Version 1.0Effective Date: 25 March 2020
In this policy we describe how companies of Specta group (“we” or “Specta”) process your personal data as a job applicant (“you“). Particular company that processes your personal data and acts as a controller depends on the territory at which you apply for the work position and is as follows:
- Finland – Specta Strap Oy and Specta Interpak LLC,
- Germany – Specta Ruhr GmbH and Specta Interpak LLC,
- Russia – Specta Interpak LLC.
For all questions regarding our data protection and privacy practices, you can contact us at any time at firstname.lastname@example.org.
- Which data do we process and for what purposes?
- How do we collect your personal data?
- Who has access to your personal data?
- What are your choices and rights with respect to your personal data?
- How do we keep your personal data safe and secure?
- How long do we store your personal data?
- What are our data processing principles?
- What will we do if there is a personal data breach?
- Detailed list of personal data, purposes, period and legal basis (table)
We make every effort to make our processing activities transparent and open. We process your data that you have made available to us as part of your application for a job offer or on your own initiative.
A list of data we process about you, the third parties we share data with and the timeframes during which we process data are specified in the table in Section 9 below.
Should we later decide to use your data in any other way, we will inform you in advance so that you can exercise your rights as a data subject.
We do not process any special categories of data or data related to criminal convictions or offences. We do not use your personal data for any automated decision making covered by Article 22 of the GDPR.
If you do not provide to us any data that we need, it may consequently render impossible for us to make a justified decision regarding you as a job applicant.
We collect your personal data from you directly when you provide us with your CV or during an interview with you. If you provide us with the information on your accounts in social networks we will also explore content of such accounts.
We use servers in Russia hosted by our head company (Specta Interpak LLC) to store all information, including documents and personal data. As well, due to our corporate policies we may also be required to coordinate our decision regarding you as a job applicant with our head company and share your CV with all companies within Specta (Specta Interpak LLC, Specta Strap Oy, Specta Ruhr GmbH).
As Russia is not acknowledged as a country providing adequate level of data protection for the processing of personal data in accordance with EU standards, we ensure that there are appropriate safeguards as set forth in Article 46 of the GDPR.
Subject to applicable legislation, you have the full legal right to:
- request from us the personal data we have collected about you and information on how we process your data;
- demand modification or erasure of your personal data;
- request to restrict the processing of your personal data (blocking);
- object to the processing of your personal data;
- ask us to transfer your personal data we process to another company, entity or person you deem appropriate (data portability right).
Please contact us at email@example.com if you wish to exercise any on the specified rights. We will do our best to fulfil your request in the shortest possible time and in accordance with applicable legislation. In some cases, we may be required to continue storing data for regulatory purposes even though you require us to delete it. Should this be the case, we will provide you with further information.
You also have the full legal right to lodge a complaint with a supervisory authority:
- in Finland (www.tietosuoja.fi, email: firstname.lastname@example.org);
- in Germany (North-Rhine Westphalia) (www.ldi.nrw.de, email: email@example.com).
We are committed to protecting your personal data by using a combination of administrative, technical and physical measures. These safeguards include strict procedures to prevent the unauthorised access, loss or destruction of your personal data both during transmission and once we receive your personal data.
When interchanging data with third parties, we take appropriate organisational and technical measures to protect your personal data. We ensure that such third parties are bound by confidentiality obligations, and they must ensure the security and confidentiality of data.
Unfortunately, no data transmission or storage system is guaranteed to be 100% secure. If you have any reason to believe that your personal data is no longer secure, you should contact us immediately.
We store your personal data for as long as necessary to fulfill the purposes for which it was collected, except where otherwise required or permitted by law. Once no longer required, your personal data will be securely destroyed or anonymised (so the data no longer identifies you). Periods of storage of personal data are described in the table in Section 9 below.
We have the greatest respect for your personal data, so during the collection and processing of them, we strictly adhere to the best business practices and principles of applicable legislation, including:
- making the best efforts to process personal data fairly and in a transparent manner.
- collecting data only for the predetermined, explicit and legitimate purposes described herein. We do not process data in a manner incompatible with our initial purposes.
- collecting only personal data that we deem adequate and relevant and, in a volume, strictly necessary to achieve our purposes.
- keeping personal data accurate and, when necessary, up to date. We erase or rectify personal data that is inaccurate without delay.
- keeping personal data in a form that identifies you for no longer than necessary for the purposes for which the personal data were collected and processed.
- ensuring the appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage by using appropriate technical or organisational measures.
If there is a personal data breach, we will without undue delay and where feasible, no later than 72 hours after having become aware of it, notify the competent supervisory authority of the personal data breach unless we reasonably decide that such a breach is unlikely to result in any risk to the rights and freedoms of data subjects.
If a data breach is likely to result in a high risk to your rights and freedoms, we will send a communication to your email address (if you provided us with it).
|No.||Purpose||List of personal data||Third parties (not SPECTA Group)||Period of processing||Legal basis|
|1.||Evaluation of job applications||Full name|
Place of residence
Details on work/professional experience (employment, employment period, job title/position, responsibilities and/or achievements)
Details on education and trainings (educational/training/vocational institution/body/establishment, training period, completed education and/or acquired qualification and training courses)
Details on knowledge of languages, skills and competences
Information on accounts in social networks
Other information provided in CV, cover letter or other application documentation
Summary of an interview with a job applicant
|No||During the evaluation of job application. Once we make a decision we will stop processing in two weeks||Our legitimate interest to make an informed decision about the application received|