DiDi Global

Job Applicants’ Privacy Policy

Global

DiDi’s Job Applicants’ Privacy Notice (“Notice”) was created to show our commitment to always process your personal data with informational security, privacy and transparency while you are applying to a job at DiDi or our affiliates.

 

We will process your personal information in accordance with applicable data privacy laws.

 

DiDi Group and its affiliates, as further specified in section 10 of this Notice,  (hereinafter “DiDi”), will be data controllers of your personal data during the entire recruitment process, in terms of applicable laws and regulations.

 

In this Notice, you will find information about: 

 

1.         What data we collect

2.         What we use your personal data for

3.         Use of cookies

4.         Who we share your data with

5.         How long we store your data

6.         How we operate and transfer data as part of our global services

7.         Your rights in relation to your personal data — Jurisdiction Specific

8.         Information about data security

9.         Updates to this notice

10.       How to contact us

 

Please note that the jurisdiction-specific terms in Section 7 may or may not apply to your personal data depending on your residency.

 

1.         WHAT DATA WE COLLECT

 

We need your personal information in order for you to participate in our recruitment and selection processes. The provision of your personal data is voluntary, however please note that if you choose not to provide your personal data or if you provide false information DiDi may not be able to process it for the purposes informed in this Notice. In some cases, you provide your personal data directly to DiDi through our Careers Website, but we may also receive your personal data from partners that we engage for certain purposes, such as for specific vacancies’ recruitment.

 

By accepting this Notice, you expressly agree to provide only truthful, current, and accurate personal data and not to modify your identity or your personal data in any way.

 

In order to fulfill the purposes of the processing indicated in this privacy notice, it is necessary to collect and process the following categories of personal data:



1.     Full name

2.     Application data, such as login and password

3.     E-mail address

4.    Phone number

5.    Resume information

a.     Professional history (company, position, start and end date)

b.    Education history (degree, major, start and end date)

6.    Demographic questions, if you choose to provide us at your absolute discretion: 

a.     Gender

b.    Ethnicity/Race 

c.     Disability

d.    Military service membership

 

We will only process your sensitive data if you provide the information. We will use this data to help measure diversity in our selection process.  Please be aware that the information regarding ethnicity/race, disability and military service membership might be considered sensitive data  in some countries.  

We may conduct interviews by videoconference during the selection process. It is important that you are aware of this practice because if you do not agree or do not want to participate in these videoconference interviews, we might  not be able to proceed with your application.

 

Furthermore, by providing third parties personal data to DiDi, for example personal data of your referee, you are responsible for any unauthorized communication of this data to DiDi.

 

2.        WHAT WE USE YOUR PERSONAL DATA FOR

 

DiDi will process your personal data described above to carry out the following primary purposes:



·       Identify and register you as a job applicant in the recruitment process;

·       Create a profile within our systems; 

·       Contact you through electronic means, phone calls or through LinkedIn in order to schedule an interview;

·       In case needed, conduct a face-to-face interview in order to measure your capabilities and analyze whether you comply with the necessary requirements of the vacancy for which you applied;

·       Verify that you have the skills and abilities to perform the job in accordance with the requirements of the job profile and the proposed remuneration banding;

·       Request employment and/ or personal references;

·       Validate and verify your identity according to our internal procedures and guidelines;

·       Validate the veracity and quality of the information provided by you;

·       Contact you and inform you about the recruitment and selection process;

·       Verify, if necessary, your criminal record in order to detect, prevent and combat illicit conduct that could contravene the provisions of the applicable regulations;

·       Prepare a financial offer according to your interview and our internal criteria;

·       In case it is necessary, request the information that is considered necessary to prove your salary;

·       Comply with cooperation activities with security and justice authorities in accordance with applicable regulations, as well as the requirements of the competent authorities;

·       To exercise the defense of DiDi’s rights;

·       Improve our diversity and inclusion program.

 

In addition, DiDi will process the personal data of third parties indicated by you, to: (i) request employment and/or personal references, (ii) where appropriate, to identify possible conflicts of interest and (iii) any other purpose that you have previously consented, if required to do so by applicable laws in your country.

 

Moreover, DiDi will process your data to perform the following secondary purposes:



·       Only if you agree through the vacancies platform,  we may contact you in the future if it is determined that a new position may be of interest to you. 

·  Sending you surveys and collecting your feedback, queries, requests, applications, and complaints regarding recruitment processes.

 

For positions where the employee will have access to confidential information such as DiDi’s financial, strategic, or customer data, we may conduct background checks (criminal and/or financial). For this specific purpose, DiDi will notify you when this background check process is necessary and may require the submission of additional personal data.

 

3.        COOKIES

 

Cookies are files that store temporary information about the places you visit on the Internet. When you apply for a job at DiDi, we use cookies that are strictly necessary for conducting the selection process on our platforms. 

 

4.        WHO WE SHARE YOUR DATA WITH

 

Protecting the data we collect is our priority and responsibility, so its processing and sharing will only occur when necessary, within the limits and purposes explained in this Privacy Notice.


DiDi is a global group of companies headquartered in Beijing, China. As DiDi operates at a global level, we may need to transfer personal data to other countries. Transfers may also need to be made to other countries where we operate (such as information on relevant experience you may have for a particular job or secondment) or to communicate with other staff members regarding projects.

 

When we transfer your personal data to a different country, we will take all necessary steps to ensure that such data transfers comply with applicable laws and legislation.

 

Furthermore, where necessary DiDi may transfer your personal data to  competent authorities, third party service providers and with third parties legal, accounting or due diligence audit processes, including to a potential buyer both before and after the eventual purchase under an obligation of confidentiality, in the case of sale or transfer of ownership or control of part or all of the business, DiDi’s operations or services to a third party  in accordance with applicable regulations. You can request more information regarding international data transfers by contacting us. 

 

5.        HOW WE OPERATE AND TRANSFER DATA AS PART OF OUR GLOBAL SERVICES

 

We may transfer your personal information to our advisors, third party service providers and our affiliated companies, as set out above, in countries different to your country of residence which may not offer the same level of protection of personal information as your country of residence.

 

For example, your personal information may be accessed by our security, development and debugging teams globally. Such transfers are limited to what is necessary for the proper operation and administration of our business and the purposes set out above.

 

In addition, in certain circumstances, we employ data masking and pseudonymisation as an additional information security measure. The cryptographic key is held separately so that no recipient is able to identify you or single you out in any dataset without the cryptographic key which is strictly controlled. 

 

We will comply with applicable data privacy laws in relation to international transfers of your personal information Each of our recipients is subject to appropriate safeguards such as due diligence, review of appropriate security measures, contractual obligations and a mechanism for international transfers of personal information as mandated under applicable data privacy laws, such as standard contractual clauses.

 

6.        HOW LONG WE STORE YOUR DATA

 

DiDi retains job applicant’s data for as long as necessary for the purposes described above. This means that we retain different categories of data for different periods of time depending on the type of data  and the purposes for which we collected the data.

 

Following an account deletion request, DiDi may delete the applicant’s account and data, unless they must be retained due to legal or regulatory requirements. 

Once personal data storage periods have expired, they are removed from our databases or anonymized, except in cases where storage is possible or necessary because of a legal or regulatory provision.

 

7.        YOU RIGHTS IN RELATION TO YOUR PERSONAL DATA — JURISDICTION SPECIFIC 

 

All data subjects have rights and guarantees regarding their personal data. We provide mechanisms for the applicants to have clarity and transparency in the exercise of their rights.

 

Depending on the country you are located, you or your legal representative may exercise the rights of access, rectification, cancellation or opposition, withdraw your consent for the processing of your personal data and limitation of use and / or disclosure of your personal data, among other jurisdiction-specific data subject rights.

 

You may exercise those rights by sending an email to  privacycenter@didiglobal.com where you will be attended in a timely manner. 

 

To learn more about the rights applicable to your jurisdiction, please do not hesitate to contact our Global Privacy Team at privacycenter@didiglobal.com.

 

Please find the list of specific rights for each jurisdiction below.

Argentina

The Agency for Access to Public Information is responsible for receiving complaints presented by any data subjects who consider that their data protection rights have been infringed pursuant to the Personal Data Protection Law (Law 25,326/2000)”.

Australia and New Zealand

We typically hold the personal information we collect on servers in electronic databases which are located in the United States of America and managed by our related entities and/or service providers. Personal information collected in Australia will be governed by the Privacy Act 1988 (Cth) and Australian Privacy Principles and personal information collected in NZ will be governed by Privacy Act 2020 (NZ). 

Brazil

Data subjects’ rights: you have a set of rights regarding your personal data, which is provided by the LGPD (“Data Subject Rights”), which you may exercise by making a request to our Data Protection Officer through the email provided on the Section 10. As a data subject, you have the following rights:

(i)              to obtain confirmation as to whether or not we process your personal data;

(ii)            to access your personal data;

(iii)           to rectify incomplete, inaccurate or outdated data;

(iv)           to have unnecessary, excessive or noncompliant personal data anonymized, blocked or erased;

(v)            data portability;

(vi)           to have personal data processed under your consent erased — please note, however, that we almost never use “consent” as a legal basis for processing your personal data;

(vii)         to be informed about third parties with which your  data has been shared;

(viii)        to be informed about the possibility to refuse providing personal data and the corresponding consequences;

(ix)           to withdraw your  consent, when applicable; and

(x)            to request a review of automated decisions that affect your  interest and were solely based on automated processing of your personal data (the review does not need to be necessarily made by a natural person).

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. Before responding to those requests, however, you may be asked to provide information and/or documentation that allow us to verify your identity. That information will be used solely for identity verification purposes and will be promptly deleted once this is done.

Colombia 

Rights of the Holders

In accordance with article 8 of Law 1581 of 2012, the rights that assist Holders in relation to their personal data are:

  1. Know, update and rectify your personal data in front of the Responsible or Processing Managers. This right may be exercised, among others, against partial, inaccurate, incomplete, fractioned, misleading data, or those whose Treatment is expressly prohibited or has not been authorized;
  2. Request proof of the authorization granted to the Company as Responsible for the Treatment except when expressly excepted as a requirement for the Treatment;
  3. Be informed by the Company, as Responsible for the Treatment or by the Treatment Manager, upon request, regarding the use that has been given to your personal data;
  4. Submit complaints to the Superintendence of Industry and Commerce for violations of the provisions of this law and other regulations that modify, add or complement it;
  5. Revoke the authorization and/or request the deletion of personal data when the Treatment does not respect the constitutional and legal principles, rights and guarantees;
  6. Free access to your personal data that has been processed.

Procedure for the exercise of rights by the holders

 Inquiries: Holders who wish to make inquiries must take into account that the Company, as the Data Controller, will provide said persons with all the information contained in the individual record or that is linked to the identification of the Holder. The query will be formulated through the channels enabled by the Company and will be answered within a maximum term of ten (10) business days from the date of receipt of the request. When it is not possible to respond to the query within said term, the interested party will be informed, stating the reasons for the delay and indicating the date on which the query will be addressed, which in no case may exceed five (5) business days following the expiration date. of the first term, without prejudice to the provisions contained in special laws or regulations issued by the National Government that may establish lower terms, taking into account the nature of the Personal Data.

Claims: The Owner who considers that the information contained in a Company Database must be corrected, updated or deleted, or when he notices the alleged breach of any of the duties contained in the applicable Law, may file a claim with the Company or the Treatment Manager, which will be processed under the following rules:

  1. The claim will be formulated by means of a request addressed to the Treatment Manager or the Treatment Manager, with the identification of the Owner, the description of the facts that give rise to the claim and the address, accompanying the documents that you want to assert.
  2. If the claim is incomplete, the interested party will be required within five (5) days following receipt of the claim to correct the failures. After two (2) months from the date of the request without the applicant submitting the required information, it will be understood that he has withdrawn the claim.
  3. In the event that the person who receives the claim is not competent to resolve it, he will notify the corresponding person within a maximum term of two (2) business days and will inform the interested party of the situation.
  4. Once the complete claim is received, in a term not exceeding two (2) business days, a legend that says "claim in process" and the causes that motivated it will be included in the Database. Said legend must be maintained until the claim is resolved in substance.
  5. The maximum term to address the claim will be fifteen (15) business days from the day following the date of receipt. When it is not possible to address the claim within said term, the interested party will be informed of the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight business days following the expiration of the first term.

Mexico

Exercising ARCO Rights

You or your legal representative may exercise any of the rights of access, rectification, cancellation or opposition (hereinafter "ARCO Rights"), as well as revoke your consent for the processing of your personal data and limitation of use and / or disclosure of your personal data by sending an email to our  Data Protection Office at the following address privacycenter@didiglobal.com, where you will be attended in a timely manner. 

In order for our Data Protection Office to follow up on your request, you or your legal representative must correctly prove your identity, for which it is necessary that you complete all the fields indicated in the Request and support it with a copy of any of the identifications of current officials that are indicated in it.

In the event that the information provided is erroneous or insufficient, or the corresponding accreditation documents are not supported, the Data Protection Office , within five (5) business days following receipt of the request, may require you to provide the elements or documents necessary to process it. You will have ten (10) business days to meet the request, counted from the day after you have received it. If no response is provided within said period, the corresponding request shall not be deemed.

Our Data Protection Office will notify you to communicate the decision adopted, within a maximum period of twenty (20) business days from the date the request was received, so that, if it results appropriate, the decision adopted will be effective within fifteen (15) business days after the response is communicated

We inform you that if you consider it necessary; you have the right to go to the National Institute of Transparency Access to Information and Protection of Personal Data (INAI) to assert any disagreement related to your right to the protection of personal data

Panama 

Rights of the Holders

In accordance with Law 81, the rights that assist the Holders in relation to their personal data are:

  1. Know, update and rectify your personal data in front of the Responsible or Processing Managers. This right may be exercised, among others, against partial, inaccurate, incomplete, fractioned, misleading data, or those whose Treatment is expressly prohibited or has not been authorized;
  2. Request proof of the authorization granted to the Company as Responsible for the Treatment except when expressly excepted as a requirement for the Treatment;
  3. Be informed by the Company, as Responsible for the Treatment or by the Treatment Manager, upon request, regarding the use that has been given to your personal data;
  4. Submit complaints to the Superintendence of Industry and Commerce for violations of the provisions of this law and other regulations that modify, add or complement it;
  5. Revoke the authorization and/or request the deletion of personal data when the Treatment does not respect the constitutional and legal principles, rights and guarantees;
  6. Free access to your personal data that has been processed.

 

Procedure for the exercise of rights by the holders

Inquiries: Holders who wish to make inquiries must take into account that the Company, as the Data Controller, will provide said persons with all the information contained in the individual record or that is linked to the identification of the Holder. The query will be formulated through the channels enabled by the Company and will be answered within a maximum term of ten (10) business days from the date of receipt of the request. When it is not possible to respond to the query within said term, the interested party will be informed, stating the reasons for the delay and indicating the date on which the query will be addressed, which in no case may exceed five (5) business days following the expiration date. of the first term, without prejudice to the provisions contained in special laws or regulations issued by the National Government that may establish lower terms, taking into account the nature of the Personal Data.

Claims: The Owner who considers that the information contained in a Company Database must be corrected, updated or deleted, or when he notices the alleged breach of any of the duties contained in the applicable Law, may file a claim with the Company or the Treatment Manager, which will be processed under the following rules:

  1. The claim will be formulated by means of a request addressed to the Treatment Manager or the Treatment Manager, with the identification of the Owner, the description of the facts that give rise to the claim and the address, accompanying the documents that you want to assert.
  2. If the claim is incomplete, the interested party will be required within five (5) days following receipt of the claim to correct the failures. After two (2) months from the date of the request without the applicant submitting the required information, it will be understood that he has withdrawn the claim.
  3. In the event that the person who receives the claim is not competent to resolve it, he will notify the corresponding person within a maximum term of two (2) business days and will inform the interested party of the situation.
  4. Once the complete claim is received, in a term not exceeding two (2) business days, a legend that says "claim in process" and the causes that motivated it will be included in the Database. Said legend must be maintained until the claim is resolved in substance.
  5. The maximum term to address the claim will be fifteen (15) business days from the day following the date of receipt. When it is not possible to address the claim within said term, the interested party will be informed of the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight business days following the expiration of the first term.

 

Costa Rica 

Rights of the Holders

In accordance with Law 8968, the rights that assist the Holders in relation to their personal data are:

  1. Know, update and rectify your personal data in front of the Responsible or Processing Managers. This right may be exercised, among others, against partial, inaccurate, incomplete, fractioned, misleading data, or those whose Treatment is expressly prohibited or has not been authorized;
  2. Request proof of the authorization granted to the Company as Responsible for the Treatment except when expressly excepted as a requirement for the Treatment;
  3. Be informed by the Company, as Responsible for the Treatment or by the Treatment Manager, upon request, regarding the use that has been given to your personal data;
  4. Submit complaints to the Superintendence of Industry and Commerce for violations of the provisions of this law and other regulations that modify, add or complement it;
  5. Revoke the authorization and/or request the deletion of personal data when the Treatment does not respect the constitutional and legal principles, rights and guarantees;
  6. Free access to your personal data that have been processed.

 

Procedure for the exercise of rights by the holders

Inquiries: Holders who wish to make inquiries must take into account that the Company, as the Data Controller, will provide said persons with all the information contained in the individual record or that is linked to the identification of the Holder. The query will be formulated through the channels enabled by the

Company and will be answered within a maximum term of ten (10) business days from the date of receipt of the request. When it is not possible to respond to the query within said term, the interested party will be informed, stating the reasons for the delay and indicating the date on which the query will be addressed, which in no case may exceed five (5) business days following the expiration date. of the first term, without prejudice to the provisions contained in special laws or regulations issued by the National Government that may establish lower terms, taking into account the nature of the Personal Data.

Claims: The Owner who considers that the information contained in a Company Database must be corrected, updated or deleted, or when he notices the alleged breach of any of the duties contained in the applicable Law, may file a claim with the Company or the Treatment Manager, which will be processed under the following rules:

 

  1. The claim will be formulated by means of a request addressed to the Treatment Manager or the Treatment Manager, with the identification of the Owner, the description of the facts that give rise to the claim and the address, accompanying the documents that you want to assert.
  2. If the claim is incomplete, the interested party will be required within five (5) days following receipt of the claim to correct the failures. After two (2) months from the date of the request without the applicant submitting the required information, it will be understood that he has withdrawn the claim.
  3. In the event that the person who receives the claim is not competent to resolve it, he will notify the corresponding person within a maximum term of two (2) business days and will inform the interested party of the situation.
  4. Once the complete claim is received, in a term not exceeding two (2) business days, a legend that says "claim in process" and the causes that motivated it will be included in the Database. Said legend must be maintained until the claim is resolved in substance.
  5. The maximum term to address the claim will be fifteen (15) business days from the day following the date of receipt. When it is not possible to address the claim within said term, the interested party will be informed of the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight business days following the expiration of the first term.

 

United Kingdom

In the UK, under the UK GDPR and Data Protection Act 2018 you have rights with respect to the personal information that we collect about you, including:

•          Your right of access - You have the right to ask us for copies of your personal information.

•          Your right to rectification - You have the right to ask us to correct personal information you think is inaccurate and/or incomplete.

•          Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

•          Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

•          Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.

•          Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

•          Your right to withdraw consent - If you have given us your consent to process your personal information, you have the right to withdraw your consent at any time.

You are normally not required to pay any fee for exercising your rights. If you make a request, we generally have one month to respond to you. We may ask you to provide suitable identification in certain scenarios when you seek to make these requests, in order to verify your identity. If we are unable to comply with your request for any reason (such as, we are not permitted or required to under applicable data protection legislation) we will inform you of this. You can contact us using the contact details below to exercise these rights or for additional information. You can also find out more about your rights on the website of the Information Commissioner's Office (the "ICO").

If you are not satisfied with how we handled your request to exercise your rights with respect to your personal information, you also have a right to make a complaint to the ICO, however we would appreciate you contacting us in the first instance. You can do so by using their website or by calling them on 0303 123 1113. You also have the right to seek a remedy in the national court if you believe your rights in relation to your personal information have been breached.

 

Hong Kong Special Administrative Region (“Hong Kong”)

We collect, use, disclose, store, handle and protect your personal information in accordance with the Personal Data (Privacy) Ordinance (Cap. 486 of the Laws of Hong Kong) (PDPO), which is the applicable Data Protection Law for Hong Kong.

You may request access to any Personal Data we hold about you at any time by contacting us at privacycenter@didiglobal.com We will provide access to that information in accordance with the PDPO, subject to any exemptions that may apply. We may charge an administration fee in limited circumstances, but we will let you know in advance if that is the case.

If you believe that Personal Data we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it by contacting us at privacycenter@didiglobal.com. Where we agree that the information needs to be corrected, we will update it. If we do not agree, you can request that we make a record of your correction request with the relevant information.

 

Singapore

We collect, use, disclose, store, handle and protect your Personal Data in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA"), which is the applicable Data Protection Law for Singapore.

The term "personal data" as used in this Privacy Policy, also has the meaning given to it by the PDPA and is data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which the organization has or is likely to have access.

Personal Data collected from Job Applicant of DiDi Singapore may be transferred to overseas recipients for processing, e.g. to servers in the United States of America managed by our related entities and/or service providers, in accordance with the requirements of the PDPA.

You may request access to any Personal Data we hold about you at any time by contacting us at privacycenter@didiglobal.com. We will provide access to that information in accordance with the PDPA, subject to any exemptions that may apply. We may charge a reasonable administration fee in limited circumstances to service your access request, but we will let you know in advance in writing if that is the case.

If you believe that personal data we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it by contacting us at privacycenter@didiglobal.com. Where we agree that the personal data needs to be corrected, we will update it. If we do not agree, you can request that we make a record of your correction request with the relevant information.

 

United States: California

California Consumers

California residents have the right to request:

•          Disclosure of sources, categories, and specific personal information collected   about them, how that information is used. Which includes the purpose, and with whom DiDi shares it

•          Disclosure, for any “sales” of personal information under the CCPA, the categories of personal information collected and sold and to what categories of third parties it was sold

•          Deletion of their personal information

•          Opt-out of sales of their personal information (if any)

•          Provide a copy of their personal information in a readily usable format that allows the information to be transmitted to others

California residents may not be discriminated against for exercising any of the rights described above.

Exercising Your California Privacy Rights

To request access to or deletion of your personal information, or to exercise any other data rights under California law, please contact us using one of the following methods:

Email: didilabshr@didiglobal.com to exercise rights.

Note that to respond to some rights we need to verify the user’s identity. For verification purposes the user needs to provide information about themselves or their account. An authorized agent with appropriate proof of signed permission, user verification, and confirmation that user provided permission may submit the request.

Response Timing. We do our best to respond to a consumer request for access or deletion within 45 days of receiving that request. If more time is needed, DiDi will inform you in writing of the reason and time frame required to respond.

 

Egypt

In Egypt, under Egypt Data Protection Law No. 151 year 2020 you have rights with respect to the personal data that we collect about you, including:

·        You have the right to know, review, access or ask us for copies of your personal data.

·        You have the right to reverse your consent concerning the retention or processing of your personal data.

·        You have the right to ask us to rectify, edit, erase or update your personal data.

·        You have the right to ask us to restrict the processing of your personal data.

·        You have the right to know of any breach to your personal data.

·        You have the right to object to the processing of your personal data or its results whenever the same contravenes your fundamental rights and freedoms.

*Please note that an Executive Regulation shall be issued by the Egyptian Government (exact date not available) that will specify the policies, procedures, regulations and standard criteria for the collection, Processing, retention and security of such data.

 

8.        INFORMATION ABOUT DATA SECURITY 

 

We employ technical and organizational measures to adequately protect the data we store in our records. Among the security measures adopted, we highlight that the applicant’s data is stored in a secure environment and that the access to this data is limited so that unauthorized third parties cannot access it. 

 

Nevertheless, we point out that data transmission over the Internet is not completely secure for several reasons, including network and operational factors. Therefore, we cannot guarantee the absolute security of information, since any system is susceptible to possible unauthorized access or use, hardware or software failure, and other incidents that may compromise data security at any time.

 

That said, although we are generally responsible for the personal data we process, we cannot be accountable in the event of an exceptional situation such as those described above, over which we have no control whatsoever.

 

Finally, we inform you that if any kind of security incident occurs that may generate risk or relevant damage to any of our applicants, we will notify those affected and the authorities about the occurrence, in accordance with the applicable laws..

 

9.        UPDATES TO THIS NOTICE

 

We may occasionally update this Notice. If we make any changes to our Notice you will be able to see them on this page.

 

If you do not agree with the changes, please do not continue to use our vacancies platform. We will ask for your prior consent where we are required to do so by law.

 

10.      HOW TO CONTACT US

 

If you have any questions, please contact us by email to privacycenter@didiglobal.com

 

Relevant Countries

 

Data Controller 

Contact details

United States of America

DiDi Research America, LLC

privacycenter@didiglobal.com

Australia

DiDi Mobility (Australia) Pty Ltd ACN 623 144 963

PO Box 646 Collins Street West Victoria 8007

Chile

1.     DiDi Mobility Information Technology Pte Ltd car-hailing services

2. Rebuilding Technology Pte Ltd for food delivery services

privacycenter@didiglobal.com

Argentina

1.     DiDi Mobility Information Technology Pte Ltd car-hailing services

2.     Rebuilding Technology Pte Ltd for food services

privacycenter@didiglobal.com

Peru

1.     DiDi Mobility Information Technology Pte Ltd car-hailing services

2. ASESORIAS DF S.A.C. for food delivery services

privacycenter@didiglobal.com

Arab Republic of Egypt

DiDi Mobility Egypt LLC


Namaa Building No. 155 – Fifth Floor – Emtedad Ramsis – Sixth Zone – Nasr City – Cairo.

Brazil

1.     99 Tecnologia Ltda.

2.     99Pay Instituição de Pagamento S.A.

1.     Avenida Paulista, nº 2537, conjunto 61, parte, Grande Ufficiale Evaristo Comolatti, Consolação, São Paulo, Estado de São Paulo, Brasil, CEP: 01311-300

2.     Av. Hilário Pereira de Souza, nº 492, Sala nº 2603, Andar 26, Bloco 2, CEP 06010-170

Mexico

  1. DiDi Mobility México, S.A. de C.V.
  2. DiDi Technology Services Mexico S.A. de C.V.
  3. Luibimex S.A de C.V.
  4. DiDi Pay S.A de C.V. 

Av. Paseo de la Reforma 295 Piso 10, Col. Cuauhtémoc, Alcaldía Cuauhtémoc, Ciudad de México

5.              Regigold, S.A. de C.V. SOFOM, E.N.R.

Reforma 509 Piso 33, Col. Cuauhtémoc, Alcaldía Cuauhtémoc, Ciudad de México, C.P. 06500.

Costa Rica

Asesorías en servicios CRC sociedad de responsabilidad limitada.

SAN JOSE-SAN JOSE MATA REDONDA, BOULEVARD ERNESTO rohrmoser, edificio sabana business center, piso  doce, Batalla, San José de Costa Rica

Colombia

Asesorías DF S.A.S.

Calle 67 # 7-35 Of. 1204, Bogatá Colombia

Correo Electrónico: notificacionesadf@gomezpinzon.com

Panama

Asesorías En Servicios Cc Corp.

 

Address to which communications shall be sent  la Provincia de PANAMÁ, Distrito de PANAMÁ,

Corregimiento de BELLA VISTA, Calle Primera, casa: No. 111, Urbanización El Carmen

 

Singapore

DiDi Mobility Pte. Ltd.

111 North Bridge Road, #06-20 Peninsula Plaza, Singapore 179098

Hong Kong

DiDi (HK) Science and Technology Limited

Room 2609, China Resources Building 26 Harbour Road, Wanchai, Hong Kong