1. DATA CONTROLLER AND DEFINITIONS
The processing and collection of personal data by the Company is in harmony with the directly applicable laws of the European Union and the provisions of the Hungarian laws in effect. In case of personal data processing, the Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter: “GDPR ”; for relevant definitions please see Appendix No. 1) , the Act CXII of 2011 on the Right to Informational Self-determination and Freedom of Information (hereinafter: “Freedom of Information Act”), the Act XLVIII of 2008 on the Essential Conditions and Certain Limitations of Business Advertising Activity (hereinafter: “Business Advertising Act”), furthermore the recommendations and the data protection practice of the Hungarian National Authority for Data Protection and Freedom of Information (hereinafter: “NAIH “) and the recommendations of the Article 29 Data Protection Working Party (hereinafter: “WP29”) shall apply.
During the recruitment process we process your personal data provided by you during the application procedure, especially in your curriculum vitae and cover letter.The Company will keep the received personal data confidential and takes all necessary steps to secure data processing. As Commsignia determines the purposes and means of the processing of any personal data collected or received from you, the Company is a data controller of any personal data described in this Policy. You are the data subject related to the personal data that the Company receives during the application procedure.
Company name of the data controller: Commsignia Ltd.
Seat: 14 Széchenyi utca, Attala 7252, Hungary
Postal address: 4-20 Irinyi József utca, Budapest 1117, Hungary
Company registration number: 17-09-010377
Tax number: HU23874664
Email address: [email protected]
Site means https://www.commsignia.com/ and its subdomains.
User or “you” means a registered or not registered visitor of the Site.
User Activity means location and behavior data (language selection on the Site, products put in the User’s cart), onsite browsing history, and usage patterns (frequency/patterns of logging-in).
2. SCOPE OF PROCESSED DATA, PURPOSE, LEGAL BASIS OF DATA PROCESSING, THE PERIOD FOR WHICH THE PERSONAL DATA IS STORED
|Categories of personal data concerned||Purpose of data processing||Legal basis of data processing||Period for which the personal data is stored|
|a)||Professional CV, letter of motivation.||Assessing the proficiency, qualification, professional experience necessary to fulfill the position in question and evaluating the motivation of the applicant.||The legitimate interest of the Company in selecting the most suitable candidate in order to ensure its operation and your consent when sending your application, until the end of the selection procedure.|
The consent of the User, from the end of the selection procedure (for a 12-months period), in case the User is not hired by Commsingia, with the additional purpose of considering the User for open positions in the future.
|1. Period of conducting the selection procedure. |
2. An additional period of 12 months afterwards if the applicant consented to it, or until you withdraw your consent at [email protected], unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).
When we have no longer or no legal basis to process your personal information, we will either delete or anonymize it.
|b)||Personal and contact data of the applicant provided during the application process.||Identification, keeping contact.|
|c)||Data concerning proficiency, qualification and professional experience.||Certifying the qualification necessary to fulfill the position in question|
|d)||Data generated by the Company about the applicant during the interviews and tests concerning the evaluation of the candidates.||Evaluation of the suitability of the applicant in the selection procedure.|
|e)||Personal data generated during tests, Assessment Centre and other tasks testing skills necessary to fulfill the position before admission.||Determining suitability for the position.|
No automated individual decision-making or profiling is performed in the course of the data processing of the Company concerning the applicants.
3. RECIPIENTS OF THE PERSONAL DATA
The visibility of personal data is restricted and will be accessible only by the relevant people at Commsignia who are taking care of your application. Except as expressly described below, we neither rent nor sell your information to third parties or non-affiliated companies. We may share your information only when we have your permission.
The Company may request data processing service for processing the personal data. During the service of data processing, the data processor shall abide under the present Policy, relevant legislations in force, furthermore the provisions of the existing contracts of the Company.
In order to fulfil its purposes as a data controller Commsignia cooperates with the data processors listed below. Commsignia reserves the right to change the data processors at any time.
|Name of the data processor||Data processing activity carried out on behalf of Commsignia and list of the personal data the data processor has access to,|
|Company name: Applied Training Systems, Inc.|
Address: 911 E. Pike Street, Suite #333 Seattle, WA 98122
E-mail: [email protected]
|Recruiterbox (developed and provided by Applied Training Systems, Inc.) is used to store the processed personal data listed in 184.108.40.206. Data received by Applied Training Systems, Inc. may be stored and processed in a third country (especially in the USA). Hence Commsignia and Applied Training Systems, Inc. has signed a data processing agreement which includes standard contractual clauses in accordance with the 2010/87/EU Decision of the European Commission with the intention to provide appropriate safeguards to the Users as laid down in GDPR.|
|HackerRank Company name: Interviewstreet Incorporation|
Address: 700 E. El Camino Real, Suite 300 Mountain View, CA 94041 United States (Attn: Privacy) Website: https://www.hackerrank.com/privacy
E-mail: [email protected] (with “Privacy” in the subject line)
|HackerRank is used to evaluate the skills of the User as a software developer. Interviewstreet Incorporation has access to the e-mail address, name and the position applied for. Data received by Interviewstreet Incorporation may be stored and processed in a third country (especially in the USA). Hence Commsignia and Interviewstreet Incorporation has signed a data processing agreement which includes standard contractual clauses in accordance with the 2010/87/EU Decision of the European Commission with the intention to provide appropriate safeguards to the Users as laid down in GDPR.|
In addition, Commsignia stores paper based personal data in locked storages within its office space. Any unauthorized collection, processing, or use of such data by employees of Commsignia is prohibited.
Commsignia only transfers personal data collected from the EU territory to a third-party having a registered seat outside the EU or the United States of America acting as a data processor without appropriate safeguards when it is necessary for the performance of the contract. Commsignia will make every effort to ensure that the personal data transferred is safe and secure and that the personal data is processed in a manner consistent with the GDPR.
If the applicant does not directly apply for a position at the Company (that is, for example through a recruitment agency or through a temporary employment agency or a student labor association) then the Company may collect certain data from these sources as well, and will handle these data in line with this Policy.
4.1. Commsignia hereby informs you that if you download certain parts of the Site, small data files (“Cookies”) will be automatically sent by the web server to your electronic device. In certain cases, these data files may be considered as personal data under the applicable data protection laws. These data files are necessary for the proper operation of the Site, and are used to collect information on the User’s visits to the Site.
|Type of Cookie||Purpose of Cookies||Legal basis of data processing||Cookie retention period|
|Google AdWords (Google Remarketing)||Third-party service providers, including Google, store previous visits made by a User to the Site, and use this information to display Commsignia’s advertisements to the User on the websites of Google’s partners. When the User visits the Site, we send one or more Cookies provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to your computer, which uniquely identify your browser. Google’s remarketing Cookies are used in Google AdWords. The Cookies provided by Google remember the number and times of visits to the Site as well as the sub-pages viewed by the User when browsing the Site. The recorded data is stored anonymously. The User can block Google’s remarketing Cookies on the opt-out page of Google’s Ads Settings, and can also block third-party Cookies on theNetwork Advertising Initiative opt-out page.||The AdWords Cookies expire 90 days after the User visited the Site. For further information, please click here.|
|Session ID||Session Cookies allow the User to be recognized within the Site. The most common example of this functionality is the shopping cart feature of the Site. When the User visits a page of a catalogue and selects some items, the session Cookie remembers the selection, so the shopping cart will contain the selected items when the User is ready to check out.||The information is saved until the end of the current session. After that, the collected information will no longer be available.|
|Auto login||These Cookies remember the User’s login information and automatically fill out the login form for the User when the User starts the login process next time.||The Cookies will be held in the User’s browser for a maximum period of 6 months.|
5. DATA SECURITY
Commsignia observes all applicable regulations regarding the security of personal data, therefore both Commsignia and its authorized data processors implement appropriate technical and organizational measures to protect personal data, and establish adequate procedural rules to enforce the provisions of the GDPR and all relevant local laws concerning confidentiality and the security of data processing.
6. RIGHTS OF THE DATA SUBJECT
Right to be informed, Right of access and to rectification: You have the right to obtain confirmation whether or not we are processing personal data relating to you, have communicated to you such data so that you could verify its accuracy and the lawfulness of the processing and have the data corrected, amended or deleted where it is inaccurate or processed in violation of the GDPR.
Right of erasure: In certain circumstances, you may have a broader right to erasure of personal information that We hold about you – for example, if it is no longer necessary in relation to the purposes for which it was originally collected. Please note, however, that We may need to retain certain information to comply with our legal obligations.
Right to object to processing: You may have the right to request Commsignia to stop processing your personal data.
Right to restrict processing: You may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where you believe that the personal information we hold about you is inaccurate or unlawfully held).
Right to Data Portability: In certain circumstances, you may have the right to be provided with your personal information in a structured, machine readable and commonly used format and to request that We transfer the personal information to another data controller without hindrance.
7. RIGHTS AND ENFORCEMENT
7.1. Any personal information which you provide for Commsignia must be true, complete, and accurate in all respects. You agree to notify us of any change in your personal information via Commsignia’s email address specified in section 1 without delay.
7.2. The User may exercise the following rights in relation to Commsignia’s data processing activities:
- request information on and have access to his/her personal data being processed;
- request the rectification of his/her personal data;
- request the deletion of his/her personal data or restriction of the processing of his/her personal data;
- object to Commsignia’s data processing;
- request data portability.
7.3. Right to get information and to have access to personal data being processed:
The User has the right to obtain confirmation from Commsignia as to whether or not personal data concerning him or her are being processed, and, if that is the case, to have access to the personal data and the following information:
- the purposes of the data processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
- if possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the User’s right to request from Commsignia the personal data’s rectification, erasure or the restriction of their processing if these personal data are related to the User or the User’s right to object to such data processing;
- the right to lodge a complaint with a supervisory authority;
- if the personal data are not collected from the User, any available information as to their source;
- the existence of automated decision-making, including profiling, and at least in these cases meaningful information about the logic involved, as well as the significance and the envisaged consequences of such data processing for the User.
If personal data are transferred to a third country or to an international organization, the User shall be informed of the appropriate safeguards relating to the data transfer.
Commsignia provides the User with a copy of his or her processed personal data. For any further copies requested by the User, Commsignia may charge a reasonable fee based on administrative costs. If the User submits the request by electronic means, the information shall be provided in a commonly used electronic form, unless otherwise requested by the User.
The right to obtain a copy referred to in the previous paragraph shall not adversely affect the rights and freedoms of others.
The rights mentioned above can be exercised through the Commsignia’s contact details indicated below.
7.4. Right to data portability:
The User has the right to receive personal data concerning him or her, which he or she has provided to Commsignia, in a structured, commonly used and machine-readable format and have the right to transmit those data to another data controller without hindrance from Commsignia, if the data processing is based on consent or on a contract and the processing is carried out by automated means.
When exercising the right to data portability defined above, the User shall have the right to have the personal data transmitted directly from one controller to another, if it is technically feasible.
Exercising the right to data portability is without prejudice to the right to erasure („right to be forgotten”).
The right to data portability shall not adversely affect the rights and freedoms of others.
7.5. Right to rectification:
Upon the request of the User, Commsignia will rectify any inaccurate personal data related to the User (without undue delay). Considering the purposes of the data processing, the User has the right to have his or her incomplete personal data completed, including by providing a supplementary statement.
7.6. Right to erasure („Right to be forgotten”):
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the User withdraws his or her consent on which the data processing is based, and if there is no other legal ground for the data processing;
- the User objects to the data processing and there are no overriding legitimate grounds for the data processing, or if the personal data are processed for direct marketing purposes;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which Commsignia is subject;
- the personal data have been collected in relation to the offer of information society services.
Erasure of data cannot be initiated if data processing is necessary:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which Commsignia is subject to or for the performance of a task carried out in the public interest;
- for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, for medical diagnosis, for the provision of health or social care or treatment or for the management of health or social care systems and services, on the basis of Union or Member State law or pursuant to contract with a health professional and if those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies;
- for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the User, in particular as for professional secrecy;
- for reasons of public interest in the area of public health and if those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies;
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, if the right of erasure would make such data processing impossible or the right of erasure would such data processing seriously jeopardize; or
- for the establishment, exercise or defense of legal claims.
7.7. Right to restrict data processing:
The User has the right to request the restriction of data processing concerning him or her from the Commsignia and Commsignia shall comply with this request without undue delay if any of the following reasons exists
- the accuracy of the personal data is contested by the User, in this case restriction is related to a period enabling Commsignia to verify the accuracy of the personal data;
- the data processing is unlawful and the User opposes the erasure of the personal data and requests the restriction of their use instead;
- Commsignia no longer needs the personal data for the purposes of the data processing, but they are required by the User for the establishment, exercise or defense of legal claims;
- the User has objected to data processing based on public interest or legitimate interest, in this case restriction is applied for a period in the course of which it can be verified whether the legitimate grounds of Commsignia override those of the User.
If processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with the User’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
A User who has obtained restriction of data processing according to the above shall be informed by Commsignia before the restriction of data processing is lifted.
7.8. Right to object:
The User has the right to object, on grounds relating to his or her particular situation, at any time to the processing of personal data concerning him or her, if the legal ground of data processing is to perform a task carried out in the public interest or in the exercise of official authority vested in a data controller, or the data processing is necessary for the purposes of the legitimate interests pursued by a data controller or by a third party, including profiling based on these provisions. Commsignia shall no longer process the personal data unless it can demonstrate compelling legitimate grounds for the data processing which override the interests, rights and freedoms of the User or for the establishment, exercise or defense of legal claims.
7.9. Procedure in the event of a request submitted by the User concerning the exercise of the above rights:
Commsignia provides information to the User on any action taken upon the User’s request related to the rights defined in this Policy without undue delay and in any event within one month of receipt of the request. This period may be extended by two further months where necessary, considering the complexity and number of the requests. Commsignia informs the User of any such extension within one month of receipt of the request, with the reasons for the delay. If the User makes the request by electronic means, Commsignia will provide the information by electronic means where possible, unless otherwise requested by the User.
If Commsignia does not act on User’s request, Commsignia informs the User without delay and at the latest within one month of receipt of the request of the reasons for not acting and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
Any and all information and communication requested by User are provided by Commsignia free of charge, unless requests from the User are manifestly unfounded or excessive, in particular because of their repetitive character. In this case, Commsignia may either charge a reasonable fee considering the administrative costs of complying with the request or refuse to act on the request.
Commsignia shall communicate any rectification or erasure of personal data or restriction of data processing carried out by Commsignia to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. Commsignia shall inform the User about those recipients if the User requests it.
7.10. You may lodge a complaint about the processing of your personal data to the National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság – NAIH; address: H-1125 Budapest, Szilágyi Erzsébet fasor 22/C.; postal address: 1530 Budapest, Pf. 5; phone: +36-1-391-1400; facsimile: +36-1-391-1410; email: [email protected]) or to the data protection authority of your home country or country of your residency.
7.11. Independently from lodging a complaint to NAIH, you may turn to court pursuant to the provisions set forth in the Privacy Act if your rights are infringed. Upon your decision, the procedure may be launched before the tribunal in whose jurisdiction you are domiciled or you have a temporary address. Prior to initiating a legal procedure, it may be useful to discuss the complaint with Commsignia.
7.12. Your detailed rights and remedies are set out in subsections 14–18 and 21–23 of the Privacy Act and in Articles 15-21 of the GDPR.
8. CONTACTING COMMSIGNIA
We value your opinion. If you have any comments, questions, or wish to obtain more information on data processing at Commsignia, please send an email at [email protected] or mail to the email or postal address specified in section 1 or contact us by phone at +36 70 883 9700. We will handle the submitted information confidentially. Our representative will contact you within a reasonable time.
 Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, shall be subject to appropriate safeguards protecting the rights and freedoms of the data subject. These safeguards shall ensure that technical and organizational measures are in place in particular in order to ensure respect for the principle of data minimisation. These measures may include pseudonymisation provided that these purposes can be fulfilled in that manner. If these purposes can be fulfilled by further data processing which does not permit or no longer permits the identification of data subjects, these purposes shall be fulfilled in that manner.