Last update: 29/05/2023
For which purposes we process your data
We may process your personal data for recruitment purposes to assess if you are suitable to enter into employment contract with us when:
- you apply for open positions at Creditnews;
- based on publicly available information regarding your professional background, it seems that you could be a good fit for us;
- someone refers you to us.
Your personal data we process
We may process your personal data, such as your name and surname, email address, telephone number, address, education, languages proficiency, certifications, recommendations, additional training, CV, attachments to your CV, cover letter, employment history, current workplace, non-disclosure agreement, LinkedIn URL, GitHub URL, personal website URL, tasks performed by you, interview notes about you, desired salary and similar related information.
When applying please do not include information on your personal identification numbers in the submitted documents and consider whether there is any other more sensitive personal information, such as health information, information on family relations or similar, that is not necessary for the recruitment process.
In general we collect the information directly submitted by you. However, we may also obtain some of the information from:
- related companies;
- our employees, your former employers/ colleagues and other referrals;
- job portals such as cvbankas.lt (UAB Diginet LTU) and cvonline.lt (UAB CV-Online LT);
- LinkedIn Ireland Unlimited Company, LinkedIn Corporation and other business-related social media sources and/or collaboration platforms; if we collect any information from your social media profiles, we make sure that it is relevant to the job position you applied for.
Basis for processing
We may process your personal data based on the following:
- we have the intention to enter into a contract with you (Art. 6(1)(b) of the General Data Protection Regulation (hereinafter – the GDPR)) – when you apply for a particular job position and we assess your suitability for the role;
- you have given consent to the processing of your personal data (Art. 6 (1) (a) of the GDPR) – when you permit us to contact you about the future job opportunities;
- We have legitimate interest to gather and process your personal data from legitimate sources (Art. 6(1)(f) of the GDPR) – when we find your publically available professional background suitable for us or someone you know refers you to us.
Please note you are not legally obliged to provide us with your personal information under statutory requirement. However, if you do not provide us with information, we will not be able to assess your application and your suitability to enter into an employment contract and provide a job offer to you.
We never ask for special categories of personal data (e.g. health data) as a mandatory during the recruitment process. If you nevertheless and against our will provide us with such data, the legal basis for processing is your consent (Art. 9(2)(a) of the GDPR).
Data storage term
When you apply for a particular job position, we, in general, will store your personal data until the end of the recruitment process for a particular position. If you become an employee, we will save your application information within the employee file. If you permit us to contact you about future job opportunities we will store your personal data up to 3 (three) years.
We may share your data with other companies, which are related to us, if we see that you could be a great fit for an open position they have.
In order to manage our processes efficiently we may also share your data with our third-party service providers, such as email providers, web hosting providers, HR management tools providers, data storage service providers and others. In any case, they can access the data only as much as is needed for the provision of their services.
If any of these third parties are based outside of the European Economic Area, we make sure that they process personal data according to European privacy standards.
Keeping your data safe
We take information security seriously and put a great effort to ensure the information we hold on you remains safe. We limit who has access to your information and ensure that those who do are bound by contracts to keep your information availability restricted and safe. Unfortunately, the transmission of information via the Internet is not completely secure. And even though we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through any online means; therefore, any transmission remains at your own risk.
GDPR and other laws provide you with certain rights, procedures for implementation of and exceptions to these rights. When allowed by law, you have following privacy-related rights that you can implement by contacting us via our Contact form:
- to request a confirmation that we are processing your personal data;
- to get familiar with your personal data and how it is processed;
- to demand to correct inaccurate personal data;
- to request us to delete the information we have about you if we use it illegally or there are other legal grounds for deletion;
- to request us to restrict the processing of your information – if you dispute the accuracy of the data or object to the processing of the data, if you do not accept that your data would be deleted which was illegally processed, or if you need the data to claim, execute or defend legal claims;
- to demand to transfer your personal data to another data controller or provide it directly to you in a convenient form (applicable to that personal data that you submitted and that is processed on the basis of the agreement or consent);
- to object to the processing of your personal data if it is processed on the basis of a legitimate interest;
- in cases where your personal data is processed on a consent basis, you have the right at any time to withdraw your consent to the processing of your personal data.
If you believe that your data is processed unlawfully, you have a right to contact a relevant data protection authority (State Data Protection Inspectorate in Lithuania or other authority in the Member State of your habitual residence or place of an alleged infringement of the GDPR and seek a judicial remedy). We would appreciate it if in any case you would contact us first to resolve the problem together.