PRIVACY POLICY

DEFINITIONS

Administrator or Rekruteo.com: REKRUTEO.COM SP. Z O.O. with its registered office in Elbląg (82-300) 1/226 Stanisława Sulimy Street, entered into the register of entrepreneurs of the National Court Register kept by the District Court for Szczecin – XIII Commercial Division of the National Court Register, under KRS number: 734763, NIP: 8522645912, e-mail address: iodo@rekruteo.com, phone number: +48 510 022 035.

Personal data: all the information about the identified or identifiable natural person by one or more specific features defining physical, physiological, genetic, mental, economical, cultural or social identity of natural person included IP address hardware, location data, internet identifier and the information collected via cookies or another similar technology.

Policy: the present Privacy Policy.

Terms and Conditions of Service: Terms of Service of Rekruteo.com is available under: https://rekruteo.com/regulamin

Services: provided by Rekruteo.com internet services and mobile applications to which apply the below Policy and Terms and Conditions of Service.

User: every natural person that visits the website and who uses one or more services or functionalities provided by the website.

GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as ‚GDPR’).

WEBSITE USE AND DATA PROCESSING

Due to User’s use of website the Administrator collects necessary data in order to provide given services offered on and by the website as well as information on User’s activities on the website. Below have been written detailed rules and aims of personal data processing and collected during the website use by the User.

AIMS AND LEGAL GROUNDS OF DATA PROCESSING ON WEBSITE

Use of Website

Personal data of all persons using the Website but who are not registered users (with no accounts set up on the Website) are being processed by Rekruteo.com with aim to:

  • Provide electronically supplied services – provide users with content collected on the Website, enabling users to use tools available via the Website, maintaining the content uploaded by users on the Website (e.g. information on competence or education) – legal ground for processing as the indispensability fo the agreement execution (Article 6(1)(b) of the GDPR),

▪ analytical and statistical aims (users’ activity analysis, their preferences with goal to improve used functionalities and provided services) – legal ground for processing is justified interest of Administrator (Article 6(1)(f) of the GDPR);

▪ probable arrangement, investigation or defence against the claim – legal ground for processing is the justified interest of Administrator (Article 6(1)(f) of the GDPR);

User’s activity on the Website, including his/her personal data like IP address or other identifiers and infomation collected by means of cookies files or similar technologies are being registered in the system logs (a dedicated computer system for storing chronological entry containing information about events and activities regarding computer system for providing services by the Administrator).

Information collected in logs are being processed especially with aim in regard of services provision. The administrator processes also the data with technical and administrative purposes in order to secure and administer the computer system but also with analytical and statistical purposes – in this scope the legal ground is the justified interest of administrator (Article 6(1)(f) of the GDPR).

Registration on the Website

Individuals who complete registration on the website are asked to provide necessary data to create and manage account: name, last name, e-mail address. Moreover, in order to facilitate the administration, the User may provide additional data – such data may be deleted at any time without the necessity to delete the account. Providing data marked as mandatory is required for account’s creation and management. Not providing this data results in lack of possibility to set up an account. Providing remaining data is optional.

Personal data are being processed:

▪ with aim to provide services related to maintain and administer account on the website – the legal ground of processing is necessity of processing for agreement execution (Article 6(1)(b) of the GDPR). In terms of voluntary data provision – the legal ground is the consent (Article 6(1)(a) of the GDPR).

▪ with analitical and statistical aims – the legal ground for processing is the justified interest of the Administrator (Article 6(1)(f) of the GDPR), based on leading Users’ Website activity’s analysis and the method of account’s use, their preferences, in order to improve used functionalities;

▪ with aim for a probable arrangement, investigation or defence against the claim – the legal ground is the justified interest of the Administrator (Article 6(1)(f) of the GDPR) based on their own rights protection;

If the Administrator enables logging to an account on the Website by means of sites (Facebook, Google, Instagram, Linkedin, Github or other), the Website, after requesting user’s acceptance, will download from such User’s account only the data necessary for registration and account’s administration on the Website.

If the User places on the Website any personal data of other persons (including their name, last name address, phone number or e-mail address), he or she can do so provided the provisions of applicable law and personal rights of these persons shall not be violated.

Personalization and content adaptation

The Administrator processes personal data of registered Users in order to do activities regarding content adaptation which may be based on:

▪ displaying content to the User (e.g. job offers) adjusted to declared preferences;

▪ displaying content adjusted to User’s geolocation (e.g. job offers from the surrounding);

▪ other activities related to content adjustment in accordance to User’s interests.

The legal ground for personal data processing with purpose of personalization and editorial content adjustment is the justified interest of the Administrator (Article 6(1)(f) of the GDPR).

With aim of personalization and content adaptation, Rekruteo.com uses in some cases profiling. It means that thanks to automatic data processing, Rekruteo.com assesses selected features concerning natural persons in order to analyse their behaviour or future behaviour forecast creation. Profiling, mentioned previously, is not used by Rekruteo.com for automatic decision taking in regard of the User nor has legal or any effects on them.

SOCIAL MEDIA

The Administrator processes Users’ personal data that visit Administrator’s profiles maintained in social media (e.g. Linkedin, Facebook, YouTube, Instagram, Twitter). This data like IP address or other identificators and information collected via cookie files or another similar technologies are being processed only in regard of profile administration including with aim to inform Users about Administrator’s activities or promote different kind of events, services or products. The legal ground of personal data processing by the Administrator is the justified interest (Article 6(1)(f) of the GDPR) based on promoting their own brand.

COOKIES AND SIMILAR TECHNOLOGY

Cookies files are small text files installed on User’s device who is browsing the Website. Cookies usually include Website’s domain name from which they come from, time of retention on the end device and unique number. In this Policy the information regarding cookies apply also to other technologies used for the Website.

„Services” Cookies

The Administrator uses so called services cookie with the main goal to provide User with the electronically supplied services and improvement of such services. Therefore, the Administrator and another entities providing the analytical and statistical services upon their request, use cookies files by storing information or accessing the information already stored in the telecommunication end device of the User (computer, mobile phone, tablet, etc.) Cookies files used with this aim include:

▪ cookies files with data introduced by the User (session identifier) for the session time, so called user input cookies;

▪ authentication cookies are used for services that require authentication during session duration time;

▪ user centric security cookies’ aim is security guarantee, e.g. it’s used in authentication abuse detection;

▪ multimedia player session cookies (e.g. cookies in flashplayer) for the session duration time;

▪ user interface customization cookies’ aim is User’s interface personalization for the session duration time or a little bit longer,

▪ cookies files used for Website’s movement monitoring, like data analytics, including cookies:

– used by Gemius S.A. – the entity whom the Administrator entrusted the personal data processing – in order to analyse performance of number of visits trends and in order to do analysis of method of using the Website by the Users, including statistics and reports creation concerning the Website’s performance,

– Google Analytics – the files are used by the Google company – the entity whom the Administrator entrusted personal data processing – in order to conduct analysis of way of Website’s use by te User, including statistics and reports creation concerning Website’s performance).

PERIOD OF PERSONAL DATA PROCESSING

Period of data processing by the administrator depends on the kind of service provided and the aim of processing. As a rule, the data is being processed during services provision or with purpose to proceed with the order until withdrawal of consent or object notification in regard of data processing in cases where the legal ground of data processing is justified by the interest of the Administrator.

Processing data period might be prolonged in case the processing is essential for identification, investigation or against probable claim protection after that period, only in case and in terms in which it’s required by the legal provisions. After processing period the data is irreversibly deleted or anonymized.

USER’S RIGHTS

The User has the rights to: obtain access to content data and demand its correction, deletion, processing limitation, right to data transfer and right to raise objection in data processing and also right to bring the action to supervisory authority responsible for personal data.

In terms in which the User’s data is being processed based on the agreement, it may be withdrawn at any time after contacting the Administrator.

Right of objection

At any time the User has the right to raise objections againts their data processing in the direct marketing, including profiling if the processing takes place in terms of justified administrator’s interest.

The User has also rights to raise objections at any time against processing their data due to their particular sitation causes when the legal ground of data processing is the justified interest of the Administrator (e.g. in regard to analitycal and statistical objectives achievement, including profiling).

DATA RECIPIENTS

We transfer your personal data the following recipients’ types:

Employers

The Administrator shares personal data with employees using our Websites.

Personal data sharing to employers is held in case of using the Profile Share service. Employers individually define goals and means of the data processing and are not subject to Administrator’s instructions in this regard. Therefore, the Administrator does not take responsibility for their actions nor omission. The updated employers’ list – praca.rekruteo.com.

Service Providers

The Administrator transfers personal data to services providers who he/she collaborates with in terms of Website running. The services providers whom the Administrar transfers the personal data, depending on the contractual agreements and circumstances, either undergo the Administrator’s orders in regard of aims and ways of data processing (processing entities) or individually set up goals and ways of their processing (administrators). List of suppliers. The list is being updated on a regular basis.

Processing entities.

The Administrator collaborates with suppliers who only process personal data upon the Administrator’s request. They provide hosting services in the computing cloud, provide systems for online marketing, to display web push notifications, to send e-mail messages, to analyse the movement on the Website, for analysis and they also support development of defined Account’s functionality (e.g. supporting filling the Profile based on the Resume document).

Location.

The Website’s suppliers have their headquarter in Poland and in another countries belonging to European Economic Area (EOG), e.g. in Ireland. Some of those suppliers have their headquarter outside of EOG territory like USA, Canada. Amidst data transfer outside of the EOG territory, we ensure our suppliers make high level personal data protection guarantee. These guarantees are result of specificity of obligation of using standard contractual clauses accepted by the Commission (UE).

State authorities

The Administrator is obliged to transfer personal data in case of such request by authorized state authorities, especially organizational units of the public prosecutor’s office, Police, President of the personal data protection Office, The President of the Office of Competition and Consumer Protection or President of the Office of Electronic Communication.

PERSONAL DATA SECURITY

The Administrator continuously performs risk assessment in order to secure the personal data is being processed by them in a secure way ensuring most of all the access to the data is enabled only to authorized persons and only in the indispensable scope considering the performed tasks. The administrator ensures all the operations executed on personal data are being registered and executed only by athorized employees and collaborators.

The Administrator takes all necessary measures in order to guarantee use of adequate security measures by their contractors and other stakeholders in every case the personal data is being processed upon Administrator’s request.

CONTACT DETAILS

The Data Administrator has appointed the Data Controller who you might get in contact with via e- mail iodo@radioagora.pl in case of any issue regarding personal data processing.

PRIVACY POLICY MODIFICATIONS

The Policy is being verified on an ongoing basis and updated if necessary. The current policy’s version was accepted and shall apply from 10 March 2020 onwards.