Radioactive International Recruitment (RIR) is a company registered as a recruitment agency pursuant to Art. 5, item 1 of the Ordinance on the terms and conditions for carrying out intermediary activity on employment with a certificate of registration No. 2198, issued by the Employment Agency on 12.01.2017 for Bulgaria and No. 2199 issued on 12.01.2017 for abroad.
Our mission is to connect businesses and job candidates, provide the best opportunities and meet the interests of our clients.
In order to fulfil the objectives of our main activity – recruitment and career counselling, as well as to fulfil our legal obligation to the Employment Agency for the administration and control of recruitment mediation activities, we collect, store and process the personal data of applicants as we guarantee:
- Use of your personal data only for the purposes of recruitment and career counselling;
- Preservation of your personal data – their confidentiality, pertinence and availability through technical solutions, organizational measures and internal control procedures;
- Transparent procedures for managing your personal data so that you can easily and effectively exercise your rights granted by GDPR;
- A personal assistant for career counselling to provide you with the most suitable job offers, advice on presenting to Employers, as well as full assistance in managing your personal data.
- A data protection officer to ensure that your rights are ensured and protected, as well as to communicate on the issues of the GDPR.
Our commitment is not only to provide professional services and full assistance for your professional realization but also to ensure the protection of your personal data in full compliance with Regulation (EU) 2016/679 on the protection of natural persons in connection with the processing of personal data and on the free movement of such data and the repeal of Directive 95/46/EC (General Data Protection Regulation) – hereinafter only referred to as GDPR.
For more detailed information, please read the full text of our Privacy Policy, as we remain available for further information and consultation.
POLICY FOR MANAGEMENT AND ENSURING CONFIDENTIALITY OF PERSONAL DATA
Radioactive International Recruitment (RIR) collects and processes personal data lawfully, in good faith and a transparent manner, observing the principle of personal privacy and non-interference in the private life of citizens. Our Personal Data Privacy Policy commits us to process your personal data only when:
- On the basis of contractual relations – this basis arises when we contact you in connection with your application approved by documents, according to our recruitment advertisement for which you have applied. In order to be able to assist you with the particular employers, it is necessary for us to enter into an Employment Brokerage Agreement with you, which is our legal obligation to the Employment Agency (EA), in connection with our employment brokerage license.
The Agreement number is also the number of your application file, through which you can carry out all legitimate actions provided for in the GDPR. - On the basis of legitimate interest – this basis arises when you submit a resume following our advertisement, but you do not fully meet the specified requirements in terms of documentation. Your CV is then entered into our database for a period of 1 year so that we can offer you suitable positions.
Your email becomes the identifier of your personal application file, through which you can carry out all legitimate actions provided for in the GDPR. When we contact you in connection with suitable job offers for your profile and preferences, your data will be processed in the order of point 1. - On the basis of explicit consent – this basis arises for all candidates who are already in our database, on the basis of item 1 and item 2, after the expiry of the processing period declared above. We will contact you to obtain your express consent or refusal to the future processing of your personal data for the purposes of recruitment and career counselling.
If we receive your consent, your email becomes the identifier of your personal application file, through which you can carry out all legitimate actions provided for in the GDPR.
This Policy fully complies with the requirements of the General Data Protection Regulation – Regulation (EU) 2016/679 (General Data Protection Regulation), Directive 2002/58/EC on the processing of personal data and protection of the right to privacy in the electronic communications sector, the Personal Data Protection Act, the Electronic Messages Act and the Ordinance on the terms and conditions for the performance of employment mediation activities and applies to:
(1) the persons who apply to work with us;
(2) the candidates we provide or to whom we provide an appointment with one of our clients;
(3) the candidates provided to us by our recruitment partners for processing for our clients’ positions;
(4) the users of https://rir.bg, as well as those who applied for jobs through the platforms of our partners: jobs.bg, zaplata.bg, rabota.bg, jobtiger.bg, etc.;
This Policy describes the type of personal data we collect, the purpose and manner of use and the parties with whom we share it, as well as the rights and choices available to individuals regarding the use of their data. We also describe the measures we take to protect data privacy and how you can contact us about our privacy practices and exercise your rights.
Data we collect
We collect personal data about you in various ways, such as through our site, from our recruitment partners, from public information platforms for job seekers (e.g: jobs.bg, zaplata.bg, etc.), social network channels (e.g: Facebook and LinkedIn etc.), through events, by phone or email, through job applications and in connection with personal recruitment and in the course of our relationships with customers and suppliers. We may collect the following types of personal data:
- contact details (names, email address and phone number);
- gender;
- nationality and work permit status;
- other information included in your CV, the information you provide about your career development preferences and other information about your employment qualifications:
- data about previous positions, workplaces and education;
- language skills and other job-related skills;
- information provided by references;
- information from conducted interviews, tests, face-to-face and remote communication conducted within the selection procedure;
- other data you may provide to us, such as through the Contact Us feature on our site.
We are responsible not only for not using your personal data for purposes other than the purpose of recruitment and career counselling but also not for transferring your data to Employers who cannot demonstrate GDPR compliance. In addition, we take care to manage your personal data with transparent and accessible procedures, such as technically and procedurally, to protect the data to the maximum in order to preserve its integrity, availability and confidentiality.
In addition, we will provide you with a Personal Career Counseling Assistant, which is a prerequisite for you to receive high-quality career counselling services tailored to your requirements, competent assistance in applying, as well as information about suitable applications in the future. The same Personal Assistant will help you update your data if necessary or manage it in accordance with the rights granted by the GDPR.
Attention: We recommend that you do not include in your resume data related to racial or ethnic origin, political, religious or philosophical beliefs, membership in political parties or organizations, associations with religious, philosophical, political or trade union goals; as well as information that relates to the health and sex life of the natural person. These are “sensitive data” that does not relate to the subject of the selection and are not needed by the employers and the Employment Agency. We warn that it is risky and for the purposes of our service, essential data from identity documents such as social security number, passport/identity card number, validity periods, etc. should not be provided.
Data collected by automatic means
The Radioactive International Recruitment (RIR) website collects general data and information when a data subject or automated system calls up the website. This aggregate data and information is stored in server log files. Collected may be (1) the types and versions of the browser used, (2) the operating system used by the accessing system, (3) the website from which our website is accessed (so-called Referrers), (4) ( 5) the date and time of access to the website, (6) the Internet Protocol address (IP address), (7) the Internet service provider of the access system and (8) any other similar data and information that may be used in the event of attacks on our information technology systems. When using this general data and information, Radioactive International Recruitment (RIR) does not draw any conclusions about the data subject. Instead, this information is necessary to: (1) get our website content right, (2) optimize our website content, as well as its advertising, (3) ensure the long-term viability of our information and web technologies, and (4) provide law enforcement with the information necessary for prosecution in the event of a cyberattack. Therefore, Radioactive International Recruitment (RIR) analyzes the anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise and ensuring an optimal level of protection of the personal data we process. Anonymous server log data is stored separately from any personal data provided by the data subject.
Purposes and manner of use of the information we collect
We use the information described above to perform the following activities:
- providing solutions for securing employees and connecting people with employers;
- sending notifications about vacant positions;
- managing, evaluating and improving our business;
-
protect against, identify and prevent fraud and other illegal activities, claims and other liabilities and
compliance with and enforcement of applicable legal requirements, industry standards, contractual obligations and our policies;
In addition to the above activities, if you are a job candidate and apply for a specific position, we use the data described in this privacy policy to:
- Provide you with job opportunities and offers;
- Provide you with additional services, such as training, career counseling and career development services;
-
Assess your suitability as a job candidate and your relevant qualifications for specific positions and
perform data analysis, such as (i) analysis of our database of job applicants, (ii) assessment of individual performance and capabilities, including assessment of job-related skills, (iii) identification of missing skills, (iv ) use of information to match individuals and potential opportunities and (v) data feed analysis (trends regarding recruitment and hiring practices).
We may also use the information in other ways for which we provide specific notice at or before collection.
We use Google Analytics, a web analysis service provided by Google Inc., to evaluate the use of our site and services, compile activity reports and provide other services related to Internet usage. Google’s privacy policy can be viewed at https://www.google.com/intl/None/policies/privacy/
By using our sites, you consent to the processing of your data by Google in the manner and for the purposes set out above. If you choose, you can opt out of the processing of data about you by Google for display advertising and / or customize the ads using the Google Ads Settings at: https://www.google.com/settings/ads.For more information about Google Analytics, visit https://www.google.com/analytics/.
Data storage and updating
- We will store your personal data in accordance with Bulgarian legislation, our legitimate business interest, legal obligations, or for the establishment, exercise or protection of our rights.
- We are committed to updating your details by contacting you to provide you with the best career opportunities.
- Where you have provided data for recruitment and career counselling purposes based on consent, you can withdraw your consent at any time, and we will delete it securely.
Data we share
- We do not disclose the personal data we collect about you except as described in this Policy. We share your personal data with clients who may offer suitable employment opportunities or wish to offer employment to our job candidates.
- We may share your personal data with companies acting as our subcontractors for the purposes of fulfilling our obligations as a recruitment agency: IT providers whose servers are located in Europe, applying the European Commission’s standard contractual clauses – for the purposes development and technical support of our systems; auditors and consultants to check Our compliance with external and internal standards and requirements. All persons processing personal data are carefully selected and checked for compliance with GDPR requirements. Confidentiality and non-disclosure agreements have been concluded with them.
- We may also disclose information about you (i) if required to do so by law or legal process, (ii) to law enforcement agencies and government officials based on a lawful request for disclosure, and (iii) in cases where we believe, that it is necessary to prevent personal injury or financial loss or in connection with the investigation of suspected or actual fraudulent or illegal activity.
- We also reserve the right to transfer personal data about you in the event of a sale or transfer of our business or property or part thereof (including in the event of restructuring, termination and liquidation).
Your rights and choices
- We provide you with certain choices about the personal data we collect about you and how we communicate with you. To update your preferences, request that we remove your details from the periodic communication address list, exercise your rights or submit a request, contact your Personal Career Counseling Assistant or as indicated in the Contact Us section of this Policy.
- You can request access to the personal data we hold about you, or ask us to correct, amend, delete or block the data, by contacting your Personal Career Counseling Assistant or as set out in the Contact Us section from this Policy. Deletion of personal data at your request is possible, as long as there are no legal storage obligations.
- You can withdraw any consent you have given us or object to the processing of your personal data at any time on a legal basis, after which we will apply your preferences in force.
- Information about the actions taken by us in connection with your requests will be provided to you free of charge within 30 calendar days of receiving your request.
- You have no legal or contractual obligations to provide data to Radioactive International Recruitment during the recruitment process. However, if you do not provide the required information, we may not be able to process your Application/Application.
- You have the right to file a complaint regarding the processing of your personal data by Radioactive International Recruitment (RIR) to the Personal Data Protection Commission at the e-mail address kzld@cpdp.bg.
Data Transmission
We transfer the personal data we collect about you only in the territory of the European Economic Area (EEA) or Switzerland, and we will comply with the applicable legal requirements to ensure the appropriate protection when transferring personal data to recipients in countries outside the territory of the EEA and Switzerland.
Personal data protection
- We maintain and implement administrative, technical and physical safeguards for information security and protection of the personal data you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
- Employees having access to personal data are trained to handle sensitive information and are required to treat the information as confidential.
- We have carried out a data protection impact assessment and provided for data protection at the design stage of the company’s products and processes, as well as a periodic risk assessment in order to continuously improve the Information and Personal Data Security Policies.
- We cooperate with the Commission for the protection of personal data both in determining the risks and control mechanisms and in any request from the supervisory authority in the performance of its duties.
- In the event of a breach of personal data security, the Information Security Officer will notify the Commission for Personal Data Protection within 72 hours of learning about the breach in accordance with Article 33 of Regulation (EU) 2016/679. In the event of high risk to your rights and freedoms, you will also be duly informed by means of a message to the e-mail address you have indicated regarding the nature of the violation and measures to reduce the adverse consequences.
Privacy Policy Update
This Privacy Policy may be updated periodically to reflect changes in our personal data practices. We will notify you of material changes with a prominent notice on our site indicating the date of the last update at the beginning of the Policy.
Additional Provisions
§1. Definitions:
- ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
- ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
- ‘data subject’ means the natural person who owns the personal data. In the specific case, the subjects of the personal data are the job applicants.
- ‘right of access’ – the data subject has the right to obtain from the controller confirmation as to whether personal data relating to him are being processed and if so, to obtain access to the data.
- ‘right to rectification’ – the data subject has the right to ask the administrator to correct inaccurate personal data relating to him.
- ‘right to erasure’ – the data subject has the right to request from the administrator the deletion of personal data related to him, and the administrator has the obligation to delete the personal data when the personal data are no longer necessary for the purposes for which they were collected or processed, or the data subject withdraws his consent on which the data processing is based, or the personal data have been processed unlawfully.
- ‘right to restriction of processing’ – the data subject has the right to request the controller to restrict the processing when the accuracy of the personal data is contested by the data subject for a period that allows the controller to verify the accuracy of the personal data or the processing is unlawful, but the data subject does not wish the personal data to be deleted but instead requests that its use be restricted.
- ‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
- ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;