Please, read this policy carefully. By accessing or using any website that belongs to Seargin, sending us any personal data in order to answer job offers, recommend a candidate, ask for an offer etc. or reading this policy, the User accepts its terms and confirms that he/she is familiar with its content.
II. TERMS USED IN THE POLICY
Personal data − as defined by GDPR, any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an email address or a telephone number of the person and other data which, when combined with the above, may identify the User.
GDPR − General Data Protection Regulation 2016/679 of 27 April 2016 is a regulation in EU law that aims at protecting individuals with regards to processing personal data, free flow of such data and the repeal of Directive 95/46/EC (general data protection regulation). Seargin processes Users’ personal data according to this regulation.
Specialist− a candidate offered by Seargin to its clients.
User – a job candidate, newsletter subscriber, participant of a competition or training, the person making an inquiry, recommending someone for a job or visiting any website that belongs to Seargin including candidate portal.
Services − understood as services performed by Seargin electronically by the website e.g. subscribing to a newsletter, sending inquiries via a contact form, sending documents necessary in the recruitment process, entering a competition, signing up for training, setting up an account on candidate portal.
III. PROVIDING PERSONAL DATA
By providing personal data on www.seargin.com and any other website that belongs to Seargin, the User confirms that he/she has all necessary permissions to disclose personal data that will be later used by Seargin in a manner described in this Policy.
IV. PERSONAL DATA CONTROLLER
Seargin Sp. z o. o., Al.Grunwaldzka 163, 80-266 Gdańsk, tel. +48606484577 is the Controller of User’s personal data provided while using any Seargin’s website; in particular, while partaking in the recruitment process, conducting training, sending marketing information (e.g. newsletters), accepting participation in conferences or events or using other services available on the website.
V. DATA PROTECTION OFFICER
Any questions regarding regulations concerning personal data processing described in this Policy should be sent to the Data Protection Officer appointed by Seargin at firstname.lastname@example.org.
VI. PURPOSE AND LEGAL BASIS FOR PERSONAL DATA PROCESSING
Seargin processes personal data in order to:
- Send sales and marketing information (including a newsletter) to Users at the e-mail address they have provided if they consented to it. More detailed information regarding processing personal data in terms of marketing activities is provided in chapter X of this Policy.
- Respond to Users’ inquiries sent by a contact form on an e-mail address or phone number they have provided.
In case of contacting Users in order to respond to an inquiry, the legal basis for processing personal data is Seargin’s interest as a Controller of personal data provided on the contact form (Art. 6(1)(a) of the GDPR). It is justified by the need to provide a complex answer to the inquiring party. Without processing personal data (contact data in particular), Seargin would not be able to do it and, as a result, help in addressing the issue defined in the inquiry.
What’s important in terms of consent for sending marketing information, if Users inquire about a particular offer (e.g. implementing CRM) by sending a contact form, they consent to receive this offer by clear affirmative action. Thus, point 1 regarding unwanted marketing information is invalid.
- Handle a job application submitted by the User and conduct the recruitment process after the User sends consent to process personal data provided in a CV or a respective form.
In case handling a job application, the legal basis for processing personal data is the User’s consent to process personal data (Art. 6(1)(a) of the GDPR). More detailed information regarding processing personal data in terms of recruitment activities is provided in chapter IX of this Policy.
- Organize and conduct competitions.
In the case of partaking in competition, the legal basis for processing personal data is User’s consent to process personal data (Art. 6(1)(a) of the GDPR). Regulations regarding providing consent are as described in point 1, paragraph 1-2 of this chapter. More detailed information regarding competitions is provided in chapter XIII of this Policy.
- Organize and conduct open and dedicated training.
In the case of trainings, the legal basis for processing personal data is the agreement for the provision of training services concluded with Seargin by sending an order form (Art. 6(1)(b) of the GDPR).
VII. DISCLOSING PERSONAL DATA
Seargin is entitled to disclose personal data to parties authorized by law.
Seargin can disclose Users’ personal data to parties supporting Seargin in fulfiling particular orders in cooperation. Such parties may include:
- Companies providing marketing services (advertisement agencies, mass-mailing companies),
- Companies providing services in terms of organizing and conducting trainings or exams.
Disclosing personal data occurs by entrusting personal data processing. In order to do so, Seargin concludes entrusting personal data processing agreements with the above-mentioned parties that meet the requirements of Art. 28 (3) of GDPR.
Seargin may also disclose Users’ personal data to its clients during recruitment conducted for them in order to process employment and delegate Workers to provide services within outsourcing of Specialist and whole teams. Seargin has concluded relevant agreements or contracts that define rules for entrusting personal data.
Each User, according to rules defined in chapter VII of this policy, is entitled to receive information regarding a client that received their personal data.
VIII. USER’s RIGHTS
In accordance with Chapter III, Art. 15-21 of the GDPR, the User has the following rights in connection to processing his/her personal data by Seargin:
- The right to access his/her personal data;
- The right to rectify processed data;
- The right to erase such data (“the right to be forgotten”);
- The right to restrict processing of such data;
- The right to data portability;
- The right to object to the further processing of such data;
- The right not to be subjected to decisions that are based solely on automated processing, including profiling;
- The right to withdraw consent to process personal data.
All of these rights are executed at the request sent by the User at email@example.com Seargin verifies each request and provides a response within 1 month of sending. Such response includes information on activities that have been undertaken as well as the estimated time for handling the request itself if it requires further action.
Taking into account point 8, the User may at any given moment withdraw the consent to process personal data for purposes that require his/her consent. It may be done if the withdrawal does not affect the legal use of personal data in activities conducted on the basis of the consent granted before the withdrawal.
As a part of the right to access personal data, the User is entitled to obtain copies of information on:
- Purposes of the processing of personal data,
- Categories of personal data − what type of data is being processed e.g. name, telephone number,
- Recipients or their categories − to whom (a person, company, or institution) data can be provided,
- Right to request that Seargin rectifies or removes such data or limits its processing as well as the right to object to some data processing activities,
- The ability to file a complaint to the Office of Personal Data Protection,
- The source of data if it was not obtained directly from the User − an indication of a person, company or institution that provided it,
- The use of profiling and the rules of such activities as well as consequences of profiling for the User.
Seargin informs that every following copy of personal data is connected with a fee resulting from costs incurred while creating another copy. The cost is provided to the User after estimating the scope of information defined in the request.
Seargin reserves the right to respond later than indicated above (up to two months) in case of a large number of requests or the complex nature of the inquiry. Complex nature is understood as a need to prepare a summary of personal data from multiple systems, a need to consult with more than one person from one or more departments in order to obtain the requested information. Seargin is obliged to inform the User about such a situation and provide a relevant explanation.
Seargin is entitled to refuse recognition of any of the rights defined in Art. 15 – 22 of GDPR if the User makes a request repeatedly, excessively and without proper justification. Each time Seargin will justify the refusal to recognize any right mentioned in the request. Repeated and excessive manner includes sending several requests of similar nature to the first one even if the issue was handled the first time and all necessary information was provided e.g. the User sends a request to access information, Seargin provides it but the request is repeated without proper justification.
IX. PROCESSING OF PERSONAL DATA FOR RECRUITMENT PURPOSES AND WITHIN THE CANDIDATE RECOMMENDATION SYSTEM
Seargin recruits for its own needs as well as for its clients due to e.g. services connected with providing Specialists. Therefore, be mindful that your personal data may also be processed by Seargin’s clients. Such information is provided in job advertisements which specify that the recruitment process is conducted on the behalf of the client. In addition, note that the consent provided to partake in a given recruitment process on a chosen job position also covers partaking in recruitment processes in the future. This means that personal data will be stored in Seargin ’s database in order to send information on positions tailored to the profile and professional experience of the User.
According to chapter VIII of this Policy, the User may withdraw consent to further processing of personal data. It may be done if the withdrawal does not affect the legal use of personal data in activities conducted on the basis of the consent granted before the withdrawal.
Personal data may be also processed if the User has been recommended by another person. In such a case, the recommending person enters their own personal data, data of the recommended person with his/her CV. Seargin verifies the received CV taking into consideration the consent, that meets the requirements of the GDPR, of the recommended person to process his/her personal data. If such consent has been granted, Seargin has permission to use the data for recruitment process’ purposes.
X. PROCESSING OF PERSONAL DATA FOR MARKETING PURPOSES
By submitting an inquiry or signing up for a training, conferences or other event organized by Seargin, the User may consent to processing of personal data in order to receive marketing information on products and services offered by Seargin, including newsletters. The rules for obtaining such consent have been described in chapter VI points 1-2 of this Policy. The consent may be withdrawn anytime taking into consideration rules defined in chapter VIII of this Policy.
User’s consent for processing personal data (Art 6 (1) (a) of GDPR) is the legal basis for sending newsletters. It can be granted while providing one’s e-mail address in the newsletter subscription form or gated content as well as by checking a box while completing a contact or recruitment form. Providing the e-mail address in the newsletter subscription form is a clear affirmative action of consenting to processing personal data as defined in the Art 4 (11) of GDPR regarding the definition of consent as well as connected 32nd motif of GDPR explaining the clear affirmative action.
According to the abovementioned motif, a clear affirmative action includes informing Seargin that the User’s e-mail address provided in the form may be used for sending a newsletter that includes Seargin ’s promotional information. It is one of the acceptable forms of consenting to using provided e-mail address for the defined purpose (such forms also include checking a box located near the content of the consent).
Consent to sending unsolicited marketing information, according to Art. 10 of rules for electronically supplied services and Art. 172 (1) of Telecommunication Act, is provided by the user independently and separately by checking a dedicated box located near the content of the consent.
In order to obtain some materials uploaded to Seargin ’s website, it may be necessary to complete a form that requires providing personal data. Such data will be processed according to the consent (Art 6 (1) (a) of GDRP) expressed by a clear affirmative action. If the User wishes to receive other marketing information, he/she may state so by checking a relevant box. If the User will not state so, it means that he/she is not interested in receiving other information thus Seargin will not send it.
XI. PROCESSING PERSONAL DATA WHILE ORGANIZING AND CONDUCTING TRAINING
Seargin provides open and dedicated training organized for clients and other interested parties. Therefore, Seargin processes personal data of Users partaking in trainings for the purposes of organizing and handling any issues surrounding the training.
XII. PROCESSING PERSONAL DATA AND PROFILING
In Seargin, profiling is understood as a form of automated processing of personal data that includes using some of User’s personal data. Obtained data may include information from social media profiles, location or data provided by Users via Seargin ’s website. It allows Seargin to:
- ensure a more conscious and better suited selection of job offers that will match User’s skills and experience (in case of job candidates),
- tailor marketing and advertising materials to User’s interests and needs.
One of the tools used for profiling is Social Discovery which is a part of Click Dimensions application. It binds data provided to Seargin by the User during recruitment process or subscribing to a newsletter with data available on social media (e.g. LinkedIN, Goldenline) also provided by that User. Data binding allows Seargin to create User’s profile which can be used in:
- providing information on job offers that take into account that person’s competences and professional experience,
- sending marketing materials that cover that person’s preferences and interests,
- sending information on planned trainings and events organized by Seargin that cover competences or interests of that person.
Owing to that, we do not sent irrelevant and unwanted information as well as reduce the risk of creating spam.
An example of such activities may be binding data provided during recruitment process (e.g. CV, covering letter) and contact data (e.g. e-mail, phone number) with information provided on websites such as LinkedIn or Goldenline (e.g. identification and contact data, professional experience description, education, skills or interests). In this case, binding data means connecting information from own IT systems (such as job candidate data kept in CRM) with information provided online.
Using this tool influences the scope of information sent to the User e.g. content of newsletter that may include information on trainings, events, current promotions or discounts. In case of recruitment, the obtained data allows making a decision whether the User should be still processes as a job candidate, have technical tests or be presented to a client.
All of the abovementioned aspects of using the tool and its effects are the justified interest of Seargin as a Data Controller (Art 6 (1) (f) of GDPR). The reason being that personal data obtained by the tool allows Seargin to make decisions that enable decreasing the operational cost of recruitment processes, marketing activities that aim at building Seargin’s reputation as a reliable company which focuses on the quality of provided services and worker satisfaction as well as respecting User’s needs and requirements in terms of sent information.
Seargin ensures that information or data gained by the tool are used only for purpose described above and are not shared with other parties that specialize in creating such profiles. The User may object to profiling at any given moment according to chapter VIII, points 6-7 of this Policy. As a result, the User will not receive any marketing or sales information as well as updates with job offers tailored to his/her profile or competences. In addition, it also means that Seargin will stop using the tool to profile this User’s personal data but is still able to process it in case of having a different legal basis e.g. consent.
XIII. ORGANIZING AND HOLDING COMPETITIONS
Seargin processes Users’ personal data in relation to organizing and holding competitions. By signing up for an event using a special form or contact by e-mail, the User allows processing his/her data in order to carry out all activities connected with a given competition. The legal basis for processing such data is a consent (Art 6 (1) (a) of GDPR) provided by a clear affirmative action. The User may withdraw the consent according to chapter VIII, point 8 of this policy but as a result he/she will not be able to partake in the competition.
Seargin has implemented appropriate (organizational and technical) security measures to protect personal data from loss, misuse, unauthorized processing or modification. Seargin is obliged to protect any information disclosed by Users in accordance to security and confidentiality standards.
Seargin has implemented the Information Security Management System that is certified as compliant with international ISO 27001 security norms which ensure that Seargin operates according to GDPR regulations in terms of implemented security measures for processing personal data (Art 32 of GDPR). Seargin has proper procedures for managing accesses to IT systems that disable unauthorized workers from processing data. Seargin’s workers are subjected to regular trainings regarding secure processing of personal data and current threats. In order to guarantee the security of personal data provided by the users, Seargin uses dedicated SSL certificates that use data encryption keys based on most reliable encryption algorithms such as RSA or SHA (min. 1024 bites) to transfer data provided on Seargin s websites to IT systems.
Settings regarding cookies used on the www.seargin.com and other websites may be modified via our website or via a third-party website. Cookies are used to:
- Customize content of webpages to User’s preferences, and to optimize their use (in particular, these files allow identification of User’s device and proper display of the webpage tailored to their individual needs),
- Create statistics that help to understand how Users use the websites which leads to improving its structure and content,
- Deliver m content tailored to Users’ interests.
Types of cookies used by Seargin:
- “Essential” cookies that enable the use of services available through the site e.g. allowing the use of sessions;
- “Functional” cookies that allow the website to “remember” settings chosen by the User and personalize the interface e.g. in terms of selected mobile/desktop version, the last phrases typed by the User, website’s appearance etc.;
- “Analytical” cookies that allow us to monitor the activity of Users on the website.
XVI. MODIFICATIONS TO THE POLICY