The current notification aims at informing the persons regarding the circumstances, connected with the personal data protection in the selection process.
Information about “Euro Games Technology” Ltd.:
An administrator of personal data is “Euro Games Technology” Ltd., with UIC 130947038, with registered offices and administrative headquarters: City of Sofia, Pancharevo Region, locality Vranya-Lozen-Triagalnika, 4 “Maritsa” Street, (the “Company”), website: www.egt-bg.com.
Contacts of the Data Protection Officer of “Euro Games Technology” Ltd.:
Desislava Dimitrova, e-mail: firstname.lastname@example.org.
The Company processes the following categories personal data of persons participating in a selection procedure of workers and employees, namely: names, citizenship, education, qualifications, career development and professional experience, data of positive tests, data of driving capacity, references from the Traffic Police, address, telephone and other data, necessary for meeting the requirements of the respective position.
Grounds for processing:
The grounds for personal data processing, described in the previous item are alternative (according to the applied positions, terms of storage etc.):
- Legitimate interest of the Company – in accordance with Art. 6, paragraph 1, letter e) of the General Regulation regarding the Personal Data – Regulation 2016/679;
- Agreement – in accordance with Art. 6, paragraph 1, letter a) of the General Regulation regarding the Personal Data – Regulation 2016/679.
Objectives of the processing:
The objectives of data processing in the selection process are the following:
- In order to find appropriate employment candidates in the Company;
- Expansion and increase of the activity and the capacity of the Company;
- Implementation of selection of workers and employees whom to conclude labour contracts with.
Terms of storage:
The term of data storage, collected during selection procedures is 6 months, unless the person gave his/her consent for a longer period of data storage or a consent for processing for other future positions, but in all cases the period can’t be longer than 3 years.
In case that the data person applies for a job via an online platform, he/she should have in mind the Data Protection Policy of this online platform, respectively the foreseen terms of storage of data in it, which the Company is not responsible for.
Protection and access to the data:
The Company has taken legal, technical and organizational measures for personal data protection of an accidental loss and unregulated access, use, change or disclosure. There are policies and procedures, intended to protect the information from a loss, misuse and unauthorized disclosure. The Company does not transfer the data, processed during selection outside the EU/EEA.
The employees and the management of the Company have access to the data with a view to an implementation of their functions in connection to the performed selection.
Rights of a job candidates:
The Company ensures all the rights to a job candidate, foreseen in the local and the European legislation, namely:
- On demand, he/she has the right to receive all the necessary information concerning the processing of the provided data, including a copy, if it is possible;
- He/she has the right to require from the Company an access to a correction or a deletion of the personal data or a limitation of the personal data processing provided there are prerequisites for that;
- He/she has the right to make an objection against the processing, as well as to submit a complaint to the Commission for Personal Data Protection if the data is unlawfully processed;
- He/she has the right to withdraw his/her consent for processing his/her personal data at any time when the data is provided on the basis of consent;
- As well as he/she has the right to exercise his/her right of a portability.
All the requests, connected with the personal data as: information, access, deletion, withdraw a consent etc., described above shall be made in writing, shall be signed by the person of data and submitted for processing to the Company on the following e-mail: email@example.com. The request should contain the names of the person and in case it is for a specific personal data – it should be specified, also to specify which right he/she exercise. It is possible for the Company to deliver non-mandatory applications for exercising different rights.
It is an obligation of the Company to answer the requests of the persons in 30 days’ term, as performing them if there are grounds for that or enacting a motivated refusal for justified reasons and indicate the right of the persons for subsequent actions to the supervisory authorities.
The requests will be considered excessive because of their repeatability and will be charged (only to cover the expenses for processing), if they refer to static data which is not subject to change in the period of time between the requests.