Strypes and its group companies(Kodar EOOD and UP2 Technology EOOD) hereinafter referred as “We”, are committed to protecting and respecting your personal data. This Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes.

WHAT INFORMATION WE COLLECT FROM YOU

We collect and process some or all of the following types of information from you:

• Information that you provide when you apply for a role. This includes information provided through an online job site, via email, in person at interviews and/or by any other method.
• In particular, we process personal details such as name, email address, address, telephone number, date of birth, educational and employment background, contact information and preferences, job qualifications. You also may provide Strypes with additional information, such as your CV, resume, or transcripts, employment references and related information. In addition, and where this is relevant to your application, we may collect information from third parties who are lawfully entitled to share your information with us, for example, in connection with a background or employment check and/or an employment reference.
• If you contact Us, we may keep a record of that correspondence.
• A record of your progress through any hiring process that we may conduct.
• We may obtain information about you from other sources, to the extent permitted by applicable law, such as through your contact with us and/or other websites on the Internet (subject to such third party’s privacy policies).

HOW WE USE YOUR INFORMATION

The provided information may be used as follows:

• To consider your application in respect of a role for which you have applied.
• To consider your application in respect of other roles.
• To communicate with you in respect of the recruitment process, current and future career or internrship opportunities.
• To find appropriate candidates to fill our job openings.
• We may share your information with third party suppliers in order to organize different trainings, internships and other educational courses.

THE BASIS FOR PROCESSING YOUR INFORMATION

Receiving and processing your personal data, as detailed above, is used in the recruitment and application cycle only, and is based on your consent – Art. 6, p. 1, (a) of General Data Protection Regulation (GDPR) – consent of the data subject for one or more purposes. We rely on your consent, which is freely given by you during the application process.

HOW WE SHARE YOUR INFORMATION

We take care to allow your personal information to be accessed only by those who really need access in order to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. We may share personal information about you with third parties in the following circumstances:

• Vendors, consultants and other service providers: We may share your personal information internally and with service providers, agents and other third parties (for example, recruiters, consultants, training companies).
• We may share your information with our parent companies, subsidiaries and/or affiliate companies. This information will only be shared to the extent necessary in connection with your recruitment and employment as described in this Notice. We may also obtain information about you from our affiliated companies.
• Compliance with laws or any competent law enforcement body, regulatory body, government agency, court or third party: We may disclose information where we believe disclosure is necessary or required (i) by law or regulation, in order to comply with legal process or government requests (including in response to public authorities to meet equal opportunity laws, national security or law enforcement requirements); or (ii) to exercise, establish or defend our legal rights.

WHERE WE STORE YOUR PERSONAL DATA

The data that We collect from you and process is stored and shared only within the EEA. Provided that transfer of your data outside EEA is needed, we will transfer it only if and insofar is legally permitted and/ or have prematurely signed with the entity the data will be shared with all required documents in order to ensure your data and rights are protected.

SECURITY

We treat your personal information as confidential. As ISO 27001 certified, we take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

However, no security procedures or protocols are ever guaranteed to be 100% secure so we encourage you to take care when disclosing personal information online and to use readily available tools, such as Internet firewalls, anti-virus and anti-spyware software, and similar technologies to protect yourself online.

RETENTION PERIOD

We will retain personal information we collect from you where we have an ongoing legitimate business need to do so and/or as long as is needed to fulfill the purposes outlined in this Notice, unless a longer retention period is required or permitted by law. We may also retain your information in accordance with applicable law to consider you for other job opportunities, unless you have told us that you do not wish us to retain your details for such purposes. You can request deletion of your personal information at any time and we will consider your request in accordance with applicable laws.

YOUR PRIVACY RIGHTS

Your rights in relation to the personal data we hold are as follows:

• to request access to your personal data we hold;
• to rectify or erasure your personal data; to restrict or object to processing concerning your data;
• to request data transfer to other parties;
• to withdraw consent at any time, without affecting the lawfulness of processing based on consent before this withdrawal;
• to lodge a complaint with the supervisory authority – Commission for Personal Data Protection,

If you would like to exercise any of the above rights, please contact privacy@strypes.eu so that we may consider your request under applicable law. To protect your privacy and security, we may take steps to verify your identity before complying with the request.

Changes to this Notice

We will review and update this Notice periodically in response to changing legal, technical and business developments. When we update this Notice we will note the date of its most recent revision below. We encourage you to review this Notice frequently to be informed of how we are protecting your information.