TopJobsCyprus is a site operated by HUMANBRIDGE LTD, a private limited company registered under the laws of the Republic of Cyprus with registration number HE 382654 (hereinafter collectively referred to as the “Company”, ”we”, “us” or “our”).
We know that you care how information about you is used and shared and we appreciate your trust in us to do that carefully and sensibly. We hereby confirm that we are committed to protecting your personal information. The Company will collect, process and use your personal data exclusively in compliance with the principles of the new Regulation (EU) 2016/679 of The European Parliament And of The Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”), the applicable local legislation as amended from time to time and any other legal and/or regulatory obligations.
This privacy notice is provided in a structured form covering specific areas in relation to your personal data. We recommend that you print a copy of this privacy notice for future reference.
2.IMPORTANT INFORMATION AND WHO WE ARE
- Purpose of this privacy notice
This privacy notice aims to give you information on how and for what purposes the Company uses, processes and looks after your personal data through your visit and/or use of this website (regardless of where you visit it from), including any data you may provide through this website when you sign up and/or registering and/or purchasing any of our services (as the case may be).
Below we provide information about the processing of your personal data and the data protection rights you are afforded. The content and scope of the data processing are largely based on the services that you have requested and/or used or the services that have been agreed with you.
This website is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and/or terms and is not intended to override them.
- Who is responsible for your personal data and who you can contact
Subject to the terms of this privacy notice the entity responsible for your personal data is:
Full name of legal entity: HUMANBRIDGE LTD (HE 382654)
Telephone: 7000 4430
Email: [email protected]
We have appointed a data protection officer (hereinafter referred to as the “DPO”) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions or want more details about this privacy notice or on how we use your personal information, please contact our DPO using the details set out below:
Full name of the DPO: Maria Georgiou Ttofi
Email: [email protected]
As explained hereunder, you have the right to make a complaint at any time to the Cyprus Data Protection Commissionaire, the Cyprus supervisory authority for data protection issues (hereinafter the “Commissioner”).
We would, however, appreciate the chance to deal with your concerns before you approach the Commissioner so please contact us in the first instance.
- Third-party links
3.THE DATA WE COLLECT ABOUT YOU AND WHERE DOES THIS DATA ORIGINATE FROM
Pursuant to the provisions of the applicable local and EU legislation(s), “personal data” or “information of personal nature”, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (known as “anonymous data”).
We may collect, process, store and transfer different kinds of personal data about you in the context of our business relationship and/or services provided to you which we have grouped together as follows (Note: The type of personal data controlled and/or processed by us may vary depending on our user’s capacity/nature in using our website i.e. whether the user is a “Candidate” looking for a job or an “Employer” looking to recruit candidates):
- “Identity Data” includes first name, maiden name, last name, username or similar identifier, title, date of birth and gender.
- “Contact Data” includes billing address, email address and telephone numbers.
- “Financial Data” includes bank account and payment card details.
- “Technical Data” includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- “Profile Data” includes your username and password, purchases of our services, your interests, preferences, feedback and survey responses.
- “Usage Data” includes information about how you use our website, products and services.
- “Marketing and Communications Data” includes your preferences in receiving marketing from us and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we hereby confirm that we treat the combined data as personal data which will be used in accordance with this privacy notice.
Some types of information are classified as Special Categories of Personal Data known as “Sensitive Data” for the purposes of European data protection law and there are additional restrictions on how we may use and hold this information. “Sensitive Data” includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data as well as information about criminal convictions and offences.
We do not knowingly collect any “Sensitive Data” about you. However, we may collect Sensitive Data unintentionally i.e while applying for a job and/or through your CV.
Generally, it is necessary to obtain your consent before we can use Sensitive Data. However, we may hold and use such information without consent for limited statutory purposes such as to protect your vital interests, for legal claims, or in the public interest. We hereby confirm that we will always communicate to you the purposes for which we wish to use your Sensitive Data when it is being collected, and, if necessary, obtain your consent at that time. In such cases, you will be able to withdraw your consent at any time.
- If you fail to provide or choose not to give your personal data
In the context of our relationship (as the case may be) we may need to collect personal information by law, or under the terms of a contract, we may have with you or for the provision to you of our services. Without this data, we may, in principle, not be in a position to provide to you the services offered on our website.
For the avoidance of any doubt, data collection that is optional would be made clear at the point of collection.
4.WHY DO WE PROCESS YOUR DATA (PURPOSE OF THE PROCESSING) AND ON WHAT LEGAL BASIS
We process the aforementioned personal data in compliance with the provisions of GDPR and the applicable local legislation as amended from time to time. Please contact us or our DPO if you need details about the specific legal ground we are relying on to process your personal data.
4.1. For compliance with a legal obligation
Such cases include cases where the processing is necessary because of a legal obligation that applies to us.
We may process your data to comply with our legal and regulatory obligations eg preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.
4.2. For the performance of contractual obligations
We may process your data when we need to perform a contract we are about to enter into or have entered into with you.
4.3. For the purposes of safeguarding legitimate interests
We may process your data where it is necessary for our legitimate interests (or those of a third party) and your data protection rights do not override those interests. Examples include but are not limited to:
- ensuring the security and integrity of our services and in ensuring that our website operates effectively;
- providing our services to our users;
- protecting users, employees and other individuals and maintaining their safety, health and welfare;
- sending alerts (upon request) which are relevant and tailored to individual users;
- for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise;
- providing a shortlist to facilitate the purpose for which data have been uploaded to and/or send through our website with the sole purpose of improving our services to the said data subject;
- understanding our user’s behaviour, activities, preferences, and needs;
- improving existing products and services and developing new products and services;
- handling customer contacts, queries, complaints or disputes; and
- fulfilling our duties to our users.
For the avoidance of any doubt, legitimate interest generally means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience.
We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us or our DPO using the details provided herein.
4.4. On the basis of your consent
Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message.
Insofar as you have granted us consent to the processing of personal data for marketing purposes, the lawfulness of such processing is based on your consent. Any such consent granted, may be revoked at any time by contacting us or our DPO using the details provided herein.
This also applies to the revocation of declarations of consent that were granted to us prior to the entry into force of the GDPR, i.e. prior to 25 May 2018.
Please note that we will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us or our DPO using the details provided herein.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
4.5. Third-Party Marketing
We will get your express opt-in consent before we share your personal data with any third party outside the Company for marketing purposes.
You can ask us or third parties to stop sending you marketing messages at any time by contacting us or our DPO using the details provided herein.
5.DISCLOSURES OF YOUR PERSONAL DATA
We may disclose information that concerns you if we are legally required to do so pursuant to the provisions of the GDPR and/or the provisions of the applicable local legislation as amended from time to time as well as any other relevant legislation.
We may disclose your personal data to third parties in order to comply with any legal obligation or in order to enforce or apply our terms and conditions and/or based on your consent/instructions.
Personal data is shared with:
- Recruiters – Employers when you provide your interest to their job vacancy post;
- Our service providers such as IT systems, support and hosting service providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities; and
- Governmental authorities and third parties involved in court action.
Where the party to whom we share your personal information is a legal entity, we hereby affirm that we will take all reasonable steps and/or actions to confirm that the employees and/or representatives of such a third party will execute their duties in accordance with the highest industry standards and will comply with all provisions and requirements of the provisions of this Privacy Notice and the local laws and regulations on the protection of personal data (as amended from time to time) and GDPR and any legislation to success it or complement it.
6.DATA TRANSFERRED TO A COUNTRY OUTSIDE THE EUROPEAN ECONOMIC AREA
We do not currently transfer your personal data outside the European Economic Area (“EEA“).
GDRP and the applicable local legislation as amended from time to time prohibits the transfer of personal information outside the EEA unless specific requirements are met for the protection of that personal information. More specifically, data will only be transferred to countries outside the EU or the EEA (i) if it is required by law; or (ii) if you have granted us your consent and/or instructed us to do so.
Please note that if service providers in a third country are used, all reasonable and practicable measures will be taken to ensure that they will comply with the data protection level in Europe in accordance with the GDPR. In addition, any transfers to parties located outside the European Union will be in line with the legal and regulatory provisions of the GDPR and applicable local legislation as amended from time to time.
If you need more information in relation to the possible transfer of your data to a country outside the EU or the EEA please do not hesitate to contact us or our DPO using the details provided above.
7.1 How long we keep your personal information
We will keep your personal information for as long as you are a person using and/or enjoying our website and/or our services. For the avoidance of any doubt, you stop being a person using and/or enjoying our website and/or our services when you delete your account and/or otherwise request cancellation of the services we provide to you.
After you stop being a person using and/or enjoying our website and/or our services, we may keep some of your personal information for a period of up to 2 weeks without however processing them. We may keep your data for longer than 2 weeks if we cannot delete it for legal and/or regulatory and/or technical reasons. If we do so, we will ensure that your privacy is protected.
In case your account remains inactive and we have not been in contact with you for a period of 1 year, your account, as well as your personal data, will be deleted and removed from our systems.
Without prejudice to the generality of the preceding paragraphs, we note that in some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
8.WHAT DATA PROTECTION RIGHTS YOU HAVE
The following are the rights you have pursuant to the provisions of the GDPR and the applicable local legislation (as amended from time to time) in relation to the data protection:-
Request access to your personal data (commonly known as a “data subject access request”).
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Please note however that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. In such a case, your data will be stored but not processed until the expiration of the retention obligation.
Subject to the legal basis on which the processing activity is based, you may object to the processing of your personal data. Please note that in some cases, we may have compelling legitimate grounds to process your information which we need to comply with.
Request restriction of processing of your personal data (a) if it is not accurate;(b) where processing may be unlawful but you do not want us to erase your data; (c) where you need us to hold the data even if we no longer require it; or (d) where you may have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party.
In case the processing of the data is performed subject to your consent, you may withdraw consent at any time where we are relying on consent to process your personal data. However, we note that this will not affect the lawfulness of any processing carried out before you withdraw your consent. Kindly note however that if you withdraw your consent, we may not be able to provide certain products or services to you. We will, of course, advise you if this is the case at the time you withdraw your consent.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). Kindly note however that we may charge you with an administrative fee, in cases where requests are deemed manifestly unfounded or excessive, in particular, because of their repetitive character.
If you wish to know more and/or exercise any of the rights set out above, please contact us or our DPO using the details provided above.
8.1. What we may need from you in relation to your personal data rights
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
9. DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Our website may use technologies such as “cookies” to provide visitors with tailored information upon each visit. Cookies are a common part of commercial websites that allow small text files to be sent by a website, accepted by a web browser and then placed on your hard drive in order to recognise repeat visits to the website. Every time you visit our website, our servers, through cookies, pixels and/or GIF files, collect basic technical information such as your domain name, the address of the last URL visited prior to clicking through to the website, and your browser and operating system. If you like, you can set your browser to notify you before you receive a cookie so you have the chance to accept or reject it and you can also set your browser to turn off all cookies. The website www.allaboutcookies.org (run by the Interactive Marketing Bureau) contains step-by-step guidance on how cookies can be switched off by users. You do not need to enable cookies to visit our website – however, some parts of the website and some services may be more difficult or impossible to use if cookies are disabled.
For the avoidance of any doubt, Cookies do not contain any information that could identify the individual user personally.
11. LODGING A COMPLAIN
Please let us know if you are unhappy with how we have used your personal information. As stated above you can always contact us or our DPO.
You also have the right to make a complaint at any time to the Commissioner which is the supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the Commissioner so please contact us in the first instance.