General Data Protection Regulation
The security of your personal data, as well as ensuring secure and simple hiring, is a priority for us and we pay great attention to what happens to your data.
Our company jobno.one, s.r.o., company number: 54 669 308, with its registered office at Františkánska 17, Trnava, Slovak Republic (hereinafter also “we”) may be in the position of both the Controller and the Processor of your data. In both of these roles, we take full care to protect your privacy and your other rights. Below, we describe the way in which personal data are handled in our company. If a term is used in capital letters, it is defined either further below in this Personal Data Protection Policy or in the Terms and Conditions.
Personal data processing principles
When processing personal data, we comply with the highest standards of data protection and in particular the following principles:
We always process personal data for a clearly and comprehensibly stated purpose, by the stated means, in the stated manner, and only for the time necessary in relation to the purposes of the processing; we only process personal data that are accurate, and the processing is consistent with the stated purposes and necessary for the fulfillment of those purposes;
Personal data are protected in a manner that is appropriate to the current state of the art; the highest possible level of security is ensured to prevent any unauthorized or accidental access to, alteration, destruction, or loss of personal data, unauthorized transmission, other unauthorized processing or other misuses of personal data;
Data subjects are informed of the processing of personal data and of their rights to accurate and complete information about the circumstances of that processing, as well as other related rights;
We observe appropriate technical and organizational measures to ensure a level of security appropriate to all possible risks; all persons who come into contact with personal data are obliged to maintain the confidentiality of information obtained in connection with the processing of such data.
Our company as a Controller and a Processor of data
We are the Personal Data Controller, i.e. the one who decides on the processing of data, determines its purpose, and, in particular, is liable therefor for the processing of data that are necessary for the following purposes:
Setting up, maintaining, and managing a User Profile; this processing is necessary for the performance of the use of the Application;
Service communication with the User; this processing is necessary for the performance of the Use of application;
Apply for job vacancies or send a CV to a potential employer;
Provide CV and personal data; data processing for this purpose is necessary to protect our legitimate interest in proving the proper functioning of the Application;
Internal User records; data processing for this purpose is necessary to protect our legitimate interest in the proper functioning of the Application;
Ensuring the functionality, security, stability, and development of the Application; data processing for this purpose is necessary to protect our legitimate interest in the proper functioning and development of theApplication and our services;
Machine learning of match CV to job advertisement to better display relevant job opportunities to the User to provide him/her the best user experience;
Informing about new functionalities of the Application that are necessary for our legitimate interest in communicating with customers and developing and achieving our business goals, and with your consent, if given, informing of any third-party offers.
Where our Application is used by the User for their own personal use or by a natural person or legal entity to secure the commercial, business, or similar activities through individual Users, the Personal Data Controller is the User or the Client and we act as the Data Processor. This concerns in particular the processing necessary for:
Sending CV or other documents in the Application environment;
Setting up access for persons to his/her User Account, or to the job seeker profile;
Retaining and archiving documents for the needs of the User or the Client.
You can contact us at:
Address or phone contacts found at: https://business.dream.jobs
You can also exercise all your rights as described below using the above-mentioned contacts.
Automatic individual decision–making and profiling
Our company fully respects the right of the data subject set out in Article 22(1) of the GDPR not to be subject to any decision based solely on automated processing, including profiling. It is necessary for the functionality of the Application that the personal data contained in the candidates' CVs are processed by means of automatic individual decision–making and profiling in order to achieve the desired results for the functionality of Application.
The automatic individual decision–making profiling is only done on the basis of the data subject's explicit consent to this processing, which you gave when you created your profile and/or uploaded your CV.
Without consent to automatic individual decision–making and profiling, it is not possible to use the services of the Application.
Which personal data do we process and why?
We need your basic identification data (name, surname, e-mail) and address data listed in the following section in order to be able to identify you and enable you to use our tool (hereafter referred to as the “Application”). We process these data in our capacity as the Controller for all the above-mentioned purposes, but we also process them in our capacity as the Processor for the provision of services for individual Users and Clients.
We need your address data (street name and house number, city, postal code, and state) as part of your identification and also to properly show relevant job offers based on your location. We process these data in our capacity as the Controller for all the above-mentioned purposes, but we also process them in our capacity as the Processor for the provision of services for individual Users and Clients.
We use your contact details (telephone number and e-mail or identification to third-party authorities such as LinkedIn, Google, Facebook, etc.) as follows: the e-mail address or authentication by third-party authority is used to log in to the Application, and we also send notifications as a job alert. If you have agreed to the sending of commercial communications and news regarding the Application, we send occasional newsletters to this e-mail address. The telephone number is used to support company users. Our telephone support representative may also contact you on that telephone number and offer you advice and assistance with setting up the Application and its use, or in order to resolve your request. We process these data in our capacity as the Controller for all the above-mentioned purposes, but we also process them in our capacity as the Processor for the provision of services for individual Users and Clients.
If you run a business and have a company number, it is necessary to provide it too. We need the company number for issuing tax documents and complete identification when setting up the Application. We process these data in our capacity as the Controller for all the above-mentioned purposes.
Password / third-party authority
When registering in the Application, our system stores the information necessary for you to log in to your Account, i.e. in addition to your name, it also stores the password or connection to third-party authorities such as Google, Apple, LinkedIn, Facebook etc. If we store the password, then exclusively in a hashed form wherefrom we cannot derive your original password. Without one of these this information, we would not be able to allow you to log in, at the same time, it is necessary that you, as well as us, are able to prove that a specific activity made from your Account was performed by you. We process these data in our capacity as the Controller for the purpose of ensuring the functionality, security, non-repudiation, and stability of the Application.
How else do we use your personal data in our capacity as the Controller?
As we are interested in staying in touch with the persons we work with, we will keep your e-mail after registration to which we may send you a so-called commercial communication if you give your consent. These are e-mails in which we shall inform you about our news or exciting events related to the use of the Application. We send these communications on the basis of our so-called legitimate interest. In each e-mail, you shall naturally have the option to unsubscribe from these e-mails, or you may refuse to receive such e-mails in advance by e-mail sent to: firstname.lastname@example.org or change the status in Application (if the current version allows it).
If you have given us your consent thereto, we may retain your e-mail for purposes other than those mentioned above, such as sending information about our events and services that are not related to the service, we have provided to you. Based on your consent, we also may retain your name and surname so that we are able to deal with you in a better way and address you correctly.
In order to make the use of the Application easier and more pleasant for you and, at the same time, to constantly improve our website, we also process information from cookies. A cookie is a small file of letters and numbers that we store in your internet browser or hard drive. Some cookies allow us to link your activities while using the Application from the moment you open a web browser window to the moment you close it. After that, these cookies will be deleted. Others remain in the browser or device for a set period of time and are used whenever you visit the website that created a particular cookie, such as after setting up the resolution, language, or other settings of the Application of your choice.
We treat the information you write in the contracts concluded through the Application as highly confidential. Therefore, only you, the persons with whom you enter into the contract, and the persons to whom you have authorized you to do so have access thereto. We store the data on secure servers, they are encrypted, and we also use a number of other organizational and technical measures so you do not have to worry that anyone other than you could read it.
To whom do we transfer your personal data?
To provide our services, we use the services of some suppliers, who may also participate in processing your personal data. These are, for example, IT Cloud companies, issuing tax documents, etc.
List of these suppliers:
For sending emails, storing customer data, AI processing, analyzing data, and accounting we use services from:
- Microsoft Ireland Operations Ltd.
- Google, Inc.
- ECS economic services, s.r.o, Czech Republic
- Hubspot Limited, Ireland
- Adelante, s.r.o Slovakia
- Solitea a.s. Bratislava, Slovakia
- LinkedIn Ireland
Your personal data is also passed on to job vacancies for the purpose of contacting you with a possible job offer. The scope of these entities is not closed in advance due to the principles of the Application. These entities are contractually obliged by the company to handle personal data in accordance with the data protection principles set out in the GDPR and other legislation.
How long do we retain your personal data?
We retain your data which we process as the Controller for 10 years or for as long as you have your User Account with us, and then for another 10 years. We retain them for this period in order to be able to respond correctly in the event of any possible litigation or to document financial or tax-significant activities.
If we have certain data based on your consent, you may withdraw your consent at any time and then we must erase such data, or no longer use them for the purpose for which we had the consent.
In addition, the retention of certain documents containing personal data is required by law. For example, we have to retain invoices for 10 years. We retain accounting documents for 5 years.
What rights do you have in relation to your personal data?
The right to request access to your personal data – i.e., you may ask us what personal data we record about you and what have happened, is happening and will happen to them during the time they are in our possession.
Right to rectification – if your personal data about us are no longer up to date or they are incorrect, you may request us to rectify them.
The right to object – If you believe that we are processing personal data beyond our legitimate interest, you may object to such processing which we are obliged to tackle.
The right to erasure (the so-called right to “be forgotten”) – i.e., upon your request we are obliged to erase all the personal data that we record about you, for example, if you no longer wish to be registered with us. However, there may be another reason that entitles or obliges us to retain the data (such as an obligation under the Accounting Act, etc.), in which case we cannot erase it.
The right to restriction of processing – in some cases we may retain personal data, but we may not handle them in any way; this concerns the following situations:
- if you contest the accuracy of the data and we need to verify your notification;
- if personal data are processed unlawfully but you do not wish us to erase them and instead of erasing you only request the restriction of processing if we no longer need the personal data, but you request us to retain them in order to exercise your legal claim;
- if you object to processing pending the verification of whether the legitimate grounds entitle us to process the personal data further on or not.
The right to data portability – if you request us to do so we shall provide you with your personal data which we process on the basis of the contract we have concluded with you, or your consent, and at the same time, we process them by automated means. If you have your Profile in the Application, such data are available in your Profile at any time and you can download it yourself at any time. This procedure ensures that your data are disclosed only to you or the recipients you designate. If you do not have a Profile in the Application then, after we securely verify your authorization to access the required data, we shall provide you with such data in a commonly used, machine-readable format. Alternatively, we may transmit these data to another controller you determine provided that the controller consents thereto.
The right to lodge a complaint – if you believe that we are in any way violating the rules of personal data processing, you have the right to lodge a complaint with the Office for Personal Data Protection. However, we will be happy if you first contact us, and together, we will resolve your dissatisfaction and any discrepancy there may be.
The data subject has the right to an explanation of how automated processing and profiling are carried out in the application. This right can be exercised by contacting the company.
The data subject has the right to an explanation of how automated processing and profiling are carried out in the Application. This right can be exercised by contacting the company.
As ensuring the security of the entrusted data is absolutely essential for us, please note that a prerequisite for meeting the requirements arising from your above-mentioned rights, in particular those that lead to changes in data or transfer of data outside the Application, is secure verification of the applicant’s identity.
Do you have any questions?
The general supervisory authority for the processing of personal data in the Slovak Republic, EU is:
The Office for Personal Data Protection
820 07 Bratislava 27