Candidate Privacy Policy
Candidate Privacy Policy
Privacy Policy of Candidate Personal Data
This Privacy Policy of Candidate Personal Data (hereinafter referred to as “Policy”) applies to UAB “Nordcurrent Group” (registered at Savanoriu ave. 61, Vilnius, Lithuania, legal entity code 126030119) (hereinafter referred to as the “Company” or “we”) and a natural person who has applied for the vacancy announced by the Company (the “Candidate” or “you”).
The purpose of the Policy is to inform the Candidate about the processing of the Candidate’s personal data by the Company (including but not limited to inform about the legal basis and purpose for personal data processing) according to the Article 13 and 14 of Regulation (EU) 2016/679 (the “General Data Protection Regulation”), and to inform the Candidate of their rights in relation to data processing
Data Controller
The Company informs that with regard to the processing of the Candidate’s personal data conducted by the Company, the Company is considered the Data controller of personal data within the meaning of the General Data Protection Regulation.
Personal Data We Collect
We may collect and process the following types of personal data about you:
- Identification Data: Name, surname, middle name, date of birth, gender, nationality, photograph and copies of passports, residence permits and or visas.
- Contact Data: Address, email address, and phone number.
- Professional Data: CV, cover letter, employment history, educational background, qualifications, skills, references, and any other information you provide as part of your application.
- Assessment Data: Results of interviews, tests, and assessments.
- Video recording: Video surveillance is performed at the Company’s premises and as a result of that video recordings are made.
How We Collect Your Data
We collect your personal data through:
- Our online application system in the website’s careers page.
- Email, phone, or mail correspondence.
- Third-party recruitment agencies.
- Professional networking sites (e.g., LinkedIn) where you have made your profile publicly accessible.
Purpose and Legal Basis for Processing
We process your personal data for the following purposes and on the following legal bases:
- Recruitment Process: To assess your skills, qualifications, and suitability for the role (Legal basis: Contractual necessity and legitimate interests).
- Communication: To contact you regarding your application (Legal basis: Legitimate interests).
- Compliance: To comply with legal and regulatory requirements (Legal basis: Legal obligation).
- Video Recording: Company’s legitimate interests – physical security management, event investigation (Legal basis: Legitimate interests).
- Future Opportunities: With your consent, to inform you of future job openings (Legal basis: Consent).
Data Sharing
We may share your personal data with:
- Internal Personnel: Employees involved in the recruitment process.
- Third-party Service Providers: Providers of recruitment services.
- Legal and Regulatory Authorities: Where required by law or regulation.
We ensure that third parties who process your data on our behalf comply with GDPR and provide adequate safeguards to protect your personal data.
Data Retention
We retain your personal data:
- For the duration of the recruitment process.
- If your application is unsuccessful, for up to 12 months after the recruitment process, unless you consent to a longer retention period for future opportunities.
If your application is successful, your data will be transferred to your employee file and retained in accordance with our Employee Privacy Policy.
Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include encryption, access controls, and secure storage systems.
In the event of a Candidate’s personal data security incident, if it poses the highest possible risk to the Candidate’s rights and freedoms, the Company will immediately notify the Candidate, if possible.
Your Rights
The regulatory framework in the field of data protection gives you several rights to influence the processing of the Candidate’s personal data. In order to exercise this right, the Candidate must:
- Submit a written application to the Company in person, presenting an identity document (passport or identity card (ID card)) to the Company or;
- Send an application signed with a secure electronic signature to info@nordcurrent.com.
Under GDPR, you have the following rights regarding your personal data:
- Access: The right to request access to your personal data.
- Rectification: The right to request correction of inaccurate or incomplete data.
- Erasure: The right to request deletion of your personal data, subject to certain conditions.
- Restriction: The right to request restriction of processing.
- Data Portability: The right to request transfer of your data to another party.
- Objection: The right to object to the processing of your data. The candidate has the right to withdraw his or her consent to the processing of his or her personal data if the basis for the processing of personal data is consent.
- Filing a Complaint: The right to file a complaint with the national data protection authority (State Data Protection Inspectorate (https://vdai.lrv.lt/en/).
Changes to This Policy
We may update this Policy from time to time. We will notify you of any significant changes by posting the new Policy on our website or by other appropriate means.
Contact Us
If you have any questions or concerns about this Policy or our data processing practices, please contact us at: info@nordcurrent.com.