Applicant Privacy Notice

Scope and Overview

NIO USA, Inc. (“NIO USA”) is committed to protecting the privacy and security of your personal data. This Privacy Notice describes how NIO USA collects and processes personal data about you during the application and recruitment process. This Privacy Notice applies to job applicants only.

This Privacy Notice describes the categories of personal data that we collect, how we use your personal data, how we secure your personal data, when we may disclose your personal data to third parties, and when we may transfer your personal data outside of your home jurisdiction. This Privacy Notice also describes your rights regarding the personal data that we hold about you including how you can access, correct, and request deletion of your personal data.

We will only process your personal data in accordance with this Privacy Notice unless otherwise required by applicable law. We take steps to ensure that the personal data that we collect about you is adequate, relevant, not excessive, and processed for limited purposes.

Collection of Personal Data

For the purposes of this Privacy Notice, personal data means any information about an identifiable individual collected in connection with the recruitment process. NIO USA may collect personal data directly from you, as a job applicant, or may receive personal data from third parties, for example, in connection with a background, employment, or reference check, subject to your consent where required by law. Personal data excludes anonymous or de-identified data that is not associated with a particular individual. We may collect, store, and process the following categories of personal data, some of which we require, in connection with our recruiting activities:

Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses.
Work history and other relevant experience including information contained in a resume, CV, cover letter, or job application.
Education information including degrees awarded, transcripts, and other information provided in support of the job application.
Information collected during phone screenings and interviews.
Details regarding the type of employment sought, desired salary, willingness to relocate, job preferences, and other information related to compensation and benefits.
Reference information and information received from background checks, where applicable, including information provided by third parties.
Information related to previous applications to NIO USA or previous employment history with NIO USA.

The personal data listed here is mandatory in connection with our recruiting activities. Failure to provide or allow us to process mandatory personal data may affect our ability to accomplish the purposes stated in this Privacy Notice.

Use of Personal Data

We only process your personal data where applicable law permits or requires it in connection with carrying out our application and recruitment process, to take steps necessary to enter into an employment contract/relationship with you, where the processing is necessary to comply with a legal obligation that applies to us, for our legitimate interests or the legitimate interests of third parties, or with your consent if applicable law requires consent. We may process your personal data for the following legitimate business purposes:

Identifying and evaluating job applicants, including assessing skills, qualifications, and interests for the purposes of determining suitability for the position for which you have applied.
Verifying your information and carrying out employment, background, and reference checks, where applicable, subject to your consent where required by applicable law.
Communicating with you about the recruitment process and your application.
Keeping records related to our hiring processes, for only as long as appropriate under the circumstances.
Creating and submitting reports as required by applicable laws or regulations.
To comply with our legal, regulatory, or other corporate governance requirements.
Analyzing and improving our application and recruitment process.

In addition to using your personal data for the position for which you have applied, we may retain and use your personal data to inform you about and consider you for other positions that may be appropriate for you with your consent. If you want us to consider you for other positions, you may contact us as specified below under Contact Us and we will retain your personal data for that purpose.

We will only process your personal data for the purposes we collected it for or for compatible purposes. If we need to process your personal data for an incompatible purpose, we will provide notice to you and, if required by law, seek your consent. We may process your personal data without your knowledge or consent only where required by applicable law or regulation.

We may also process your personal data for our own legitimate interests, including for the following purposes:

To prevent fraud.
To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution.

You will not be subject to hiring decisions based solely on automated data processing without your prior consent.

Collection and Use of Sensitive Personal Information

The following categories of personal data may be considered sensitive (“Sensitive Personal Information) under the laws of your jurisdiction and may receive special protection:

Racial or ethnic origin.
Political opinions.
Religious or philosophical beliefs.
Trade union membership.
Genetic data.
Biometric data.
Data concerning health.
Data concerning sex life or sexual orientation.
Data relating to criminal convictions or offences.

We may collect and process the following categories of Sensitive Personal Information when you voluntarily provide them, or we receive them from a third party with your consent, when relevant for a particular position to carry out our obligations under employment law, or as applicable law otherwise permits:

Physical or mental health condition or disability status to determine appropriate workplace accommodations and evaluate fitness for a particular position.
Race or ethnic origin to comply with statutory obligations.
Previous criminal charges or convictions where relevant for the position.

Where we have a legitimate need to process sensitive information about you for purposes not identified above, we will only do so only after providing you with notice and, if required by law, obtaining your prior, express consent.

Data Sharing

We will only disclose your personal data to third parties where required by law or to our employees, contractors, designated agents, or third-party service providers who require such information to assist us with administering the recruitment process, including third-party service providers who provide services to us or on our behalf. We may use third-party service providers for various purposes, including, but not limited to, obtaining employment verification and background checks, and data storage or hosting. These third-party service providers may be located outside of the country in which you live or the country where the position you have applied for is located.

We require all our third-party service providers to implement appropriate security measures to protect your personal data consistent with our policies and any data security obligations applicable to us. We do not permit our third-party service providers to process your personal data for their own purposes. We only permit them to process your personal data for specified purposes in accordance with our instructions.

We may also disclose your personal data for the following additional purposes where permitted or required by applicable law:

To other members of our group of companies (including outside of your home jurisdiction) for the purposes set out in this Privacy Notice and as necessary to administer the application and recruitment process.
As part of our regular reporting activities to other members of our group of companies.
To comply with legal obligations or valid legal processes such as search warrants, subpoenas, or court orders. When we disclose your personal data to comply with a legal obligation or legal process, we will take reasonable steps to ensure that we only disclose the minimum personal data necessary for the specific purpose and circumstances.
To protect the rights and property of NIO USA.
During emergency situations or where necessary to protect the safety of persons.
Where the personal data is publicly available.
If a business transfer or change in ownership occurs and the disclosure is necessary to complete the transaction. In these circumstances, we will limit data sharing to what is absolutely necessary, and we will anonymize the data where possible.
For additional purposes with your consent where such consent is required by law.

NIO USA does not sell your personal information or share your personal information with third parties for targeted advertising.

Cross-Border Data Transfers

Certain aspects of NIO USA’s business are global in nature and we may, therefore, transfer the personal data we collect about you to jurisdictions outside of your home country where local privacy laws may be different from your home location. For such transfers, we take appropriate safeguards to protect your personal information in accordance with applicable law by ensuring that the recipient country provides an adequate level of data protection per, for example, the European Commission’s adequacy decisions pursuant to Article 45 of the GDPR and relevant provisions of the Personal Information Protection Law of The People’s Republic of China.

Where applicable, we implement additional contractual, technical, and organizational measures to ensure that your personal information which is transferred outside of your home country is subject to an essentially equivalent level of protection.

Third-party organizations processing personal information for NIO USA must comply with applicable privacy laws and the approved transfer safeguards in order to protect your personal information in any country where they undertake processing.

Data Security

We have implemented appropriate physical, technical, and organizational security measures designed to secure your personal data against accidental loss and unauthorized access, use, alteration, or disclosure. In addition, we limit access to personal data to those employees, agents, contractors, and other third parties that have a legitimate business need for such access.

Data Retention

Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, as required to satisfy any legal, accounting, or reporting requirements, or as necessary to resolve disputes. To determine the appropriate retention period for personal data, we consider our legal obligations, the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes we process your personal data for, and whether we can achieve those purposes through other means. We specify the retention periods for your personal data in our data retention policy.

Under some circumstances we may anonymize your personal data so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.

If you are offered and accept employment with NIO USA, the personal data we collected during the application and recruitment process will become part of your employment record, and we may use it in connection with your employment consistent with our employee personal data policies. If you do not become an employee, or, once you are no longer an employee of NIO USA, we will retain and securely destroy your personal data in accordance with our document retention policy and applicable laws and regulations.

Rights of Access, Correction, Deletion, Objection, and Withdrawal

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during the recruitment process. By law you may have the right to request access to, correct, and delete the personal data that we hold about you, or object to the processing of your personal data under certain circumstances. Where you have provided your consent to the collection, processing, and transfer of your personal data, you may have the legal right to withdraw your consent under certain circumstances. You may also have the right to request that we transfer your personal data to another party. If you want to review, verify, correct, or request deletion of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us via any of the 3 following methods:

Email: People.Ops.US@nio.io
Write to us at:
NIO USA ,Inc.
Attn.: Privacy
3151 Zanker Road
San Jose, CA 95134

We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, deleted, or anonymized your personal data in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

Only you or an authorized agent (as described below) may make a verifiable consumer request related to your personal data.

How to Authorize an Agent. You may designate an authorized agent to submit your verifiable consumer request on your behalf only if the authorized agent has your written permission to do so and you have taken steps to verify your identity directly with us.
How We Verify Your Request. To respond to your request, we must verify your identity and/or the authority of your authorized agent. We will only use the personal data provided to us in that context to verify your identity or the authority of your authorized agent to make the request. Making a verifiable consumer request does not require you to create an account with us. To allow us to verify your request, we may require that you provide at least two pieces of personal information that we already have in our possession, if we cannot already verify you. We will verify your consumer request by comparing the information you provide to information already in our possession, and take additional steps to minimize the risk of fraud.

Changes to This Privacy Notice

We reserve the right to update this Applicant Privacy Notice at any time, and we will provide you with a new Applicant Privacy Notice when we make material updates. If we would like to use your previously collected personal data for different purposes than those we notified you about at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent only where required by applicable law or regulation.

Contact Us

If you have any questions about our processing of your personal data or would like to make an access or other request, please contact us via the following method: