Updated April 2024
Candidate Privacy Notice
Additional Links
1. What does this notice cover?
This notice describes how Samsara Inc. and its affiliates ("Samsara", "we", "us" or "our") collect, use and disclose your “personal data” in connection with your application for internship and/or employment with us. Personal data is any information that relates to an identified or identifiable individual and includes any information that constitutes "personal data" or "personal information" as defined by applicable privacy laws. It also describes your data protection rights and how to exercise them.
We may provide you with additional information when we collect personal data, where we feel it would be helpful to provide relevant and timely information.
2. What personal data of yours are we likely to collect?
Personal identification and communication information such as your name, home address, phone number; email address; date of birth, gender, immigration status, and information about your entitlement to work;
Application-related information such as curriculum vitae (CV), cover letter, employment history, education history, qualifications and skills, reference contact information, position preferences, willingness to relocate, desired salary, availability, interests and aspirations, and background screening information, if relevant and where permitted by law or justified by our legitimate business interests;
Sensitive information (to the extent permitted under applicable law and as defined by applicable law) such as information about your race or ethnic origin, health and disabilities, religion or beliefs, and sexual orientation where you have volunteered that information, or where otherwise required for us to make reasonable adjustments to the interview process and for equal opportunity monitoring; and
Financial information such as banking information in order to enable our third-party payment processor to reimburse you for expenses incurred in the application process where applicable.
Reference information such as contact and professional information related to your references. Before submitting anyone's personal information to Samsara, be sure you have the person's permission to do so. If you later find out you did not have such permission, please inform us as soon as possible.
We collect most of this information from you directly or it is generated during the recruitment process (e.g., data is collected through our application portal and/or CVs; from correspondence with you; or through interviews, meetings or other assessments). We may also collect some information about you, to the extent permitted under applicable laws, from other people (e.g., recruiters, referrals), your referees or organizations (such as LinkedIn), publicly available sources such as your company profile or public social media accounts, and where applicable, we may also collect data from our third-party background screening provider (during the pre-employment/internship screening process).
3. Why do we collect, use and store this personal data?
We collect, use and store your personal data for the reasons set out below.
Where necessary for Samsara to take steps prior to potentially entering into an employment/internship contract with you. For example:
To make informed decisions on recruitment and assess your suitability for the role;
To communicate with you about your application, to respond to your inquiries and to run interviews; and/or
To reimburse you for any pre-agreed expenses incurred in the application process, where applicable.
Where necessary for Samsara's legitimate interests, as listed below, and where our interests are not overridden by your data protection rights. For example:
To improve our internship and/or recruitment process and activities;
To verify the details you have supplied and, where applicable and authorized, conduct pre-employment/internship background checks to the extent permitted under applicable laws;
To protect our legitimate business interests and legal rights, including, use in connection with legal claims, compliance, regulatory, auditing, investigative and disciplinary purposes (including disclosure of such information in connection with legal process or litigation) and other ethics and compliance reporting requirements; and/or
To analyze and monitor the diversity of the workforce in accordance with applicable laws, such as compliance with equal opportunity employment laws.
Where necessary to comply with a legal obligation. For example:
In certain countries (e.g., Poland) evaluating your candidacy for a position with Samsara (such as processing your application, analysing your qualifications, verifying your identity and your eligibility for employment);
To assess your fitness and propriety in connection with your engagement in a controlled function, where applicable; and/or
To comply with legal, regulatory and other requirements under applicable laws.
Where you have given consent. For example:
To contact you about future career opportunities at Samsara (future recruitment); and/or
In certain countries (e.g., Poland), if you provide us with data that we do not request from you (such as your photo), by providing us with such data you give us your consent for their processing.
4. How long do we retain your personal data for?
Your personal data is maintained on our servers or those of our service providers and will be accessible by authorized employees, representatives, agents, and service providers for the purposes described herein.
If you are successful: we will retain your personal data for no longer than is necessary for the purposes of the recruitment process. If you become a Samsara employee/intern, your relevant personal data will become a part of your employee/intern file and may be used later for the management of the employment/internship relationship.
If you are not successful: we will retain your personal data for 12 months following notice of your last unsuccessful application with us to the extent the General Data Protection Regulation (EU Regulation 2016/679) (“EU GDPR”) and its incorporation into the laws of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 (“UK GDPR”) (the EU GDPR and UK GDPR together the “GDPR”) or Canadian privacy laws are applicable. Otherwise, to the extent allowed by applicable law, we shall retain your personal data for 48 months following the notice of your last unsuccessful application with us. These retention periods also apply from the date candidate data is added to our systems, should the candidate not engage with or apply for a role at Samsara. We retain your personal data for such reasonable periods of time for various reasons (e.g., in case we need to repeat the recruitment process, evidence that we have not discriminated against candidates on prohibited grounds, or evidence that we have conducted the recruitment process in a fair and transparent way).
5. How do we disclose your personal data?
Samsara does not sell or share personal data as defined under the California Consumer Privacy Act of 2018 as amended by The California Privacy Rights Act of 2020, together with its implementing regulations, (the “CPRA”), or under applicable law, as the case may be. Samsara may disclose your data as follows:
Personal data will primarily be processed by employees in our People, Talent, IT, Legal, Finance, and Workplace teams across our group of companies. If you are applying for a position from outside of the USA, this may therefore include disclosing your personal data to our affiliates in the USA and in other jurisdictions.
Your personal data may also be disclosed to companies providing services, such as technology services including hosting, maintenance, administration and analysis, as well as other agencies, under contract to Samsara as part of the recruitment process. For general recruitment services, we use a third-party candidate tracking system. We may also share your personal data with other third-party service providers (e.g., providers of background checks). Some of these service providers may be located outside of your country of residence, including in the USA.
Your personal data will also be disclosed to government authorities and/or law enforcement officials if mandated by law or if required for the protection of our legitimate interests in compliance with applicable laws.
If a Samsara business is sold to or integrated with another business, your details may be disclosed to our advisers and any prospective purchaser's adviser(s) and will be passed to the new owners of the business.
Samsara may also disclose your personal data with your consent.
In the event that your personal data which is subject to the GDPR is otherwise transferred outside of the European Union/European Economic Area/United Kingdom to an organization (including one of our affiliates) in a country which is not subject to an adequacy decision by the European Commission (e.g., UK) or considered adequate as determined by applicable data protection laws, we will take steps to ensure your personal data is adequately protected by way European Commission approved Standard Contractual Clauses (e.g., when transferring your data to the USA), or by relying on such other data transfer mechanisms as available under applicable data protection laws. A copy of the relevant transfer mechanism can be provided for your review on request.
Even though our US entity remains self-certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), which were developed specifically to establish a way for companies to comply with data protection requirements when transferring personal data from Europe to the United States, we also have entered into European Commission approved Standard Contractual Clauses to provide adequate protection for such transfer in the event the Data Privacy Frameworks are invalidated as a transfer mechanism. You may request additional information in respect of such transfer mechanism by exercising your rights as set out below. To learn more about the Data Privacy Framework, and to view our certification, please visit https://www.dataprivacyframework.gov.
Samsara and the Data Privacy Framework
Regarding the collection, use, and retention of personal data transferred from the European Union, the United Kingdom, and Switzerland to the United States, Samsara complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Samsara has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Samsara has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Samsara commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Samsara at privacy@samsara.com or by using one of the addresses noted below in the “Contact Us” of this privacy notice.
Samsara has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.
All personal data that is subject to this privacy notice and is received from individuals who are resident in the European Union, European Economic Area (EEA), the United Kingdom, and Switzerland is covered by Samsara’s participation in the Data Privacy Framework unless governed by another adequate transfer mechanism as detailed herein. Samsara will comply with the Data Privacy Framework Principles in respect of such personal data.
Samsara is accountable for personal data received under the Data Privacy Framework and subsequently transferred to a third party as described in the Data Privacy Framework Principles located at https://www.dataprivacyframework.gov/. Pursuant to the Data Privacy Framework, Samsara remains liable for the transfer of personal data to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damages.
As further explained in the Data Privacy Framework Principles, a binding arbitration option is also available to you in order to address residual complaints not resolved by any other means. Samsara is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
6. Verification and background checks
For certain positions, it will be necessary for us to verify the details you have supplied (e.g., in relation to your identity, employment history, academic qualification and professional credentials) and to conduct pre-employment/internship background checks (e.g., in relation to previous criminal convictions or financial standing). The level of checks will depend on the jurisdiction to which our hiring entity is subject, your role, in particular whether you will occupy a regulated role, and will be conducted at as late a stage as is practicable in the recruitment process and often only after you have been selected for the position and only to the extent permitted under applicable laws. If your application is successful, we will provide further information about the checks involved and will obtain any necessary consents or acknowledgements and/or make sure that it is permitted by law or justified by our legitimate business interest prior to completing such checks.
7. Your choices and rights
Depending on the applicable data protection and privacy laws in your jurisdiction, you may have certain rights. You may have the right to know what personal information Samsara has collected about you and to ask Samsara for a copy of your personal data; for information about how it has been processed; to correct, delete or restrict processing of your personal data; and to obtain the personal data you provided in a structured, machine-readable format. In addition, you may object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement). Where we have asked for your consent, you may withdraw consent at any time. If you ask to withdraw your consent to Samsara processing your personal data, this will not affect any processing which has already taken place at that time. You have additional rights if you are based in India; namely: you have the right to seek the redressal of any grievances which you have under this notice as well as the right to nominate an individual who may exercise your rights hereunder in relation to your personal data in the case of your death or incapacity.
The types of automated decision-making referred to in Article 22(1) GDPR do not take place in connection with your personal data. Should this change, we will inform you about why and how any such decision was made, the significance of it, and the possible consequences of it.
Samsara will honor such requests for access, correction, deletion or restriction and/or any withdrawal or objection as required under the applicable data protection laws and regulations (including the GDPR and CPRA) as well as those other rights outlined herein. However, please note that such rights are not absolute: they do not always apply, and exemptions may be applicable (e.g., such exemptions noted in Cal Civ. Code §1798.105 or in Chapter III of the EU GDPR). Samsara may, in response to any such request, ask you to verify your identity and/or provide information that helps us to better understand your request. If we ask you to verify your identity, we may ask you for supporting information. If we do not comply with your request, we will explain why.
You may exercise any of your rights in this section without discrimination by us.
To exercise the above rights with Samsara, you may send an email to privacy@samsara.com. You can also raise any questions, grievances of this notice, and/or concerns by contacting our Data Protection Officer at dpo@samsara.com. An authorized agent can also exercise these rights on your behalf by contacting privacy@samsara.com.
If you are not satisfied with our response and are based in the EU or the UK, you may have the right to make a complaint to the data protection authority in the jurisdiction where you live or work, or in the place where you think an issue in relation to your data has arisen. This right might also apply for other jurisdictions depending upon your circumstances. The contact details of each Data Protection Authority in the EU can be found at the following website: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. In the UK, this will be the UK Information Commissioner whose contact details can be found at the following website: https://ico.org.uk/. You may contact us if you require assistance finding contact information for Data Protection Authorities outside of the EU or UK.
8. Updates to this privacy notice
We reserve the right to update this privacy notice at any time, and we will make such new privacy notice available when we make any updates. We may also notify you in other ways from time to time about the processing of your personal data.
9. Contact us
The primary “data controller” for your personal data will be the entity to which you apply for, that is Samsara Inc. or one of its direct or indirect subsidiaries indicated below. If you have any questions regarding this privacy notice, our privacy practices, or would like to exercise your rights under applicable data privacy law (i.e., to access or update your personal data), you may contact us by emailing privacy@samsara.com, calling +1-888-506-8009 (toll-free in the United States), or writing to us at the following address:
Samsara Inc. Attention: Legal Department – Privacy Issues, 350 Rhode Island Street, 4th Floor, South Building, San Francisco, CA 94103 USA
Samsara Networks Limited (also as a Representative of Samsara Inc., Samsara Deutschland GmbH, Samsara France SAS, Samsara Nederland B.V., and Samsara Poland Sp. z.o.o. for the purposes of the UK GDPR) Attention: Legal Department – Privacy Issues, Floor 4, 1 Alie Street, London E1 8DE, United Kingdom
Samsara Deutschland GmbH (also as a Representative of Samsara Inc., Samsara Networks Mexico, S. de R.L. de C.V., and Samsara Networks Limitedfor the purposes of the EU GDPR) Attention: Legal Department – Privacy Issues, Mühldorfstraße 8, 81671, München, Germany
Samsara France SAS Attention: Legal Department – Privacy Issues, 1-7 Cours Valmy - le Belvédère - 92800 Puteaux, France
Samsara Nederland B.V. Attention: Legal Department – Privacy Issues, Barbara Strozzilaan 101, Suite 2.01 1083HN Amsterdam Netherlands
Samsara Poland Sp. z.o.o. Attention: Legal Department – Privacy Issues, Plac Konesera 12, #113 and #114, 03-736 Warszawa, Poland
Samsara Networks Mexico, S. de R.L. de C.V. Attention: Legal Department – Privacy Issues, Av. Río San Joaquín 498, Piso 3, Ampliación Granada, Miguel Hidalgo C.P. 11529, Ciudad de México, México
Samsara Technologies Canada ULC Attention: Legal Department – Privacy Issues, 1600 - 925 West Georgia Street, Vancouver BC, V6C 3L2, Canada
Samsara Networks Taiwan Ltd 台灣森萬聯有限公司 Attention: Legal Department – Privacy Issues, 18F, No. 80, Section 1, Zhongxiao West Road, Zhongzheng District, Taipei City 100, Taiwan (R.O.C.)
Click the "Download" button below for the Polish translation of the Candidate Privacy Notice.
Download