information clause for job candidates
Dear Sir/Madam,
On May 25, 2018, the Regulation (EU) of the European Parliament and of the Council of 27 April 2016 No. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ EC (General Data Protection Regulation), hereinafter referred to as GDPR.
Who is the administrator of your personal data?
The administrator of your Personal Data is Detable Sp. z o. o. with its registered office at Al. Jana Pawła II 27, 00-867 Warsaw, with the NIP number 5272983692 (hereinafter referred to as the Company or Administrator).
How to contact us to obtain information about your personal data?
You can contact the Administrator in writing via traditional mail to the above registered office address or via e-mail at: iod@detable.pl
How do we ensure the security of your personal data?
We provide all physical, technical and organizational measures to protect personal data against accidental or intentional destruction, accidental loss, alteration, unauthorized disclosure, use or access, in accordance with all applicable regulations.
We have appointed a Data Protection Officer, Ms. Karolina Kuba, who can be contacted by e-mail at: iod@detable.pl
What rights do you have in relation to the data that concerns you and which we process?
You have the right to request from the Administrator: access to your personal data and receiving a copy thereof; rectification (correction) of your personal data; deletion of your personal data if the processing does not take place in order to fulfill the obligation arising from the law; restrictions on the processing of your personal data; object to the processing of your personal data; transferring your personal data; submit a complaint to the President of the Office for Personal Data Protection (contact details on the office's website at www.uodo.gov.pl) if you believe that the processing of personal data violates the provisions of the GDPR.
What is the legal basis for the processing of your personal data?
Your personal data is processed because at least one of the following conditions of Art. 6 section 1 GDPR:
art. 6 section 1 letter c GDPR, i.e. when processing is necessary to fulfill the legal obligation imposed on the Administrator, including in connection with the performance of the obligations imposed by Art. 22 (1) par. 1 and art. 229 of the Labor Code and implementing acts to the above-mentioned acts,
art. 6 section 1 letter a GDPR, i.e. based on the consent granted for the purposes specified each time in the consent forms provided. The consent granted may be revoked at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal, or in the case of special categories of personal data under the following conditions of Art. 9 section 2 GDPR:
art. 9 section 2 letter a GDPR, i.e. you have expressed explicit consent to the processing of this personal data for one or more specific purposes. The consent granted may be revoked at any time. Withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.
What is the purpose of processing your personal data?
We process your personal data for the following purposes:
conducting the current recruitment process and, based on your consent, also in subsequent recruitment processes,
providing information about the progress of the ongoing recruitment process - based on your consent.
Providing your personal data within the scope provided for in Art. 221 par. 1 of the Labor Code results from these provisions and is necessary to conduct the recruitment process. Providing other information is voluntary, but may influence recruitment decisions.
Who may be the recipient of your personal data?
We share your personal data or may make them available to: companies cooperating in the recruitment process, in particular: companies providing recruitment software (TRAFFIT system), HR and payroll software, office software and e-mail, companies servicing software and devices, law firms and consulting companies, postal operators and courier companies. The data is processed on the basis of a contract with us and only on our instructions. We do not share your data with any external entities for their own use - only to perform the tasks specified above. All partners who process your personal data ensure data security and fulfill all obligations regarding the protection of personal data. We share or may also make your personal data available to authorized employees of the Company who, on behalf of the Administrator, perform tasks related to the processing of your data (e.g. HR, payroll or managerial operations).
What are the rules for transferring your data outside the EEA?
Your personal data is not transferred to recipients in third countries, i.e. outside the European Economic Area (EEA) or to international organizations.
How long do we store your personal data?
Your personal data will be stored until the current recruitment process is completed, and in the event of consent to further recruitment, for a period of 5 years or until consent to their processing is withdrawn. Withdrawal of consent to processing before the recruitment process is completed will prevent further participation.
How can we make decisions based on your personal data?
We do not make automated decisions based on your personal data, nor do we perform automatic profiling on their basis.
Privacy policy
2023. All rights reserved
We know that protecting your privacy when using our website is important. We take our obligation to ensure the confidentiality of your data very seriously and comply with applicable data protection laws. We use appropriate technology to communicate with you and protect your data.
In the event of discrepancies and inconsistencies, the provisions of this Policy shall prevail over the provisions of the personal data protection declaration of DETABLE SP. Z O.O.
1. Scope of validity
The provisions governing our privacy policy apply to:
users of the DETABLE SP website. Z O.O. placed on the website of DETABLE SP. Z O.O., also users of the DETABLE SP. application. Z O.O. for mobile devices (hereinafter referred to as: website users).
2. contractors of DETABLE SP. Z O.O., including potential contractors (hereinafter referred to as: contractors) and representatives of contractors, including their employees, management board members, proxies and proxies (hereinafter referred to as: contractors' representatives).
Information regarding the transfer of personal data to DETABLE SP. Z O.O. job applicants and persons recommending job candidates are regulated in separate clauses presented when submitting data via special online forms. DETABLE SP. website Z O.O. contains links to third party websites (external links). These websites are subject to the responsibility of the respective operator. If you discover that any link on our website leads to content that violates the law, please notify us at: info@detable.pl. We will then immediately remove these links from our website.
DETABLE SP. Z O.O is not responsible for ensuring that the information is current, accurate, complete and of high quality.
2. Data confidentiality
We would like to inform you here about the processing of your personal data when using our website and its applications, sharing your data with us during business contacts and about your rights under data protection regulations.
Who is responsible for data processing and who is the data protection officer?
The Personal Data Controller is Detable Sp. z o. o. with its registered office at Al. Jana Pawła II 27, 00-867 Warsaw, with the NIP number 5272983692 (hereinafter referred to as the Company or Administrator).
You can contact our Data Protection Inspector by writing to the following address: iod@detable.pl or by writing to the above postal address of DETABLE SP. Z O.O. and adding "For the attention of the Data Protection Officer".
What categories of personal data do we process and where do they come from?
In principle, you can use our website anonymously. We do not save any personal data or data that may be associated with the person using the website (such as IP addresses). When visiting our website, we collect data (date, time, pages visited, navigation and software used) in anonymous form so that your use can be analyzed, also anonymously, by an external service provider. The data is anonymized before being saved by the service provider.
What are the purposes and basis for data processing?
We process personal data for the purpose of:
Activities to conclude and implement the contract and conduct business:
implementation of the contract (including for contact purposes, settlements and payments necessary for its implementation) or taking actions at your request in order to conclude it (Article 6(1)(b) of the GDPR) or contact with the contractor's employees in order to perform the contract ( Article 6(1)(f) of the GDPR - legitimate interest is the implementation of the contract),
archiving data after the implementation of the contract (pursuant to Article 6(1)(c) of the GDPR in connection with legal provisions and pursuant to Article 6(1)(f) of the GDPR for data stored in archives and backup copies - legally justified interest is to pursue or protect against such claims and to ensure data integrity).
after-sales service, especially considering and implementing complaints or other claims, conducting the debt collection process (Article 6(1)(f) of the GDPR - the legitimate interest is the investigation and defense against claims),
fulfillment of legal obligations arising from running a business (Article 6(1)(c)).
Providing data is a contractual requirement and/or a condition for concluding a contract, it is voluntary but necessary for the conclusion and implementation of the contract. Some processing activities as part of the implementation of the contract are regulated by law, their provision is necessary for the implementation of the contract.
Contact and correspondence, including electronically (e-mail and via the contact form on the website)
-
response to a question asked or a message sent, based on consent, i.e. Art. 6 section 1 letter a GDPR,
-
sending information, including marketing content, if you have consented to it, based on art. 6 section 1 letter a GDPR,
-
response to an inquiry regarding the offer or response to the offer sent to us and the implementation of the activities you requested, based on art. 6 section 1 letter b GDPR,
-
in order to conduct correspondence in connection with the implementation of legal provisions, e.g. in the complaint procedure or exercising rights arising from the GDPR, e.g. the right to access data (Article 6(1)(c)).
Providing data is voluntary, but necessary to respond, deliver the requested content or fulfill your requests. In some cases, providing data may be a legal requirement, e.g. when we are obliged to verify the applicant before providing data. You can withdraw your consent at any time by submitting a request via the same communication channel. Withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal,
Other processing based on consent
in the case of processing based on consent - for the purposes specified each time in the content of the consent (Article 6(1)(a). Providing data is voluntary, but necessary to achieve the purposes specified in the consent. Consent may be withdrawn at any time in the manner specified by the Administrator when obtaining consent. Withdrawal of consent does not affect the lawfulness of processing carried out before its withdrawal.
Social media
-
response to a question asked or a message sent, based on consent, i.e. Art. 6 section 1 letter a GDPR,
-
sending information, including marketing content, if you have consented to it, based on art. 6 section 1 letter a GDPR,
-
response to an inquiry regarding the offer or response to the offer sent to us and implementation of the activities you have requested, based on art. 6 section 1 letter b GDPR,
-
creating a user profile and sending personalized advertising (Article 6(1)(a) of the GDPR).
The provision of data is voluntary, but necessary to achieve the above-mentioned purposes. Details on the principles of data processing in social media can be found in the privacy policies of individual social media. services.
Recruitment
Information regarding the transfer of personal data to DETABLE SP. Z O.O. job applicants and persons recommending job candidates are regulated in separate clauses.
Your personal data is or may be processed also on the basis of Art. 6 section 1 letter f) GDPR if processing is necessary for the following purposes arising from the legitimate interests pursued by the Administrator:
-
internal administration and work organization, including internal supervision and reporting (legitimate interest is to ensure optimal functioning of the enterprise),
-
ensuring the security of IT networks and processes (legitimate interest is the protection of persons and property).
If we would like to process your personal data for a purpose that has not been specified, we will inform you about this in advance.
Who is the recipient of your data?
We share your personal data only with entities thanks to which we can guarantee high quality of the service. These are primarily: companies providing accounting and office software (including Microsoft), companies providing maintenance or IT services, a company providing hosting services, courier and/or postal companies, accounting office, bank, companies offering recruitment systems. If appropriate consent is given, it will also be: LinkedIn Ireland Unlimited. The data is processed on the basis of a contract with us and only on our instructions. We do not share your data with any external entities for their own use - only to perform the tasks specified above. All partners who process your personal data ensure data security and fulfill all obligations regarding personal data protection. We also make your personal data available to authorized employees of the Company who, on behalf of the Administrator, perform tasks related to the processing of your data.
Is your data transferred to third countries?
Where personal data are transferred to a service provider or group company outside the European Economic Area (EEA), they are only sent if the European Commission has confirmed that that country has an adequate level of data protection or if there are other appropriate data protection guarantees (e.g. an agreement on standard EU contractual clauses). This information may also be obtained from the places or persons identified as contacts at the beginning of this section.
What measures do we take to protect your data?
We take appropriate and state-of-the-art technical and organizational measures to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. For contact forms available on our website, we use SSL (Secure Socket Layer) encryption to protect your data. This SSL connection protects your data from unauthorized control. For your own safety, always use these forms of contact. If you send us data unencrypted as regular unsecured emails, it is possible that these emails could be viewed or altered by unauthorized persons during transmission.
What are your data protection rights as a data subject?
You can request information about your stored personal data at the address provided above. Under certain conditions, you can also request the correction or deletion of your data. You also have the right to restrict the processing of your data and the right to have it disclosed in a structured, customary and machine-readable format of the data provided by you.
Right to object
Where we process your data in order to protect our legitimate interests, you may object to this processing on grounds relating to your particular situation. In such a case, we will stop processing your personal data unless we can demonstrate compelling reasons justifying the processing that override your interests, rights and freedoms, or if the processing is intended to pursue, exercise or defend against claims.
You can object to processing for direct marketing purposes at any time.
If we process your data with the consent you have given, you can withdraw this consent at any time.
Where can I submit complaints?
The Supervisory Authority responsible for the protection of personal data in Poland is: Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw.
How long is data saved?
We store your personal data only for the time necessary to achieve the purposes for which the data was collected (e.g. duration/performance of the contract) or for the period specified by law. In relation to data processed on the basis of consent - until its withdrawal. In the case of processing for the purpose of answering a question - for 1 year from the end of correspondence. In other cases, it will be the limitation period for claims or other periods provided for by law.
To what extent are decisions, including profiling, automated?
If in a specific case we use a purely automatic processing method, including profiling, we will inform you about this as part of the procedure.
Changes to this Privacy Policy, modifications to our website and changes in technology sometimes lead to changes to our data protection and privacy provisions. When visiting our website, please read the latest version of the Privacy Policy.
3. Website
3.1 Use of cookies
Cookies are small files that are saved on your computer and control the display and operation of our website. These cookies are deleted after the session ends; there is no way to evaluate user behavior. We use cookies to ensure the best possible performance of the website. To further improve our website, we store cookies - which do not identify individual users - and analyze their data.
The statistical analyzes of our website are carried out anonymously, which means that they cannot be linked to you as an individual. In addition to the data necessary to prepare an individual offer, we may ask for additional, voluntary information. The fields for this voluntary information are marked accordingly. Additional information helps us to better understand and advise you, to improve our website and for advertising purposes.
Furthermore, cookies are used in connection with the use of a personal customer account. Cookies do not contain any personal data. To be able to request login details for the DETABLE SP website. Z O.O. or register on the DETABLE SP website. Z O.O., cookies must be allowed on the website www.detable.pl via your browser. Cookie settings vary depending on the browser.
Nazwa | Funkcja | Cel | Okres wygaśnięcia | Transfer poza EOG |
---|---|---|---|---|
fedops.logger.sessionId | Statystyczny | Rejestruje dane statystyczne dotyczące zachowania użytkowników na stronie internetowej. | stałe | n.dot. |
fedops.logger.defaultOverrides | Statystyczny | Rejestruje dane statystyczne dotyczące zachowania użytkowników na stronie internetowej. | 1 dzień | n.dot. |
bSession | Statystyczny | Ustawia unikatowy identyfikator sesji. Umożliwia to stronie internetowej uzyskanie danych o zachowaniu odwiedzających w celach statystycznych. | sesyjne | n.dot. |
XSRF-TOKEN | Niezbędny | Zapewnienia bezpieczeństwa przeglądania przez odwiedzających zapobiegając fałszowaniu żądań między witrynami | sesyjne | USA |
svSession | Niezbędny | Zapewnienia możliwość logowania na stronie | 2 lata | USA |
ssr-caching | Niezbędny | Zapewnia funkcjonowanie pamięci podręcznej. Pamięć podręczna jest używana przez stronę internetową do optymalizacji odpowiedzi. | 1 dzień | USA |
hs | Niezbędny | Zapewnienia bezpieczeństwa przeglądania przez odwiedzających zapobiegając fałszowaniu żądań między witrynami | sesyjne | USA |
3.2 Use of advertising analysis tools (Adobe Analytics)
For marketing and optimization purposes, we use Adobe Analytics software from Adobe Systems to make your visit to our websites or applications even more user-friendly. Data on user behavior, including origin and page views, is stored online and offline. Other data, such as gender, year of birth or postal code, is also collected anonymously, but cannot be assigned to a specific person. It is not possible to combine this data with personal data of the user (e.g. name, address or insurance policy number). In addition, the User's IP address is not processed by Adobe Systems, but is only stored in abbreviated form. The information collected is stored by Adobe Systems within the European Union.
Further information on data privacy at Adobe Systems and the privacy policy can be found on the Adobe website: http://www.adobe.com/de/privacy.html
3.3 Information Transfer and Encryption
If you choose to send a message to DETABLE SP. Z OO using the contact form, the information is sent using an encryption technique known as SSL (secure socket layer) with a key length of at least 128 bits.