Data management information

1. Who manages your data?

Your personal data will be managed by the hereby listed members of euJOBS HR-Group as a collective data controller – with joint responsibility – concerning the data management implied in this information sheet.

Information about the data controllers:
EU-DiákOK Munkaerőközvetítő és Szolgáltató Iskolaszövetkezet
Headquarters: 7184 Lengyel, Petőfi st. 15.
Represents: Pataki Zoltán board member

EU-JOBS Munkaerőközvetítő és Szolgáltató Limited Liability Company
Headquarters: 2724 Újlengyel, Nyári Pál st. 65.
Represents: Heincz Norbert executive director

Nyugdíjtöbblet Közérdekű Nyugdíjas Szövetkezet
Headquarters: 2724 Újlengyel, Nyári Pál st. 65.
Represents: Kertész Béla board member

Alkalmi Munkaszervező Erőforrás és Gazdálkodás Szociális Szövetkezet 
Headquarters: 1137 Budapest, Katona József st. 15.
Represents: Berencsi Brigitta board member

Emberi Erőforrás és Gazdálkodás Szociális Szövetkezet
Headquarters: 1137 Budapest, Katona József st. 15.
Represents: Krátky Márk board member

EU-JOBS International Limited Liability Company
Headquarters: 1137 Budapest, Katona József st. 15.
Represents: Krátky Márk executive director

 

(henceforth, collectively referred to as: the „Data Controller”)

For privacy concerns, please contact our privacy officer at one of the following contacts:

e-mail: [email protected]
address: 1137 Budapest, Katona József st. 15.



2. What kind of personal data do we manage? (Types of data management):

2.1. Online registration

If you would like to be a part of our database and get information about job opportunities you can register on our a www.eudiakok.hu, www.eujobs.hu and www.nyugdijtobblet.hu websites.

Purpose of data management:
To find suitable job offers for you. We will send you job offers by e-mail and – if you give us your consent – also by SMS.

Claim of data management:
Your consent which you give with the registration [GDPR Article 6, par (1), point a.)]. You can withdraw you consent at any time by deleting your registration, but this does not affect the legality of the data management that preceded it.

Period of data management:

  • If you have registered but you did not find a job, then you will be a part of our database until you delete your registration (withdraw your consent). You can initiate the deletion of your registration via e-mail, by post or in person at our customer service office.
  • If, after registration, you entered employment and joined our cooperative or you entered into a contract with us, we will manage your data according to the data management information provided during admission and conclusion of the contract.

Data processor:

  • EU-SALESMAN Ltd. (headquarters: 1137 Budapest, Katona József st. 15.) provides our website’s storage place, edits website content, operates and maintains it.
  • Ozeki Informatikai Ltd. (headquarters: 1094 Bp., Viola st. 20-24.) contributes in sending SMS messages.
  • In case of Eu-Jobs Ltd.: Hireify Ltd. (headquaters: 2045, Törökbálint, Kossuth Lajos utca 40.) as a software developer and operator: personal data related to the application and selection (name, telephone number, e-mail address, education and training data) handles

It is also possible to register via Facebook. Such providers are separate data controllers, independent from us.

Please find the data management information of Facebook here: https://www.facebook.com/privacy/explanation

Your rights are detailed in sections 3.1 – 3.6.

2.2. Social media sites (e.g.: Facebook, Instagram):

EU-DiákOK and EU-JOBS are available separately on Facebook and Instagram social media sites. EU-DiákOK and EU-JOBS can create closed groups too.

You can subscribe to the newsfeed of the beforementioned pages by clicking on the „like” and „follow” buttons on the page. „Dislike” and „unfollow” buttons are also here if you want to unsubscribe. Furthermore, you can delete unwanted news on your newsfeed with the help of newsfeed settings.

Admission to closed groups must be requested and after approval, the applicant can be a member of the closed group.

By following our pages your profile becomes available to us, but we do not manage any data from it, and we do not record any data from it in our internal system. We only use our pages for sharing news and nothing more.

Purpose of data management: To inform you about any new information, our services, news about us and to send you educational articles and materials.

Claim of data management: Your consent which you give by following us [GDPR Article 6, par (1), point a.)] You can withdraw you consent at any time by unfollowing us, but this does not affect the legality of the data management that preceded it.

Period of data management: Our news will only appear to you until you want it to. If you are not following us, then our posts will not appear in your newsfeed. You can access our newsfeed if you do not follow us but you will not be notified.

Social media sites are independent data controllers from us:

We share photos/videos about different events on our Facebook and Instagram pages. If it is not a crowd picture/video, we always ask for the permission of the person concerned before publishing the images.

Data processor:
Pozitivo Digital Ldt. (Headquarters: 1135 Budapest, Szent László st 28-30.) They offer consulting and editing services related to online recruitment.

Your rights are detailed in sections 3.1 – 3.6.

 

2.3. If you contact us (inquiry, complaint)

You can contact us at any of our contact details (e-mail, through Facebook, by phone, post, via the different forms provided for this purpose or in person at our customer service).

Purpose of data management:
Contact with the inquirer, and answer/solve the question/request. After answering the question, the purpose of retention is to handle complaints.

Claim of data management:
Your consent which you give by reaching out to us [GDPR Article 6, par (1), point a.)]. You may withdraw you consent at any time by sending a letter/mail to the data protection officer at any of the contact details listed in point 1 but this does not affect the legality of the data management that preceded it.  Please note that if we are unable to manage your registered personal data then it may not be possible to answer your question or request.

We would like to inform you that the data fields on the different forms have been created based on our experience. We only ask for the most necessary data to answer the given request. The required fields are marked with a red asterisk.

Period of data management:
The inquiries and the personal data provided during the inquiry will be deleted 5 (five) years after answering the question, request, or complaint.

Data processor:

  • EU-SALESMAN LLC. (Seat: 1137 Budapest, Katona József u. 15.) provides the web hosting, and web page related services, such as running, editing and maintaining our web pages.
  • REAL POOL LLC. (Seat: 1106 Budapest, Halas u. 9/A fszt. 3.) develops and maintains our ERP (Enterprise Resource Planning system)

Your rights are detailed in sections 3.1 – 3.6.

 

2.4. Recording phone calls

Both incoming and outgoing calls are recorded. We manage the personal data you gave during the phone call. In case of a phone call our employee informs you that the call will be recorded.  The recording is available free of charge upon request.

Purpose of data management:
Quality assurance (control and development)

Claim of data management:
The legitimate interest in ensuring the proper quality of the service. [GDPR Article 6, par (1), point f.)] You can object to the data management at any time by sending a letter/mail to the data protection officer at any of the contacts listed in point 1 but this does not affect the legality of the data management that preceded it.

Period of data management:
The recorded calls are stored for 1 (one year).

Data processor:
Adertis Ltd. (headquarters: 1133 Budapest, Gogol st 13.) is responsible for operating the call center and for providing the necessary software.

 

Your rights are detailed in sections 3.2, 3.3, 3.5, 3.7.

 

2.5. Reports, reviews

With your consent we may share the report or review you have written on the website. In connection with this we may disclose the following data: date, time, username and/or name.

Purpose of data management
Promotion of our services.

Claim of data management:
Your consent [GDPR Article 6, par (1), point a.)] You can withdraw you consent at any time by sending a letter/mail to the data protection officer at any of the contacts listed in point 1 but this does not affect the legality of the data management that preceded it.

Period of data management
Until withdrawal of consent.

Data processor:
EU-SALESMAN Ltd (headquarters: 1137 Budapest, Katona József st. 15.) provides website storage space, edits website content, operates and maintains the website.

Your rights are detailed in sections 3.1 – 3.6.

 

2.6. Business relations, asking for proposal

We share the contact information of our contacts during the contracts or non-contractual relations concluded with each of our business partners and we manage the contact details of the contacts provided by our business partners.

Purpose of data management:
Contact for contract performance, preparation, or other business reasons.

Claim of data management:
Our legitimate interest in fulfilling the agency contract or in relations between companies. [GDPR Article 6, par (1), point f.)] You can object to the data management at any time by contacting the data protection officer data protection officer at any of the contacts listed in point 1.

Period of data management
Contact information during the period of the business relationship will be managed until our business partner or contact person notifies us about the change of contact person.

Data processors:

  • EU-SALESMAN LLC. (Seat: 1137 Budapest, Katona József u. 15.) provides the web hosting, and web page related services, such as running, editing and maintaining our web pages.
  • REAL POOL LLC. (Seat: 1106 Budapest, Halas u. 9/A fszt. 3.) develops and maintains our ERP (Enterprise Resource Planning system)
  • A MiniCRM LTD. (Seat: 1075 Budapest, Madách Imre út 13-14.) develops and maintains our CRM (Customer Relationship Management system)

Your rights are detailed in sections 3.2, 3.3, 3.5, 3.7.

2.7. Contracts and personal data on contracts
We will preserve the contracts made between our Partners and us after they are no longer in effect. Therefore, the personal data in those contracts are also to be preserved.

Purpose of data management:
To make data available in case of possible demand arising from that contract.

Claim of data management:
Our legitimate interest in fulfilling our rights within the legal timeframe. [GDPR Article 6, par (1), point f.)] You can object to the data management at any time by contacting the data protection officer data protection officer at any of the contacts listed in point 1.

Period of data management
We will preserve the signed contracts for 5 (five) years after they are no longer in effect.

Your rights are detailed in sections 3.2, 3.3, 3.5, 3.7.

3. Your rights

In connection with data management your rights are listed in points 3.1-3.7. If you would like to exercise one of them, please write to us at one of the following contacts:

e-mail: [email protected]
address: 1137 Budapest, Katona József st. 15.

Identification
We must always identify you before fulfilling your request. If we are unable to identify you then we unfortunately cannot fulfill your request.

Respond to request
After identification we inform you about your request in writing, electronically or, at your request, orally. Please note that if you have submitted your request electronically, we will respond electronically too. Of course, in this case you also have the option to ask for another way.

Administration deadline
We will inform you about the actions taken following your request within 1 (one) month from the arrival of the request. If necessary, considering the complexity and the number of the request/requests, this deadline may be extended by an additional 2 (two) months, of which we will inform you within the 1 (One) month long administrative deadline.

We are also obliged to inform you about the non-compliance of the measure within the 1 (one) month administrative deadline. You can file a complaint against this at NAIH (4.1. point), and you may exercise your right of judicial review (4.2. point).

 

Administration fee
The requested information and action is free of charge. An exception shall be made if the request is clearly unfounded or in particular because of its repetitive nature, excessive. In this case we may charge a fee or refuse to comply with the request.

3.1. You can withdraw your consent

In the case of data management based on your consent, you may withdraw your consent at any time. In this case within 5 (five) days after getting your notification about it we will delete your data in connection with the given data management. We would like to inform you that the withdrawal does not affect the legality of the preceding data management.

3.2. You can request information (access)

You can request information on whether your personal data is being managed and if yes:

  • What is the purpose?
  • Exactly what kind of data is being handled?
  • To whom do we forward this data?
  • How long do we store this data?
  • What rights and remedies do you have in this regard?
  • From whom did we get your data?
  • Do we make and automated decision about you using your personal data? In such cases you may also request information about the logic (method) we use and the significance and expected consequences of such data management.
  • If you find that your data has been transferred to and international organization or a third country (non-EU member state) you can request a presentation of what guarantees the proper management of your personal data.
  • You can request a copy of your personal data (Additional copies may be subject to a fee based on administrative costs).

3.3. You can request a correction
You may request that we correct or supplement your inaccurately or incompletely recorded personal data.

3.4. You can request the deletion of your personal data („forgetting”)

You can request that your personal data be deleted if:

  • Personal data are no longer required for the purpose for which they were managed;
  • For data management solely with your consent;
  • If it is determined that we manage personal data unlawfully;
  • In case of a successful objection;

e) personal data must be deleted in order to fulfill a legal obligation under Union or Member State law applicable to the Data Controller.

We cannot delete personal data if it is needed:

  • for the purpose of exercising the right to freedom of expression and information;
  • compliance with an obligation under Union or Member State law applicable to the Data Controller which requires the management of personal data, or in the public interest;
  • on grounds of public interest in the field of public health;
  • for archiving purposes in the public interest, for scientific and historical research purposes or for statistical purposes, if erasure would make it impossible or seriously jeopardize such management; or
  • to submit, enforce or defend legal claims.

3.5. You may request that we restrict data management
You may request that we restrict data management if any of the following is true:

  • You dispute the accuracy of your personal data in which case the limitation applies to the period of time that allows us to verify the accuracy of your personal information;
  • Data management is illegal, but you oppose the deletion of the data and instead you ask for a restriction on its use;
  • We no longer need the personal data for data management purposes, but you require them to make, enforce or protect legal claims;
  • You objected to the data management; in this case the restriction applies for the period until it is determined whether the legitimate reasons of the Data Controller take precedence over your legitimate reasons.

In the event of a restriction, personal data may be managed – except for storage – only with your consent or for the purpose of bringing, enforcing, or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State.
We will inform you in advance of any lifting of the restriction.

3.6. You can request the transfer of your personal data (right to data portability)

You have the right to receive your personal data we manage in a machine-readable format and you have the right to transfer or – upon request –  that we transfer your data to another data controller if the data management is based solely on your consent or on a contract with you or on your behalf and is done automatically.

3.7. You may object to the management of your personal data

You may object to the management of your personal data if the legal basis for the management is a legitimate interest of the Data Controller or a third party. In this case, the personal data will be deleted, unless their management is justified by compelling legitimate reasons which take precedence over your interests, rights, and freedoms, or if those reasons are related to the submission, enforcement, or protection of legal claims.

 

4. Remedies

4.1. You can file a complaint with the NAIH

If you think that the management of your personal data is contrary to the regulations of the Data Protection Regulation, you have the right to complain to the supervisory authority in the Member State of your habitual residence, place of work or suspected infringement and in Hungary, the National Data Protection and Information Security (Nemzeti Adatvédelmi és Információbiztonsági Hatóság – NAIH):

NAIH
president: dr. Péterfalvi Attila
mailing address: 1363 Budapest, Pf. 9.
address: 1055 Budapest, Falk Miksa st 9-11.
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
web: http://naih.hu
e-mail: [email protected]

4.2. You can go to court

If you believe that the management of your personal is contrary to the provisions of the Data Protection Regulation and your rights under the Data Protection Regulation have been violated, you have the right to go to court.

Proceedings against the data controller or the processor shall be brought before the courts of the Member State in which the data controller or processor is established. Such proceedings may also be instituted in the courts of the Member State in which you have your habitual residence.

In Hungary, the adjudication of the lawsuit falls within the jurisdiction of the court. The lawsuit may – at the option of the person concerned – also be brought before the court of the place where he or she resides or stays. A party who does not otherwise have legal capacity to sue may also be a party to a lawsuit. The Authority may intervene in the proceedings in order for the person concerned to succeed. In addition to the provisions of the Data Protection Decree, the provisions of Act V of 2013 on the Civil Code Book Two, Part Three XII. title, (2:51. § – 2:54. §) and other legal provisions concerning court proceedings shall apply.

4.3. Compensation and grievance fees

If the Data Controller causes damage by illegal data management or if the Data Controller violates the subject’s right to privacy, a grievance fee may be charged to the Data Controller. The data controller shall be released from liability for the damaged caused and the obligation to pay if the data controller proves that the damage or the violation of the subject’s right to privacy was caused by an unavoidable cause outside the scope of data management.

5. Data security

We shall make every effort to implement appropriate technical and organizational measures, taking into account the all-time state of science and technology, the costs of implementation, the nature of data management and the risk to the rights and freedoms of natural persons, in order to guarantee an appropriate level of data security that commensurate with the degree of risk.

Personal data is always kept confidential, with limited access and possible maximalization of rigidity, and in the event of a problem, by providing recoverability. In determining the appropriate level of security, we shall take into account the risks arising from the management, in particular, the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data which have been transmitted, stored or otherwise handled.

We will do everything we can to ensure that persons under our control who have access to personal data can only manage such data in accordance with our instructions, unless they are required to do so by EU or Member State law.

6. Other

The Data Controller is entitled to change the contents of this Data Management information at any time. Any change will take effect at the same time as it appears on our website; the change will be announced in a pop-up window on the website.

Updated: Febr. 22, 2023



Appendix: Explanation of terms used in the Data Management Information.

„personal data”: any information about the natural person (data subject) (e.g.: name, number, location data, online identification or data on the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person);

„special data”: such as personal data referring to racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership as well as genetic and biometric data for the unique identification of natural persons, health data and personal data concerning the sexual life or sexual orientation of natural persons;

„health data”: personal data concerning the physical or mental state of health of a natural person, including data relating to health services provided to a natural person which contain information on the state of health of the natural person;

„subject”: identifiable natural person to whom the personal data relate. (Such as: website visitor; person subscribing to the newsletter, person applying for the job advertisement)

„data management”: any operation or set of operations on personal data or files, whether automated, or non-automated, such as collecting, recording, organizing, segmenting, storing, transforming or altering, querying, inspecting, using, communicating, transmitting, distributing or otherwise making available, harmonizing and interconnecting, restricting, deleting or destructing;

„data controller”: a natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the management of personal data;

„data processing”: performing technical tasks related to data management operations;

„data processor”: a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the data controller (on its behalf, at its direction and based on the decision of the controller);

„third party”: a natural or legal person, public authority, agency or any other body other than the data subject, the data controller, the data processor or persons who have been authorized to manage personal data under the direct control of the controller or processor;

„the consent of the data subject”: a voluntary, specific, and well-informed and unambiguous statement of the data subject’s intention, by means of a statement or and act which unequivocally expresses the confirmation, that he or she consents to the management of personal data concerning him or her.