Candidates Privacy Notice

Effective date

16/7/2025

1. Introduction

1.1. The TransferGo entities listed at Schedule 1 (TransferGo Employers) (“TransferGo”, “we”, “our” “TGO” or “us”) provide this notice to you because you are applying to work with us as an employee, worker or contractor.

1.2. This notice sets out the basis on which we will process your personal data. Please read it carefully to understand our practices regarding your personal data and how we will use it.

2. About Us

2.1. TransferGo is the controller of the personal data of prospective employees, workers and contractors, and is subject to applicable data protection laws.

2.2. If you have any questions about this notice or your personal data, or wish to exercise any of your rights as described in this notice or under applicable data protection laws, you can contact our Data Protection Officer at: dpo@transfergo.com.

3. What types of personal data are processed?

Personal data you give to us

3.1. You may give us personal data about you by filling in forms online, corresponding with us by phone, email, in person, or otherwise, or through a recruitment agency or other third party.

Personal data we collect from you

3.2. The personal data that we collect about you includes, but is not limited to, the following: 

  • • your name,
  • • home address,
  • • contact details (such as telephone number and email address),
    • date of birth,
    • your image or a recording of you, in case You agreed to be recorded or sent this data to TGO,
  • • copies of your passport, driving license and similar documents,
  • • education history (including copies of relevant degrees, diplomas or certificates if required), training and professional experience,
  • • current and past employment details,
    • immigration status and work/study permit,
  • • languages spoken and level of proficiency,
  • • test results and scores (including the results of any aptitude or psychometric tests we ask you to undergo),
  • • criminal record information (where required and allowed by law),
  • • information required to prepare the employment contract,
  • • other information given in your CV,
    • interview notes and recordings,
  • • diversity information (such as information about your race or ethnicity),
  • • information about your health, such as any disability you might have.

4. Personal data provided by third parties

4.1. We collect most of the personal data described in Section 4 from you directly.

4.2. However, we may also collect personal data about you from third parties, including: 

  • • existing TGO employees who refer to or nominate you for roles with us;
  • • governmental authorities (such as local tax authorities, police or court institutions);
  • • your named referees whom you’ve asked to provide us with references;
  • • any third-party e-recruitment testing partners we work with;
  • • where allowed by law, third-party background screening providers, credit reference agencies, fraud prevention agencies, sanction screening and criminal convictions screening agencies; and
  • • where allowed by law, other publicly available sources, such as social media networking sites (such as LinkedIn, Instagram and Twitter).

5. Data relating to criminal convictions and offences

5.1. Where required and allowed by law, we also collect and store personal data relating to criminal convictions and offences. This data will be collected only after the first round of recruitment. In cases where we need to identify a lawful basis for such processing, then, depending on local laws, such processing is carried out with your consent, to comply with our legal obligations or on the basis of our legitimate interests (to ensure we hire suitable candidates and do not breach the binding requirement of our business scope). Such a process would be run by our service party provider, Zinc. During this process, you will be notified about this data collection and processing. This data is only processed where it is necessary for:

  • • complying with or assisting other persons to comply with a regulatory requirement which involves TGO taking steps to establish whether you have committed an unlawful act or been involved in dishonesty, malpractice or other seriously improper conduct;
  • • preventing or detecting unlawful acts (including fraud);
  • • any legal proceedings (including prospective legal proceedings);
  • • obtaining legal advice; or
  • • establishing, exercising or defending legal rights.
  • In case you do not agree to be background-checked under certain circumstances, and there are no other ways to comply with this requirement, we may have to deny your candidacy due to the legally binding obligations of our business nature.

6. What we do with your personal data and our legal basis for processing

6.1. We process your personal data for the reasons listed below. In some countries, we require a lawful basis to process your personal data, and we have identified this below.

Purpose of processing Lawful basis
Assessing your skills, qualifications, and suitability for the role, including taking up references and conducting appropriate background checks.Consent (to ensure we hire suitable candidates) or performance of a contract.
Recruitment processes (including negotiation and communicating with you in relation to your application).Agreement performance.
Complying with our legal and regulatory obligations, including for the purposes of:
• preventing illegal working;
• complying with health and safety obligations;
• responding to government statistical monitoring;
• assessing the fitness and propriety of individuals for the purpose of the relevant regulatory schemes to which we must adhere;
• considering whether adjustments may need to be made to accommodate an individual with a disability;
• liaising with relevant tax authorities and other government entities or agencies in relation to attachments of earnings and similar deductions; and communications with public or regulatory bodies.
Compliance with legal obligations.
Recording interviews for quality control purposes and to train our interviewers.Depending on local laws, either legitimate
interests (to monitor the quality of our
interviewers) or your consent.
Carrying out equal opportunities monitoring, when applicable.Consent.
Carrying out analytics in relation to TransferGo’s recruitment practices.Only anonymous data.
Dealing with any legal disputes involving you or other prospective, current or former employees, workers or contractors.Legal obligations.
Keeping your application data on file so that we can consider you for future roles and opportunities at TransferGo, which we think you’d be suited to.Depending on local laws, either legitimate interests (to ensure our recruitment process is as efficient as possible) or your consent. Such data would be kept from 1 month to 1 year. This consent can be withdrawn anytime by contacting the recruiting agent in writing at: dpo@transfergo.com 
Depending on where you’re located, we may take steps to verify your identity during the recruitment process to detect and prevent interview fraud.Depending on local laws, but with your consent or legal obligation.
Checking and performing a background screen.Depending on local laws, but mostly a legitimate interest of TransferGo.

6.2 Finding candidates on Linkedln and other professional social networks


To improve the efficiency of the Candidate search process by finding the right Candidate for TransferGo more quickly, Candidate searches are conducted on Linkedln and other professional social networking sites.

What are the purposes of the processing?What categories of data do we collect?What is the legal basis that allows us to collect this information about you?Who do we transfer data to? (Controllers)How long do we retain the data?
Recruitment by searching for Linkedln and other professional social networksSearch criteria, name(s), surname(s), other information, provided in a publicly accessible social network profile, communication with the potential Candidate via social networks or other contacts provided on social network accountsGDPR Article 6 (1)(f) TransferGo’s legitimate interest to ensure efficient recruitment of staff by selecting the most suitable Candidates and GDPR Article 6 (1)(a) consent [2]Shared within TransferGo Companies.


Attached to the Greenhouse program in case the candidate is successfully employed.
The data is deleted as soon as it becomes clear that the person has not accepted the offer to apply for a position offered by TransferGo.

With explicit consent – data could be kept for 1 more year.
Internal employees and recruitment firms with which the Bank has concluded contractsName, surname, telephone number, email address, recommendationGDPR Article 6 (1)(f) TransferGo’s legitimate interest [1] to optimise the selection of staff to select the most suitable Intern or Employee GDPR Article 6 (1)(a) consent [2]If a person objects to such processing, the Recommended Candidate’s personal data shall be retained for no longer than 7 working days from the date of receipt of such objection. After this period, the data shall be destroyed.

If the
Recommended Candidate gives his/her consent to the further processing of his/her personal data, his/her personal data shall be retained for a period of 12 months from the date of consent. After this period, the data will be destroyed.

If the
Recommended Candidate does not express his/her will regarding the processing of his/her personal data, his/her personal data shall be retained for 14 calendar days. After this period, the data will be destroyed.
Defending legal claimsInformation relating to the exercise of the Recommended Candidate’s rights to be informed about the processing of personal data and to object to the processing of personal data (date of notice, content of notice, date of receipt of the objection, its content)GDPR Article 6 (1)(f) TransferGo’s legitimate interest to defend legal claimsCourts, public dispute resolution bodies, litigants, lawyers and other legal service providers10 years in case of legal dispute
  1. This is the legal basis for the processing of personal data before the initial contact with the Recommended Candidate
  2. This is the legal basis for the processing of personal data after the initial contact with the Recommended Candidate

6.3. Administration of Recommended Candidates

To optimise the selection process of Candidates and Interns, and to select the most suitable Employee or Intern for TransferGo, both the Employees of TransferGo and the recruitment firms (in case that is the way You have been contacted) with which TransferGo has concluded contracts are given the opportunity to recommend persons they consider suitable as Candidates for specific positions within TransferGo. In this case, the personal data of the Candidate is processed as that of a Recommended Candidate.

What are the purposes of the processing?What categories of data do we collect?What is the legal basis that allows us to collect this information about you?
Who do we transfer data to?

How long do we retain the data?
Recruitment of staff through recommendations from TransferGo employees and recruitment firms with which TGO has concluded contractsName(s), surname(s), mobile or other telephone number, email address, recommendationGDPR Article 6 (1)(f) the Bank Group’s legitimate interest [1] to optimise the selection of staff to select the most suitable Intern or Employee
GDPR Article 6 (1)(a) Consent [2]
If the Recommended Candidate objects to such processing, the Recommended Candidate’s personal data shall be retained for no longer than 7 working days from the date of receipt of such objection. After this period, the data shall be destroyed.

If the Recommended Candidate gives his/her consent to the further processing of his/her personal data, his/her personal data shall be retained for a period of 12 months from the date of consent. After this period, the data shall be destroyed.

If the Recommended Candidate does not express his/her will regarding the processing of his/her personal data, his/her personal data shall be retained for 14 calendar days. After this period, the data shall be destroyed.
Implementation of the Recommended Candidate’s right to be informed about the processing of personal data and the right to object to the processing of personal data
Email address
GDPR Article 6 (1)(c) for the performance of a legal obligation under Articles 14 and 21 of the GDPRFor this purpose, the personal data shall be processed and retained until the Recommended Candidate’s right to be informed about the processing of personal data and the right to object to the processing of personal data are fulfilled.
Defending legal claimsInformation relating to the exercise of the Recommended Candidate’s rights to be informed about the processing of personal data and to object to the processing of personal data (date of notice, content of notice, date of receipt of the objection, its content)GDPR Article 6 (1)(f) the Bank Group’s legitimate interest in defending legal claimsCourts, public dispute resolution bodies, litigants, lawyers and other legal service providers12 months from the date of exercise of the rights of the Recommended Candidate

[1] This is the legal basis for the processing of personal data prior to the initial contact with the Recommended Candidate

[2] This is the legal basis for the processing of personal data after the initial contact with the Recommended Candidate

6.4. Personal data processed in the context of recruitment (for the purpose of assessing Candidates}

  1. Selection/assessment of Candidates for employment

The data listed below is collected about Candidates for employment and, where explicitly stated, their relatives.

What categories of data do we collect?What are the legal grounds for collecting information about me?[1]Who do we transfer data to? (Controllers)How long do we retain the data?
Name(s), surname(s)GDPR Article 6 (1)(a), GDPR Article 6 (1)(b)Details of the CV and identity document of a Candidate for the Management Board of TransferGo entities are transferred to the Bank of Lithuania/European Central Bank/UK RegulatorIf no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress (applies to CV and Information about the assessment of the Candidate, the Candidate’s criminal record from the Register or extract from the Register concerning the Candidate’s criminal record), the data shall be destroyed within 7 working days after the end of the selection process.
Until the end of the employment relationship (applies to the Candidate Questionnaire, Information about the assessment of the Candidate, Candidate’s consent to receive information – data obtained from the current or, in the case of a legitimate interest of the Bank Group, former employer).
10 years after the end of the employment relationship (applies to the Candidate’s criminal record from the Register or extract from the Register concerning the Candidate, to ensure the legal requirements for managers).
National identification number
Details of the identity document (type, number, issuing authority, date of issue, expiry date)
Address (place of residence)
Mobile or other telephone number
Email address
CV information (qualifications, education, school attended and date of graduation, specialisation, qualifications, degree awarded, information on whether you are studying at the time of application), knowledge of foreign languages and skill level, ability to work with specific computer programmes, qualifications acquired in the last two years, previous jobs, personal qualities (any information you have provided about your personality, values, expectations and interests)
Assessment of the Candidate (in the case of a member of the Board in the TGO Group, the Director/Head of Anti-Money Laundering Compliance Department in the TGO, and the designated manager – in the case of the other TGO Companies) responsible for the implementation of anti-money laundering and anti-terrorist financing measures in TGOs’ activities, on the basis of which the following personal data are processed: education, additional qualification courses, experience in managing a financial market participant’s compliance – anti-money laundering and anti-terrorist financing, experience in implementing the legal requirements for a financial market participant in the areas of know-your-client, client relationships, transaction monitoring, internal investigations, analysis of suspicious transactions, experience in identifying, managing money laundering and terrorist financing compliance risks related to the activities of a financial market participant, personal qualities, language skills.GDPR Article 6 (1)(b) GDPR Article 6 (1)(c)
BOL, UK Regulators and EU Commission Resolution on the Approval of Instructions to Financial Market Participants Aimed at Preventing Money Laundering and/or Terrorist Financing
Information about pecuniary and/or non-pecuniary interests of the Candidates and their Relatives and other circumstances, where the Candidate is engaged in an activity that could give rise to a potential conflict of interest between the Candidate and the TGO Companies, i.e., the nature of individual activity, employment relationships, participation in the activities of other companies (as founders, shareholders, members of management bodies), participation in the activities of public organisations, participation in elected bodies of the state or municipalities, participation in private business, or provision of services in any other form (applicable to all employee positions at TGO)GDPR Article 6 (1) (b) GDPR Article 6 (1){c), BOL Resolution on the Approval of Instructions to Financial Market Participants Aimed at Preventing Money Laundering and/or Terrorist Financing GDPR Article 6 (1)(b) GDPR Article 6 (1)(c), Guidelines on Internal Governance of 21 March 2018 (EBA/GL/2017/11) 
If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress (applies to CV and Information about the assessment of the Candidate, the Candidate’s criminal record from the Register or extract from the Register concerning the Candidate’s criminal record), the data shall be destroyed within 7 working days after the end of the selection process.
Until the end of the employment relationship (applies to the Candidate Questionnaire, Information about the assessment of the Candidate, Candidate’s consent to receive information – data obtained from the current or, in the case of a legitimate interest of the TGO, former employer).
10 years after the end of the employment relationship (applies to the Candidate’s criminal record from the Register or extract from the Register concerning the Candidate, to ensure the legal requirements for managers).
Criminal record (applies to employees of the TGO employee function who take funds, Director (CEO), Fund Manager, key function holders, i.e., Head of Risk Management, Head of Actuarial Function, Head of Compliance, Head of Audit Function) GDPR Article 10, GDPR Article 6 (1)(c), LLPPD Article 3 (1) and Article 5 (1), Law on Markets in Financial Instruments Article 17 (1), 17(2) (1), 17(3), Law on Banks Article 34 (10), 34(14), Resolution No. 03-181 of the Board of the Bank of Lithuania of 14/11/2023

If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.
Criminal record (applies to the assessment of suitability of Bank managers and key function holders as regards compliance with the requirements set out in Article 34( 12)(1) and (13)(1)-(2) of the Law on Banks of the Republic of Lithuania).GDPR Article 10, GDPR Article 6 (1)(c) and (3), LLPPD Article 3 (1) and Article 5 (1), Law on Banks Article 34 (2), 34(12)(1) and 34(13)(1)-(2)
If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.
Criminal record (applies to other Bank staff)
GDPR Article 10, GDPR Article 6 (1)(f) (TGO’s legitimate interest in ensuring compliance with legal requirements when specific data for the performance of a legal obligation are not specified in the applicable legislation}, (1)(c) and (3), LLPPD Article 3 (1) and Article 5 (1), Law on Banks Article 34(10) and 34(14)
If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.
Administrative offences (applies to employees of the Bank’s Financial function who provide investment, financial advice and take orders from clients, make payments, supervise payments, Director (CEO), Head of Division, Fund Managers, key function holders, i.e., Head of Risk Management, Head of Actuarial Function, Head of Compliance, Head of Audit Function)
GDPR Article 6 (1)(c}, Law on Markets in Financial Instruments Article 17 (2)(2), Resolution of the Board of the Bank of Lithuania on the approval of regulations of the assessment of managers of supervised financial market participants and their persons carrying out the main functions, No. 03-181.

If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.
Assessment of the Candidate, for the purpose of ensuring compliance with the legal requirements for managers (applies to members of the Supervisory Council of TGO, members of the Board, the Chief Executive Officer and Deputy Chief Executive Officer, the Head of Internal Audit Division, the Director (CEO), Fund Managers and key function holders, i.e., Head of Risk Management, Head of Actuarial Function, Head of Compliance, Head of Audit Function)GDPR Article 6 (1)(b), GDPR Article 6 (1)(c), GDPR Article 10 Resolution of the Board of the Bank of Lithuania on the approval of regulations of the assessment of managers of supervised financial market participants and their persons carrying out the main functions.














If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.
Manager Form approved in accordance with the requirements of the Bank of Lithuania and the data collected, for example: name and surname, former surname, email address, national identification number, date of birth, place of birth, nationality, former passport, identity card details, residential and correspondence address, phone number, education, professional qualifications, work activities over the last 10 years, specific knowledge that could be useful while working for a financial market participant, acquired while holding the specified position, civil actions, administrative and criminal proceedings against both individuals and controlled companies, bankruptcy of the natural person, legal entity, restructuring, managed companies (if any) (respective percentage values, position held), financial results of companies; positions held with other employers, legal entities whose participants are related persons, relatives, private interests, financial liabilities, and other information and documents relevant to the assessment and issuance of the permit by the Bank of Lithuania percentage values, position held), financial results of companies; positions held with other employers, legal entities whose participants are related persons, relatives, private interests, financial liabilities, and other information and documents relevant to the assessment and issuance of the permit by the Bank of LithuaniaGDPR Article 6 (1)(b), GDPR Article 6 (1)(c),

If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.
Information on the list of securities owned, for example: type of securities, name of securities, ISIN, number of securities, custodian, name and surname of security holder
GDPR Article 6 (1)(b), GDPR Article 6 (1)(c), Rules on the Organisation and Operation of Management Companies Articles 61-64
If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.
Data relating to qualifications, professional skills, and professional qualities obtained while working for the current employerGDPR Article 6 (1)(a)
If no employment contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, the data shall be destroyed within 7 working days after the end of the selection process.
10 years after the end of the employment relationship.

2. Ensuring compliance with the legal requirements for Candidates (including Candidates for the Supervisory Council of TGO)

2.1. More detailed information about the processing of data is provided to the Candidates (including Candidates for the Supervisory Council of the TGO) in the TGO internal information documents upon the conclusion of their employment or other contracts.

What categories of
data do we collect?
What are the legal grounds for collecting information about me?Who do we transfer data to?How long do we retain the data?
Details of the Candidate’s (including Candidates for the Supervisory Council of TGO) immediate family (degree of relationship, name(s), surname(s), year of birth, place of work, position)GDPR Article 6 (1)(c), GDPR Article 6 (1)(f) TGO’s legitimate interest in ensuring compliance with legal requirements when specific data for the performance of a legal obligation is not specified in the applicable legislation, Law on Banks Article 34 (10) and (12),
paragraphs 8.3 and 8.7 of the Regulations for the Organisation of Internal Control and Risk Assessment (Management) of the Bank of Lithuania
Paragraph 42 of the Regulations for Assessment of Heads and Key Function Holders of Financial Market Participants Supervised by the Bank of Lithuania

Data is kept internally, unless requested by the Supervisory Institution or audit.

If no employment or other contract has been concluded with the Candidate by the end of the selection process/while the selection process is in progress, 10 years after the end of the employment relationship.

3. Processing of data of unsuccessful Candidates for employment, interns for the purpose of submitting future job/internship offers

3.1. In cases where you apply for a specific job/internship position at TGO but are not offered a job/internship, we may ask you to consent to the processing of your personal data for the purpose of offering you a job/internship at TGO in the future, when we consider you to be a suitable candidate for a specific job/internship position at the Bank Group.

What categories of data do we collect?What are the legal grounds for collecting information about me?Who do we transfer data to? (Controllers)
How long do we retain the data?
Name{s), surname{s), mobile or other telephone number, email address, skills, training, previous jobs, CV information {education, language}.GDPR Article 6 {1){a)Greenhouse12 months from the date of consent

7. Special categories of personal data or ‘sensitive personal data’

We process ‘special categories of personal data’ or ‘sensitive personal data’ for the purposes of:

  • • carrying out the obligations we have to exercise both TGO’s and your specific rights, which are imposed by employment laws;
  • • in the case of personal data about your physical or mental health, to enable TGO to assess your working capacity and take decisions for occupational health purposes;
    • establishing, bringing or defending legal claims; and in the case of “equal opportunities monitoring”, please note that participation is voluntary and providing this information is optional. Any information you provide will not be accessible or used in the hiring process, and will have no effect on your opportunity for employment.

8. Disclosure of your personal data to third parties

8.1. For the purposes set out in Section 7 above, we may share your personal data with:

  • • our group companies where necessary to process your application;
  • • professional advisors (including lawyers, accountants and auditors) where necessary to receive their services;
  • • legal and regulatory authorities (such as tax authorities) where necessary to comply with our legal obligations;
  • • our third-party service providers, including our data hosting service provider (AWS Ireland), background screening check provider (Zinc) and online recruitment testing service providers (Greenhouse, etc.), interview recording tool when you accept the interview to be recorded (Metaview). We also disclose your personal data to third parties where it is in our legitimate interest to do so, including for the following reasons:
  • • if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • • if all or substantially all our assets are acquired by a third party, in which case personal data held about our applicants will be one of the transferred assets; and
  • • if we are under a duty to disclose or share your personal data to comply with any legal obligation.
  • Except as set out in this notice, or as required by law, we would not sell your personal data to any third parties.

8.1. Transfer of data to third countries

Please note that when Candidates’ personal data are processed using the Greenhouse Software (https://www.greenhouse.com/privacy-policy), Candidates’ personal data is transferred to a third country (the United States of America), and also to the processors/sub-processors engaged by Greenhouse Software, Inc., as indicated in the table below. Please note that the European Commission’s decision does not recognise the US as having an adequate level of data protection unless it complies with the required EU/UK law clauses and ensures necessary protection. In this case, GreenHouse complies with all necessary obligations.

Sub-processorNature of servicesPlace of data in transitCountry of data storage “at restReference to a document established
Amazon Web ServiceDatabase storageUnited States of AmericaIrelandStandard data protection clauses

9. Security of your personal data

9.1. We are committed to ensuring that your personal data is safe and take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this notice.

9.2. Unfortunately, the transmission of personal data through the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to or stored on our IT system, and any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.

9.3. If we share your personal data with any third party, we will take all necessary steps to make sure that your personal data is handled lawfully and securely by that third party.

10. How long we keep your personal data

10.1. We will keep your personal data for as long as necessary to fulfil the purposes described in this notice or the terms of any contract that we enter into, or for such longer period as may be required by law. After this, where allowed by law and this notice, we will erase or anonymise your personal data. If you need any additional information about this, please contact our Data Protection Officer at dpo@transfergo.com

10.2. Mainly, the retention period is set like this:

  • • Metaview recorded interview is kept for 2 months;
  • • If you consented to be reached out to, even if the recruitment is unsuccessful at this stage, the sent information will be kept in Greenhouse up to 1 year. If You did not consent, no data will be processed.
  • • If You have sent an email to TransferGo, this email will be saved up to 30 days.
  • • Background screen which was made via Zinc platform, due to the employment step confirmation, will be saved for up to 2 years.
  • • If you have come to our Offices, the recording of the CCTV recording image will be saved for up to 14 days.

11. Automated decision-making

a) We may use automated decision-making in the form of online assessments to help streamline our recruitment processes. These online assessments are mainly designed to assess your competency for the role you have applied for, your working style and/or whether or not you would be suitable for a role with TransferGo. These online assessments will produce a score based on the responses you provide, which we then use to determine whether or not to progress your application.

b) If you are not happy with the outcome of any automated decision we have made, you have the right to challenge this. See the “Exercising Your Rights” section below for more information about how you can do this.

12. Your rights

a) Subject to applicable laws in your location, you may have certain rights in relation to your personal data, including the right to:

  • • access a copy of the personal data which we hold about you;
  • • ask us to correct your personal data if you think it’s wrong;
  • • ask us to delete your personal data in certain circumstances;
  • • object to us processing your personal data on the basis of our legitimate interests or another lawful basis in certain circumstances;
  • • ask us to restrict how we use your personal data;
  • • ask us to transfer personal data to you or another company in a structured, commonly used, machine-readable format;
  • • withdraw your consent (where you have previously given us this); and
  • • ask us to carry out a human review of an automated decision we make about you.
  • • to write a complaint to the Data Inspectorate Authority in case you do believe we have processed data unlawfully.

b) Please note that not all of these rights are absolute and we may not be required to comply with your request where exemptions apply under applicable data protection laws. If we are not going to comply, we will reach out to explain the decision and the reasons.

13. Exercising your rights

You can exercise any of your rights as described in this notice and under data protection laws by contacting TGO’s Data Protection Officer through dpo@transfergo.com.

Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.

We will endeavour to respond to your request within the time period mandated by applicable law. In the UK and the EEA, this means that we will endeavour to respond to your request within one month. Please note, however, that this time period may be extended by a further two months in cases when it is very large and complex. We will definitely inform you regarding such prolonging.

14. International transfers

Your personal data will be stored on servers located in the United States, UK or EEA.

Where required by applicable laws, your consent to the transfer of your personal data outside your home country will be obtained as part of your application.

As an international organisation, authorised personnel may access your personal data in any country in which we operate (see Schedule 1). Therefore, it may be necessary to transfer your details to members of our group located in countries that may not have equivalent data protection or privacy laws to those which apply in your own country. We may also need to transfer your personal data to third-party service providers located in other countries. In case you are interested in who exactly gets your data, please contact dpo@transfergo.com and we will review your request on a case-by-case method.

Regardless of where your personal data is transferred, we will put in place appropriate safeguards to ensure that your personal data is treated securely and in accordance with applicable law. For individuals in the EEA and UK, this usually means entering into Standard Contractual Clauses with the recipients of your data who are located in countries which are not recognised as having adequate data protection laws. More details regarding these safeguards can be obtained from the Data Protection Officer whose details are given above.

15. Complaints

a) Please direct any complaints about how TransferGo processes your personal data to our Data Protection Officer: dpo@transfergo.com 

b) You also have the right to complain to your local data protection authority:

  • • A list of European Union data protection authorities can be found here;
  • • The United Kingdom’s data protection authority’s contact details can be found here

16. Changes

a) This notice may be amended by TransferGo at any time. You can always find the latest version of this notice on our website.

TransferGo’s Employers’ Details

LocationTransferGo entityRegistration details
United KingdomTransferGo Ltd (also as a foreign employer in Belgium, Bulgaria, France, Italy, Romania, Spain, Sweden and Ukraine)07914165
LithuaniaTransferGo Lithuania UAB and/or GoSystems UAB (also as a foreign employer in Germany, France, Ireland, Netherlands, Poland, Latvia)TransferGo Lithuania: 304871705

GoSystems: 302928584
PolandTransferGo Lithuania Sp.Z.o.o.TAX ID: 1060008081
TurkeyTransferGo Tekoloji A.S., Turkey