The purpose of this Data Processing Information is to inform the visitors of tricise.com, as well as the employees that use the services offered by Tricise, the applicants for job announcements, expert tasks and marketing events (data subjects) about the practice that is used concerning the controlling of personal data, the related organisational and technical steps that have been taken, and the related rights of the visitors and the possibilities available for enforcing these rights.
In view of the fact that the purpose of the specific data processing activities that are defined in this information document, and the method of data processing jointly determined by the Data Controllers, (Tricise S.L) according to REGULATION 2016/679 of the EUROPEAN PARLIAMENT AND COUNCIL (EU).
1. Our companies manage personal data by observing the following principles:
The management of the data subjects is lawful exclusively if at least one of the following conditions is met
- the data subject has given his consent to the management of his data for one or more specific purposes;
- controlling the data is needed for performing a contract in which the data subject is one of the parties or it is needed for performing certain steps upon the request of the data subject prior to the signing the contract;
- managing the data is needed for performing a legal obligation that refers to the data controller;
- managing the data is needed for the protection of the vital interests of either the data subject or another natural person;
- processing the data is needed for enforcing the legitimate interests of the data controller or a third person, except if those interests or essential rights and freedoms of the data subject enjoy priority compared to these interests, which make the protection of the personal data necessary;
The data processing has to meet the purpose of data processing in each of its phases. The recording, storing and further controlling of personal data have to be fair and lawful.
Capturing personal data may be done only for a clearly defined purpose. Only those personal data may be captured, which are indispensable, essential for achieving the purpose of data processing. These personal data may not be processed by the Data Controllers for any other incompatible purpose.
The personal data may be controlled with appropriate security up to the extent and period needed for achieving its purpose, in such a manner that excludes unauthorised persons having access to them.
The accuracy, the completeness and the timeliness of the personal data have to be ensured in the course of data processing, jointly with allowing the identification of the involved person only for the period that is necessary for the purpose of data
2. Data of the Data controllers
- Corporate name: TRICISE, S.L.
- CIF: ESB40656654
- Registered office: Musician Albéniz, 8 – 46010 – Valencia, SPAIN
- Phone: +34686486338
- Email: email@example.com
3. The legal basis of data processing
Based on Section 6 a) of REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL (EU), the data subject gives his consent for the management of his personal data for the purpose of one or more specific purposes defined below. Processing the data may be implemented on the basis of Sections 6 b), c), d) and f) of REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL (EU) (“GDPR”) AS WELL.
4. The data subjects of data processing
Persons contacted for establishing a future employment or other contractual relationship appearing at the Data Controllers – participation in a selection process or a marketing event.
5. The purpose of data processing
Facilitating engagement for expert tasks and implementation of the selection process:
- To facilitate the engagement of experts (future or contracted employees or subcontractors, contracted partners)
- for picking up and keeping contact with the involved parties
- for conducting the selection procedure,
- for the purpose of establishing and sustaining a contractual legal relationship
- for education and offering personalized training modules
in the following manner
- the data subject applies for the tasks, projects that are announced on the website of the companies or on other advertising interfaces or based on internal recommendation or
- by making available his personal data to a third person through its own website or other websites, or through community networks (e.g. Linkedin).
In the case of application, concerning the data given by the data subject, the purpose of data processing is to allow the Data Controllers to notify the data subject at the given accessibility points about the task or project opportunities that may be interesting for the data subject and which correspond to his education and professional career, and its legal basis is the consent of the data subject, therefore as a prerequisite of applying for a position, task or project opportunity announcement, the applicant data subject has to give his prior, voluntary consent to the processing of his personal data.
Organising marketing events:
Organising professional and other events for partners, prospective partners and interested people, sending notices in connection with these events, and keeping contact with them.
6. Scope of personal data controlled
Facilitating engagement for expert tasks, and executing the selection process:
Data requested by the data controllers about the data subject for the purpose of selecting the person, who is the most appropriate for the given position/task:
Name (forename and surname), address, phone number, e-mail address, name of current workplace, period of professional experience, list of professional skills, in case the handed over curriculum vita is uploaded, the data given in the CV, and in the case of registration through community networks (e.g. Linkedin ID), employment sector classification.
The Data Controllers, in the interest of the future employment of the data subject, forwards the personal data (his curriculum vita) as a part of his application, based on the voluntary consent included in the application to the partners, initiators that have a contractual legal relationship with the Data Controllers, as the future customer, after having examined the possibility of employing the data subject for the positions/tasks given by the customer and provided according to their judgement the data subject, based on the expectations of the customer may be eligible for taking the position/carrying out the tasks.
Organising marketing events:
Data given by the data subject:
Name (forename and surname), name of employer, position, address, phone number, email address, in the case of registration through a community network the related identifiers (e.g. Linkedin ID).
7. Data forwarding
Data Processors forward the personal data processed to the customers/contractual partners classified as data controllers, who have a data processing contractual legal relationship with them or classified as joint data controllers together with them, and to the members of the data controller company group (Tricise S.L.).
8. Duration of data processing
In the lack of any other legislative obligation, the Data Processors retain and process the personal data for three (3) years. This period may be extended exclusively with the consent of the data subject. The purpose of retaining the data is to allow the Data Controllers to notify the data subject also in the future, in the interest of the data subject, about the job opportunities, expert tasks, projects and marketing events that correspond to his experiences, education.
The data subject is liable for the correctness of the data given. The data subject may request from the Data Controllers the correction of its personal data at any time, in case they are changed. Data Controllers shall correct the untrue data upon the request of the beneficiary, and they shall delete the wrong data. The request for correction has to be indicated at any of the above-given accessibility points of the Data Controllers.
9. Rights of the data subjects
The data subject may ask to be informed about the processing of his personal data, he may request the correction, blocking or deleting of his personal data at the access points of Data Controllers given below.
Upon the request of the data subject, Data Controllers shall provide information on the data that are processed by them, about their sources, the purpose of data processing, its legal basis, its duration, and the circumstances of any data protection incidents if they occur, as well as their impacts and the measures that were introduced for preventing the incident, moreover – in case the personal data of the data subject are forwarded – the legal basis of data forwarding and its addressee.
Data Controllers – if they have a data protection officer, through the data protection officer – for the purpose of checking the measures that are connected to data protection incidents, and for informing the data subject, do record a register, which register has to contain the scope of the personal data of the data subject, the range and number of those, who are involved in the data protection incident, the time of the data protection incident, its circumstances, its impact and the measures that were introduced for preventing it, and the other data that are defined in the legislation that stipulated the processing of the data. The Data Controllers have to report any data protection incident that involves the personal data they control to the competent data protection authority within 72 hours after learning about it.
Data Controllers shall react to requests concerning the providing of information concerning the data without any unjustified delay after receiving them but in each case at the latest within 25 days.
If the data subject has any concerns concerning the controlling of his data, first he should contact the Data Controllers (firstname.lastname@example.org) in order to have his concern settled the soonest. If this would not be successful, he may ask the Spanish Data Protection Authority (AEPD, Agencia Española de Protección de Datos, C/ Jorge Juan, 6 28001-Madrid, contact) to investigate the case and he may also turn to the court, because of unlawful data processing. The detailed legal provisions concerning this and the obligations of the data controller are included in REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND COUNCIL (EU), and Act CXII of the year 2011 on information self-determination and freedom of information, as supplementary legislation.
10. Underage people
Data Controllers do not recommend using the services for underaged people, of the age that is less than eighteen (18) years, and they do not capture information consciously about persons of this kind.
11. Data security
Data Controllers apply appropriate data protection and technical measures for protecting the personal data of the data subject from incidental data loss and unauthorised access, utilisation, modification and/or publication, and in order to fulfil the effective data protection legislation.
12. Deleting of the personal data
The data subject may initiate at any time the deleting of his personal data controlled by the Data Controllers. The deleting request has to be sent in an email to the email address email@example.com. The Data Controllers shall delete the data requested to be deleted within 5 working days after receiving the deletion request. (In the case of deleting, the data displayed cannot be restored.)
13. Controlling Cookies
Your reading the website www.tricise.com may involve your using cookies or similar technologies for identifying your browser or device accessing the website. A cookie is a small file, that is transmitted to the computer that visits the website, when you visit a website. When you will again visit the given website, thanks to the cookies, the website will be able to recognise the browser of the visitor. The cookies may also store user settings and other information. They use on other platforms – where cookies are not available or may not be used – other technologies as well, the purpose of which is similar to that of the cookies: e.g. the advertising identifier on android mobile devices. You may reset the settings of your browser either to refuse all the cookies or to indicate whenever the system just sends a cookie. However, it is possible that certain website functions or services will not operate properly without cookies.
14. Options for modifying this data processing information document
Data Controllers retain the right to unilaterally modify this Data Processing Information Document by notifying the users of the website in advance. The user of the website by using the service after the effective date of the modification accepts the modified data processing rules.
15. Contact data
If the data subjects or users have any questions or concerns concerning this Data Protection Information document, they should contact the Data Controllers at the firstname.lastname@example.org e-mail address.