Data protection
Data protection
PERSONAL DATA PROTECTION IN THE RECRUITMENT PROCESS IN THE INSTITUTE ŁUKASIEWICZ RESEARCH NETWORK – PORT POLISH CENTRE FOR TECHNOLOGY DEVELOPMENT
1. Who is your personal data’s controller?
Your personal data is controlled by the Network Institute acting under the name of Łukasiewicz Research Network – PORT Polish Centre for Technology Development, ul. Stabłowicka 147, 54-066 Wrocław (hereinafter: the Controller).
2. On which grounds do we process your personal data?
Your personal data is processed on the grounds of:
6 par. 1 letter c – provisions of the binding law, especially the Labour Code and implementing acts,
6 par. 1 letter a of the GDPR – on the grounds of your voluntary consent, in the scope broader than the one specified in provisions and in the scope of future recruitments,
6 par. 1 letter b – processing is necessary to take up actions upon a demand of a person, whom the data concerns, before conclusion of the agreement,
6 par. 1 letter f – the grounds for processing personal data related to the defence against potential claims constitute the justified interest of the Controller.
3. What is the purpose of data processing?
Data is processed in order to implement the recruitment process and in the case of giving consent – also for the purposes of future recruitments implemented by the Controller. Furthermore, the aim of data processing is to secure the Controller against possible claims of data subjects.
Giving personal data is, in principle, voluntary, however, it may turn out to be necessary to conclude or perform the agreement or in order to keep correspondence.
4. How long shall the personal data be processed?
Personal data collected for the purposes of concluding and performing the agreement shall be processed for the duration of the agreement or until you object processing, the grounds of which constitute our justified interest, unless legal provisions (e.g. concerning archiving, taxes, accounts) oblige us to process such data longer or we shall store them longer in case of potential claims, for the period of limitation specified in legal provisions – depending on which of these periods is longer.
Your personal data shared within contact with us, shall be processed for a period necessary to provide an answer and, possibly, keeping correspondence, and then until the lapse of the period of limitation of possible claims.
5. What personal data is processed?
As the Controller, we process personal data of persons applying for employment, provided by any available channels of recruitment, including, in particular, any personal data transferred to us within application and collected within the recruitment process.
With regard to the recruitment, we can process personal data in the following scope (processing of some data can depend on giving your consent): identification data, telephone and address data, date of birth, data concerning education, professional qualifications and the history of the hitherto employment, data concerning rights, PESEL (Personal Identification Number) or the type and number of a document confirming identity and other personal data transferred to us during the recruitment process.
We can make compilations concerning your information on the grounds of received personal data that constitute our professional profile (in such a case the legal grounds for processing personal data to this end also constitute our justified interest consisting in searching and adjusting recruitment which can match your preferences).
6. How long shall the personal data be processed?
Personal data is stored by the Controller for the duration of the recruitment process or, depending on your additional, voluntary consent, future recruitments or until withdrawal of the consent, whereas, it shall be erased in each case after a lapse of 1 year as of receiving it, unless legal provisions oblige us to store this personal data longer or we shall store it longer in case of potential claims, for a period of limitation thereof stipulated in legal provisions, especially in the labour code or the civil code (in each case the longer period of processing prevails).
7. Who is the recipient of the Personal Data?
Personal data processed by us can be transferred to entities that support us in performance of agreements, sending emails, and in the case of advertising activities – also in marketing campaigns, provide support and operation of ICT tools and systems (e.g. storing data), as well as entities executing shipments, providing ongoing legal services, conducting audits, providing services of handling correspondence, archiving and destroying documents etc., Internet payments’ operators or banks – in the case of conducting financial settlements, entities cooperating with the Administrator within selling services, in the case of monitoring also security companies. Your Personal Data can also be transferred to institutions specified by legal provisions.
8. Data transfer outside the European Economic Area (EEA)
The Controller does not transfer data outside the EEA.
9. What rights are you vested with?
- the right to access personal data;
- the right to demand rectification;
- the right to demand limiting personal data processing;
- the right to demand erasing personal data;
- the right to transfer personal data that is processed in an automated manner, and the processing is conducted on the grounds of a consent or on the grounds of an agreement;
- the right to object personal data processing based on the premise of necessity for purposes resulting from legally justified interests executed by the Controller or a third party, including, in particular, against processing for the purposes of marketing;
- the right to lodge a complaint to the President of the Office for Personal Data Protection;
- the right to withdraw the consent at any time without the impact on the compliance with the law of the processing performed on the grounds of consent given before withdrawal thereof.