Privacy Policy

1. How do we protect your privacy?

At Nederlia SL we care about the privacy of your data and are committed to protecting it. We’ve created this privacy policy to give you an overview of how and why we collect your data, what we do with it, who we share it with and how we handle and process it. Candidates: In this privacy policy, we will explain what we do with your personal data, regardless of whether we have collected it when you visit our website and apply for a position, as part of the recruitment process, in order to fulfill contractual obligations or in order to continue our relationship once we have found a position for you. Clients: In this privacy policy, we will explain what we do with your personal data, regardless of whether we have collected it when you visit our website and fill out our contact us form, as part of the service we provide or in order to fulfill contractual obligations. Throughout this policy, when we write “Nederlia” or “we” or “us,” we’re referring to Nederlia SL. Please read this privacy policy notice carefully. By using our website and the services offered within it, you agree to be bound by the conditions of this privacy policy with respect to the information collected about you through the website. If you have any questions about how we protect your privacy, drop us a line at ninja@nederlia.com

2. What type of data do we collect?

Candidate data:

To offer you the job opportunities that best suit your profile, we must process certain information about you. However we will only ask you only for the information that we need in order to help you, such as your name, age, contact information, education, career path, work permits, salary information, copy of your passport (only if you need a visa to fly for an interview), your CV, and any other information you provide to us during the recruitment process. Likewise, we will also collect certain information about you when you access our website. If you’d like more information, take a look at our cookie policy.

Client data:

If you are a client of Nederlia SL, we will need to collect and use information about you, or other people in your organisation, in order to provide services which include finding suitable candidates for you or your organisation. In order to provide these services, we collect information including: full name, email address, company name, company address, size of company, sector/industry, Skype ID, phone number, social media handles and record of our email communication. Likewise, we will also collect certain information about you when you access our website. If you’d like more information, take a look at our cookie policy.

3. How do we collect data?

Candidate information:

We need to know certain information about you in order to provide a customised service. This is so we can offer you job opportunities related to your skills and experience.   We collect your personal information in three ways:

1. personal information you give us directly
2. personal information we collect from other sources
3. personal information we collect automatically

We also collect certain data automatically when you access our website. If you’d like more information, take a look at our cookie policy.   Personal information you give us directly: You can share this information with us in various ways, depending on your preferences and the way you apply for a role. This may include:

• entering your information on the Nederlia website or through a form, as part of the job application process
• giving one of our recruiters a copy of your CV in a physical format during an event
• sending your CV or other personal information by email to a Nederlia consultant or arranging an interview with them

Personal information we receive from other sources We also receive personal information through other sources. Depending on the relevant circumstances and applicable legislative and local requirements, this may include personal data received in the following situations:

• information collected in the form of references from contacts provided by you
• on occasion, our clients may provide us with personal information about you
• personal information collected when we search for candidates from external sources, such as LinkedIn or other employment portals and jobs boards
• basic information received automatically from Facebook and Twitter when you “Like” our page or follow us

Personal information we collect automatically We also collect certain data automatically when you access our website. If you’d like more information, take a look at our cookie policy.

Client information:

We need to process certain information about you and the company you work for, if applicable, in order to provide a customised service. We share a common goal: to make sure you have the best employees working at your organisation and are able to hire new team members as quickly and effectively as possible. We collect the personal data of clients in three ways:

1. personal information we receive directly from you
2. personal information we receive from other sources
3. personal information we collect automatically

Personal information we receive directly from you We receive the data you provide to us directly in two ways:

• when you first contact us, usually by phone, email or through a form on our website
• during the recruitment process, usually by phone, email or in person

Personal information we receive from other sources Where appropriate and in accordance with local legislation and requirements, we may request more information about you or your colleagues from other sources, either through due diligence or other market information mechanisms, including:

• through market studies of third parties or the analysis of online and offline media (that we perform ourselves or entrust to other organisations we hire);
• through other limited sources and third parties

Personal information we collect automatically We also collect certain data automatically when you access our website. If you’d like more information, take a look at our cookie policy.   Users of the website: When you visit our website, we collect certain information automatically, whether you finally decide to use our services or not. This includes your IP address; the date, the hours and the frequency with which you access the website and the way in which you browse its content. We also collect your data when you contact us through the website, for example through email. We collect your data automatically by means of cookies according to the specific configuration of your browser. If you would like more information about cookies, including the way we use them and the options available to you, check our cookie policy.

4. How do we use this data?

Once we have obtained your data, we use it in different ways, depending on the service we need to provide.

Candidate data

We usually use the candidate’s data in the following four ways:

• recruitment
• marketing activities
• control of equal opportunities
• formulation, exercise or defense of a right in a judicial proceeding

In the right circumstances in the future, we might also use candidate data for profiling. Below, each of these activities is explained in greater detail.   Recruitment In order to offer you the right job opportunity, we need to use and process your personal data, when appropriate and in accordance with local legislation and requirements, in the following ways. Keep in mind that the list is not exhaustive. We may:

• collect data directly from you and from other sources, such as LinkedIn
• store your data (and update it when necessary) in our database, so that we can get in touch with you in relation to a recruitment process
• provide recruitment services and facilitate this process
• assess your data in relation to the vacancies that we consider to be in line with your profile
• If you give us your consent we will send your information to clients so they can process your application
• offer you the possibility to send your CV, submit yourself online to a job or subscribe to alerts of offers that we consider may be of interest to you
• streamline our payroll and billing payment processes
• verify the data you have provided (such as references, qualifications and possible criminal convictions, as appropriate and in accordance with local legislation)
• comply with our legal obligations in relation to the detection of crime or the collection of taxes or duties

We only use your personal data for the above purposes if we consider it necessary and in our legitimate interest (i.e. it forms part of a contract or service we need to provide). If you are not satisfied with the any of the ways we may use your data, as listed above, you have the right of opposition in certain circumstances. You can find more information about how and when to exercise on the section: What are your rights?   Marketing activities It is possible that we may periodically send you information that we think may be of interest to you. We will only send you this information if you have given us consent to receive communication. In particular, we may use your data for the purposes listed below, where appropriate and in accordance with local legislation and requirements. Keep in mind that the list is not exhaustive.   We may:

• send you information, including reports, promotions, events and other general information we believe may interest you
• publish your testimonial on our website, but only in cases where we’ve received the testimonial from you and obtained your explicit consent to publish it

If you are not happy with our marketing activities, you have the right to withdraw your consent or unsubscribe at any time. No one is perfect, but we will do our best to honour your preferences.   You should know that even if you have chosen not to receive our marketing communications, there is the possibility that we will recover your data again from public sources, such as LinkedIn. We will do our best to ensure that this does not happen, but if it does, we apologise in advance and will ask you to unsubscribe again.

Client data

We may use your data for the following purposes:

• recruitment
• marketing activities
• for the formulation, exercise or defense of a right in a judicial proceeding

Below, each of them is explained in greater detail.   Recruitment In order to provide a customised recruitment service, we need to process and use your data in the following ways:

• store your data (and update it when necessary) in our database, so that we can get in touch with you regarding recruitment activities
• keep records of our conversations and meetings, so that we can provide specific services in the future
• meet our obligations resulting from the contracts we have entered into with you
• conduct customer satisfaction surveys

We only use your personal data for the above purposes if we consider it necessary and in our legitimate interest (i.e. it forms part of a contract or service we need to provide). If you would like more information, check the section “What is the legal basis for processing your data?” If you are not satisfied with any of the ways we may use your data, as outlined above, you have the right of opposition in certain circumstances. You can find more information about how and when to exercise it in the section about your rights.    Marketing activities It is possible that we may periodically send you information that we think may be of interest to you. We will only send you this information if you gave us consent to receive marketing communication. In particular, we may use your data for the purposes listed below, where appropriate and in accordance with local legislation and requirements. Keep in mind that the list is not exhaustive. We may:

• send you information, including reports, promotions, events and other general information we believe may interest you
• publish your testimonial on our website, but only in cases where we’ve received the testimonial from you and obtained your explicit consent to publish it

5. Who do we share your personal data with?

When appropriate and in accordance with local legislation and requirements, we may exchange your personal data, in various ways, for recruitment or legal and contractual obligations, with the following categories of people:

• in the case of candidates: potential employers and other recruitment agencies and organisations in order to improve their chances of finding work
• in the case of candidates: partners, job boards and aggregators of job offers when we consider that this improves their chances of finding the right job
• in the case of candidates: potential employees and their representatives for the purpose of references: third parties that we have hired for the provision of services, such as checking of references, qualifications and criminal convictions, to the extent that these verifications are appropriate and comply with local legislation
• tax, auditing or other financial or legal authorities where we believe, in good faith, that the law or another regulation obliges us to share your data with them (for example, in response to a request from a tax authority or in relation to possible litigation)
• third party service providers that perform functions on our behalf and with whom we have signed contracts (including external consultants and professional advisors, such as lawyers, auditors and accountants or technical support teams and IT consultants who carry out the testing or development of IT systems)
• If Nederlia merges with another business or company in the future or is acquired by one (or is in serious conversations about that possibility) we may share your personal information with the possible new owners of the business or the company

6. How do we protect your personal data?

We are committed to taking all reasonable measures to protect the personal information we store against any unauthorised use, loss or access. These include measures to address any suspected data breach. We endeavour to protect your data by storing it on secure servers and using a series of technical and organisational security measures to safeguard your personal data and to reduce the risk of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use include firewalls and data encryption. Although we believe we have taken adequate and appropriate measures, no system is perfect and we therefore cannot guarantee that unauthorised access or theft will not occur. If you suspect that there may be improper use of your personal information or unauthorised access to it, please let us know immediately by sending us an email to ninja@nederlia.com.

7. How long do we keep your personal data?

If we have not entered into a relevant contact with you (or with the company you work for) for a period of three years (or for a longer period if we believe in good faith that the law or another regulation obliges us to keep them), we will contact you again to make sure that the information we store about you are is up-to-date and that you are happy to stay in our database. If we do not hear from you, we will then proceed to delete your personal data from our systems.

8. What are your rights?

You have the following rights with regard to your personal information:

1. The right to be informed: You have a right to know what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties. This is why we’ve created this privacy policy, and we will do our best to keep it up-to-date.
2. The right to access: You have the right to access the data we hold about you. We will, however, need you to prove your identity before we release any personal data to you. We have one month to collect and send you this information, although there are exceptions for requests that are unfounded, repetitive or excessive.
3. The right to rectification: If you discover that the information we hold about you is inaccurate or incomplete, you can request for it to be updated. As with the right to access, we have one month to do this, and the same exceptions apply.
4. The right to erasure (‘the right to be forgotten’): You can request that we erase your data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed or if it no longer meets the lawful ground for which it was collected.
5. 5. Right to withdraw Consent: You can withdraw the consent you gave us to process your data at any time.
6. The right to restrict processing: You can request that we limit the way we use your personal data. It’s an alternative to requesting the erasure of data, and might be used when you contest the accuracy of your personal data or when you no longer need the information but we are required to keep it to establish, exercise or defend a legal claim.
7. The right to data portability: You have the right to obtain the personal data we hold about you in a structured, electronic format, and to transmit such data to another data controller, where this is (a) personal data which you have provided to us and (b) if we are processing that data on the basis of your consent or to perform a contract with you.
8. The right to object: You can object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest or exercise of official authority. We must stop processing information unless we can demonstrate compelling legitimate grounds for the processing that overrides the interests, rights and freedoms of the individual or if the processing is for the establishment or exercise of defence of legal claims.
9. Rights related to automated decision-making including profiling: The GDPR includes provisions for decisions made with no human involvement, such as profiling, which uses personal data to make calculated assumptions about individuals. There are strict rules about this kind of processing, and individuals are permitted to challenge and request a review of the processing if they believe the rules aren’t being followed.
10. The right to complain If for any reason you are not happy with the way we have handled your personal data, please contact us. If you are still not happy, you have the right to make a complaint to to the relevant control authority (Spanish Agency for Data Protection, www.agpd.es)

To exercise any of these rights, please write to us: Nederlia Ref. Data protection Calle Llull 48-52, 3-4a 08005 Barcelona Spain Or send an email to ninja@nederlia.com

9. Where is your data stored and who can access it?

Data we collect is transferred to and stored by Bullhorn, Inc: a recruitment database. All employees of Nederlia can access this database to efficiently perform recruitment services and marketing communication in cases where we received your consent for such communication. We endeavour to protect your data by storing it on secure servers and by using technical and organisational security measures to safeguard your personal data and to reduce the risk of loss, misuse, and unauthorised access, disclosure and alteration. Some of the safeguards we use include firewalls and data encryption. Although we believe we have taken adequate and appropriate measures, no system is perfect and we therefore cannot guarantee that unauthorised access or theft will not occur.

10. What is the legal bases for processing your data?

We have set out a short description of main ways we collect, store, process, share and disclose your personal data and the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate. We will only use your data when the law allows us to do so. We will primarily use your personal data in the following circumstances:

• to fulfil a contract we are about to enter into or have entered into with you
• where it is in our legitimate interests
• when it is our legal or regulatory duty
• when you consent

A legitimate interest is when we have a business or commercial reason to use your information in conducting and managing our business. We will consider and balance any potential impact on you and your legal rights when we process your personal Information for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you, unless we are required to do so for compliance with a legal or regulatory obligation. Where consent is required in order to use your personal information, by ticking the appropriate consent box or otherwise communicating your consent (for example, by email, verbally in person or on a call, or by voluntarily providing non-mandatory information) you consent to our use of that personal information for the purposes covered by the specific consent that you have given. For example, we will only process your personal information for marketing purposes if we have your consent to do so.

11. Cookies

What are cookies? Cookies are text files that are stored in a computer system via your internet browser. Cookies are not viruses. A cookie does not contain information that identifies a person, but instead allows your computer to be linked to the information provided by you on the website (such as: linking your IP address and other information about your experience on the website to your preferences expressed while choosing services). They do not damage your computer or slow operation. You can block cookies by activating the setting on your browser.   Why do we use cookies? The internet pages of Nederlia SL use cookies. You can either agree or disagree to our cookie policy. Cookies help us to make the best of our website and to provide a more personalised service. From a technical point of view, cookies allow web pages to function more efficiently and tailor the user’s experience according to their preferences. They also help us to improve the content and services on offer, thanks to the statistical information collected through them.   What type of cookies do we use? Analytical Cookies: These cookies are used to measure and analyse how visitors use the website (for example: site traffic, most-visited pages or pages that display error messages or bounce rate) in order to continuously improve the website and your experience when visiting our site. All information collected by these cookies is in an anonymous form (even if passed onto third parties) and cannot be used to identify you. For more detailed information about cookies and how they can be managed and deleted, please visit www.allaboutcookies.org.

12. Changes to our data Privacy Policy

This notice was last updated on 16/05/2018. We may change this page from time to time, to reflect how we are processing your data or changes in law. If we make significant changes, we will make them clear on our website or by email, so that you are able to review the changes.