Recruitment privacy notice

Dynatrace respects the privacy rights of individuals and is committed to handling personal information responsibly and in accordance with applicable law. It is important that you read all of this Notice carefully as it sets out how Dynatrace LLC, for itself and as the parent of the Dynatrace group of companies (collectively "the Company", "we" or "us") handles your personal information when you apply for a job or other role with us and the rights you have in connection with that information. The term "applicants" is used in this Notice to refer to anyone who applies for a job role, or who otherwise seeks to carry out work with or for us (whether on a permanent or non-permanent basis).

If you are in any doubt, or have any comments or questions about this Notice, please contact us using the contact details set out at "How to contact us" below.

Information that we collect automatically

You can visit the Careers section of our website ("Website") and search for jobs without providing personal information. However, we do collect certain information automatically from your device when you visit our Website. For further information, please see the privacy notice that applies to the use of our Website at www.dynatrace.com/company/trust-center/privacy/.

Personal Information collected from you

The types of personal information we may collect and process when you apply for a role with Dynatrace includes (but is not limited to):

• Identification data and contact details – including your name, address, email address, phone number and other contact information, gender, date of birth, nationality/ies, national identifiers (such as national ID/passport, social security number).
• Employment history – such as previous employers and job titles/positions.
• Background information – such as academic/professional qualifications, job qualifications, education, details included in your CV/résumé (which might include details of any memberships or interests constituting sensitive personal information), transcripts and employment references.
• Details of your nominated referees (including their name, contact details, employer and job role).
• Details of your immigration/visa status.
• Previous applications/roles (information relating to previous applications you have made to the Company's group and/or any previous employment history with the Company's group).
• Other information you voluntarily provide throughout the process, including through assessment centers / exercises and interviews.

As a general rule, during the recruitment process, we try not to collect or process any of the following: information that reveals your racial or ethnic origin, religious, political or philosophical beliefs or trade union membership; genetic data; biometric data for the purposes of unique identification; or information concerning your health/sex life ("Sensitive Personal Information"), unless authorized by law or where necessary to comply with applicable laws.

However, in some circumstances, we may need to collect, or request on a voluntary disclosure basis, some Sensitive Personal Information for legitimate recruitment-related purposes: for example, information about your racial/ethnic origin, gender and disabilities for the purposes of equal opportunities monitoring, to comply with anti-discrimination laws and for government reporting obligations; or information about your physical or mental condition to consider accommodations for the recruitment process and/or subsequent job role. You may provide, on a voluntary basis, other Sensitive Personal Information during the recruitment process.

We also may collect information from other sources (in each case, where permissible and in accordance with applicable law), such as:

• References provided by referees.
• Other background information provided or confirmed by academic institutions and training or certification providers.
• Criminal records data obtained through criminal records checks.
• Information provided by background checking agencies and other external database holders (for example credit reference agencies and professional / other sanctions registries).
• Information provided by recruitment or executive search agencies.
• Information collected from publically available sources, including any social media platforms you use or other information available online.

We collect and use this personal information primarily for recruitment purposes – in particular, to determine your qualifications for employment and to reach a hiring decision. This includes assessing your skills, qualifications and background for a particular role, verifying your information, carrying our reference checks or background checks (where applicable) and to generally manage the hiring process and communicate with you about it.

If you are accepted for a role at Dynatrace, the information collected during the recruitment process will form part of your ongoing staff member record and will be processed in accordance with our Global Data Privacy Notice for Staff.

If you are not successful, we may still keep your application for up to two years to allow us to consider you for other suitable openings within Dynatrace in the future unless you request that we delete your application.

We take care to allow access to personal information only to those who require such access to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the information is used in a manner consistent with this Notice and that the security and confidentiality of the information is maintained.

Transfers to other group companies

We will share your personal information with other members of the Company's group around the world in order to administer our recruitment processes and store data.

Transfers to third party service providers

We may make certain personal information available to third parties who provide services relating to the recruitment process to us, including:

• recruitment or executive search agencies involved in your recruitment;
• background checking or other screening providers and relevant local criminal records checking agencies, e.g. HireRight;
• data storage, shared services and recruitment platform providers, IT developers and support providers and providers of hosting services in relation to our careers website;
• third-party companies who provide our online recruiting and applicant tracking system, e.g. Lever, and onboarding portals, e.g., Click Boarding; and other third parties who provide support and advice including in relation to legal, health and safety, security and intel and whistleblowing / reporting issues.

We may also disclose personal information to third parties on other lawful grounds, including:

• Where you have provided your consent;
• To comply with our legal obligations, including where necessary to abide by law, regulation or contract, or to respond to a court order, administrative or judicial process, including, but not limited to, a subpoena, government audit or search warrant;
• In response to lawful requests by public authorities (including for tax, immigration, health and safety, national security or law enforcement purposes);
• As necessary to establish, exercise or defend against potential, threatened or actual legal claims;
• Where necessary to protect your vital interests or those of another person; and/or
• In connection with the sale, assignment or other transfer of all or part of our business.

In some cases, the sharing described above may result in your personal information being transferred internationally, including from the European Economic Area to a country outside it. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our group companies, affiliated companies and third-party service providers operate around the world. This means that when we collect your personal information we may process it in any of these countries, including the countries found here.

However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Notice. These include implementing the European Commission’s Standard Contractual Clauses in the context of an Intercompany Data Transfer Agreement that meets the requirements for data exports, or any other legal means.

Under European data protection law, our legal basis for processing your personal information as part of the recruitment process is:

• our legitimate interests (as summarized above in Section 3) (which are not overridden by your data protection interests or fundamental rights and freedoms, particularly taking into consideration the safeguards that we put in place, for example, those outlined in Section 4 above);
• to comply with applicable immigration and/or employment laws and regulations;
• to take steps prior to entering an employment contract with you, where you are considered for employment;
• in circumstances where you have made the data public;
• where we have your consent to do so. Where we have requested your consent to process your personal information, you have the right to withdraw your consent at any time;
• to protect the rights and interests of the Company's group, its employees, applicants and others, as required and permitted by applicable law.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided at "How to contact us" below.

Personal information will be stored in accordance with applicable laws and kept as long as needed to carry out the purposes described in this Notice or as otherwise required by applicable law. Generally, this means your personal information will be retained:

• in accordance with the retention periods set out in the Company's Global Data Privacy Notice for Staff (if you become our employee); or
• for a period of up to two years, during which time we may consider you for other positions, unless you request that we delete your application.

You may exercise the rights available to you under applicable data protection laws. If you wish to exercise any of these rights, please contact us as described under "How to contact us" below. If you are a resident of the European Union, you may:

• access, correct, update or request deletion of your personal information.
• object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
• In the limited circumstances where we have collected and process your personal information for a specific purpose with your consent, then you can withdraw your consent for that specific processing at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted based on your consent prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent. Once we have received notification that you have withdrawn your consent, we will no longer process your personal information for the purpose originally agreed to, unless we have another legal basis for processing.
• You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries are available here.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may need to request specific information from you to verify your identity and check your right to access the personal information or to exercise any of your other rights. This is a security measure to ensure that your personal information is not disclosed to any person who has no right to receive it.

If you have any questions about this Privacy Notice or seek resolution to any privacy or data collection issue with Dynatrace, please contact us at privacy@dynatrace.com.

You may also contact our Data Privacy Officer at privacy.dpo@dynatrace.com.

If you are from certain regions like Europe, you also have the right to lodge any complaints or concerns with your DPA. You can find a list of the European DPAs here.

Dynatrace may modify or update this Privacy Notice at any time to reflect any changes in our privacy practices. Where the changes are material, we will inform you on our Website homepage and we will also indicate at the top of this Privacy Notice the date it was most recently updated. We encourage you to check this Privacy Notice often so that you are aware of how we are protecting your personal information.