Roku Privacy Notice for Job Applicants

International

Last Updated: 23 March 2022

1. Scope

  • This notice describes how Roku, Inc., its subsidiaries, and affiliates (“Roku”, “we” or “us”) collect and process personal information about you in connection with Roku’s recruitment process, why we process it, and how you can exercise your privacy rights in relation to it.


2. Purposes for processing your personal information

  • Roku mainly collects, stores and otherwise processes your personal information in order to evaluate your application to work for Roku and, if you are successful, to recruit and onboard you. Please see Annex 1: Supplementary Information for more specific information on the purposes for which the type of data that may be processed and the legal grounds on which we process your personal information.


3. Sources of your personal information

  • Most of the personal information that we process about you is provided to us by you or generated in the course of your application to work for Roku. However, there will be situations, where we obtain personal information from other sources, such as:
    • references and other background information from nominated individuals, former employers, employment agencies, background check providers and credit reference agencies;
    • feedback from colleagues including managers and peers;
    • cookies, pixels, tags, or similar technologies on websites and in our emails;
    • information from social media sites, such as Linkedin. The data that we receive from such sites will be dependent upon what you have decided to share with these sites and allowed them to share with us or otherwise made publicly available.


4. Sharing of personal information

  • Roku will make your personal information available on a need-to-know to those who require it to perform their tasks and duties in relation to the purposes listed in this notice (including Annex 1), including other Roku companies and third party service providers.
  • We may also disclose personal information to other third parties on other lawful grounds, including:
  • To comply with our legal obligations, including where necessary to abide by law, regulation or contract, or to respond to a court order, administrative or judicial process, or to meet national security or law enforcement requests, including, but not limited to, a subpoena or search warrant;
  • With your unambiguous consent;
  • Where it is necessary for our legitimate interests (for example, as necessary to establish, exercise or defend against potential, threatened or actual litigation or to a potential buyer in connection with the sale, assignment or other transfer of all or part of our business); and
  • Where necessary to protect the vital interests of yourself or another person.


5. Security, retention and transfers of your personal information


  • Security: Roku has put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, Roku limit access to your personal information to those employees and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Roku has put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so. Roku expects third parties to whom we disclose your personal information to respect the security of your data and to treat it in accordance with the law and to take appropriate security measures to protect your personal information.


  • Retention: If you are successful in your application to work for Roku, the personal information processed in connection with your application will become part of your employment record and be retained in accordance with our standard employee data retention practices. If you are unsuccessful in your application, we will retain your details for a reasonable amount of time to consider you for future roles with Roku. We retain this information for various reasons, including to consider you for other current or future jobs at Roku, in case we face a legal challenge in respect of a recruitment decision, and to help us better understand, analyze and improve our recruitment processes. If you do not want us to retain your personal information for consideration for other roles, or want us to update it, please contact workforceprivacy@roku.com Please note, however, that we may retain some information if required by law or as necessary to protect ourselves from legal claims.


  • Transfers: Roku is a global group of companies headquartered in San Jose, California, USA. As Roku operates at a global level, we may need to transfer personal information to other countries, in particular to the headquarters. Transfers may also need to be made to other countries where Roku operates. When we export your personal information to a different country, we will take steps to ensure that such data exports comply with applicable laws and legislation. For example, for transfers of personal information from the EU, Ukraine and UK to Roku group entities located outside of these territories, we have implemented data transfer agreements incorporating the Standard Contractual Clauses approved by the European Commission to enable the transfer of the personal information. Likewise, when we use third party service providers and their services involve transfers of personal information, we seek to ensure that appropriate data transfer mechanisms have been implemented, such as the Standard Contractual Clauses. We maintain records of these service providers and the applicable data transfer mechanisms in place with them.


6. Your Privacy Rights

  • Under certain circumstances, and subject to the law in your country, you have the right to:
    • access, correct, update or request deletion of your personal information.
    • object to processing of your personal information; ask us to restrict processing of your personal information or request portability of your personal information
    • to withdraw your consent at any time if we have collected and processed your personal information with your consent.
    • to complain to a data protection authority about our collection and use of your personal information.
    • To exercise these rights, please email workforceprivacy@roku.com. Please note that certain personal information may be exempt from such requests in accordance with applicable data protection laws or other laws and regulations. You may also contact our Data Protection Officer (DPO) at privacy@roku.com

Annex 1: Supplementary Information

This annex outlines the purposes for which Roku processes your personal information and the legal grounds for doing so.

Under EU and UK data protection law, there are various grounds on which Roku can rely when processing your personal information. In some contexts, more than one ground applies.  We have summarised these grounds as ‘Contract’, ‘Legal obligation’, ‘Legitimate interests’, ‘Vital interests’ and ‘Consent’ and outline what those terms mean in the following table.

Term

Ground for processing

Explanation

Contract

Processing is necessary for performance of a contract with you or to take steps at your request to enter a contract.

This covers carrying out our contractual duties and exercising our contractual rights.

Legal obligation

Processing is necessary to comply with our legal obligations.

Ensuring we perform our legal and regulatory obligations.  For example, providing a safe place of work and avoiding unlawful discrimination.

Legitimate interests

Processing is necessary for our or a third party’s legitimate interests.

We or a third party have legitimate interests in carrying on, managing and administering our respective businesses effectively and properly and in connection with those interests processing your data.  Your data will not be processed on this basis if our or a third party’s interests are overridden by your own interests, rights and freedoms.

Vital Interest

Processing is necessary to protect your or someone else’s vital interests.

This covers extremely rare situations where we might need to use your personal information to protect your life or similar emergency situations (such as an emergency where we need to contact emergency services and/or the people you have nominated as  emergency contacts).

Consent

You have given specific consent to processing your data.

In general, processing of your data in connection with recruitment or employment is not conditional on your consent (except for Ukranian individuals).   But there may be occasions where we do specific things such as provide a reference, or obtain medical reports or background checks and rely on your consent to our doing so.

Note: If you are a Ukranian resident, the only legal grounds for processing your personal information is consent. By applying for a job with Roku you consent to the processing of your personal information for the purposes outlined in this notice.

The purposes for processing your personal information (and legal grounds Roku relies on)

The main part of the notice outlines the general purposes for which we process your personal information.  The table below contains more specific information about these, examples of the data and the legal grounds on which we rely for each of these purposes. The examples in the table are not exhaustive and there may be in-country variations.

Purpose

Examples of personal information that may be processed

Grounds for processing

Recruitment

In connection with recruiting and onboarding you, we will process personal information such as:

  • Standard data related to your identity (e.g. your name, address, email address, ID information and documents, telephone numbers, place of birth, nationality, contact details, professional experience and education (including university degrees, academic records, professional licenses, memberships and certifications, awards and achievements, and current and previous employment details), financial information (including current salary information) language skills, and any other personal information that you present us with as part of your application related to the fulfilment of the role.
  • Information concerning your application and our assessment of it, your references, any checks we may make to verify information provided or background checks and any information connected with your right to work. 
  • If necessary, we will also process information concerning your health, any disability and in connection with any adjustments to working arrangements.
  • If you are offered and accept employment with Roku, the information collected during the application and recruitment process will become part of your employment record.

Contract

Legal obligation

Legitimate interests

Tracking your application

In connection with your application, we will process personal information such as:

  • Data from cookies and similar technologies on our websites and in our emails in order to track your use of our websites, interaction with emails we send you and your application status.

Consent

Your employment contract including entering it, performing it and changing it.

In order to enter into, perform, maintain and change your employment contract with Roku, we process personal information such as:

  • Personal contact details such as name, address and personal e-mail address.
  • Employment records (including job titles, work history and working hours).
  • Recruitment records (including copies of right to work documentation, references and other information included in a CV/resume or cover letter or as part of the application process).
  • Providing certain benefits to employees.  For example, your participation in pension arrangements, life and medical insurance and any employee share schemes.

Contract

Legal obligation

Legitimate interests

Monitoring of diversity and equal opportunities

In order to ensure that we are acting as a fair, inclusive employer we may process your personal information, such as:

  • Information about your nationality, racial and ethnic origin, gender, sexual orientation, religion, disability and age as part of diversity monitoring initiatives.
  • Such data will usually be aggregated and used for equality of opportunity monitoring purposes. Please note we may share aggregated and anonymised diversity statistics with regulators if formally required / requested.

Consent

Legitimate interests

Protect the rights and property of Roku, our users, applicants, employees or the public.

We will also use your information to protect the rights and property of Roku, our users, applicants, candidates, employees or the public as required or permitted by law.


Legitimate interests

Legal obligation