Privacy

Introductiom

Futureproof (“we” or “us”) is committed to respecting your privacy and protecting information that enables us to identify you as an individual (“personal data”). This Personal Data Privacy Policy describes why and how we process your personal data and protect it in connection with our business activities, including IT services, business operations, website management, recruitment, and staffing solutions. We comply with the GDPR as we are based in the EU and provide our professional services within the EU.

Definitions

• Personal Data: Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. For example, in recruitment activities, we collect, among other information, a name and surname, an email address, and a mobile phone number.

• Data Controller: The data controller determines the purposes for which and the means by which personal data is processed. So, if a company/organization decides “why” and “how” personal data should be processed, the company is a data controller. Employees processing personal data within the company do so to fulfill the tasks of the company. We are a data controller of some of your personal data, as specified in this Personal Data Privacy Policy and our CookiePolicy.

• Data Processor: The data processor processes personal data only on behalf of the controller. The data processor is usually a third party external to the company. A typical activity of processors is offering IT solutions, including cloud storage. Being a data controller, we ensure that a contract or another legal act effectively covers the duties of these third-party data processors towards us. For example, the contract must indicate what happens to the personal data once the contract is terminated.

Collected Personal Data

• Business Activities: The scope of personal data is determined by the specifics of the relationship or contract with our clients, partners, or external cooperators/contractors. For example, we collect personal data of clients’ representatives or people included in our surveys.

• Websites: We collect personal data obtained from visitors browsing our websites. We collect visitors’ device identifiers, their IP addresses, web browsers, and their passage through our websites (i.e., what they have searched for and visited). These collected data may be connected with other personal data.

• Recruitment and Employment: We collect personal data throughout the recruitment, contracting and onboarding process. We obtain personal data from yourself directly, via job forms, our website, job boards. We collect personal data from publicly available sources such as social/professional networks/platforms or websites. We respect the rules of these third parties to use the data.
  
  In particular, we collect the following personal details:

• • Name

  • Contact information

  • Educational background

  • Employment background

  • Job qualifications/skills

  • CV/resume or transcripts, and any supporting documentation attached to your resume, such as copies of certificates, passport, cover letters, etc.

  • Information we collected from you via our communication, e.g., career preferences, remuneration expectations, and other information relevant to our needs to provide recruitment services.

  • Details of your visits to our career site, including but not limited to traffic data, location data, weblogs and other communication data, the site that referred you to our website, and the resources that you access.

Use of Personal Data

• Business Activities: We collect personal data as we exercise our business activities related to existing contracts and prospective business opportunities with our clients, partners, subcontractors, and service providers.

• Websites: In general, we collect visitors’ personal data to provide functionality of our websites in order to tailor (personalize) provided content and improve website operation.

• Recruitment and Employment: We collect personal data to:

  • Identify and evaluate potential subcontractors, cooperating and partnering individuals, as well as potential employees of our clients or ourselves.

  • Maintain records for automated and human assessment to make suitable cooperation and employment offers.

  • Contact you or identify you when you contact us and throughout our communication in relation to the provision of recruitment services.

  • Verify your personal data prior to entering into contractual agreements with yourself.

  •  

  • The personal data specified above may be disclosed to our employees, external collaborators, and other data processors as described in the chapter Access to Personal Data.

• Third-party: We enrich information about you by information from third parties to tailor our business and employment offerings and improve our professional services.

Legal Basis for Use

The legal basis for our use of your personal data as described above follows:

• Partially, from your explicit consent when accepting the cookies settings on our website, providing us with your personal data during our recruitment process, or concluding a contract.

• Partially, from our legitimate interest to provide our professional services, conduct recruitment and employment, and ownership, merger, and acquisition changes.

• Partially, from our obligation to comply with law and mandatory obligations.

• Wherever you apply for a job opening through our Quick Apply and job board integration vendors, we rely on consent during the application process to disclose your personal data to the service provider on the basis described below. The Consent to the processing of personal data is an explicit, informed, transparent, and provable acceptance of the fact that we can process the candidate’s personal data. The consent may be revoked by the candidate.

Access to Personal Data

We Strive to ensure that every entity (an employee, contractor, third-party service provider – data processor) involved in activities where they can access your personal data is contractually bound to keep the confidentiality of your personal data and its processing.

Beyond the cases specified below, we will not disclose or transfer your personal data to third parties unless you provide explicit consent:

• Clients and Partners: We may provide access to your personal data to our clients and business partners. Such personal data disclosure is made upon a contract between us and the client or partner. Before concluding a contract with a job applicant, some collected personal data, or data derived from these personal data, may be disclosed to our clients and partners; otherwise, it is generally not possible to conclude a contract since our clients and partners are involved in the decision process.

• Data Processors: We may provide access to your personal data to third-party data processors listed below. We strive to ensure your personal data is governed consistently with our Personal Data Privacy Policy for every third-party service we use. We can provide you with details about our data processors on request. In particular, job applicants’ personal data may be disclosed to the following third parties; otherwise, it is not possible to execute our recruitment processes.

  • Providers ofelectronic communication platforms (e.g., Google, Zoho)

  • Providers of document and collaboration tools (e.g., Google, Zoho)

  • Services for recruiting and employment activities (e.g., Zoho Recruit)

  • Contractors/External collaborators servicing us (e.g., an external expert, contractor, asked to evaluate the applicant’s capabilities or verify information).

• Ownership Changes: If futureproof changes its ownership, merges with or acquires another entity, your personal data may be made accessible to new owners and entities.

• Law and Legal Rights Protection: We may provide access to your personal data if it is required by law or required to protect our legal rights.

Personal Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need-to-know. They will only process your personal data on our specific instructions, and they are subject to a duty of confidentiality. In case of any security breach, we will notify you and any applicable regulator where we are legally required to do so.

Where we store and who has access to your personal data

We store your personal data in Europe. If you are a candidate from the European Economic Area:

• The data that we collect from you and process may be transferred to a destination outside the European Economic Area (“EEA”). It may also be accessed and processed by staff operating outside the EEA who work for us or for one of our suppliers.

• If you would like further information, please contact us (see ‘Contact’ below).

Personal Data Retention

The retention period is determined by personal data use, while we generally commit to not retaining personal data longer than required.

• Business Activities: We retain personal data for the lifetime of requests and contracts related to our services, cooperation, employment, or contract; some data is retained as required by law.

• Websites: The retention of cookies and other personal data related to other tracking techniques is described in detail in our Cookie Policy.

• Recruitment and Employment: We shall determine appropriate retention periods considering the purposes stated in this policy and relevant legal requirements.

Considering the purposes stated in this policy and relevant legal requirements. Your personal information will be deleted on one of the following occurrences:

• Receipt of a written request by you to us.

• Deletion of your personal information based on criteria defined by us.

• For example, if we failed to receive your consent within the defined timeline, your data will be automatically deleted.

Your rights

Under the General Data Protection Regulation, you have a number of important rights free of charge. In summary, those include:

• Right to know and access

• Right to seek correction

• Right to request erasure

• Right to receive a copy of your data

• Right to object to processing and to direct marketing

• Right to object to automated decision making

• Right to restrict processing

If you would like to exercise any of those rights, please:

• Contact us using our contact details below

• Give us enough information to verify your identity

• Let us know the information to which your request relates

How to complain

We hope that we can resolve any question or concern you raise about our use of your information.

The right to make a complaint. If you believe that futureproof is processing personal information in violation of your right of private or personal life you can contact us for clarification and removal of such state. You also have the possibility to contact the particular supervisory authority. Contact details for individual supervisory authorities within the European Union can be found at National Data Protection Authorities. Because futureproof’s registered office is located in the Czech Republic, the leading office responsible for the final handling of your complaint is the Office for Personal Data Protection.

We reserve the right to refuse or charge your request if that is allowed by law; e.g., if we find your request excessive or problematic.

Consent

By providing your consent via webforms, job board forms, cookie consent, email consent or other written form you consent to the collection, controlling, access, security, and retention of your personal data as described in this Personal Data Privacy Policy. We reserve the right to conduct changes to this Personal Data Privacy Policy. Whenever we make a change that increases the rights to use the personal data we have collected about you, we will ask you for your consent beforehand.

Contact Us

For any questions about our Personal Data Privacy Policy, realizing your rights, or communicating directly with our Data Protection Officer, please contact us: GDPR@fproof.eu