This Privacy Notice provides a framework of understanding about the personal data that is collected by PROJECT SOLUTIONS SA PROVISION OF WORK AND PROJECT MANAGEMENT SERVICES (hereinafter called the "Data Controller") as required by law, including the provisions of the European Union's General Data Protection Regulation (GDPR).
The Data Controller is:
PROJECT SOLUTIONS SA PROVISION OF WORK AND PROJECT MANAGEMENT SERVICES, 2 - 4 Mesogeion Ave, Athens
The personal data collected will be checked and processed by the Data Controller. In addition, personal data may be processed or shared with subsidiaries (such as MANPOWERGROUP SA Provider of Employment Service) or companies affiliated to the Data Controller.
This Privacy Notice applies to (1) job candidates and recipients of our career services, (2) our associates, who working with indirect employers or on a client project or people to whom we provide outplacement or career transition services, (3) users of the websites and apps listed here (the "Sites"), and (4) representatives of our business partners, clients and suppliers. This Privacy Notice does not apply to our staff who work at out headquarters and not at client facilities.
The Privacy Notice describes the types of personal data or personal information we collect, how we use the information, how we process and protect the information we collect, how long we store it, with whom we share it, to whom we also transmit the rights that data subjects may exercise regarding the use of their personal data. We also describe how you can contact us about our privacy practices and to exercise your rights. Privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements; and you can view specific local terms by visiting our local websites.
- Information We Collect
- How We Use the Information We Collect
- How We Process And Protect Personal Data
- How Long We Store Data We Collect
- Information We Share
- Data Transfers
- Your Rights as a Data Subject
- Notice to California Residents
- Updates to Our Privacy Notice
- How to Contact Us
Information we Collect
We collect personal information about you in various ways, such as through our Sites and social media channels; at our events and through phone and fax; through job applications and in connection with in-person recruitment; and in connection with our interactions with clients and vendors. We may collect part of the personal data depending on the nature of the relationship, including, but not limited to (to the extent permitted by domestic law):
- contact information (such as name, postal address, email address and telephone number);
- username and password when you register on our Sites.
- information you provide about friends or other people you would like us to contact. (The Data Controller considers that the other person has previously agreed to such communication); and
- other information you may provide to us, such as in surveys or
- through the "Contact us" function or by subscribing to our mailing list on our sites
In addition, if you are an associate or job candidate, and you submit a job application or create an account to apply for a position, we may collect the following types of personal data (to the extent permitted under local law):
- employment and education history
- language proficiencies and other work-related skills.
- Social Security number, national identification number or other public identification details;
- date of birth
- bank account details.
- citizenship and work permit ·
- information on the benefits you receive from your work
- tax information.
- information provided in references; and
- information contained in your C.V., information you provide regarding your career interests, and other information about your qualifications for employment.
and with your explicit consent where required by law:
- disabilities and health-related information.
- results of drug tests and criminal record and other background checks.
In addition, we may collect information you provide to us about other people, such as information you give us in relation to your emergency contacts.
How We Use the Information We Collect
The Data Controller collects and uses the data gathered for the following purposes (as permitted under local law):
- providing workforce solutions and connecting people with work;
- creating and managing online accounts;
- processing payments;
- managing our client and vendor relationships;
- where permitted under law and consistent with the Data Controller’s Cookies and Advertising Notice (which refers to this document), to send promotional materials, alerts regarding available positions and other communications;
- where permitted under law, for communicating about, and administering participation in, special events, promotions, programs, offers, surveys, contests and market research;
- responding to inquiries and claims from data subjects;
- operating, evaluating and improving our business (including developing, enhancing, analysing and improving our services; managing our communications; analysing data; and carrying out accounting, auditing and other internal functions);
- protecting against, identifying and seeking to prevent fraud and other unlawful activity, claims and other liabilities; and
- complying with and enforcing applicable legal requirements, relevant market standards, contractual obligations and our policies.
All processing will be carried out based on adequate legal grounds which may fall into a number of categories, including:
- consent or explicit consent from the data subject, where required by applicable law;
- ensuring that we comply with a statutory or contractual requirement, or a requirement necessary to enter into a contract (e.g. processing your personal data to ensure that your wages and taxes are paid correctly);
- it is essential and necessary for the legitimate interest of the Data Controller, (e.g. allowing a user access to a website in order to provide the services offered). Click here to find out more about these interests and when we can process information in this way.
In addition to the activities listed above, if you are an associate or a candidate for a job, and you apply for a position or create an account to apply for a position, as permitted under local law, or if you request to subscribe to the list of recipients of email updates we use the information described in this Privacy Notice for the following purposes:
- to offer you job opportunities and work.
- to provide HR services to you, administration of benefit programs, payroll, performance management and disciplinary actions;.
- to provide you with additional services such as training, career counselling and career transition services.
- to evaluate your eligibility as a candidate and your job qualifications;
- (e) analyse data, eg (i) analysing our data base of job-seekers and associates; (ii) assessing individual performance and capabilities, including scoring on work-related skills; (iii) identifying skill shortages; (iv) using information to match individuals and potential opportunities, and (v) analysing data (trends in recruitment practices).
We may also use the information in other ways for which we provide specific notice at or prior to collection.
The Data Controller may process personal data for certain legitimate business purposes, which include some of all of the following:
- where the process enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our clients, candidates and associates;
- to identify and prevent fraud;
- to enhance security of our network and information systems;
- to better understand how people interact with our websites;
- for direct marketing purposes;
- for postal communications which we think will be of interest to you; and
- to determine the effectiveness of promotional campaigns and advertising.
Every time we process data for these purposes we will be very careful to ensure your rights and to take them into account. You have the right to object to this processing, and if you wish to you can contact the Data Controller using the contact details in “How to contact us.” Please bear in mind that if you exercise your right to object, this may affect our ability to carry out and deliver services to you for your benefit.
How We Process and Protect Personal Information
We process the personal data we collect, even by automated means, for the purposes defined above and for a specific period of time, which complies with our internal data retention policy, in order to ensure that the personal data are not kept longer than necessary.
We maintain administrative, technical and physical safeguards designed to protect the personal data you provide from accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use. In order to ensure adequate security and confidentiality of the personal data, we apply the following security measures as appropriate:
- Encryption of data in transit
- Strong user authentication controls
- Hardened network infrastructure
- Network monitoring solutions.
How Long We Store Data We Collect
We store in our systems the personal data we collect in a way that allows the identification of the data subjects for no longer than it is necessary in light of the purposes for which the data was collected, or for which that data is further processed.
We determine that particular period of time taking the following into account:
- The necessity to retain the personal data collected, in order to offer services established with the user
- The legitimate interest of the Data Controller, as described in the purposes; and.
- The existence of specific legal obligations that make the processing and related storage necessary for specific period of times.
Specifically, for subscribing to the list of recipients of email updates, your personal information will be retained until you are removed from the list through the special link that will be included in any communication with you or in the way described in this policy in the " How to Contact Us” section.
Information We Share
We do not disclose personal data that we collect about you, except as described in this Privacy Notice or in separate notices provided in connection with particular activities. We may share personal data with vendors who perform services on our behalf based on our instructions. We do not authorise these vendors to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements. We also may share your personal data (i) with our subsidiaries and affiliates; (ii) if you are a job candidate, with clients who may have job opportunities available or interest in placing our job candidates; and (iii) with third parties with whom we work, such as job placement consultants and subcontractors, to find you a job.
In addition, we may disclose personal data about you (i) if we are required to do so by law or legal process; (ii) to law enforcement authorities or other government officials based on a lawful disclosure request; and (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity. We also reserve the right to transfer personal data we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganisation, dissolution or liquidation)..
We also may transfer the personal data we collect about you to countries outside of the country in which the information originally was collected. Those countries may not have the same data protection laws as the country in which you initially provided the personal data. When we transfer your information to other countries, we will protect that data as described in this Privacy Notice and such transfers will be in compliance with applicable law.
The countries to which we may transfer the personal data we collect about you may be:
- Within the European Union
- Outside the European Union
When we transfer personal data from within the European Union to countries or international organisations that are based outside the European Union the transfer takes place on the basis of:-
- An adequacy decision by the European Commission
- In the absence of an adequacy decision, other legally permitted grounds: (a) a legally binding and enforceable instrument between public authorities or bodies; (b) binding corporate rules; or (c) standard data protection clauses (formerly called the Model Clauses) promulgated by the Commission etc.
Your Rights as a Data Subject
The data subject may, under Articles 15 to 22 of the GDRP, exercise the following special rights:
- Right of access: A data subject may access his or her personal data in order to verify that his or her personal data is processed in accordance with law.
- Right to rectification: A data subject may request the rectification of any inaccurate or incomplete data held about him or her, in order to protect the accuracy of such information and to adapt it to the data processing.
- Right to erasure: A data subject may request that the Data Controller erases information about him or her and to no longer process that data
- Right to restriction of processing: A data subject may request that the Data Controller restricts the processing of his or her data.
- Right to data portability: A data subject may request data portability, meaning that the data subject can receive the originally provided personal data in a structured and commonly used format or that the data subject can request the transfer of the data to another data controller.
- Right to object: A data subject who provides a Data Controller with personal data may object, at any time, to the data processing on a number of grounds as set out under GDPR without needing to justify his or her decision.
- Right not to be subject of automated individual decision-making: A data subject may request not to be subject to a decision based solely on automated processing, including profiling, if such profiling produces a legal effect concerning the data subject or similarly significantly affects him or her..
- Right to lodge a complaint with a supervisory authority: Every data subject has the right to lodge a complaint with an applicable supervisory authority; in particular in the EU Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes GDPR.
Whenever data processing is based on consent as described in Article 7 of the GDPR, the data subject may withdraw his or her consent at any time.
If you require more information about the processing of your personal data, please refer to the How to Contact Us section.
Notice To California Residents
Subject to certain limitations, California residents may ask us to provide them with (i) a list of certain categories of personal information that we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, and (ii) the identity of those third parties. To make this request, California residents may contact us as specified in the "How to Contact Us" section.
Updates to Our Privacy Notice
This Privacy Notice (including any addenda) may be updated periodically to reflect changes in our privacy practices and legal updates. For significant changes, we will notify you by posting a prominent notice on our Sites indicating at the top of each notice when it was most recently updated.
How To Contact Us
If you have any questions or comments about this Privacy Notice, or if you would like to exercise your rights, please contact the Data Controller:
PROJECT SOLUTIONS AE PROVISION OF WORK AND PROJECT MANAGEMENT SERVICES
128 Alexandras Avenue, 11471, Athens
Data Protection Officer: email@example.com