Accesa logo dark

Recruitment Privacy Policy

Effective date: 18.11.2024

Welcome to the Accesa Recruitment Privacy Policy. At Accesa ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal data. As part of our dedication to transparency and accountability, we want to clearly explain how we collect, use, share, and protect your information in line with the European General Data Protection Regulation (GDPR) and other EU and local data protection regulations.

We value the trust you place in us, and this notice outlines our approach to managing personal data responsibly.

It covers all aspects of data processing throughout your employment with us, ensuring we handle your information with care and respect.

Who we are

Contact us

We are Accesa, a dynamic tech group comprising Accesa IT Systems and Accesa Consulting, acting as joint controllers. Our mission is to create an environment where our employees and partners thrive and positively impact the community.

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please don't hesitate to reach out to us:

Visiting Address:

Constanta 12, Platinia Office, Cluj-Napoca, Romania

Email: hello@accesa.eu

Website: https://www.accesa.eu

Data Protection Officer (DPO)

Contact: dpo@accesa.eu.

Who This Privacy Policy Covers

This Recruitment Privacy Policy applies to all individuals who interact with us during our recruitment and hiring processes. This includes, but is not limited to, job applicants, candidates, and prospective employees seeking employment opportunities within Accesa or its Group Companies.

Accesa processes your personal data primarily for the purposes of recruitment, evaluation, and assessment of your suitability for positions within our Company or our affiliated Group Companies. We are committed to handling your personal data responsibly and transparently, in accordance with applicable data protection laws.

By submitting your personal information and participating in our recruitment activities, you acknowledge that you have read and understood this policy. It is important that you carefully review this document to understand how we collect, use, and protect your personal data.

If you have any questions or concerns about our practices, or if you wish to exercise your rights under applicable data protection laws, please reach out to us using the contact information provided in this privacy policy.

What Personal Data Do We Collect?

How We Collect Your Data

We collect your personal data through various channels and tools to ensure a streamlined, transparent, and effective recruitment process. This includes both direct and indirect collection methods:

Direct Collection

  • Data You Provide: We collect information directly from you when you apply for a position, participate in professional interactions, or submit documents. This includes details such as your name, contact information, professional background, and any other relevant information or documents you choose to share.

Indirect Collection

  • Publicly Available Sources: We may obtain publicly available information relevant to the recruitment process from professional social media profiles (e.g., LinkedIn), business websites, or public registers. This helps us verify and complement the data you provide.

  • Recruitment Supporting Tools: To enhance our recruitment process, we use third-party tools and integrations to identify and engage with potential candidates. Additionally, our recruitment platform securely processes and manages your data throughout the recruitment stages.

  • Data from Other Third Parties: With your consent, we may gather information from trusted third parties, such as former employers or educational institutions, to verify your references and qualifications.

If you provide personal information about third parties (e.g., referrals), you are responsible for ensuring that you have obtained their consent to share such data with us.

Types of Personal Data We Process

During the recruitment process, we collect and process personal data necessary to evaluate your qualifications and suitability for a position. The specific data we collect may vary depending on the nature of the role and the requirements of our recruitment process.

We are committed to protecting all data in accordance with GDPR and other applicable laws.

The main categories of personal data we may process include:

Identification Information

Name, surname, date of birth, nationality, citizenship, home address, or other identification data included in your CV and/or any recruitment-related forms.

Contact Details

Email address, phone number, correspondence address and other relevant contact information.

Signature and Photo

Signatures and photos included in recruitment-related documents.

Demographic Data

Information such as age and gender, and, if relevant for the position, driving license details.

Data on Professional Experience

Information related to your occupation, previous employment, job titles, and details of key projects or achievements.

Education Data

Professional Certifications

Academic qualifications, attended institutions, diplomas, professional certifications, and training details.

Professional Skills and Competences

Details about language proficiency, technical skills, and competencies relevant to the role.

Remuneration Data

Information on expected salary, bonuses, and benefits, including data relevant to tax compliance.

Communication Records

Records of email correspondences, call logs, meeting minutes, and other communication-related data exchanged during our professional interactions, like text, attachments, documents, images, and any other information shared during our correspondence, including communication with recruitment companies or former employers.

Data Resulting from Video Recordings

Only in limited cases where video recordings are made during online interviews (voice and image), only with your consent.

Candidate Evaluation Data

Notes, interview assessments, and results from pre-employment verifications, gathered by authorised recruitment personnel.

Former Employers' References

Professional information and employment history, obtained with your consent from former employers.

Data on Potential Conflicts of Interest

Information about the existence of kinship or affinity relations with our employees, Management, or Business Partners that could present conflicts of interest.

Regulatory Data

Data related to certifications, licenses, permits, accreditations, and industry-specific qualifications obtained and required for the position you applied for.

Dispute/Complaints Records

Data Subjects’ Requested Records

Information related to any complaints, data subjects’ requests and legal disputes that may arise during the recruitment process.

Audit and Compliance Data

Data collected during audits or assessments related to our recruitment activities to ensure compliance and quality.

IT Usage and Communication Metadata

Information like server logs, timestamps, email delivery logs, IP addresses, and metadata collected to secure our communication channels, network and infrastructure and to respond to security incidents and data breaches.

Other Relevant Data

Any additional personal data voluntarily provided by you during interviews and correspondence to address specific requests or queries.

Sensitive Data

We may process sensitive data only in specific and necessary cases, including:

Health Data: Occupational health information or disability details relevant to job requirements.

Professional Restrictions: Legal restrictions on certain professions.

Disciplinary Actions / Criminal Records: Information on past disciplinary actions and criminal records (if relevant for the role and permitted by law).

Politically Exposed Person Status: Where applicable for specific roles.

Why We Need Your Data

We request personal data from our candidates to fulfil key purposes such as recruitment, competence evaluation, compliance checks, and employment. The consequence of not providing this required data may include limited recruitment opportunities and an impact on our further employment relationship:

  • Non-provision of necessary data may restrict access to specific positions or employment.

  • The absence of critical data may constrain our ability to finalise the recruitment process and initiate an employment relationship.

  • We value data accuracy and reliability, ensuring transparency and ethical standards in our collaborations. We encourage our candidates to provide the required personal data to facilitate effective recruitment assessment and a mutually beneficial employment relationship.

How and Why We Use Your Information?

In this section, we explain the reasons for collecting and processing your personal data during our recruitment process and beyond. We also outline the legal grounds that justify each purpose.

Purpose

Details on the Purpose

Legal Base

Identifying Eligible Candidates

Evaluating candidates’ skills and qualifications to identify suitability for open positions and to fill in existing vacancies.

Steps to enter an employment contract

Legitimate Interest.

Talent Pool Expansion Recruitment Optimisation

Expanding the candidate pool by accessing LinkedIn profiles and contacting potential candidates who are a strong fit for open roles.

Legitimate Interest

Consent

Screening Candidates' Profiles to Improve Candidate Matching

Leveraging specific features and automated processes provided by LinkedIn and other recruitment tools to improve the accuracy of candidate matching with job requirements. This streamlines the recruitment process, reduces time-to-hire, enhances recruitment decision-making, and improves candidates’ overall experience. This is done to support our legitimate interest in optimising recruitment efficiency and achieving better hiring outcomes.

Legitimate Interest

Enhancing Data Accuracy

Synchronising LinkedIn profiles with internal recruitment systems to update and refresh candidate data.

Legitimate Interest

Conducting Job Interviews

Arranging and conducting interviews to assess candidates.

Steps to enter an employment contract

Legitimate Interest

Competence Evaluation

Analysing candidates' professional profiles, including both hard and soft skills, to match qualifications with the job requirements and conducting effective selection.

Steps to enter employment contract.

Legitimate Interest

Verification of Legal Conditions

Ensuring that candidates meet the legal and professional requirements, such as possessing required certifications, permits, and qualifications.

Legal Obligation

Communication and Engagement

Maintaining recruitment-related communication and engaging with candidates via LinkedIn messaging or InMail services to provide updates, interview invites and arrangements, or feedback.

Steps to enter an employment contract

Legitimate Interest

Reconnecting with Alumni Candidates

Reconnecting with former candidates in our database to share updates about our advancements and success stories and inviting them to our conferences, workshops, hackathons, and networking events.

Consent

Legitimate Interest

Obtaining References

Collecting references from former employers to verify professional history and qualifications.

Consent

Responding to Your Inquiries

Addressing any questions, inquiries, or requests you may have regarding the recruitment process.

Steps to enter an employment contract

Legitimate Interest

Employment Documentation

Preparing and managing necessary employment-related documents if an offer is extended.

Steps to enter an employment contract

Maintaining Records and Documentation

Storing and retaining records of the recruitment process for accountability, quality control and legal compliance (physical and/or electronic formats), demonstrating process fairness.

Legal Obligation

Legitimate Interest

Conflict of Interest Assessment

Assessing potential conflicts of interest between the company and candidates, maintaining transparency and ethical conduct.

Legitimate Interest

Maintaining Candidate Database and Pipeline

Building and maintaining a database for future recruitment needs and reconnecting with past candidates.

Consent

Legitimate Interest

Prior Occupational Medicine Procedures

Assessing the health and working capacity of selected candidates.

Legal Obligation

Interview Panels

Multi-Interviewer Assessments

Coordinating and documenting interview processes involving multiple interviewers to ensure a fair, consistent and effective interview process.

Consent

Legitimate Interest

Establishing Remuneration

Determining salary expectations, benefits, and tax-related information.

Steps to enter an employment contract

Dispute Resolution

Facilitating the resolution of disputes, including conducting investigations or engaging in legal proceedings related to the establishment, exercise, or defence of our legal rights or those of our clients.

Legitimate Interest

Complaints Resolution

Handling Data Subjects Requests

Addressing complaints, concerns or requests regarding our recruitment processes and handling data subjects’ rights, including documentation.

Legal Obligation

Legitimate Interest

Fraud Prevention

Incident Investigations

Security Monitoring

Processing data and IT usage logs to prevent fraud and data breaches, ensure security, and investigate incidents, including documentation.

Legal Obligation

Legitimate Interest

Research and Development

Internal Analyses

Recruitment Strategy

Using aggregated data to analyse hiring trends and the effectiveness of recruitment strategies and to improve recruitment practices.

Legitimate Interest

Improving Candidate Experience

Enhancing recruitment efficiency through data transfers for candidate status tracking and process automation, improving the recruitment experience for recruiters and candidates.

Legitimate Interest

Internal Audit

External Audit

Compliance Monitoring

Conducting audits and compliance checks to maintain regulatory adherence and track accountability.

Legal Obligation

Legitimate Interest

Risk Management and Control Activities

Assessing, managing, and mitigating risks related to data security, privacy and regulatory compliance, ensuring sustainable and compliant operations.

Legitimate Interest

Sensitive Data Processing

Only processed when necessary for specific situations or for executive positions as required to demonstrate compliance, establish, defend, and execute our rights in court.

Legal Obligation

Legitimate Interest

Please note that the specific purposes and legal grounds for processing your personal data may vary depending on the context and your engagement with our recruitment process. We consistently adhere to relevant data protection regulations and uphold your privacy rights with the utmost care.

In addition to recruitment, we may use LinkedIn data to support professional networking, market research, competitive analysis, lead generation, brand promotion, and building professional connections. We rely on our Legitimate Interest for these activities, ensuring they align with candidates' expectations and GDPR principles of transparency and data minimisation.

When processing personal data for our legitimate interests, we carefully balance these interests with the rights and freedoms of individuals. We take measures to ensure fair and lawful processing, respecting your privacy rights at all stages.

Using Third-Party Services and Tools

To effectively manage our recruitment processes and enhance efficiency, we use a variety of third-party services and tools. These services help us optimise workflows, expand our talent pool, and securely manage candidate data.

  • Recruitment Management Platforms: We use recruitment platforms and applicant tracking systems to organise and manage candidate information. These platforms enable secure communication, scheduling, and feedback collection, helping us maintain an efficient and structured recruitment process.

  • Professional Networking and Outreach Tools: To identify potential candidates and expand our talent pool, we utilise features and tools available on widely used professional networking platforms like LinkedIn. These tools allow us to access professional profile information, including job titles, skills, and work experience, to proactively engage with candidates who match our job requirements.

  • Cloud Services: We rely on secure cloud platforms to store, manage, and access recruitment data. These services help keep our records organised and accessible while maintaining data integrity and security.

  • Productivity and Collaboration Tools: Our teams use various productivity tools, such as email platforms, document-sharing applications, project management software, and video conferencing solutions. These tools facilitate internal collaboration and effective communication with candidates, regardless of their location.

  • Communication Platforms: We use secure messaging and video conferencing tools to maintain ongoing communication with candidates, including interview scheduling, feedback provision, and follow-up messages.

Why We Use These Tools

  • Support efficient recruitment operations and facilitate effective collaboration within our recruitment teams and with candidates.

  • Expand the Talent Pool and identify and engage with suitable candidates beyond direct applicants through professional networking and outreach tools.

  • Enhance recruitment productivity and streamline processes, automate repetitive tasks, and improve decision-making through AI and integrated systems.

  • Secure data management, ensuring proper organisation and access when needed.

  • Improve candidate experience, providing timely updates and reducing manual tasks, thereby creating a more seamless experience.

In some cases, these tools require sharing certain types of personal data, like your name, contact details, or job role, to ensure the services work properly and securely.

We take great care in selecting third-party providers who meet high standards of data protection and confidentiality. All our providers are required to comply with applicable data protection laws, including GDPR. We only share your data with these third-party providers when it is necessary for our business operations and always under strict data protection agreements to safeguard your privacy.

Automated Decision and Profiling

Automated Decision-Making

In our recruitment processes, we may use AI-powered recruitment solutions and other automated tools to support decision-making. These tools help us streamline workflows, assess candidate qualifications, and enhance efficiency. However, we do not rely solely on automated decisions that produce legal or similarly significant effects on candidates without meaningful human involvement. All key recruitment decisions involve human review to ensure fairness, accuracy, and individual consideration.

Profiling

We use various types of profiling techniques to analyse candidate data and improve recruitment processes. These profiling activities aim to enhance efficiency, security, and candidate experience. Below are the key profiling types we apply:

  • Security Risk Profiling: We analyse technical data, such as access logs, IP addresses, and device information, to identify and mitigate potential security threats. This helps protect our IT systems, tools, and data during the recruitment process, ensuring a safe and secure digital environment.

  • Performance Profiling: We use automated tools, including AI-driven analytics, to assess recruitment performance metrics and feedback. This helps us identify areas for improvement and optimise our recruitment strategies, leading to more efficient hiring processes and better results.

  • Preferences Profiling: We analyse expressed preferences, such as communication choices and survey feedback, to tailor our interactions with candidates. By understanding your preferences, we aim to offer a more personalised and relevant recruitment experience.

  • Soft Skills and Competency Profiling: We may employ profiling techniques and feedback tools to assess candidates’ professional competencies and soft skills. These insights, combined with human review, allow us to better evaluate a candidate’s fit for specific roles. This profiling ensures that we consider both technical and interpersonal attributes during recruitment.

  • Risk Assessment Profiling: To maintain transparency and mitigate risks in our recruitment process, we may profile candidate data to assess business risks, including compliance, financial stability, and reputational concerns. This helps us ensure ethical hiring practices and reduce potential vulnerabilities.

Purpose and Benefits of Profiling

Our profiling activities aim to:

  • Streamline processes and decision-making using data-driven insights and automated tools.

  • Protect systems and data by identifying security threats and managing risks.

  • Tailor communication and feedback based on candidate preferences, creating a better experience.

  • Combine automated analysis with human review to ensure fairness and accuracy in candidate assessments.

Your Rights Regarding Automated Decisions and Profiling

We conduct these activities in compliance with data protection laws and regulations, and we do our best to uphold your rights and ensure that profiling is carried out transparently and fairly. You have the right to object to profiling and automated decisions where appropriate. If you have questions or concerns, or if you wish to exercise your rights, please contact us using the details provided in the “Contact Us” section of this Privacy Policy.

Who Do We Share Your Data With?

To manage our business and fulfil our legal and contractual obligations, we may need to share your personal data with others. We only share your information when necessary and take steps to ensure your data is handled securely and confidentially.

The following are examples of possible categories of recipients of your data:

Group Entities and Affiliates

We may share your data with other entities within our group of companies, including affiliates, to facilitate business operations, ensure consistent service delivery, and support internal processes.

Third-Party Providers

These are companies that help us run our business smoothly. They provide services like technical support, email hosting, cloud storage, productivity tools, communication platforms (such as video conferencing), AI-powered solutions, security and risk management tools, data analysis, and IT support. All our service providers are contractually required to protect your data and use it only for the purposes we specify.

Clients and Business Partners

In some cases, as part of our recruitment process, we may share some of your personal data with our clients and partners as required for specific job opportunities to meet our contractual obligations. This is always done in accordance with data minimization and data protection rules.

Professional Advisors

We work with lawyers, accountants, auditors, consultants and other professionals who may need access to your data to provide their services. They help us comply with legal requirements and offer expert advice, ensuring our business runs effectively and lawfully.

Public Authorities

We may be required to share your data with law enforcement, regulators, or government authorities to comply with legal obligations, conduct investigations, or fulfil reporting requirements.

Business Transfers

If our company undergoes a merger, acquisition, sale, or other significant organizational change, your personal data may be transferred to the new entity or owners as part of the transition.

Other Authorised Recipients

Depending on specific situations and legal requirements, there may be other authorised recipients with whom we need to share your data. We ensure that any such sharing is done in a manner that protects your privacy and complies with relevant laws.

International Data Transfers (outside EEA)

In some cases, we may need to transfer your personal data to countries outside the European Economic Area (EEA) where data protection rules may differ from those in our country. When we do this, we take extra steps to ensure your data remains safe and secure.

We use the following legal transfer mechanisms whenever we transfer your data outside EEA:

  • Adequacy Decisions: If the European Commission has determined that a country outside the EEA provides a level of data protection that is similar to EU standards, we can transfer your data there without needing additional safeguards.

  • EU-US Data Privacy Framework: The European Commission has approved data transfers from the EEA to the United States under the EU-US Data Privacy Framework. If we transfer your personal data to participating U.S. companies under this framework, we do so without the need for additional safeguards, as these companies are committed to protecting your data according to EU standards.

  • Standard Contractual Clauses (SCCs): In situations where there is no adequacy decision, we may use Standard Contractual Clauses and additional safeguards. These are legal agreements approved by the European Commission that ensure your data is protected, even when it is transferred outside the EEA.

If you would like more information about how we handle international data transfers, please feel free to contact us using the details provided in the "Contact Us" section.

How Long Do We Keep Your Data?

We keep your personal data for as long as necessary to manage the recruitment process, comply with legal obligations, and support our business needs. We adjust these retention periods based on the type of data, the purpose of processing, and any applicable legal requirements. Throughout the retention period, we take appropriate steps to protect your personal data, ensuring it remains secure and confidential.

  • In the context of our recruitment process, we typically retain personal data for up to 12 months after the completion of the recruitment process. This retention period allows us to maintain records for audit and compliance purposes and to address any follow-up queries regarding the recruitment process.

  • Where applicable laws or regulations require us to retain data for longer periods, or if requested by authorities, we will extend the retention period accordingly.

  • In cases involving data breaches and security threats, we may retain data for up to 3 years to support investigations, ensure compliance, and prevent future incidents.

  • If there is an ongoing legal action, dispute, or court litigation involving your personal data, we may retain the relevant data for up to 3 years following the resolution of the matter to defend or establish our legal rights.

  • Based on your consent, we may retain your data for up to 5 years to consider you for future recruitment opportunities within Accesa. You can withdraw this consent at any time.

  • If you exercise your rights under the General Data Protection Regulation (GDPR), we will retain the necessary data within our supporting documentation to demonstrate compliance and record the resolution of your request. This includes maintaining evidence of the actions taken to implement your rights. Additionally, if you exercise your right to restrict the processing of your data, we will securely retain the restricted data for the duration of the restriction period.

What Happens When the Retention Period Ends?

Once the retention period is over, we securely delete or anonymise your personal data in compliance with relevant laws and regulations. This process ensures that your data is no longer accessible and is handled in a way that respects your privacy.

How We Keep Your Data Safe?

We employ adequate technical and organisational measures to maintain the integrity and confidentiality of your personal information. These measures are designed to protect your data from unauthorised access, disclosure, loss, alteration, or destruction, in line with legal requirements and industry best practices, as illustrated by the examples below.

Organisational Safeguards

We have policies and procedures that govern data protection across our organisation. These policies are regularly reviewed and updated to ensure their effectiveness and alignment with regulatory requirements. We also have strict guidelines for handling candidate data, whether it is pseudonymised for sharing with our clients or managed internally through recruitment platforms.

Data Encryption

We use advanced encryption protocols to safeguard your personal data, both in transit and at rest. This means that your data remains unreadable and inaccessible to unauthorised parties, providing an extra layer of protection during storage and transmission.

Access Controls

We maintain strict access controls to ensure that only authorised personnel can access your personal data based on their role and responsibilities. Access permissions are regularly reviewed and updated, and our systems are designed with role-based restrictions to prevent unauthorised access.

Data Minimisation

We only collect and use the personal data that is necessary for specific purposes outlined in this Privacy Policy. This means we keep the amount of data we collect to a minimum, which helps protect your privacy.

Privacy from the Start

We integrate privacy principles from the outset of our recruitment processes. This means that every recruitment activity or tool, including our use of AI-driven analytics, is designed with data protection in mind. We employ privacy-enhancing technologies and practices to protect your data throughout its lifecycle.

Employee Training

We provide regular training to ensure our employees and service providers understand the importance of data protection and know how to keep your information secure.

Incident Response

In the unlikely event of a data breach or security incident, we have procedures in place to promptly respond, investigate, and mitigate the impact.

Regular Assessments

We conduct regular assessments and audits of our data protection practices, security measures and third-party tools to identify and address any vulnerabilities or risks related to personal data. This helps us maintain the effectiveness of our security controls and ensure ongoing data protection.

Continuous Improvement

We continually update our security measures to keep pace with technological advancements and emerging threats, ensuring the confidentiality, integrity, and availability of your data.

If you have any concerns about the security of your personal data or if you suspect any unauthorized access or disclosure, please contact us immediately using the contact details provided in the "Contact Us" section.

Your Privacy Rights

We are committed to being transparent about how we handle your personal data and ensuring that you can easily exercise your rights.

Right to Withdraw Your Consent at any Time

When we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.

Right to Be Informed

You have the right to know how your personal data is collected and processed, including the purposes for processing, who is processing it, and how long it will be kept.

Right to Access Your Data

You can find out if we process your data, get details about the processing, and get a copy of your data.

Right to Rectify Your Data

You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Erasure (Right to Be Forgotten)

You have the right to request that we delete your personal data in certain situations, such as when it is no longer needed for the purposes for which it was collected.

Right to Object to Processing

When we process your data based on legitimate interest, you have the right to object to this processing.

Right to Restrict the Processing of Your Data

In certain circumstances, you can request that we restrict the processing of your personal data. When processing is restricted, we will only store your data and not use it for any other purpose except to defend our legal rights.

Right to Portability of Your Data

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have it transferred to another data controller where technically feasible. This right applies when the processing is automated and based on your consent or a contract.

Right Not to Be Subject to Profiling and Automated Decision-Making

You have the right not to be subjected to solely automated decision-making processes, including profiling, that significantly affect you. This means that important decisions, such as those related to your rights, benefits, or legal matters, should not be made solely by automated systems without human intervention. This right safeguards against unfair or discriminatory automated decisions.

Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Romanian Supervisory Authority at https://www.dataprotection.ro/ or directly to the court.

To exercise any of your rights, please contact our Data Protection Officer (DPO) by email at dpo@accesa.eu or by mail to our head office. We will respond to your request as soon as possible and no later than three months from when we receive it.

Limitations or Exceptions Your Rights

While we respect your rights, there may be legal or legitimate reasons why we cannot fulfil some of your requests. For example, if your request conflicts with our legal obligations or affects the rights of others, we will explain why we are unable to comply with your request.

Withdrawing Your Consent

Your consent is required for certain data processing activities outlined in this Privacy Policy. We will inform you when your consent is needed and specify the purposes for which it is being requested. If you have provided consent for specific processing purposes, you have the right to withdraw your consent at any time. Withdrawing consent does not affect the lawfulness of any processing that occurred before the withdrawal. We are committed to respecting your choices and privacy preferences.

  • Maintaining Candidate Databases: If you withdraw consent, we will remove your information from our database. This means you will not be considered for future opportunities unless you reapply.

  • Talent Pool Expansion and Recruitment Optimisation: Withdrawing consent means we cannot proactively access your public profiles or reach out to you about new roles.

  • Reconnecting with Alumni Candidates: Withdrawing consent will stop our alumni communications, including updates, success stories, and event invitations, limiting your involvement in our professional community.

  • Interview Panels / Multi-Interviewer Assessments: Withdrawing consent for interview recordings may require additional meetings, extending the assessment timeline and potentially impacting our ability to make efficient evaluations.

  • Obtaining References: Withdrawing consent may limit our ability to verify your professional background, potentially affecting our assessment of your suitability for specific roles. However, this won’t exclude you from the recruitment process.

If you wish to withdraw your consent for any processing activities, you can contact us at any time at dpo@accesa.eu. Please include your name, business email address, and specify which activities you are withdrawing consent for. Once we receive your request, we will process it promptly and confirm the action taken.

Changes to This Privacy Notice

We may update this Privacy Policy from time to time to reflect changes in our privacy practices or legal obligations. The revised version will be published on our website. We encourage you to check our Privacy Policy periodically for the latest information on our privacy practices.

You can access the history of previous versions of this privacy policy by visiting the"Privacy Policy History" section on our website. This section provides a record of all previous versions, allowing you to review any changes made over time.

Explanation of the Technical Terms Used in this Privacy Notice

To help you better understand the terms we use in this Privacy Notice, here are some definitions of key legal and technical terms. If you have any questions or need further clarification, please feel free to contact us. Your understanding of your rights and our practices is important to us.

Personal Data

Any information about you, such as your name, email, or any other information that can be used to directly or indirectly identify you as an individual.

Data Subject

An individual whose personal data is being processed. This term often refers to you as our candidate.

Data Subject Rights

Your rights under data protection laws, such as your right to access, correct, delete, or restrict the use of your data.

Data Controller

This is our Company, and we are responsible for determining how and why data is processed and we ensure compliance with data protection laws.

Data Processor

This is an external entity that helps us manage your personal data based on our instructions. They do not decide how or why your data is processed but follow our guidelines to ensure it is handled securely and properly.

Data Processing

Any action we take with your personal data, including collecting, storing, organizing, using, sharing, or deleting it.

Data Processed

The specific personal data that we collect, use, or otherwise handle as described in this Privacy Policy.

Purposes

The specific reasons we process your personal data, which are explained in this Privacy Policy or provided to you when obtaining your consent.

Legal Basis

The lawful justification (permission) we have for processing your personal data, ensuring that our actions comply with data protection laws.

Consent

Your voluntary and informed acceptance for us to process your data for specific purposes. You can give this voluntarily and withdraw it at any time.

Opt-In/Opt-Out

Your choice to consent to or decline specific data processing activities, such as consenting to keep your information in our candidate pipeline and database, receiving our latest news and event invitations, or being contacted through professional networking platforms like LinkedIn.

Legitimate Interest

One of the legal bases (permissions) for processing your data that is based on our need to operate effectively and efficiently without infringing on your rights or interests.

Legal Obligation

A legal requirement that enables us to process your personal data to comply with applicable laws, regulations, or legal mandates.

Data Minimisation

The practice of collecting only the data that is strictly necessary for the specified purposes, minimizing the amount of personal data collected and used.

Privacy by Design and Default

An approach that ensures the protection of your personal data is integrated into the design and operation of our recruitment processes and systems from the outset and throughout their entire lifecycle.

Profiling

Automated processing of your data to analyse or predict aspects of your behaviour, preferences, or interests. It helps us personalize your experience, assess risks, or conduct analytics.

Automated Decision-Making

Decisions made solely by machines or automated systems, without human involvement, which may impact your rights and freedoms.

International Data Transfers

Moving or sharing your personal data to various third parties in countries outside the European Economic Area (EEA), which may have different data protection rules. We use safeguards to ensure your data remains protected.

Adequacy Decisions

Official decisions by the European Commission indicating that certain countries outside the EEA provide an adequate level of data protection, allowing for data transfers without additional safeguards.

Standard Contractual Clauses

Legally binding agreements established to ensure data protection when personal data is transferred outside the EEA to entities that may not have equivalent data protection laws.

Cookies

Small files stored on your device that help us improve your web experience, track preferences, and analyse user behaviour.

Retention of Your Data

The period during which we use or keep your personal data, based on legal requirements and business needs.

Data Protection Officer (DPO)

The internally appointed person responsible for overseeing data protection compliance within our organization and acting as a single point of contact for data-related inquiries from Supervisory Authority and data subjects.

Security Measures

Proactive actions and safeguards that we take to protect your data from unauthorised access, disclosure, changes, loss, or destruction.

Access Controls

Mechanisms and policies put in place that limit who can access your personal data, ensuring that only authorised individuals have access.

Data Encryption

A method of converting your data into a coded format to protect it from unauthorised access during transmission and storage.