Rigetti Privacy Policy for Job Applicants
Welcome to RIGETTI UK LTD., RIGETTI COMPUTING CANADA, INC., and RIGETTI AUSTRALIA PTY LTD. Applicants Privacy Notice for Australian, Canadian and UK Applicants.
What does this Privacy Notice Cover?
RIGETTI UK LTD., RIGETTI COMPUTING CANADA, INC., and RIGETTI AUSTRALIA PTY LTD. respect your privacy and are committed to protecting your personal information (the “Personal Data”).
The purpose of this Privacy Notice is to provide our Australian, Canadian and UK Applicants with information about how we process their Personal Data and to tell them about their privacy rights and how the law protects them.
With that in mind, this Privacy Notice is designed to describe:
Who we are and how to contact us.
Your rights relating to your Personal Data.
What Personal Data we collect.
How we use your Personal Data and why.
Personal Data from Third Party Sources.
How we use your Personal Data and why.
With whom we share your Personal Data.
How we keep your Personal Data secure.
How long we store your Personal Data.
Automated Decisions.
Your Obligations.
This Privacy Notice is intended to meet our duties of transparency under the General Data Protection Regulation as that regulation is incorporated into United Kingdom law by the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (the “UK GDPR”). In addition, this Privacy Notice is intended to meet our statutory duties and obligations under Canadian and Australian privacy legislation.
This Privacy Notice may be updated at any time. We will provide you with a revised Privacy Notice if we make any updates. It is important you read this Privacy Notice, so that you are aware of how and why we are using your Personal Data.
Who we are and how to contact us.
Who we are.
RIGETTI UK LTD., RIGETTI COMPUTING CANADA, INC., and RIGETTI AUSTRALIA PTY LTD. is the data controller (for the purposes of the UK GDPR) or the organization (for the purposes of Canadian and Australian privacy legislation) of your Personal Data (referred to as either “Rigetti”, “we”, “us” or “our” in this Privacy Notice). In addition, Rigetti & Co, Inc. may be the data controller or the organization with respect to certain centralised HR processes.
How to contact us.
To contact us, you can either:
email us at legal@rigetti.com or
write to us at Rigetti Computing, attention: Compliance Officer, 775 Heinz Avenue, Berkeley, CA 94710, USA
Your rights relating to your Personal Data.
Your rights in connection with your Personal Data
Under certain circumstances, by law you have the right to:
Request access to your Personal Data. This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below). If you are an Australian Applicant, please note that this right cannot be exercised.
Object to processing of your Personal Data. This right exists where we are relying on a Legitimate Interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing on this ground. If you are an Australian Applicant, please note that this right cannot be exercised.
Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it. If you are an Australian Applicant, please note that this right cannot be exercised.
Request the transfer of your Personal Data. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to Personal Data we process by automated means which you initially provided consent for us to use or where we used the information to perform a contract with you. If you are an Australian Applicant, please note that this right cannot be exercised.
How to exercise your rights
If you want to exercise any of the rights described above, please contact us using the contact details shown in the “Who We Are and How to Contact Us” section above.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information to assist us in responding to your request.
Please also note that in certain circumstances the rights above will not apply and/or in certain circumstances some categories of Personal Data will be exempt from the scope of those rights. We will notify you where this is the case.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Complaints
If you would like to make a complaint regarding this Privacy Notice or our practices in relation to your Personal Data, please:
email us at legal@rigetti.com or
write to us at Rigetti Computing, attention: Compliance Officer, 775 Heinz Avenue, Berkeley, CA 94710, USA.
We will reply to your complaint as soon as we can. If you feel that your complaint has not been adequately resolved, please note that for UK Applicants, the UK GDPR gives you the right to make a complaint directly to the Information Commissioner’s Office, and for Australian and Canadian Applicants, Australian and Canadian privacy legislation gives you the right to make a complaint directly to your respective provincial privacy commissioner.
What Personal Data we collect.
Before, during and after your application, including time spent on the Careers section of our website (located at rigetti.com/careers (“Careers Site”), we may collect and process your Personal Data. All the Personal Data we collect, both from you and from third parties about you, is outlined in the table below.
Category of Personal Data collected | What this means |
|---|---|
Identity Data | First name, surname, title, Applicants identification number, national identification and/or passport number, photographs and information regarding your racial or ethnic origin. |
Contact Data | Your home address, work address, email address and telephone numbers. |
Talent Management Information | First name, surname, maiden name, marital/civil partnership status, title, date of birth, gender, ethnicity, education history, professional history, professional qualifications, references, information contained within letters of application and CVs, performance and development reviews, willingness to relocate, language proficiencies and other skills, photographs. |
Immigration Data | National identification and/or passport number, details of residency and/or work permit and other information that would allow us to verify your employment eligibility. |
Medical information | Medical information provided as part of application process. |
Other Data you provide to us | This might include data such as your current salary, desired salary, employment preferences and your feedback and survey responses where you choose to identify yourself. |
Aggregated Data
We also create, process and / or share “Aggregated Data” such as statistical or demographic data for any purpose. This Aggregated Data may be derived from your Personal Data, but once in aggregated form it will not constitute Personal Data for the purposes of the UK GDPR or Canadian privacy legislation, as this data does not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Notice.
Personal Data from Third Party Sources
In addition to the Personal Data that we collect directly from you (as described in the section immediately above this one), we also collect certain of your Personal Data from third party sources. These sources are broken down in the table below, together with a description of whether they are publicly available or not.
Third party data source | Publicly available? | Category(ies) or other types of Personal Data received. |
|---|---|---|
Job board websites you may use to apply for a job with us. | Yes |
|
Prior employers, references that you authorize us to contact. | No |
|
Professional references that you authorize us to contact. | No |
|
Providers of background check, credit check, or other screening services (where permitted by law). | No |
|
Employment agencies or recruiters. | No |
|
How we use your Personal Data and why.
We will only use your Personal Data for the purposes for which we collected it as listed below, unless we reasonably consider that we need to use it for another reason as permitted by law and that reason is compatible with the original purpose.
If we need to use your Personal Data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so, unless such notice is not required by law.
If you fail to provide certain Personal Data when requested, we may not be able to perform your job application, or we may be prevented from complying with our legal obligations.
What is our “legal basis” for processing your Personal Data?
In respect of each of the purposes for which we use your Personal Data, the UK GDPR requires us to ensure that we have a “legal basis” for that use. Similarly, Canadian privacy legislation requires us to ensure the information is reasonably necessary to initiate or manage your job application. However, the legal basis for processing are not required under Australian privacy laws, so Australian Applicants can ignore all the sections and references to applicable legal basis. Most commonly, we will rely on one of the following legal bases:
Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (“Legitimate Interests”). More detail about the specific legitimate interests pursued in respect of each Purpose we use your Personal Data for is set out in the table below.
We have set out below, in a table format, the legal bases we rely on in respect of the relevant Purposes for which we use your Personal Data.
Lawful basis for processing (not applicable for Australian Applicants) | Categories of Personal Data processed | Processing activities |
|---|---|---|
Legitimate Interests |
| It is in our legitimate interests that we process your Personal Data for the following purposes: For talent management, including:
For the creation of Aggregated Data that we use and share to analyse our workforce and business. For the exercise of our legal rights and remedies, including:
|
Compliance with Law |
| We process your Personal Data where necessary to comply with legal obligations to which we are subject, including:
|
Consent |
| Medical information provided as part of application process to make reasonable adjustments to the recruitment process, and to evaluate employment suitability (as may be applicable for the job and only to the extent allowed by applicable law) |
With whom we share your Personal Data.
The table below describes who we share your Personal Data with, what we share and why we share it.
Recipients | Category(ies) of Personal Data we share. | Why we share it |
|---|---|---|
Affiliates |
| Our corporate parent, subsidiaries, and other affiliates under the control of our corporate parent, for purposes consistent with this Privacy Notice or to operate shared infrastructure, systems and technology. |
Service Providers |
| Providers of services to the Company, such as human resources, background checks and other screenings, and any necessary third party recruiters and headhunters, and hosting service providers. |
Professional advisers |
| Auditors and other professional advisors. |
HM Revenue & Customs (for Canadian Applicants; the Canada Revenue Agency and for Australian Applicants; the Australian Taxation Office), regulators and other authorities |
| Entities that regulate or have jurisdiction over the Company such as regulatory authorities, public bodies and judicial bodies. |
Data transfers
For Canadian and UK Applicants
We may share your Personal Data with third parties who are located outside your base in the UK or Canada, as applicable. In such circumstances, their processing of your Personal Data will involve a transfer of your Personal Data to countries based outside the UK or Canada, as applicable. Whenever we transfer your Personal Data outside the UK, we try to ensure a similar degree of protection is afforded to it by making sure that at least one of the following mechanisms is implemented:
We may transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the UK Government from time to time.
- We may transfer your Personal Data to countries that have not been deemed to provide an adequate level of protection for Personal Data by the UK Government – provided that, in these cases:
we may use specific appropriate safeguards approved by the UK Government or UK ICO, which are designed to give Personal Data the same protection it has in the UK (for example, requiring the recipient of Personal Data to enter into the relevant form of the so-called ‘Standard Contractual Clauses’ issued or approved from time to time); or
in very limited circumstances, we may rely on an exception, or ‘derogation’, which permits us to transfer your information to such country despite the absence of an ‘adequacy decision’ or ‘appropriate safeguards’ – for example, reliance on your explicit consent to that transfer.
We may transfer your Personal Data to our service providers outside of the country where you work, where the third party has entered into a written contract with us that requires them to implement appropriate security measures to protect your Personal Data consistent with our policies and any data security obligations applicable to us.
Your Personal Data related which is stored, accessed, or used in the United States of America may be subject to the laws and access by government or regulatory organizations in that jurisdiction.
For more information about the mechanisms we implement, please contact us using the contact details shown in the “Who We Are and How to Contact Us” section above.
For Australian Applicants:
We may disclose your Personal Data overseas to the United States to our group companies and to our contracted third party Service Providers to assist us with the purposes listed above under the heading “ How we use your Personal Data and why?”.
How we keep your Personal Data secure.
We take reasonable steps to secure your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality.
We have put in place procedures to deal with any actual or suspected Personal Data breach. In the event of any such breach, we have systems in place to work with applicable regulators. In addition, in certain circumstances (e.g., where we are legally required to do so) we may notify you of breaches affecting your Personal Data.
How long we store your Personal Data
Rigetti’s retention periods for Personal Data are based on business needs and legal requirements. We retain Personal Data for as long as is necessary for the processing purpose(s) for which it was collected, as set out in this Privacy Notice, and any other permissible, related purposes. For example, we may retain certain information to comply with regulatory requirements regarding the retention of such data, or in the event a litigation hold is imposed. When Personal Data is no longer needed, we either irreversibly anonymise the data (and we may further retain and use the anonymised information) or securely destroy the Personal Data.
Automated Decisions
The Company does not envisage that you will be subject to decisions that will have a significant impact on you based solely on automated decision-making. The Company will notify you in writing if this position changes.
Your Obligations
You should keep your Personal Data up to date and inform us of any significant changes to your Personal Data.
Ed. Date: May 2022