PRIVACY STATEMENT
Your privacy is important to us and we undertake to protect and safeguard the rights relating to the privacy of your information.
OUR POLICY
In this privacy policy, we describe how we handle your personal data and in doing so comply with our statutory obligations, not just when we help you to find a job but also when we help our clients find a suitable candidate and when you are doing nothing more than visiting our website.
By virtue of the legislation (the General Data Protection Regulation (GDPR) [known in the Netherlands as the ‘Algemene Verordening Gegevensbescherming’ (the ‘AVG’)], we ensure that each processing of your personal data complies with the following principles:
In order to ensure fair and honest processing of personal data, the GDPR grants you certain rights that you can exercise against us if you do not agree with our implementation of this privacy policy.
WHEN DOES THIS POLICY APPLY TO YOU?
This policy applies to you:
WHEN AND HOW YOU GET IN TOUCH WITH US IN OUR CAPACITY AS THE CONTROLLER FOR YOUR PERSONAL DATA
you can get in touch with us at humanresources@emspay.eu
WHICH PERSONAL DATA DO WE COLLECT AND USE?
CANDIDATE DETAILS
We collect certain information about you so that we can find a suitable working environment for you. We restrict our collection of information to the information that we need for us to achieve our purpose.
Please find below the information about you that we usually collect and use:
The above list of categories of personal data that we may collect about you is not exhaustive.
WEBSITE USERS
We collect and use basic information about our Website Users, which information we primarily use to improve our website. We look at how you use our website, at how often you visit our website and at which times our website is used most often. We also use website data to monitor visit behaviour and to optimise our remarketing campaigns.
HOW DO WE COLLECT YOUR PERSONAL DATA?
CANDIDATE DETAILS
We primarily collect personal data about Candidates in three ways:
WEBSITE USERS
We collect your information automatically using cookies when you visit our website, depending on the cookie settings in your browser. If you contact us via the website then we will also collect information from you.
HOW DO WE USE YOUR PERSONAL DATA?
CANDIDATE DETAILS
In general, we use the details of Candidates in two ways:
The most important reason for using your personal details is to help you find work or other employment positions that could suit you.
You can use this website to apply for any vacancy that our initiators (i.e. clients) have published on it. Where appropriate and in compliance with local legislation and regulations, we can also use your personal data for such purposes as marketing and profiling. When required to do so, we will ask you for your consent to perform some or all of these activities. Where appropriate to do so in the future, we may also use Candidate data for profiling. In exceptional cases we may also be obliged to use your personal data in criminal proceedings.
WEBSITE USERS
The information from Website Users helps us to improve the user experience you have with our website. For example: analysing your recent search criteria for vacancies in order to offer you suitable vacancies.
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
We can share your personal data with the following categories of people and parties, doing so in a number of ways and for certain reasons, where it is appropriate and in compliance with local legislation and regulations to do so:
This list is not exhaustive.
HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We will remove your personal data from our systems if:
YOUR RIGHTS UNDER THE GDPR
By virtue of the GDPR there are various rights relating to the personal data of yours that we have in our possession. By contacting us, we can discuss this data with you and deal with it by the deadline set for doing so.
Under the GDPR, you have the following rights:
The Right To Information
We have a duty to inform you about the personal data of yours that we process. More specifically, you have the right to know what is being done with your information and why. This privacy policy is designed to make you aware of the data processing risks, of the rules that apply for it, of our safeguards and of the way in which you can exercise your rights regarding the processing of information.
The Right To Inspect
You have the right to inspect the personal data that we collect from you. Accordingly, you may ask us at reasonable intervals of time whether we are processing personal data of yours, and if so, which data. We are obliged to comply with such requests and to provide the information available.
If you ask us to do so then we will either provide you with a copy of this information or grant you remote access to the data in a secure environment (such as via a personal account/portal). We will not charge you anything for the copy of the information. However, if you wish to receive multiple copies of it then we will charge you a reasonable fee for this that will be based on our administrative costs. We will provide you with the copy in digital or other written form.
When we receive an inspection request, we check whether you are the person making this request. This check includes establishing your identity. This is especially true for online services.
The Right To Rectification
If the personal data of yours that we process is either incorrect or no longer correct then you have the right to order us to correct this data. You also have the right to have this information supplemented if it is incomplete.
If we have shared your information with other parties then we will inform these parties about the changes, unless it is impossible to do so or would require a disproportionate effort on our part to do so.
We will determine whether something is a disproportionate effort by weighing up your interests against the effort (costs, time etc.) that we would have to make to inform the recipients.
The Right To Deletion and The Right To Be Forgotten
You have the right to have your information deleted by us as soon as possible but only in one of the following cases:
In addition to The Right to Deletion, you have The Right to ‘Be Forgotten’.
In situations where we have made your personal data public (for example by making it available online) and you ask us to delete the information then in addition to deleting the data from our own systems we will take reasonable technical and organisational measures to inform the other controllers (i.e. the parties responsible for data processing) who are processing your personal data that you wish to be forgotten. This means that any and all links to, and copies or reproductions of, the data must be deleted.
By virtue of the GDPR, there are certain situations where we do not have to comply with your request to delete data or to be forgotten. This is the case for instance if the processing is needed to comply with a statutory processing obligation that we are subject to. If in our opinion such a situation exists then we will provide you with a reasoned rejection of your request.
If we have shared your information with other parties then we will inform these parties that the data must be deleted at your request, unless this informing is either impossible or would require a disproportionate effort on our part.
We will determine whether something is a disproportionate effort by weighing up your interests against the effort (costs, time etc.) that we would have to make to inform the recipients.
We are only entitled to refuse to comply with your request for a reason that is stated in the GDPR.
The Right To Restrict The Processing
You can invoke your right to restrict the processing in the following situations:
In the aforementioned situations we will ensure that the processing is restricted in such a way that the personal data cannot be processed any further.
If we have shared your personal data with third parties then we will inform them about the processing restriction, unless this informing is either impossible or would require a disproportionate effort on our part.
If we remove the restriction then we will inform you of this beforehand.
The Right to Object
Of the three situations described in the GDPR in which you can exercise your right to object, two of them apply to you in your capacity as Candidate, Client, Temporary Worker, Interimmer or Seconded Worker, Supplier or Website User:
The Right to Have Your Information Transferred (Data Portability);
If you so desire, you have the right to have your personal data transferred to other controllers. In practice this means that you can transfer your stored data to the provider of another online platform (depending on the nature of the data and the data systems). In order to enable you to do this, we will provide you with the information in a standard computer-readable form that is protected with a password. If desired we can pass on the information for you directly.
The right to portability only applies to information provided whose processing is both automated and based on the following principles:
In the following situations, we can use an automated individual decision-making process that may include profiling:
The right to submit a complaint to a supervisory authority:
You also have the right to submit a complaint to your local supervisory authority.