MatcHR business operations are based on Article 6(1)(f) of the General Data Protection Regulation (GDPR), which states that: ‘processing is necessary for the purposes of the legitimate interests pursued by the controller or by a Third Party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of Personal Data, in particular where the data subject is a child.’
The Legitimate Interest criteria set out by the GDPR require that MatcHR follows strict guidelines for the processing of Personal Data.
GDPR considers an “interest” to be the broad stake a Controller may have in data processing, or the benefit that a Controller may derive from such processing. An interest is considered legitimate as long as the Controller can pursue it in compliance with data protection and related laws.
For purposes of data processing MatcHR’s Legitimate Interest is to fill clients’ vacancies with the best candidates on the market and provide candidates with the most relevant opportunities in the market.
Informing the Data Subject
As per GDPR, MatcHR shall be clear and transparent about their reliance on the Legitimate Interest provisions for data processing and shall do this by a concise, intelligible and transparent statement of MatcHR’s operations, purposes and the necessity for data processing, using clear and plain language. Such a statement shall be provided on MatcHR’s website. This information shall be explicit, clear and separate from other information on the website.
MatcHR shall make clear, on their website, the individual’s right to object to the processing of their data at any point in time.
MatcHR shall make clear, on their website, the individual’s right to erasure at any point in time.
MatcHR shall make clear, on their website, the individual’s right to rectify any incorrect and/or outdated information about the data subject at any point in time.
MatcHR shall erase all data that is no longer needed for purposes of legitimate interest, as per GDPR.
MatcHR shall on no occasion obtain and/or process Special Category Data. These include:
- Political opinions
- Religious or philosophical beliefs
- Trade Union membership
- Sex life
- Sexual orientation
MatcHR shall ensure that there is a limited impact to the privacy of the individual whose data is being processed.
Are you under the age of sixteen?
If you are younger than sixteen years old, you cannot use our Website and Services without the permission of your parents or legal guardian.
We can store your data at various moments, for example when you visit our Website, create an account via our Website, use our Services or when you contact us. We will not process your data without your consent, unless we are legally obliged to do so.
What data do we collect and how do we use your data?
To use our Services, we collect and process some or all of the following types of information:
- Your name
- Your age
- Your date of birth
- Your gender
- Your address
- Your phone number
- Your e-mail address
- Your resume
- Personal trades
- Conversation notes
- Publicly available professional data (LinkedIn, Xing, etc.)
- A picture that is clearly identifiable
From our clients or prospective clients, we collect and process some or all of the following types of information:
- Name of the company
- Payment terms
- Name contact persons
- Email address
- Telephone number
- All send and received emails are stored in our CRM
- Relevant notes about our customers. We never write down special personal data (like race etc.)
We can also store the following non-personal data if you use our Website:
- The type of your browser
- The operating system that you use
- The internet service provider
MatcHR B.V. offers newsletters. That way, you are fully informed of any news and/or offers. We use an opt-in system. Every time we send you a newsletter you have the possibility to unsubscribe from the newsletter.
We will only use your personal data for the purposes listed above or any other purpose that is connected thereto. This way, your data will never be used by us in an unexpected way.
We work hard to protect your personal data from unauthorized or unlawful access, alteration, disclosure, use or destruction. That way, unauthorized persons do not have access to your data. We take the following measures to protect your personal data:
- Encryption of digital files that contain personal data
- Secure network connections with Secure Socket Layer (SSL) technology or a technology that is similar to SSL.
- The access to the data is limited to the persons that need the data
How long do we store your data?
We shall store your personal data for as long as necessary to fulfil the purposes listed above.
With whom do we share your personal data?
We may share your personal data with others. In a data processing agreement, we shall agree with those parties that they shall use your data carefully and they shall only receive the data that is relevant for their services. These parties use your data in accordance with our instructions and not for their own purposes. These parties are “processors” within the meaning of the Relevant Legislation.
Third parties will only use your data in accordance with the purposes that we received your data for.
We will only process your data within the European Union. We will only process your data outside of the European Union if the country has an effective protection level for your data.
You may find advertising or other content on our Website that link to other websites. We do not control the content on these websites and are not responsible for the content or the privacy protection of these websites. We advise you to read the privacy policies of those websites.
IP addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration, customer support and to collect aggregate information for internal reporting purposes.
The cookies we use are “analytical” cookies. Some of the common uses for our cookies are as follows:
- to recognize and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our Website works, for example by ensuring that users are finding what they are looking for easily.
- to identify and authenticate a user across different pages of our Website, within our own Website, in a session or across different sessions. This is so that the user does not need to provide a password on every page the user visits; and
- to be able to retrieve a user’s previously stored data, for example, information that the user previously submitted to the Website, so as to facilitate reuse of this information by the user.
The data we collect is personal. Therefore, you have the following rights:
- You may request access to the personal data we process about you;
- You may request us to correct, update, shield or delete your personal information in our records;
- You may request a copy of the personal data we have processed about you. We can – on your request – send this copy to another party, so you don’t have to send the data yourself;
- You may file a complaint against processing your data;
- You may file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), if you are under the impression that we process your data unlawfully;
- You may always withdraw your consent to process your data. We cannot process your data from the moment you withdraw your consent.