2. Responsible Party and Contact Information
In compliance with applicable data protection legislation, we inform you herewith that we are the controller of the personal information we collect, receive or otherwise process about you as described below. Such legislation includes Regulation (EU) 2016/679 of 27th April 2016 (GDPR) and any other national or supra-national statutory law applicable to us.
The responsible party in terms of the GDPR within the scope of this website is Solutions 30 SE, a European Company with registered office situated at 6, rue Dicks, L-1417 Luxembourg, and registered with the Luxembourg register of commerce and companies under number B 179097, (referred to as “the controller”, “us”, “we”, “our”). In its capacity as data controller, Solutions 30 SE is responsible to ensure that the personal data is being processed in a correct manner and in accordance with applicable legislation.
3.1. Personal data
According to the GDPR, “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. Our Principles
When using our website, we are committed to collect and process your personal data in compliance with the GDPR’s principles. Therefore, we bound ourselves that personal data shall be:
- Lawfully, fairly and transparently processed;
- Processed only in the scope of the mentioned purposes;
- Processed in accordance with the data minimisation principle;
- Accurate and up to date;
- Stored only during the period necessary for the purposes;
- Secured and kept confidential.
5. Types of Personal Data that are Processed
We may collect data about you from a variety of sources:
- The personal data collected when you visit our website
- The personal data collected when filing in the contact form on the website
- The personal data collected from public sources when applying for a vacancy (e.g. Viadeo, Twitter, Linkedin)
- The personal data collected when applying for a vacancy (previous experiences, previous employers, etc.)
- Personal data created by means of records of our interactions such as correspondence regarding job application, interviews, queries or complaints.
5.1.1. Within the scope of the use of our website
Upon accessing and using our website, www.solutions30.com, the following data may be collected:
- The user’s access provider;
- The user’s Internet Protocol (IP address);
- The URL of any links through which the user accessed the site www.solutions30.com.
5.1.2. When using our services on our website
When filling in the contact form or when applying for a vacancy, the following data may be processed depending on data that is communicated:
- Personal and contact details: title, full name, date of birth, age, gender, address, telephone numbers, email address, picture, copy of ID card or passport, social security number, language/dialect spoken, preferences, subscriptions and pastimes.
- Career history: business activities, work history, employment roles, experiences and referees, work telephone number, former and current names and contact details of employees, work-related social media profile details.
- Qualification, Training and Education History: schools and universities attended, qualifications obtained, additional training obtained.
- Interview details: interview responses, opinions of interviewers, the following correspondence.
- Any other information that you choose to communicate in the framework of your demand or application.
5.2. Purposes of the processing
The personal data are collected and processed in order to fulfil the following purposes:
- to provide you with the services requested;
- to deal with communications received from you, contacts via phone or email, and responding to your queries, complaints;
- to maintain and update our list of contacts and our job applicant database;
- to support and progress your applications for employment with Solutions 30 SE.
5.3. Use of your personal data
We may use your personal data in the following ways:
- to administer our website and for internal operational purposes to make user experience more efficient (including troubleshooting) and to analyse how the systems are used;
- to assess your application and determine whether a certain position fits your profile;
- to contact you to arrange an interview, to discuss a particular contract or its execution.
6. Sharing Your Personal Information with Others
Depending on the nature and scope of our assignment or the services requested from us, we may share personal information with the following recipients to the extent that such disclosure or transmission is deemed reasonably necessary or desirable for satisfying the purposes mentioned above or at the specific legitimate request of our clients, the data subjects concerned:
- external entities such as advisers, service providers or other third parties related to our services;
- lawyers, authorised employees, agent or other persons acting on Solutions 30 SE’s behalf in case of a legal dispute;
- third party service providers who assist us in organising operational services and/or who deal with data subjects’ complaints.
7. International Data Transfers
Depending on the nature and scope of our assignment or the services requested from us, we may transfer personal information abroad to the extent that such transmission is deemed reasonably necessary or desirable for satisfying the purposes mentioned above, including outside of the European Union/European Economic Area, in countries not recognised by the European Commission as having an adequate level of protection for personal information.
Personal information may be sent to, accessed from, or stored in any country where:
- it is necessary or useful in the context of our services; or
- we have third party service providers.
We will take appropriate steps to ensure that transfers of personal data are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognised as providing an adequate level of protection or where we are satisfied that alternative arrangements are in place to protect your privacy rights.
Depending on the circumstances, transfers will be made:
- in another Member State, hence offering the level of protection required by the GDPR;
- according to appropriate safeguards (i.e. the entry into standard data protection clauses with the data importer).
Navigating on the site www.solutions30.com may result in the installation of cookies on the user’s computer. These are small files that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
We use session cookies to keep information about your navigation on our website for different purposes, namely to facilitate subsequent navigation on the website and to allow various visitor figures to be compiled. Some cookies are essential to deliver a better experience on our website and to help us understand how people use our website.
Cookies present on the site are controlled by the website and are accessed only by the website owner or by people acting on its behalf. Additionally, cookies will not be used for any purpose other than the one stated.
You can control and/or delete cookies as you wish – for details, see AllAboutCookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
9. Legal Basis
In order to be a lawful processing, a controller must always base its processing activities of personal data on one of the legal grounds enumerated within the GDPR. We will process your personal data only when we have an appropriate legal basis for doing so.
Your personal data shall be processed when:
- it is necessary for the performance of a contract to which you are a party or in order to take steps at your request before entering into a contract;
- it is necessary for compliance with a legal obligation to which we are subject;
- it is necessary for the purposes of our legitimate interests as long as our interests are not overridden by your interests or fundamental rights and freedoms. For instance:
- to assess your suitability for a position;
- to establish, exercise or defence our legal rights in case of a legal claim;
- to maintain and update our list of contacts;
- to deal with communications received from you, contacts via phone or email, and responding to your queries;
- to ensure network and information security and stability.
10. Storage Periods
It is our aim to process your personal data to the least extent possible. If not exact storage periods are mentioned in this statement, we will only store your personal data as long as it is necessary to fulfil the purpose for which it was originally collected and, if appropriate, as long as legally stipulated.
When the processing of the personal data is no longer necessary for the purpose of which it was collected, we will erase such personal data.
11. Your Rights & Remedies
11.1. Right to access
You have the right to obtain from us confirmation as to whether or not personal information concerning them is being processed, and, where that is the case, access the personal information and relevant information in that regard.
11.2. Right to correction
You have the right to obtain from us without undue delay the rectification of inaccurate personal information concerning them and taking into account the purposes of the processing, the right to have incomplete personal information completed.
11.3. Right to object
You have the right to object to the processing of your personal data in certain circumstances stated by GDPR.
11.4. Right to erasure (Right to be forgotten)
You have the right to be forgotten whenever the original purposes are no longer relevant and that we do not have legitimate grounds to decline your request to be forgotten.
11.5. Right to request the restriction of processing
If you do not agree with a decision to process personal data based on our legitimate interest you may request that such processing be restricted. You may also request a restriction of processing if you consider that we process incorrect data or that the personal data is no longer necessary for the purposes of processing.
11.6. Right to transportability
You may ask the transfer of your personal data to another party.
11.7. Right to withdraw your consent
You have the right to withdraw your consent at any time when the processing of personal data was based on your consent.
11.8. Right to lodge a complaint with the supervisory authority
You have the right to file a complaint with the data protection authority in your country. Nevertheless, we invite you to contact us before making any complaint to the competent authority.
To exercise your rights, you can send a written request to firstname.lastname@example.org.
12. Security Measures
Solutions 30 SE has taken the appropriate technical security and organisational measures to protect the personal data from loss, abuse and unauthorised access.
Furthermore, access to personal data has only been granted to the individuals at Solutions 30 SE or individuals performing a task on request of Solutions 30 SE that need to process the personal data in accordance with the purposes that have been stated above.
13. Notification of Breach
Solutions 30 SE will notify the National Data Protection Commission in case of a breach of personal data without undue delay and no later than 72 hours after detecting the breach.
Pursuant to the provisions of GDPR, clients and contacts will be personally notified of a personal data breach, without undue delay, only when the personal data breach is likely to result in a high risk to their rights and freedoms.
14. Data Protection Officer
We may, at our own discretion, amend this Policy in order to ensure it is accurate, complete and up to date with legal requirement and the way we operate our business.
We encourage you to review regularly this page to remain informed about your rights and the way we process your personal data.
This Policy was last reviewed and updated in April 23rd 2019.