en pl
en pl


Information on processing of personal data by Recruitify

Who controls the data?

Data controller is Recruitify Sp. z o.o. company registered in Poland on al. Jana Pawła II 61/241/1.2 01-031 in Warsaw.

On what basis and why Recruitify process personal data?

The Administrator may process your personal data in connection with the concluded contract for the provision of electronic services or the concluded contract for the provision of electronic services - the provision of newsletter services to signed users. The basis for processing your personal data is the implementation of the contracts mentioned above, including making settlements related to them.

Under the requirements of the law, providing personal data is a condition for concluding a contract for the provision of services by the Administrator. Failure to provide personal data will prevent the Administrator from providing the services.

The Administrator also uses the personal data of users based on its legitimate interests, which is based on Article 6(1)(f) of the General Data Protection Regulation ("GDPR"). On this legal basis, the Administrator processes personal data to defend or assert claims related to the service contract and to realize the Administrator's legitimate interest, it means conducting marketing activities, including providing signed users with a newsletter service.

What right do I have connected to data processing?

Persons whose personal data are processed shall have the following rights specified by the GDPR:

1. Right to access to personal data, which means that all persons can contact the Data controller to obtain a confirmation if your personal data is processed. Moreover, you can obtain copy of your personal data that is processed.

2. Right to amend the personal data which means that you can ask the Data controller to change and shift your data.

3. Right to be forgotten, which means that you may ask the Data controller to erase you data. Please note, that this right may not always be exercised, in particular you may not ask for erasure of your data when the Data controller has a statutory obligation to process the data.

4. Right to restriction of processing.

5. Right to data portability.

6. Right to object which means that you can a tiny time object the processing which is based on Data controller’s legitimate interests.

How long Data controller will store my personal data?

Data controller will store personal data for the entire term of the contract for the provision of services. After the end of the contract, personal data will be stored until possible claims (including tax claims) become statute-barred.

Personal data processed on the basis of the consent will be stored until the consent is withdrawn.

Does Recruitify transfer personal data outside the EEA Area?

No, Data controller does not transfer personal data outside the EEA Area.

Can Recruitify disclose personal data to other entities?

The data collected by Recruitify may be accessed by external companies providing such services to Recruitify as hosting, server maintenance and database maintenance.

Do I have the right to lodge a complaint related to the processing of personal data?

Yes, you can lodge a complaint to a data protection authority.

When Recruitify acts as a data processor?

Services performed by Recruitify are mainly based on SaaS model. Recruitify services enable it’s clients to manage recruiting and HR processes. For the proper performance of Recruitify services, clients may introduce personal data to software which is made available to them in the SaaS model. The data which may be introduce include persons taking part in recruiting process, client’s employees and other persons who are part of HR processes.

As far as personal data introduced to the SaaS software is concerned, Recruitify acts as processor (as defined in article 4 point 8 of the GDPR). Recruitify activities are limited to storage and processing the data on client’s demand. In order to comply with the GDPR, Recruitify enters with it’s clients into data processing agreement specified in article 28 of the GDPR.