Privacy Policy
This Privacy Policy (along with other documents referred to herein) describes what personal information we collect from you and how we collect, use, and process it.
1. DATA CONTROLLER DETAILS
THE WISE SEEKER S.L., NIF B88209929, Calle Almagro nº1, 2ª izda, 28010 Madrid, Phone +34 91 9152400, which has appointed a Data Protection Officer whom you may contact regarding any questions related to this Policy: protecciondedatos@thewiseseeker.com
1.1. Applicable Regulations
Our Privacy Policy has been designed in accordance with the EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
The Wise Seeker may modify this Privacy Policy to adapt it to legislative, jurisprudential, or interpretative changes made by competent control authorities. These privacy conditions are complemented by the Legal Notice, Cookie Policy, and Terms of Service.
2. CATEGORIES OF DATA SUBJECTS
Our Privacy Policy concerns you if you belong to any of the following categories:
- Users of our website.
- Candidates to whom we provide employment services or who submit their application for a job vacancy and contact us through our website, job boards, social media pages, or other channels.
- Potential candidates, as well as potential clients and their business contacts whom we contact to present our products and services.
- Clients with whom we maintain a business relationship and whom we assist in filling vacancies.
- Service providers who provide us with various services.
3. PURPOSE OF PROCESSING PERSONAL DATA
WEB USERS
Web Users | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
CANDIDATES
Candidates | ||
---|---|---|
Purpose 1 | Purpose 2 | |
Purposes | We process your data when you register with us to provide you with employment and recruitment services or to carry out a selection process with you to establish an employment relationship with you. In this context, we may use your data to communicate with you, respond to your questions, analyze your CV and find a suitable position for you, create a candidate profile for you, arrange interviews, conduct aptitude tests, or send your application documents to the employer of your choice. | We process your data when you register with us and make your application data available to us and, if applicable, to potential employers. |
Categories of Personal Data | For this, we may process the following data:
|
For this, we may process the following data:
|
Legal Basis | The data processing is based on the following legal bases:
|
The data processing is based on the following legal bases:
|
Collection of Your Data | We collect data directly from you. Additionally, we may also collect your data from third parties,
specifically from:
|
We collect data directly from you. |
Recipients of Your Data | In order to provide our employment services, we may share personal information about you with potential
employers who offer job vacancies in which you are interested. Within the data processing described
here, it is also possible that both internal and external service providers may have access to your
data. These include data processors, such as:
|
In order to provide our employment services, we may share personal information about you with potential
employers who offer job vacancies in which you are interested. Within the data processing described
here, it is also possible that both internal and external service providers may have access to your
data. These include data processors, as well as our processors in the following areas:
|
POTENTIAL CANDIDATES AND POTENTIAL CLIENTS
Potential Candidates and Potential Clients | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
CLIENTS (B2B) AND CONTACT DETAILS
Clients (B2B) and Contact Details | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
SERVICE PROVIDERS AND CONTACT DETAILS
Service Providers and Contact Details | ||
---|---|---|
Purpose 1 | Purpose 2 | |
Purposes | We process your personal data to enter into the service contract with you and receive your services, as well as to communicate with you in the context of our business relationship. Additionally, we process your data for accounting purposes. | We process your personal data to assess your suitability as our provider. Only in very limited cases and to the extent that we are legally obligated to do so, we compare your data with sanction lists and other lists and public records, including terrorist and embargo lists and PEP (Politically Exposed Persons) lists. |
Categories of Personal Data | For this, we may process the following data:
|
For this, we may process the following data:
|
Legal Basis | The data processing is based on the following legal basis:
|
The data processing is based on the following legal bases:
|
Collection of Your Data | We collect data directly from you. | We collect data directly from you. We may also use data from public records and sanction lists. |
Recipients of Your Data | In the context of the data processing described here, it is possible that internal and external service
providers in the following areas may have access to your data:
|
In the context of the data processing described here, it is possible that internal and external service
providers in the following areas may have access to your data:
|
4. PROCESSING OF PERSONAL DATA IN THE JOB POSTING AND MULTIPOSTING SERVICE
Our clients can post job advertisements on our website and receive and manage application data.
Therefore, the user, as well as the company they work for, must register with us to post job advertisements on our website, including multiposting.
If the user creates a job advertisement for a vacant position in their company on our website and allows us to manage it or create a company profile, we process the following data:
- Email address and any other contact information of the person responsible for the job advertisement in the company.
- Contact information of the person who will receive the applications.
- All information about the company included in the company profile, such as the company name, company address, contact details of company representatives, number of employees, turnover, key figures, key employees, texts, images, graphics and links, logos, etc.
- Any other personal data or information included in the job description (e.g., job title, department, salary details, contact details of the potential supervisor, job requirements profile, company information, etc.).
- Data generated by your use of our website, such as metadata, including information on the duration of the ad online, where it should be displayed, how often the ad is clicked, how many applications the ad receives, etc.
This personal information is processed so that we can manage the job advertisements on behalf of the client and their company, including the multiposting service, and so that the company can create a company profile on our website. Additionally, to publish in the multiposting service the advertisement on social networks, job portals, and online media that the company has contracted (see here for details). The job advertisements we publish and manage for you are usually publicly accessible.
5. DATA RETENTION PERIOD
We will retain users' personal data only for as long as necessary to fulfill the purposes for which it was collected, which in some cases may be an ongoing purpose, as long as the consents granted are not revoked. Subsequently, if necessary, the information will be kept blocked for the legally established periods.
In the case of data you provide us in relation to job offers you wish to subscribe to, it will be retained for two years from the date of the last update. After this period, if it has not been updated, the data will be deleted unless you tell us otherwise.
6. CONSENT TO PROCESS YOUR DATA IN OUR FORMS
By filling out the forms, checking the box "I accept the Privacy Policy," and clicking to submit the data, the User declares that they have read and expressly accepted this privacy policy and grants their unequivocal and express consent to the processing of their personal data in accordance with the purposes indicated.
The personal data requested is mandatory, so refusing to provide it will make it impossible to carry out the provision of the contracted services.
The user guarantees that the data provided is true, accurate, complete, and up-to-date, being responsible for any damage or harm, direct or indirect, that may be caused as a result of the breach of this obligation. If the user provides data of third parties, they declare to have the consent of these and agree to transfer the information contained in this clause, exempting us from any responsibility in this regard. However, we may carry out checks to verify this fact, adopting the corresponding due diligence measures in accordance with data protection regulations.
7. SECURITY MEASURES
As part of our commitment to ensure the security and confidentiality of your personal data, we inform you that the necessary technical and organizational measures have been adopted to guarantee the security of personal data and to prevent its alteration, loss, processing, or unauthorized access, taking into account the state of technology, the nature of the data stored, and the risks to which they are exposed, in accordance with Art. 32 of the EU GDPR 679/2016.
8. DATA DISCLOSURE
No data disclosures are foreseen, except those authorized by tax, commercial, and telecommunications legislation, as well as in those cases in which a judicial authority requires it.
Notwithstanding the foregoing, we may share your information in the cases established in the purposes chart of clause 3 of this document.
9. INTERNATIONAL DATA TRANSFERS
When we share your personal data, it may be transferred both within and outside the European Economic Area (EEA). If we transfer your personal data internationally, we will do so only in accordance with applicable law and will require an adequate level of protection for it, as well as that appropriate security measures are applied. Your personal data may be transferred from countries located within the EEA to countries outside of it. In such cases, we will require that the following safeguards are respected:
- That the laws of the country to which your personal data is transferred ensure an adequate level of data protection. Click here to see the list of non-EEA countries that, according to the European Commission, offer an adequate level of data protection; or
- That the transfer is subject to standard data protection clauses approved by the European Commission. You can learn more about these data protection clauses here; or
- Any other appropriate safeguard applicable under Article 46 of the EU General Data Protection Regulation (2016/679).
The safeguards we apply are as follows:
- Countries or international organizations declared as providing an adequate level of protection by the European Commission:
- Switzerland. Commission Decision 2000/518/EC, of 26 July 2000
- Canada. Commission Decision 2002/2/EC, of 20 December 2001, regarding entities subject to the scope of the Canadian data protection law
- Argentina. Commission Decision 2003/490/EC, of 3 June 2003
- Guernsey. Commission Decision 2003/821/EC, of 21 November 2003
- Isle of Man. Commission Decision 2004/411/EC, of 28 April 2004
- Jersey. Commission Decision 2008/393/EC, of 8 May 2008
- Faroe Islands. Commission Decision 2010/146/EU, of 5 March 2010
- Andorra. Commission Decision 2010/625/EU, of 19 October 2010
- Israel. Commission Decision 2011/61/EU, of 31 January 2011
- Uruguay. Commission Decision 2012/484/EU, of 21 August 2012
- New Zealand. Commission Decision 2013/65/EU, of 19 December 2012
- Japan. Decision of 23 January 2019
- United Kingdom. Decision of 28 June 2021 (English version)
- Republic of Korea. Decision of 17 December 2021 (English version)
- EU-USA Data Privacy Framework Decision of 10 July 2023 (English version)
- In the absence of an adequacy decision, appropriate safeguards shall apply:
- Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.
As stated before carrying out the transfer, we will ensure that it is legally authorized and that sufficient guarantees exist to ensure an adequate level of data protection with respect to the data transfer (e.g., through contractual guarantees, officially recognized regulations, or internal binding data protection regulations at the recipient) or that you have given us your consent for such data transfer.
10. USER RIGHTS
Any data subject has the right to obtain confirmation as to whether we are processing personal data concerning them, or not. Data subjects have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. In certain circumstances, data subjects may request the restriction of the processing of their data, in which case we will only keep it for the exercise or defense of claims. For reasons related to their particular situation, data subjects may oppose the processing of their data. The Data Controller will stop processing the data, unless for compelling legitimate reasons, or the exercise or defense of possible claims.
In accordance with current legislation, you have the following rights: the right to request access to your personal data, the right to request its rectification or deletion, the right to request the restriction of its processing, the right to object to processing, the right to data portability, and also, to withdraw the consent given.
10.1. How to exercise my rights?
To exercise your rights, you must contact the controller, requesting the corresponding form for the exercise of the chosen right. You can exercise your rights by writing to us at the following email address: protecciondedatos@thewiseseeker.com. Remember to attach a copy of a document that allows us to identify you.
Finally, you are informed of your right to file a complaint with the competent data protection authority (in Spain, www.aepd.es) in case you become aware of or consider that an event may constitute a breach of the applicable data protection regulations.
Last updated 26/08/2024.