Privacy Policy
In order to ensure full and transparent implementation of the information obligation – resulting from the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free flow of such data and repealing Directive 95/46/WE (in short “GDPR”) – an updated Privacy Policy with the following content has been published on the website of Jobxion Poland sp. z o.o.:
- The Privacy Policy contains a set of basic principles and information about the rights regarding personal data processing.
- The Personal Data Controller with in the meaning of the GDPR is: Jobxion Poland Sp. z o.o. with its registered office in Radom (26-604), 17 Graniczna, lok. P3 LOK 1 , with REGON No.: 362856597 and NIP No.: 8121916601, entered in the Register of Entrepreneurs of the National Court Register by the District Court for the Capital City of Warsaw in Warsaw, XIV Economic Division of the National Court Register under the number: 0000583457, with the share capital of PLN 20,000 paid in full – hereinafter referred to as the “Company”.
- The Company can be contacted by mail at: Graniczna 17 lok P.3 LOK. 1, 26-604 Radom or electronically by email: privacy@jobxion.pl
- Personal data is any information that identifies or allows to identify the data subject. Classification of personal data:
- general personal data – which includes:
- full name;
- other identifying information: gender, PESEL number, date and place of birth, mailing address, address of residence and address of registered residence, email address, landline/cell phone number;
- data on the place of stay and employment abroad (location);
- bank account number,
- education;
- profession and work;
- tax identification (NIP) number;
- Dutch health insurance and tax identification number (SOFI);
- ID or passport number, date of issue of ID card or passport, expiry date of ID card or passport;
- driver’s license- number, date of issue, expiry date, category
- car registration certificate- number, date of issue, expiry date, technical examination date
- specific personal data – with the consent of the data subject, the Company processes information on health status in order to tailor the presented job offers to the person’s health needs and capabilities.
- The Company processes personal data when the data subject has consented to it or the Company has another legal basis allowing it to process the data – with this basis depending on the category of data:
- general personal data may be processed by the Company when:
- has the consent of the data subject to do so (Article 6(1)(a) GDPR)
- undertakes activities to select and present a suitable job offer to a foreign employer or perform a contract that has been concluded with the Company (Article 6(1)(b) GDPR)
- performs a legal obligation (Article 6(1)(c) GDPR)
- has a legitimate interest in doing so (i.e., for example, when: the Company searches for the most appropriate job offer for the data subject, the Company researches the satisfaction of persons using the agency services provided by the Company, conducts direct marketing activities for the Company and entities from its group, prepares statistics and internal reports, establishes and asserts or defends against claims). (Article 6(1)(f) GDPR)
- Specific personal data may be processed by the Company when it has the consent of the data subject to do so. (Article 9(2)(a) GDPR)
6. Registration of the Candidate on the jobxion.pl website and provision of their personal data to the Company is voluntary and includes only the necessary personal data. This is the only way our Company is able to search for the most suitable job offer.
- The Company’s collection of personal data takes place from the moment the Candidate submits to the Company a set of their data contained in the registration form or in another form. The personal data obtained is processed by our Company, the Company does not use the personal data for purposes other than those prescribed by law, and that data is not transferred, sold or made available to other persons or institutions, except with the consent of the data subject and in cases where it is necessary to fulfill the purpose for which the data was collected and is processed. Personal data is safe in the physical sense – the Company uses effective technological security and anti-virus software available on the market.
- The candidate has a number of rights related to the processing of their personal data:
- Right of access to personal data
As a data subject, the candidate has the right to receive information from the Company on whether it processes their personal data, as well as:
- why the Company processes that data;
- what types of data are processed by the Company;
- to which recipients or categories of recipients the Company has disclosed or may disclose the data;
- how long the Company intends (if it can be determined) to process the data, or based on what criteria this period can be determined.
- Right to rectify or supplement data
The candidate may request that the Company promptly rectify their incorrect personal data or supplement incomplete data.
- Right to erasure (“right to be forgotten”).
A data subject may request that the Company delete their data when:
- the data is no longer necessary to fulfill the purpose for which the Company has collected it,
- the data has not been processed in accordance with the GDPR or other laws.
A candidate who wants their data to be erased may submit a statement to the Company specifying their request, and the Company will grant it when, in the Company’s opinion, there are no legitimate grounds to continue processing the data.
If the Company erases the data of the person requesting it, the Company will be entitled to retain information about who the author of the request was.
- The right to restrict the processing of personal data
The data subject may request that the Company restrict the processing of their data, which may include the following situations:
- the data subject indicates that the data that the Company processes is not correct, in which case the Company will check whether the data is correct and offer to rectify it.
- the data subject believes that the Company is processing the data unlawfully and requests that the Company restrict its use of the data – the Company will restrict the processing of such data, mark the relevant data and not erase it until the person revokes their request for restriction.
- The Company no longer needs the personal data to fulfill the intended purpose, but the data subject objects to erasure of the data because they need it to assert or defend their claims, in which case the Company will ask for an indication of the extent of the personal data the data subject needs and the expected period of its continued storage (if it can be determined).
- the data subject wishes to object for reasons related to their particular situation (when the Company processes data on the basis of the Company’s legitimate interest) – the Company will analyze the situation and suggest that the candidate indicate the specific purpose to which they object.
Note: There may be occasions when the Company will continue to process data despite a data subject’s request to restrict the processing of their data – this may apply in particular to situations where the Company is establishing, investigating, enforcing or defending against claims.
- Right to data portability
Any data subject has the right to transfer their data, in which case the Company will provide that data directly to the person who requests it so that they can transfer it to another entity.
The Company will provide the data in an encrypted email.
- Right to object to processing
A data subject may object to the Company’s processing of their personal data if the Company carries out the processing on the basis of the Company’s legitimate interests. The person concerned should indicate in each case what specific objection they are making, e.g. an objection to the marketing of the Company’s services causes the Company to cease any marketing activities, including preparation and presentation of offers, to the objector.
- Right to withdraw consent to processing
The data subject has the right to withdraw consent to the processing of personal data at any time, with effect for the future, if the processing is based on Article 6(1)(a) or Article 9(2)(a) GDPR.
The exercise of the above rights is possible by submitting a written statement by sending it to the following address: JOBXION POLAND sp. z o.o. ul. Graniczna 17 lok P.3 LOK. 1, 26-604 Radom or electronically by email: privacy@jobxion.pl
If the data subject believes that this is being done in violation of the GDPR, they have the right to lodge a complaint with the supervisory authority – President of the Personal Data Protection Office (ul. Stawki 2, 00-193 Warszawa). Details on how to file a complaint are available at: https://uodo.gov.pl/pl/83/155
- With respect to data subjects, the Company does not make decisions based solely on automated processing of personal data, including profiling.
- Personal data recipients
The Company will transfer personal data of candidates to Jobxion Vakmensen B.V., based in Tiel, address: Kersenboogerd 11, 4003 BW Tiel, the Netherlands – as a foreign employer, and to other foreign employers with whom the Company will cooperate in the future as a placement agency for foreign employers, as well as to the State Labor Inspectorate in the course of inspection of the Company, and to entities with which the Company has entered into service contracts (including outsourcing contracts).
- The GDPR provides six principles for processing personal data:
- the principle of lawfulness, fairness and transparency – which means that the Company processes personal data in a manner that complies with the law, and we inform about all the related issues comprehensively, in simple and understandable language;
- the principle of data minimization and adequacy – the Company processes only the data that is actually needed to fulfill the purpose or purposes of personal data processing;
- principle of data accuracy – the Company ensures that the data processed is truthful, up-to-date and accurate. Therefore, the Company requests that from time to time, data subjects check and update their data, and inform the Company of any changes to their personal data;
- the principle of purpose limitation and storage of processed data – personal data is collected only for a specific, explicit and legitimate purpose that the Company could not fulfill otherwise. The Company will store the data in such a way that the data subject can be identified, and the data is processed only as long as necessary to fulfill the purpose for which the Company has obtained it (unless the Company is required by law to continue processing);
- the principle of data integrity and confidentiality – the Company provides such IT and organizational measures so that the personal data that is processed is secure; this means that the Company protects the data from unauthorized or unlawful processing and accidental loss, destruction or damage;
- the principle of accountability – the Company has taken measures to demonstrate that with regard to personal data, the Company is acting in accordance with the law and takes into account data protection when seeking a job offer for a candidate.
- Period of processing personal data
The Company processes personal data for as long as necessary to fulfill the purpose of processing. The specific period depends on the situation of the data subject:
- A person has provided the Company with their personal data, but no contract has been concluded between the Company and that person for their referral to work abroad with a foreign employer – it will be a period of 3 years from the date of providing the Company with personal data;
- A person has provided the Company with their personal data and a contract has been concluded between the Company and the person for their referral to work abroad with a foreign employer, but the person has not concluded a contract with the foreign employer or has concluded such a contract but has not taken up work with the foreign employer – it will be a period of 3 years from the date when conclusion of a contract with the foreign employer or taking up of work with the foreign employer was to have occurred, respectively;
- The person has provided the Company with their personal data, and a contract was concluded between the Company and the person for their referral to work abroad with a foreign employer, and the person subsequently took up employment with the foreign employer – it will be a period of 3 years from the date of termination of the person’s employment with the foreign employer.
The Company applies the principle of personal data storage limitation, which protects data from being processed for an unlimited period of time. When the Company achieves the purpose of processing, it will erase or anonymize the data, which is the case in particular when:
- the data subject withdraws consent to the processing of personal data (if processing was based on consent);
- the data subject successfully objects to further processing (if the basis of processing was the Company’s legitimate interest);
- the statute of limitations for possible claims expires (if the Company processed the data to perform a contract);
- deadlines that result from other regulations (e.g., the Accounting Act, etc.) expire.
- Changes to Privacy Policy
This Privacy Policy may change in the event of:
- Changes in the laws governing the Company’s operations;
- The need to adapt the Privacy Policy to applicable laws;
- Changes in the way the jobxion.pl website is operated or functions
- The need to change the information contained in the Privacy Policy for reasons other than those indicated above.