Customer Relations by email at firstname.lastname@example.org or by telephone at +44 8834 50 50.
14. What changes with the General Data Protection Regulation 679/2016/EU?
From May 25th, 2018, the date of applicability of the General Data Protection Regulation, the following provisions will apply in addition to those listed above:
a) Data retention of your personal data
We will retain your information only for the period necessary to fulfil the purposes for which the data was collected as outlined in this Statement; in particular:
Information collected for the purposes of Section 2(a) to (e) of this Statement is retained for six (6) months from the date of your application or for as long as your user profile and account is active or as otherwise required by law;
Information collected for the purposes of Section 2(g) is retained for a period that changes depending on the cookie involved as indicated in the relevant policy;
At the end of the retention period your personal data will be either cancelled, anonymized or aggregated.
b) Additional rights
In addition to the rights as indicated in Section 4 of this Statement, you will also have the right at any time to:
request to Starbucks limits the processing of your personal information where:
you contest the accuracy of the personal information until we have taken sufficient steps to correct or verify its accuracy;
the processing is unlawful but you do not want us to erase the data;
we no longer need the personal information for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims; or
where you have objected to processing justified on legitimate interests grounds pending verification as to whether Starbucks has compelling legitimate grounds to continue processing;
object to the processing of your personal information;
request the erasure of your personal information without delay;
request the data be made portable (when we are relying upon your consent or the fact that the processing is necessary for the provision of the Starbucks services and the personal information is processed by automatic means); and
lodge a complaint with the relevant supervisory authority, the Garante per il trattamento dei dati personali.
c) Data Protection Officer
In light of the processing activities carried out by Starbucks as set out in this Statement, Starbucks will notify through this Statement the contact details of the data protection officer, should it reach the conclusion that it is required to do so under the terms of the General Data Protection Regulation.