Privacy statement for applicants of Gunvor Petroleum Antwerpen nv
As an organisation, we want to meet the requirements of the General Data Protection Regulation (GDPR). We also believe it is important to inform you, as an applicant, about:
• the personal data of yours that we process;
• the way we process your personal data;
• the provision of data to others inside or outside Europe;
• how long we store your data and;
• how we secure your data.
In addition, we want to inform you of your rights through this privacy statement. Finally, we want to inform you about who you can contact if you have any questions, requests or complaints. Please read this information carefully.
Personal data is any information about an identified or identifiable natural person. For you, this means information about you or that can be traced directly back to you. For example, this may be your name, date of birth and address; however, your personnel number, business email address or business telephone number is also considered to be personal data.
The processing of personal data concerns all actions that we can carry out with your personal data, from collection up to and including destruction. This is, therefore, a very broad concept.
In any case, these actions include: collecting, recording, organising, storing, updating, modifying, retrieving, consulting, using, forwarding, distributing, making available, bringing together, relating, shielding, erasing and destroying data.
Grounds on which we may process your data in accordance with the law
We process your data for one or more of the following reasons. These are mentioned in law:
• the data is needed to decide whether we want to enter into an employment contract with you;
• the data is required for entering into and/or the implementation of the employment contract;
• we have your clear and unambiguous consent to certain actions.
• we have a legitimate interest to process your data.
Your personal data that we process
We only process the following personal data belonging to you:
• your surname, first names, initials, any title, gender, date of birth, address, postcode, place of residence, telephone number, and any other information we need to communicate with you, such as your email address;
• information about courses, training and internships followed and to be followed by you;
• information about the position you are applying for;
• information about the nature and content of your current job and details about the termination of that current job;
• information about the nature and content of previous jobs you have had and about the termination of those jobs;
• other information you have provided or are familiar with in order to fulfil the position;
• other data necessary for the implementation or application of a law.
The processing of the above data is only for one or more of the following objectives:
• the assessment of your suitability for a position that is or may become available;
• internal control and company security;
• the implementation or application of a law.
Transfer of your personal data
In principle, we only use your personal data for ourselves (our own business operations) in the context of the job application process. We only use this information for the purposes for which this data was obtained by us. In some cases, it may be necessary to pass on your data to others such as to a party that processes data on our behalf.
Insofar as required, we enter into processing agreements (if necessary) with parties that process personal data on our behalf (so-called ‘processors’). We do this to establish the fact that they must also protect the data properly and that they must file a timely report with us in the event of a (presumed) data breach.
We will not pass on your personal data outside the EEA, except to our sister company in Switzerland. There is an Adequacy Decree for this country, which guarantees adequate protection of your personal data. If we send your details to other countries outside the EEA, we will inform you in advance.
Retention of your personal data
For the retention of personal data, our basic principle is that we do not retain data for any period longer than necessary for the purpose for which we have processed it. We observe the statutory retention periods. Data may be retained by us for a longer period if we have a legitimate interest to do so (for example, when legal proceedings are underway or have been announced and we must be able to defend ourselves).
Securing your personal data
The security of your personal data is well regulated by us through physical, administrative, organisational and technical measures. We therefore have an appropriate level of protection. We also update this periodically whenever necessary.
Under the GDPR, and for your personal data that we process, you have the right to ask us to:
• gain access to your data;
• receive a copy of your data;
• receive information about the processing of your data (this privacy statement must therefore also be included);
• to correct incorrect information (please note: you cannot have an assessment report corrected if you disagree);
• to complete incomplete information if this is necessary for the purpose for which the data is processed;
• to have your data removed in certain cases;
• to “limit” the amount of your data that we process in certain cases (please note: we aim to collect as little data as possible (data minimisation));
• to object to the use of your data in certain cases;
• to revoke permission for the use of the data if you have previously consented to the use of your data. The withdrawal then applies to the future use of your data;
• to receive your data in a standard data format and, if this is technically possible, have this data transferred to another party if you supplied the data yourself or if the data was created by you (for example, based on your use of our HR system) and you have given permission for this, or the data is required for the implementation of the agreement and if the data is to be processed digitally;
• to submit a complaint to the competent authority that supervises compliance with the privacy legislation. In this case, we would appreciate it if you contact us first to see if we can resolve your complaint.
If you wish to invoke your rights, you can contact the contact person(s) mentioned in this privacy statement. If we have good reasons to refuse your request, we will explain why.
For questions, requests or complaints about the processing of your personal data, please contact:
Email : firstname.lastname@example.org
Tel: +32 3 560 09 20
If despite all our efforts you still have complaints about the way in which we handle your personal data, you can always file a complaint with the Belgian Data Protection Authority: Gegevensbeschermingsautoriteit, Drukpersstraat 35, 1000 Brussels, telephone +32 (0) 2 274 48 00, fax + 32 (0) 2 274 48 35, email@example.com, www.gegevensbeschermingsautoriteit.be.
Date and amendment of the privacy declaration
We reserve the right to amend this privacy declaration. We will inform you of major amendments accordingly.
This privacy statement enters into force on 24 May 2018.