Please read the Policy carefully. By accessing or using a Britenet website, a User accepts the terms of this Policy and confirms being familiar with its content.
II. TERMS & DEFINITIONS
Personal Data – as per the GDPR, any information regarding an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
GDPR – Regulation 2016/679 of the European Parliament and of the Council (EU) of 27 April 2016 the on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), in accordance with which Britenet processes Personal Data of Users.
Professional – a job candidate offered by Britenet to its clients.
Services – services provided by Britenet by electronic means through a website.
User – a job candidate, a competition participant, an inquirer, a person making a job referral, a person visiting Britenet websites.
III. PROVISION OF PERSONAL DATA
By providing their Personal Data on www.britenet.com.pl and on other Britenet websites, the User confirms having the necessary authorisations to disclose the personally identifiable information to be used by Britenet as described in this Policy.
Personal Data are provided freely but they are required for any actions to be taken by a User as a data subject before contract conclusion and failure to provide such data will prevent the data controller from taking the requested actions (e.g. to consider a service inquiry or a job application) and will render contract conclusion and performance impossible. Absence of the consent to data processing for marketing of the data controller’s own products or services for the purpose of sending the controller’s direct marketing information by electronic means does not have any negative consequences, while absence of the consent to personal data processing for future recruitment purposes will prevent your job applications from being considered in any future recruitment processes.
IV. DATA CONTROLLER
Britenet Sp. z o.o., ul. Karolkowa 30, 01-207 Warszawa, is the data controller of Users’ Personal Data provided in connection with the use of Britenet websites, and especially with the recruitment processes carried out through such websites, event enrolments, other services available on the website.
V. PERSONAL DATA RECIPIENT
In accordance with the GDPR, a ‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. Your Personal Data are not processed exclusively by Britenet and its staff. We provide our services, which include carrying out recruitment processes, for many of our clients. Your personal data is thus processed by such categories of recipients as:
- banks - with the purpose of remuneration payment ;
- state authorities ( for instance the Social Insurance Institution and Inland Revenue and others authorized on the basis of the law regulation)- with the purpose of performing the responsibility of obligations;
- subjects performing benefits and language courses for the employees and co-employees ;
- subjects performing services of the group insurance of employees and co-employees ;
- subjects performing post services it is the Polish Post Office and courier companies;
- service contractors of our tele- informatic systems( hosting companies , deliverers of IT services);
- subjects performing for us services from the range of legal , personal assistance help , accountancy , taxes or advisory services ;
- units connected with Britenet Ltd it is Britenet Recruitment Ltd, Britenet Professional Services Ltd, Britenet Operations Ltd,
- Britenet Payment Solutions Stock Offering Company , Britenet Experts Ltd ;
- the contracts of Britenet Ltd.
VI. PURPOSES AND LEGAL GROUNDS OF PERSONAL DATA PROCESSING
The controller processes Personal Data for the purpose of:
- Responding to questions submitted by Users through the contact form to their e-mail addresses or phone numbers.
For contacts with Users for the purpose of answering their questions, the legal ground for Personal Data processing is the data processing consent of every User (Article 6(1)(a) of the GDPR).
- Taking actions at the User’s request before contract conclusion (e.g. for the purpose of reviewing a service inquiry or taking part in a recruitment process) – based on Article 6(1)(b) of the GDPR.
- In the case of contract conclusion, for the purpose of performing a contract to which you are a party (e.g. a service contract), and especially for the purpose of complying with accounting, archiving and tax settlements obligations – based on Article 6(1)(b) of the GDPR;
- Additionally, if a contract has been concluded with you, for the purpose of securing and pursuing the controller’s legitimate interests (especially for the purpose of allowing the controller to assert claims arising out of the contract concluded with you) – based on Article 6(1)(f) of the GDPR.
- Your consent granted to the marketing of the controller’s own products or services and for the purpose of future recruitment processes – based on Article 6(1)(a) of the GDPR.
VII. USER RIGHTS (As per Chapter III Articles 15-21 of the GDPR)
Users have the following rights in connection with the processing of their Personal Data by Britenet:
- Right of access to their Personal Data,
- Right of data rectification,
- Right to data erasure (“right to be forgotten”),
- Right to restriction of data processing,
- Right to data portability,
- Right to object to further data processing.
Each of those rights is satisfied based on the User’s request.
Users have a right to withdraw their consent to further processing of their Personal Data for any purpose that requires such consent; however, the withdrawal does not affect the lawfulness of any Personal Data processing done based on the consent before its withdrawal.
Within the access right, the User has a right to acquire copies of the following information:
- Purposes of personal data processing;
- Personal Data categories subject to the processing, e.g. first name, last name, phone number;
- Information about data recipients or recipient categories;
- Information about the rights vested in data subjects;
- Information about the right lodge a complaint with the Data Protection Office;
- Information about the source of data where the data were not acquired directly from the User – identity of the person or company or institution that has provided the Personal Data.
Please be informed that every subsequent copy of your Personal Data entails a reasonable fee arising from the administrative costs. Britenet reviews the requests and responds within a month of receiving the respective request. Britenet reserves the right not to respond to a request or to respond past the above deadline (two months later) if it receives a large number of requests or if the nature of the request is complicated. In both of the above situations, Britenet will inform the User about this with a justification.
VIII. PERSONAL DATA PROCESSING FOR RECRUITMENT PURPOSES
Britenet carries out recruitment processes for its internal needs and for its clients. Given that, please be informed that the User’s data may also be processed by Britenet clients, as stated in the content of the job advertisement, where we note that we are carrying out the recruitment for the client. Please also be informed that if you agree to recruitment processes, your consent will apply both to recruitment for a specific job contained in the job advertisement and to any future recruitment processes. This means that we will store your Personal Data in our database for the purpose of sending you information about job offers matching your profile and professional experience. Users may withdraw their consent to further processing at any time, in accordance with section VI of this Policy, which does not affect the lawfulness of any Personal Data processing done based on the consent before its withdrawal.
The User’s Personal Data may also be processed if the User has been recommended by a referring person. In that case, the referring person enters their details and the details of the recommended person and uploads a résumé under the form with the User’s details. Britenet verifies the résumé of the recommended person received from the referring person to check if it includes a Personal Data processing consent of the recommended person that meets the requirements of the GDPR. If the consent has been included, Britenet has a right to use such data for recruitment purposes.
IX. PERSONAL DATA PROCESSING FOR MARKETING PURPOSES
By sending an inquiry, enrolling on an event organised by Britenet, the User may agree to the processing of their Personal Data for the purpose of being sent marketing information about the products and services offered by Britenet. The consent may be withdrawn at any time, subject to the rules defined in section VI of this Policy.
X. DATA TRANSFER TO THIRD-COUNTRIES
Your Personal Data are transferred to third countries wherever the services provided by Britenet are to be performed in a third country. Personal Data may also be transferred to entities providing tax, legal, audit and settlement advice to Britenet if they run their business in a third country. In any of the above cases, we secure the processing of your Personal Data, in particular by entering into non-disclosure agreements and data processing agreements requiring conformity with the applicable data protection laws of the European Union and Poland and that ensuring the security of the processing of your Personal Data. We do not transfer your data to international organisations. We do not transfer your Personal Data to third countries if such transfer is impossible or prevented under generally applicable laws.
XI. PERSONAL DATA RETENTION PERIOD
The Users’ Personal Data are kept for the following periods:
a) data processed based on consent (Article 6(1)(a) of the GDPR) – until the consent to their processing is withdrawn, unless the controller establishes earlier than that the data are outdated;
b) data processed for the purpose as specified in clause V(2) above – for the time as required to take and carry out actions at your request as the data subject before the conclusion of the contract;
c) data processed for the purpose of concluding a contract with you and for the purpose as specified in clauses V(3) and V(4) above – for the time as required to perform the contract between you and the controller and until any claims and unlawful acts that may arise out of the contract become statute-barred, as well as for the duration required under the applicable laws, for instance tax laws. The controller may keep your personal data longer than for the specified period only if there is another legal ground for the processing of your personal data, as defined in Article 6(1) of the GDPR;
XII. SECURITY RULES
Britenet has implemented appropriate (organisational and technical) safety measures in order to protect your Personal Data from loss, misuse, unlawful processing or modification. Aware of the importance of protecting your Personal Data, we use for example:
- encryption of your data through the HTTPS service using a 2048-bit RSA key during data transmission,
- in specific cases – anonymisation, pseudonymisation and encryption of your Personal Data,
- other hardware, network and system protection measures, such as: firewalls, licensed hardware and network antivirus software, controlled access through a secured VPN and many other IT security solutions,
- electronic and physical access control mechanisms for the buildings and rooms where your Personal Data are processed (e.g. magnetic and electronic keys, safety locks, alarm systems),
- other security measures to protect your Personal Data.
The controller undertakes to protect any information disclosed by Users in accordance with security and confidentiality standards. Access to Personal Data is limited to authorised Britenet employees.
Britenet has a right to provide data to entities authorised under the applicable laws.
XIII. CHANGES TO THE POLICY
The rules laid down in this Policy may change as the legislation in effect is developed or amended. Users shall be informed about any changes to the rules on www.britenet.com.pl/polityka.
Cookies are created when you are using Britenet websites and the systems available through those websites (especially ones that generate inquiries submitted through the contact form). Cookies are small-sized text files kept on the device you are using to browse websites. They are generally used in order to ensure the functioning of websites and other services provided online and in order to improve and develop such websites, which we achieve by reading the content of the cookies.
Britenet collects the information contained in cookies, such as the date of connecting to the website or the IP address of the device from which you connect to the website – such data show us how you use our websites. The information is used for administrative and statistical purposes and for the purpose of improving those websites and making them more comfortable for you to use. Furthermore, such data, if subject to automated processing, may be used to analyse the behaviour of content recipients on those websites (for example how long you stay on the website) or to personalise the website content, especially through provision of online advertisements.
You do not have to accept cookies (you can accept them either by clicking the right button on our websites or through your web browser settings) but then the website may fail to work properly.
XV. CONTACT RELATED TO PERSONAL DATA
Should you have any questions or doubts regarding Personal Data protection, you may send us a message by post to the registered address of Britenet Sp. z o.o. or by e-mail to [email protected].