Recruitment Privacy Notice

Last update: 16.05.2024

This Recruitment Privacy Notice (hereinafter “Notice”) explains how Jobbatical OÜ (hereinafter “we”, “us” or “Jobbatical”) processes the personal data of candidates for employment and other individuals who we may come into contact during the recruitment process (e.g., recommenders) at Jobbatical (hereinafter “you” or “candidate”).

This notice describes the processing of personal data by us as a data controller. This means that we individually or along with others determine the purposes and means of the processing of personal data.

1. DATA CONTROLLER

Name: Jobbatical OÜ.

Registry code: 12671900.

Address: Narva mnt 7b, 10117, Tallinn, Estonia.

Email: dpo@jobbatical.com

Contact details of data protection officer: dpo@jobbatical.com.   

2. PERSONAL DATA WE PROCESS 

We process the following personal data:

Identification data” – this includes your name and surname. We collect this data from you at the beginning or during the recruitment process. We may also receive this data from third party recommenders.

Contact data” – this includes your phone number and email address. We collect this data from you at the beginning or during the recruitment process. We may also receive this data from third party recommenders. 

Information about experience, education and training – this includes your diplomas, certificates and licences, training attendance, skills and competencies and other work-related qualifications. We collect this data from you at the beginning or during the recruitment process. 

Recruitment communication” – this includes recruitment-related e-mail correspondence or other communication, where permissible. This data is generated during the recruitment process.

Compliance and risk management information” – this includes background check reports, information about complaints and disciplinary sanctions, and where permissible, information about violation of laws or breach of company policies. We may collect the information for background checks from publicly available sources on the Internet. The information about complaints may be received from our employees or third-party complainant(s).

Social media data” – this includes publicly available information about you on social media platforms (for example, LinkedIn, Facebook etc.), e.g., previous work experience, education or other information that is public and might be relevant in the recruitment process. We may collect this information when scouting possible candidates for employment, when receiving a job application or a recommendation about you from a third party.

Recruitment and hiring related information” – this includes information that was provided or created during the recruitment and hiring process, including your motivational letter, recommendations (please note that it is your responsibility to obtain consent from your recommenders prior to providing us personal information about them), interview details, test results, home tasks and copies of relevant documents. We get this information from you at the beginning of the recruitment process.

3. THE PURPOSES AND THE LEGAL GROUNDS FOR THE PROCESSING OF PERSONAL DATA

      3.1 Legitimate interests

We process your personal data based on our legitimate interests for the purposes described below. You have the right to ask for clarifications regarding the processing based on the legitimate interests. You also have the right to send the objection, if you find that processing of your personal data for the purposes provided below prejudice your rights. Please see section 1 of this notice for our contact details.

Purposes of processing Categories of personal data
Identifying potential candidates for open or future positions:
  • Processing of information provided by the candidates to determine who they are, what background they have and whether they should be considered for open or future positions.
  • Processing of publicly available online information in connection with scouting and recruitment prior to engagement with a candidate.
Conducting the recruitment process and protecting our rights and fulfilling the professional requirements:
  • To decide whether to offer employment.
  • To make decisions about salary and benefits.
  • To assess training needs.
  • To send you notifications about your progress.
Conducting background checks:
  • Regarding the candidate:
    • Identification data
    • Contact data
    • Information about experience, education and training
    • Recruitment and hiring related information
    • Recruitment communication
    • Compliance and risk management information
    • Social media data
  • Regarding the recommender:
    • Name, surname, place of work, position, phone number and/or email address (We get this data from the candidate).

     3.2 Pre-contractual relations

We process the personal data based on Article 6 (1) (b) of the GDPR where it is necessary for the actions prior to entering into an employment contract. 

Purposes of processing Categories of personal data
Determining your qualifications for employment and reaching a recruitment decision. Identification data
Contact data
Information about experience, education and training
Recruitment and hiring related information
Informing you, via email, phone or otherwise, about the progress of your application for employment with us. Identification data
Contact data
Preparation of a job offer and/or contract (e.g., preparation of an offer letter). Identification data
Contact data
Information about experience, education and training
Recruitment and hiring related information
Recruitment communication Identification data
Contact data

4. CATEGORIES OF RECIPIENTS OF PERSONAL DATA AND TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES

In some cases, we may transfer your personal data to certain recipients who are categorised as follows:

1.1 Partners who provide the services to us, and who process the personal data on our behalf (data processors), e.g.:some text

      a. Providers of various ICT services (e.g., providers of cloud services);

      b. Various contractors (e.g., recruitment agencies).

1.2 Independent controllers of personal data, such as our attorneys, auditors, etc.

1.3 Public authorities and supervisory bodies, e.g., court, law enforcement authorities, Data Protection Inspectorate. We transfer your personal data to public authorities and supervisory bodies only if the law requires it. 

Unless necessary for the provision of services, we do not transfer your personal data outside of the European Union (EU) or the European Economic Area (EEA), nor to such third country or international organisation, the level of data protection of which the European Commission has not considered adequate. If your personal data is transferred outside of the EU or EEA, such transfer of personal data will take place only upon appropriate legal basis, and we will take appropriate protective measures. Data transfers to such third countries are mainly based on Standard Contractual Clauses adopted by the European Commission.

You have the right to get additional information about the transfer of your personal data by sending us the relevant request using the contact details described in section 1 of this notice.   

5. RETENTION OF PERSONAL DATA

We retain your personal data for the period necessary for the achievement of purposes stated in this notice or until it is required by the law. For example, unsuccessful application data will be deleted after 18 months taking into consideration our need to answer queries or resolve problems and comply with legal requirements under the applicable laws. 

For more detailed information about the retention of your personal data, you can send an email using the contact details described in section 1 of this notice. 

6. YOUR RIGHTS REGARDING THE PERSONAL DATA

Right of access to your data: you have the right to know, whether personal data concerning you are being processed or not, what is the purpose of processing and what are the categories of personal data. Besides, to whom the personal data is disclosed (especially the recipients in third countries), for how long the personal data is retained and what are your rights concerning rectification, erasure and restriction of the processing.

Right of rectification: you have the right to demand rectification of the personal data concerning you if the data are inaccurate or incomplete.

Right of erasure: in some cases, you have the right to demand erasure of the personal data concerning you, for example in case when you withdraw your consent and there are no other legal grounds for the processing of the personal data.

Right to restrict the processing: in some cases, you have the right to restrict processing of the personal data concerning you for a certain time (e.g., if you have objected to the processing of personal data).

Right to object: you have the right to object to the processing of personal data, which is processed based on the legitimate interest, including profiling. Upon objection, we will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.

Right to data portability: if processing of your personal data is based on your consent or the contract with us and the data processing is carried out by automated means, then you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format. Also, you have the right to claim to transmit those personal data to another service provider if it is technically possible.

Right to turn to us, supervisory authority, or a court: if you want to exercise the above-mentioned rights, please send us an email using the contact details described in section 1 of this notice. If you find that your rights have been breached, you have the right to turn to the Data Protection Inspectorate (Andmekaitse Inspektsioon) and/or court. The contact details of the Data Protection Inspectorate are available at www.aki.ee

7. AMENDMENT OF THIS NOTICE

We have the right to amend this notice unilaterally. The amended version of the notice will be published on our website.

Streamlined employee relocation

Save time, automate repetitive tasks, and provide a delightful relocation experience for your international employees.

Book a free consultation
Cookie Settings

By clicking “Accept All”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Preferences
Accept allAccept necessary

This site uses cookies

Jobbatical uses cookies on its website to offer you the most relevant content and make visiting the site easier and more convenient.

Accept all cookiesAllow selected only
Show info
Required
(1)
Statistical
(1)
Marketing
(1)
About Cookies

Necessary cookies help provide you with a great website experience by enabling core functionality such as page navigation and access to secure areas of the site. The site cannot function properly without these cookies.

Name
Provider
Target
Validity
Type
bm_sz
Used in context with the web site's BotManager. The BotManager detects, categorizes and compiles reports on potential bots trying to access the web site.
1 day
HTTP
ak_bmsc
This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of the website.
1 day
HTTP
rc::a
This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of the website.
Persistent
HTML
_ga
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
2 years
HTTP
rc::c
This cookie is used to distinguish between humans and bots.
Session
HTML
_abck
Used to detect and defend against replay-cookie-attacks – The cookie is necessary for the security and integrity of the website.
1 year
HTTP
_gid
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
1 day
HTTP
_lfa
Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes.
2 years
HTTP
collect
Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels.
Session
Pixel
_gat
Used by Google Analytics to throttle request rate.
1 day
HTTP
_lfa
Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes.
Persistent
HTML
_lfa_expiry
Contains the expiry-date for the cookie with corresponding name.
Persistent
HTML
_mcid
This cookie registers data on the visitor. The information is used to optimize advertisement relevance.
1 year
HTTP
_lfa_test_cookie_stored
Used in context with Account-Based-Marketing (ABM). The cookie registers data such as IP-addresses, time spent on the website and page requests for the visit. This is used for retargeting of multiple users rooting from the same IP-addresses. ABM usually facilitates B2B marketing purposes
Session
HTTP
ads/ga-audiences
Used to detect whether the user intends to leave the page via cursor movements. This allows the website to trigger certain pop-ups to keep the user on the web site or convert them to customer.
Session
Pixel
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.