TERMS FOR PROTECTION OF PERSONAL DATA
The following information shall be provided in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC.).
I. KEY PROVISIONS
The controller of personal data according to Article 4(7) of European Parliament and Council (EU) Guideline No. 2016/679 on the protection of natural persons in relation to the processing of personal data and on the free movement of this data (hereinafter the “GDPR”) is Elanor spol. s r.o. Reg No. 15887219 with registered office at BB Centrum Brumlovka, Jemnická 1138/1 140 00 Prague 4 (hereinafter the "Controller").
II. CONTACT INFORMATION
address: BB Centrum Brumlovka, Jemnická 1138/1 140 00 Prague 4
telephone no.: +420 222 509 999
III. SOURCES AND CATEGORIES OF THE PROCESSED PERSONAL DATA
Personal data shall be processed to the extent that the relevant user of the Elanor website (hereinafter referred to as the "Data Entity") has provided the Administrator with a web form, email or telephone to:
- mediation of the contractual relationship or performance of the contract,
- tenders for vacancies
- offers of additional vacancies based on the consent of the data subject, which you can withdraw at any time, see the chapter "Revocation of consent to the processing of personal data",
IV. PERSONAL DATA SOURCES
Directly from data subjects.
V. PERSONAL DATA CATEGORY
- This is information that can be found on a business card, such as first name, last name, job title, employer or company name, work address, work email, and work phone number.
- Biography information: eg date and place of birth, birth number, home address, telephone number, marital status, nationality, nationality, photo, e-mail address.
- Information on education and previous employment: eg List of completed schools, diplomas, certificates, courses, certificates, previous employers, cover letter, driving license.
- Information automatically collected and stored using cookies and similar technologies, including the IP addresses, area or general location of a computer or device that accesses the Internet, browser type, operating system, page view history, and other usage information.
VI. CATEGORIES OF PERSONAL DATA RECIPIENTS
- administrator - only authorized employees of the company to the extent necessary for processing purposes,
- other recipients - suppliers providing services related to the operation of the Elanor website.
The administrator does not intend to transfer personal data to a third country outside the European Union.
VII. DURATION OF STORAGE OF THE DATA
We only process personal data for as long as is necessary for the purposes of their processing. We continually assess whether there is a continuing need to process certain personal data needed for the purpose. If we find that they are no longer needed for any of the purposes for which they were processed, we will discard the data. In relation to certain purposes of processing personal data, we evaluated the usual processing time of personal data as follows:
- usually, we store data obtained from our web forms within two months, after which they are automatically deleted. In the meantime, if a contract is concluded, we will keep your information in accordance with applicable legislation;
- we process the legitimate interest and performance of the contract for the duration of the selection procedure for vacancies, however, for a maximum period of 6 months;
- in the case of your consent to the processing of personal data for the purpose of offering another job for a period of 3 years or until the consent is withdrawn.
VIII. METHOD OF PROCESSING AND PROTECTION OF PERSONAL DATA
Personal data is processed manually and automatically and does not make automated decision-making without the impact of human judgment with legal effects for data subjects.
Elanor spol. s r.o. For the purposes of fulfilling its obligations under Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Regulation on the protection of personal data (hereinafter referred to as the “GDPR Regulation”) to eliminate as far as possible the risk of accidental or unlawful destruction or loss or alteration of personal data, possible unauthorized or accidental third party access to personal data, unauthorized transmission of personal data, other unauthorized processing thereof, or other misuse thereof.
For this purpose, a documented information security management system is implemented in the company
according to the requirements of ČSN ISO / IEC 27001: 2014 Information Security Management Systems and Information Security and Personal Data Protection is ensured in accordance with the issued Company Information Security Management System Policy.
Information and personal data in electronic form are stored on servers located
on the territory of the Czech Republic or on data carriers to which access is restricted only to authorized persons based on access codes or passwords in accordance with the issued Access Control Policy.
IX. YOUR RIGHTS
The data subject shall have the following rights in respect of the processed data:
- the right of access to personal data under Article 15 of the GDPR,
- the right to rectify inaccurate data under Article 16 of the GDPR,
- the right to have personal data deleted pursuant to Article 17 of the GDPR,
- the right to limit the processing of personal data pursuant to Article 18 of the GDPR,
- the right to portability of personal data under Article 20 of the GDPR,
- the right to object to the processing of personal data pursuant to Article 21 of the GDPR,
- the right to file a complaint with the Office for Personal Data Protection pursuant to Article 77 of the GDPR,
- the right not to be the subject of any decision based solely on automatic processing, including profiling under Article 22 of the GDPR.
X. REVOCATION OF CONSENT TO THE PROCESSING OF PERSONAL DATA
- The processing of cookies data can be prevented by setting up a web browser.