Privacy and Data Protection Statement

 

At Recruitment X, we are deeply committed to safeguarding the privacy and security of our customers’ data, as well as the personal information of the candidates whose data we process. This statement outlines our policies and practices to ensure that all data entrusted to us remains confidential and protected against unauthorized access, sharing, or leakage.

1. Data Collection and Usage

We collect and process personal data solely for the purpose of providing our services to hiring managers and recruiters. This includes:

  • Candidate Information: CVs, cover letters, application forms, and any additional materials provided by candidates.
  • Customer Data: Information necessary for account management, communication, and service provision.

We do not use this data for any other purposes without explicit consent.

 

2. Data Access Controls

Access to personal data is strictly limited:

  • Authorized Personnel Only (Zero Trust Principles): Only employees who need access to perform their job duties are granted permission.
  • Role-Based Access: Access rights are assigned based on job function and are regularly reviewed.
  • 2FA: All employees use Two Factor Authentication
  • Confidentiality Agreements: All employees and contractors sign binding agreements to protect customer and candidate data.

 

3. Data Security Measures

We employ robust security measures to protect data:

  • Encryption: All data is encrypted both in transit and at rest using industry-standard protocols.
  • Secure Infrastructure: Our servers are hosted in secure facilities with advanced physical and network security.
  • Regular Audits: We conduct periodic security assessments and vulnerability scans to identify and mitigate risks.
  • Firewall and Antivirus Protection: Continuous monitoring to prevent unauthorized access and malware threats.

 

4. Prevention of Data Sharing and Leakage

We enforce strict policies to prevent unauthorized data dissemination:

  • No Unauthorized Sharing: We do not share personal data with third parties unless required by law or with explicit customer consent.
  • Data Handling Procedures: Clear guidelines are in place for data processing, storage, and disposal.
  • Monitoring and Alerts: Systems are in place to detect and alert us to any unusual data access or transfer activities.

 

5. Data Breach Response Policy

In the unlikely event of a data breach:

  • Immediate Action: We will promptly identify, contain, and mitigate the breach.
  • Notification: Affected customers and, if necessary, regulatory bodies will be informed without undue delay.
  • Investigation: A thorough investigation will be conducted to determine the cause and extent.
  • Preventive Measures: Steps will be taken to prevent future incidents, including policy updates and additional security measures.

6. Data Retention and Deletion

  • Retention Period: Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law.
  • Secure Deletion: Upon request or when data is no longer needed, we securely delete or anonymize personal information.

 

7. Compliance with Laws and Regulations

We comply with all applicable data protection laws and regulations, including:

  • Local Data Protection Laws: Compliance with country-specific regulations where we operate.
  • General Data Protection Regulation (GDPR): For customers and candidates within the European Union.

 

8. Customer and Candidate Rights

Individuals have the right to:

  • Access Data: Request a copy of the personal data we hold about them.
  • Rectify Data: Request corrections to any inaccurate or incomplete data.
  • Erase Data: Request deletion of their personal data, subject to legal and contractual obligations.
  • Restrict Processing: Request limitations on how their data is used.
  • Data Portability: Receive their data in a structured, commonly used format.

 

9. Training and Awareness

  • Employee Training: Regular training is provided to all staff on data protection principles and cybersecurity best practices.
  • Policy Updates: Policies are reviewed and updated regularly to reflect changes in laws, technology, and operational practices.

 

10. Contact Information

For any questions, concerns, or requests regarding this Privacy and Data Protection Statement, please contact our Data Protection Officer:

By entrusting your data to Recruitment X, you acknowledge and agree to this Privacy and Data Protection Statement. We are dedicated to maintaining the highest standards of data protection to ensure your information remains secure and confidential.