1. General Legal Notice
The Data Controller processes the personal data of job applicants over the age of 18 who have consented to this processing and have provided the Data Controller with their personal data as specified in this notice.
The Data Controller informs you that personal data will be processed based on your consent. You can withdraw your consent to the processing of data at any time by sending a request to the Data Controller, however withdrawal does not affect the legality of the data processing prior to the withdrawal.
The Data Controller does not process any special data, so we ask applicants not to provide any special data.
The Data Controller publishes job advertisements on the website https://www.shiwaforce.com/karrier or https://www.profession.hu. If a job applicant wishes to apply for a job advertisement of the Data Controller on the website, the website https://www.profession.hu will automatically redirect the job applicant to the website of the Data Controller, https://www.shiwaforce.com/karrier/ (hereinafter referred to as the “Website”).
On the basis of the above, the applicant may apply for jobs advertised by the Data Controller via the website.
To apply for each job advertised, candidates are required to complete the following steps:
- complete the form provided by the Data Controller,
- upload the CV,
- – if the applicant does not require human intervention – to complete a test provided by the Data Controller; and
(hereinafter collectively referred to as “the application”)
- send the application to the Data Controller by clicking on the “Apply” button.
Based on the express, voluntary consent of the job applicant, the Data Controller will build a database of individual job applicants as set out herein.
The Data Controller asks applicants for each job to provide the Data Controller only with data relevant to the advertised job. The Data Controller shall process personal data only in connection with the application for, the assessment of and the notification to the data subject of the vacancies advertised by the Data Controller.
The Data Controller shall irretrievably delete any job application submitted on the website where the applicant is under 18 years of age or where the application contains special data, within 2 working days of receipt of the application at the latest, with the inclusion of a record containing no personal data.
If a job applicant without a vacancy advertised by the Data Controller sends a CV to the email address firstname.lastname@example.org provided by the Data Controller, the Data Controller will contact the job applicant without delay and obtain the job applicant’s consent for the purpose of recording his/her personal data in the database.
2. Name of the controller
- Name: ShiwaForce.com Zártkörűen Működő Részvénytársaság
- Principal office: 1123 Budapest, Alkotás utca 17-19.
- Phone number: 06-1-392-4000
- Company registration number: 01-10-046943
- Tax number: 23136063-2-43
- E- mail address: email@example.com
3. Legal basis for processing
The processing of data by ShiwaForce.com Private Limited Company, including the application for a specific job and inclusion in the database, is based on the voluntary, express, written consent of the applicant for the job in compliance with Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (Info tv.) and the EU Regulation No. 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (GDPR), Article 6 (1).
4. Purpose of processing:
The purpose of the processing of data arising from the application for specific jobs is the evaluation by ShiwaForce.com Private Limited Company of the applications submitted by candidates for the jobs advertised by ShiwaForce.com Private Limited Company and the notices of candidates, applicants after the evaluation of their application.
The purpose of the data processing related to the database is to build a database in which applicants for advertised jobs are included on the basis of their consent in order to obtain information of the jobs advertised by the Data Controller, and thus the applicant for a job does not have to keep track of the website of the Data Controller if he/she wishes to work for the Data Controller. If the job applicant consents to this processing, the Data Controller will send an email message to the email address provided by the job applicant about each job advertisement, specifying the conditions of the vacancy.
5. Scope of personal data:
The Data Controller limits the scope of the personal data processed to the following personal data necessary for the assessment of applications submitted for the job advertised by the Data Controller and for giving notice to individual applicants and candidates following the assessment of the applications, which personal data are also recorded in its database, subject to consent:
- the following personal data processed on the form: full name, email address, telephone number, date and place of birth, work experience, major projects, salary requirements (gross), job portal visited, date of job search, place where you became aware of the job advertisement,
- personal data provided in your CV, and
- the personal data provided in a test systematically administered by the Data Controller, which are positive or negative characteristics of the data subject.
On the basis of the test to be filled in by the job applicants, the Data Controller will carry out profiling, subject to the express consent of the job applicant. In the course of profiling, the Data Controller measures the job applicants’ tolerance of monotony, conflict management and professional skills and competence by means of the following three groups of tests in order to know the job applicant better by evaluating and analysing the answers to the questions and to decide, on the basis of all this information, whether the job applicant is suitable for the job.
The Data Controller requests the applicants to take three different tests based on the vacancies to be filled:
- affinity test,
- conflict management test,
- monotony test
During the monotony test, the Data Controller measures the tolerance to monotony by analysing the questions listed below:
In jobs requiring strong administrative skills, the ability of the candidate to concentrate on the same activity.
The test used by the Data Controller for the Project Manager, Product Owner and Back Office positions measures the applicant’s ability to manage conflicts and a professional affinity section, which the Data Controller uses to measure the applicant’s professional competence (affinity test and conflict management test).
In the affinity test, the Data Controller measures the following by analysing the questions listed below:
The candidate’s professional affinity in the general IT field and in a specific field: e.g. project management, finance.
With the conflict management test, the Data Controller measures the following:
Jobs requiring customer service and leadership skills and general conflict management skills of the candidate.
For the Account Manager position, the test used by the Data Controller includes measures of conflict management, professional affinity and tolerance of monotony (affinity test, conflict management test and monotony test). For this position, the Data Controller asks questions from each of the three groups of tests above.
The applicant has the right to request help in the course of doing the tests. In case of such a request, the Data Controller will ask the job applicant to indicate this by sending an email to firstname.lastname@example.org. The job applicant may also object by sending an email to the above email address.
The job applicant may object to the decision of the Data Controller by sending an email to email@example.com and may express his/her views by sending an email to this email address.
If the job applicant encounters a problems during the completion of the text, he/she may send an email to firstname.lastname@example.org. In this case, the job applicant is not required to submit the test, as the answers to the questions already filled in will not be accessible to the Data Controller and will not be stored.
If the candidate has not requested help to complete the test, the Data Controller will analyse the candidates’ answers to each test and if the test is successful, the Data Controller will contact the candidate by telephone to arrange a personal interview.
The test is considered successful if the candidate’s score on the tests is more than 55% and the answers to the open questions are judged by the professional supervisor to be sufficient to fill the post. The Data Controller may, at his /her own discretion, consider a score below this threshold to be a pass mark in the case of a particularly good answer to the open question.
Based on the above, the tests are scored automatically, but decision whether the test has been successful is based on human judgement.
The Data Controller shall use appropriate mathematical and statistical procedures for profiling, shall have implemented technical and organisational measures to ensure, in particular, the correction of factors which may lead to inaccuracies and to minimise the possibility of mistakes, and shall protect the personal data in a manner which takes into account factors which may potentially jeopardise the interests and rights of the applicant for the job.
If the applicant does not complete the tests and does not require help, his/her application will not be considered for filling a position, and the personal data provided will be irretrievably deleted within one working day, including any and all personal data.
The personal data specified above need to be provided by the applicant for the evaluation of applications, and the absence of any personal data will preclude the successful evaluation of the application.
The collection of personal data does not include the collection and processing of so-called special data. The collection and processing of personal data is only carried out with the consent of the data subjects, by means of voluntary provision of data.
The Data Controller processes the personal data processed solely for the purposes of evaluating applications for the vacancy and, following the evaluation, to the extent necessary for giving notice to the applicants and candidates, and, if their consent has been obtained, to the extent necessary for the purposes of recording in the database.
6. Data processing, data transfer
The Controller does not use a data processor to process personal data. The personal data will not be transferred to third parties.
7. Duration of processing:
The Data Controller shall, if the data subject has consented to giving his/her personal data and the data subject has not withdrawn his or her consent to the processing of personal data earlier, store the personal data provided by the job applicant for one (1) year from the date of such data has been provided, unless the job applicant withdraws his/her consent earlier. The job applicant may also withdraw his/her consent at any time by sending an email to email@example.com.
8. Storage of data:
The collected data are stored electronically on the servers of the Data Controller (Budapest Internet Exchange, 1132 Budapest, Victor Hugo utca 18-22.). Only employees belonging to the HR team of the Data Controller have access to the data.
The data management complies with the data security requirements, it was designed and implemented by the Data Controller with the protection of the data subject’s privacy in mind, in accordance with the technical and organizational measures defined in its internal data protection policies.
The Data Controller uses the appropriate IT, technical and personnel measures to protect the personal data it manages, among other things, against unauthorized access or unauthorized changes.
9. Rights of data subjects, legal remedies
In the case of processing of personal data by the Data Controller, the data subject has a number of rights and may exercise them at any time. These rights are listed below, together with a description of what each right means for you. You can exercise your rights by sending a request to one of the contact details of ShiwaForce.com Private Limited Company set out in point 2.
Right of access and rectification of personal data
You have the right to access, correct or update your personal data at any time. We understand the importance of this, so if you wish to exercise these rights, you should contact us using one of the contact details set out in Section 2.
In the event of a request for information on data processing, the Data Controller shall provide the information in writing in an intelligible form within the shortest possible time from the date of the request, but not later than one (1) month, at the request of the data subject, unless otherwise provided by law.
Right to withdraw
The data subject has the right to withdraw its consent at any time by sending a request to the Data Controller set out in Section 2. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Right to data portability
Your personal data is portable. This means that they can be moved, copied and transmitted electronically. However, you only have this right if
- a) the processing is carried out with your consent;
(b) the processing is carried out for the purpose of entering into a contract;
(c) the processing is carried out by automated means.
If you wish to exercise your right to data portability, please contact us via one of the contact details set out in Section 2.
Right to erasure of personal data
You have the right to request the erasure of your data if.
- a) your personal data is no longer necessary for the purpose(s) for which it was collected; or
- b) you withdraw your consent to the processing of the personal data and there is no other legal basis for the processing; or
- c) you object to the processing of your personal data;
- d) the processing of personal data is not lawful; or
(e) the erasure of your personal data is justified on grounds of compliance with the law.
If you wish to delete any personal data we store about you, please contact us via one of the contact details set out in Section 2 and we will take all reasonable steps to comply with your request in compliance with the legal requirements.
If the personal data collected is no longer necessary for any purpose and we are not required by law to retain it, we will delete or destroy it so that it can no longer be identified, after the date specified in this policy.
Right to restrict processing
You may restrict the processing of your personal data if.
- a) you believe that personal data stored about you is inaccurate; or
- b) the personal data are not being processed lawfully, but instead of requesting their erasure, you would prefer to restrict their processing; or
(c) your personal data is no longer necessary for the purpose(s) for which it was originally collected, but you need it for the purpose of bringing or pursuing a legal claim or defending against a claim; or
(d) you have objected to the processing of your personal data and are awaiting confirmation as to whether your interests in objecting override the legal basis for the processing.
If you wish to restrict the processing of your personal data, please contact us via one of the contact details set out in Section 2 and we will take all reasonable steps to comply with your request in accordance with the legal requirements.
The right to protest
You can object to the processing of your personal data at any time. If you wish to do so, you should contact us using one of the contact details set out in section 2.
Right to lodge a complaint with the court of the supervisory authority
In the event of refusal to exercise any of these rights, or if the data subject is not satisfied with the response of the Data Controller, he or she may exercise his or her right to the protection of his or her personal data before a civil court, and may also contact the Nemzeti Adatvédelmi és Információszabadság Hatóság (National Authority for Data Protection and Freedom of Information, address: 1055 Budapest, Falk Miksa utca 9-11; postal address: 1363 Budapest, Pf.: 9.; telephone number: +36 (1) 391-1400; email address: firstname.lastname@example.org ).
Date: December 6. , 2022.