This Privacy Notice sets out the privacy principles of Blackbelt Technology Ltd. concerning Candidates. Hereinafter, the company shall be referred to as the “Data Controller”.
This Notice seeks to provide information about the data processing practice followed and applied by the Data Controller in connection with processing the Candidates’ data.
Please read the information provided carefully before sending us your CV.
The Data Controller is committed to fully respecting the Data Subjects’ rights concerning the processing of their data. The Data Controller shall process the personal data in accordance with the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter: Privacy Act) and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). By using the Service, the User confirms his or her consent.
By sending us your CV or completing our application form you accept the Privacy Notice of the Data Controller, confirm that you have understood and accepted the information contained therein, and you declare that you are voluntarily providing your data, and that you give your express consent to processing your data in accordance with this Privacy Notice. For the purposes of this Privacy Notice, “CV” shall mean the User’s CV and motivational letter, as well as the uploaded references and other documents and the entire content thereof.
The Data Controller shall not assume liability for any special data disclosed to it (e.g. in the CV) without the Data Controller’s express request, so please do not provide such data unless you are expressly requested to do so. You may provide references (e.g. from a former employer). In this case, it is your duty and responsibility to obtain the consent of the person indicated as a reference to be contacted.
By your application you give us your consent to be contacted via any of the contact details you have provided.
The Data Controller’s details and contacts:
BlackBelt Technology Ltd.
The Data Controller’s representative: Róbert Sövegjártó
Registered seat: 48/C Gábor Áron utca, Budakeszi 2092
Office: 4 Királyfürdő u., Budapest 1027
Telephone: +36 1 611 0462
The purpose and duration of data processing
In accordance with the preferences of employers/advertisers, finding / notifying / informing candidates of job opportunities, recommending users to employers / advertisers, providing customised service to candidates, registering candidates, the targeted display of job offers, ensuring the quality of the search service, storing CV’s for later applications (CV hosting service), sending job newsletters as a Service in case the Candidate requests so.
The data shall be processed during the registration, for 5 years of the last activity concerning the Candidate (e.g. the last job application); or until the termination of the registration for any other reason, including the Candidate’s request to delete his or her data. The Data Subject has a right to withdraw his or her consent any time.
The authenticity and accuracy of the personal data shall be the sole responsibility of the Applicant.
The legal basis for data processing
The processing of the Data Subject’s personal data shall be based on voluntary consent and legitimate interests. When balancing the interests during processing, the Data Controller assessed the Candidates’ interests and rights with regard to their personal data, as well as the customised service provided to the Candidates, the high quality of the service provided to the Candidates and the verification of selecting the most suitable candidates for the Data Controller’s customers. Without processing the data, suitability cannot be verified, and there is no alternative solution. In accordance with the principle of proportionality, the Data Controller shall only process the data for making recommendations; the data shall not be used for any other purposes. The principle of security shall be applied with respect to the fact that access is only allowed to a limited extent and only to authorised persons. You may object against processing your data any time by sending a message to the Data Controller.
The scope of data to be controlled
CV’s, their details generally:
- date of birth,
- phone number,
- e-mail address,
- previous employment,
- personal assessment
The potential consequences of failure to provide data
Providing the data ensures the Candidates the appropriate service and the recommendation of Candidates, which is not possible without data provision.
We can transfer the CV’s of our Candidates to our key partners (AVON, UniCredit Services, Ericsson, Budapest Bank, Innight, Starschema, Erste Bank, Gamma Technical Corporation) after arrangements made personally or on the phone.
In case data are transferred to other partners, the Candidates shall be notified accordingly. You may object against processing your data any time by sending a message to the Data Controller.
Please note that the Data Controller is not engaged in profiling and automatic decision-making.
- HRSzoftver Ltd. (Registered office: 40 Kossuth Lajos utca, Törökbálint 2045 )
- Google drive service provider
The Data Controller shall take the necessary technical and organisational measures and implement appropriate rules of procedure in order to ensure the security of the personal data during the entire process of data processing.
The Data Controller shall select and operate the IT tools used for data processing with a view to
- allow authorised parties access to the data processed (availability);
- ensure the authenticity and the authentication of the data processed (authenticity of data processing);
- be able to verify the integrity of the data processed (data integrity);
- protect the data processed against unauthorised access (data confidentiality).
The Data Controller shall
- take appropriate measures to protect the data against accidental or unlawful destruction, loss, alteration, damage, unauthorised disclosure or access,
- restrict access to the personal data by specifying levels of authorisation,
- protect the IT systems with a firewall and ensure virus protection,
- make sure that during the electronic data processing the data are only accessible for specific purposes, under controlled circumstances and only by persons who need such access to carry out their duties.
- in order to protect the data sets processed electronically in its various records, use appropriate technical solutions to ensure that the data stored cannot be directly linked and assigned to the Data Subject, unless permitted by law.
Taking into account the state of the art, the Data Controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
The Data Controller shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken. In the case of a personal data breach, the Data Controller shall, without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the Hungarian National Authority for Data Protection and Freedom of Information, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
The rights of the Data Subjects and the enforcement thereof
The right to turn to the Authority:
Through a complaint filed with the Hungarian National Authority for Data Protection and Freedom of Information, you may initiate an investigation with reference to the fact that your rights were injured due to the processing of your personal data or there is a direct risk thereof.
- National Authority for Data Protection and Freedom of Information
- Registered seat: 22/C Szilágyi Erzsébet fasor, Budapest 1024
- Website: http://www.naih.hu
We appreciate if you turn to us first with your complaint so we can investigate and address it.
You have a right to take legal action against the Data Controller in case your rights are injured or your objection is rejected. The court shall hear the case out of turn. The judgement of the case shall fall within the competence of the court. According to your preference, the legal proceedings may be instituted with the court with competence either according to the registered office of BlackBelt or your place of permanent or temporary residence. For further information on legal proceedings please visit www.birosag.hu.
Date: 6 June 2018