Privacy Policy

Fluent Commerce (“we”, “us”) are committed to protecting and respecting your privacy. This Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes.

For the purpose of the General Data Protection Regulation (“GDPR”) and the UK GDPR the Data Controller is Fluent Retail Pty Ltd (trading as Fluent Commerce).

We use Pinpoint, an online software product provided by The Infuse Group Ltd (t/a Pinpoint Software), to assist with our recruitment process. We use Pinpoint to process personal information as a data processor on our behalf. Pinpoint is only entitled to process your personal data in accordance with our instructions. Subject to this Privacy Policy, we also use Checkr, Inc. to perform certain Background Checks on our behalf. Please see the section “Disclosure of your information” below for further details on the recipients of your personal data.

This Privacy Notice applies to candidates who apply for jobs with us. Other privacy policies may apply if we process your personal data in another role. Notably, successful candidates who get employed with us would become subject to our Employee Privacy Policy. Our general privacy policy will apply in addition to this policy where you are using our website. 

Your Personal Information

Information we collect from you -

We collect and process some or all of the following types of information from you:
  •  Information that you provide when you apply for a role. This includes information provided through an online application, via email, in person at interviews and/or by any other method. 
  • In particular, we process personal details such as name, email address, address, date of birth, qualifications, experience and any information relating to your employment history, skills and experience that you provide to us.
  •  If you contact us, we may keep a record of that correspondence. 
  • As part of the recruitment process, unless prohibited by applicable law, we will ask Checkr to perform Background Checks on you. “Background Checks” may include screening for criminal records, verification of education or employment details, or credit/bankruptcy checks, and checking your social media profile. The types of checks will depend on the type of the role you are applying for.
  • Details of your visits to our careers website including, but not limited to, traffic data, location data and other communication data, the site that referred you to our careers website and the resources that you access. 
  • We do not request any special categories of personal data through our application forms or any other means. We encourage you not to share any special categories of personal data with us but if you decide to do it, our lawful basis for processing will be explicit consent. Please check the ‘lawful bases for processing’ section below. 

Information we collect from other sources -

Apart from the information collected through the application form, Pinpoint provides us with the facility to link the data you provide to us with other publicly available information about you that you have published on the Internet – this may include sources such as LinkedIn and other social media profiles related to job searching. 

Pinpoint’s technology enables us to search various databases, such as external job boards, which may include your personal data, to find possible candidates to fill our job openings. Where we find you in this way we will obtain your personal data from these sources.
We may also use some databases outside Pinpoint, such as LinkedIn Recruiter and similar solutions.

We receive background check information from background check providers.
Lawful basis for processing -

We process your personal data as part of entering into the contract of employment.
We further process your personal data based on our legitimate interest to find suitable candidates for our vacancies, to assess your job application, to compare it to other candidates, to check your social media profile as part of background checks and for recruitment analytics purposes, and to make/defend against potential claims. Where we process your personal data based on our legitimate interest, we have carried out the relevant Legitimate Interest Assessment to demonstrate that our compelling legitimate interest overrides the interests or the fundamental rights and freedoms of the affected data subjects. 
We may ask for your consent in other cases where we process your data. If you voluntarily decide to share any special categories of personal data with us, our lawful basis to process this information will be explicit consent. You can withdraw your consent at any time by contacting us at
Purposes of processing -

We use information held about you in the following ways:
  • To consider your application in respect of a role for which you have applied. 
  • To consider your application in respect of other roles. 
  • To verify the information you or others provide, and to check your references.
  • To communicate with you in respect of the recruitment process. 
  • Unless prohibited under applicable law, to conduct background checks if you are offered the role.
  • To enhance any information that we receive from you with information obtained from third party data providers. 
  • To find appropriate candidates to fill our job openings. 
  • To help Pinpoint and other service providers improve their services but only after the data has been anonymised/aggregated. 
  • To perform HR and recruitment analytics.
  • To make/defend against claims.
Security -

We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in any unauthorised way. We limit access to your personal data to those who have a genuine business need to view it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through any online means, therefore any transmission remains at your own risk.
Disclosure of your information - 
Subject to the need to consider your application, to enter into a contract with you and our legitimate interests, we may share your personal data with third parties such as:
  • Storage providers;
  • HR and recruitment services providers;
  • Background Check providers;
  • Analytics providers;
  • Communications providers and web communications tools;
  • Persons you have been referred by;
  • Third parties if we are required to do so by law, or if we believe that such action is necessary to: (a) fulfil a government, or regulatory authority request; (b) conform with the requirements of the law or legal process; (c) protect or defend our legal rights or property, our websites or customers; or
  • Any other third parties with your express consent.

Where we store your personal data -

The data that we collect from you and process using Pinpoint will be transferred to and stored at one of several data centre locations in Amsterdam (Netherlands) and may be synchronised to one of several datacentre locations in London (United Kingdom) for backup and redundancy purposes. In general, data from Background Checks will be processed and stored by Checkr in the US. However, where that data relates to Australian and EMEA candidates, it will be stored in Ireland.
In case we needed to transfer your data to parties located outside of the EEA, we shall undertake an assessment and take appropriate measures to ensure such third party will provide adequate security of such personal data and respect your rights to privacy. These safeguards are intended to ensure a similar degree of protection is afforded to your data wherever it may be transferred and may include:
  • only transferring your personal data to countries which have been deemed to provide an adequate level of protection for personal data by the European
    Commission; and/or
  • entering into specific contractual terms which have been approved by the European Commission and which give personal data the same protection as within the EEA.
How long we keep your personal data -

We retain your data for as long as needed to assess your application for a role with the company and in order to meet our legal and compliance requirements. 
If your application is successful, personal data gathered during the recruitment process will be transferred to your employment file and our Employee Privacy Policy will apply instead of this one.

If your application is unsuccessful, we may ask for your consent to use your data in
connection with any future role for which you may be suited. You do not have to consent to such a use. If you do consent, but you change your mind at any point in the future, you can withdraw your consent by contacting us at 

Otherwise your personal information will be deleted on one of the following occurrences:
  • Deletion of your personal information from Pinpoint by you via the Manage Your Data tool; or 
  • Receipt of a written request by you to us. Please see section “Your rights”.
Your rights -

Under the GDPR you have a number of important rights. Some of these rights may also exist under other privacy laws that may apply to your personal data. In summary, those include rights to: 
  • access your personal data and certain other supplementary information that this Privacy Notice is already designed to address; 
  • require us to correct any mistakes in your information which we hold; 
  • request the erasure of personal data concerning you in certain situations; 
  • request access to the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations; 
  • object at any time to processing of personal data concerning you for direct
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you; 
  • object in certain other situations to our continued processing of your personal data; 
  • otherwise restrict our processing of your personal data in certain circumstances; and 
  • claim compensation for damages caused by our breach of any data protection laws. 
If you would like to exercise any of those rights, please either:
  • utilise the Manage Your Data tool provided by PinPoint; or 
  • contact us at, ensuring we have enough information to identify you and confirming which information to which your request relates. It is normally enough proof of identity if you send the request from the same email address used for past communications. We will let you know if we need additional information to verify your identity.

Questions and complaints -

We hope that we can resolve any query or concern you raise about our use of your
For any complaints, or further information about this Privacy Policy or our processing of data about you, please contact us at or you may contact our Data Protection Officer.  Our DPO contact details are detailed below:
Aphaia Ltd
The Brew 
Eagle House
163 City Rd
London EC1V 1NR
Contact email:
Contact telephone: (+44) (0)20 3917 4158
If your personal data is governed by the GDPR, this regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred.