DATA PROTECTION DECLARATION
Personal data protection declaration, has to do with the way data that site users communicate during their navigation on the site is collected, used and stored.
LEVERAGE AUDIT S.A. (hereinafter referred to as "the Company") informs you about how we use your personal data, collected through our website, according to the EU Regulation (EU) 2016/679 and the provisions of the Greek law about personal data protection.
Definition of “Personal Data”:
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
Special Categories of Personal Data (Sensitive Personal Data):
personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation shall be prohibited.
What personal data does the Company collect?
We collect only the personal data that you chose to provide us with, either by mail, in our website contact form, or by sending your Curriculum Vitae.
We may collect the following personal data about you: Full name, date of birth, gender, e-mail address, postal address, phone number, as well as other information, such as a Curriculum Vitae.
*We do not collect or store any data concerning minors or sensitive personal data.
Why do we collect personal data?
The personal data provided by visitors on our website are used exclusively for the purpose for which they were submitted as per the relevant collection point.
Use and sharing of your personal data:
Personal data collected stay in our company and are not shared, being accessed only by the people in charge.
The Company or/and the Group may disclose the above personal data to IT support services providers and web support companies, web hosting companies, and companies providing advisory services on candidates' recruitment process.
How does the company protect personal data?
The Company or/and the Group collect, maintain and process your personal data in a manner that ensures their protection. Specifically, your personal data is processed solely by specifically authorized personnel or by suppliers of the Company or / and the Group which are bound towards the Company or/and the Group with the same obligations regarding your personal data protection, while all appropriate organizational and technical measures are in place for data security and protection against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access and any other form of illicit processing.
How long personal data is kept
The personal data that you submit in our website is kept only for as long as it is required, for the purposes for which it was collected or as required by law.
Data Subjects’ Rights
This section presents your rights with respect to your personal data. These rights are subject to certain exceptions, reservations or limitations.
The Company or/and the Group shall ensure that you exercise the following rights uninterruptedly:
- Right of information/update
You have the right to request and receive clear, transparent and easily understandable information about how we process your personal data.
- Right of access
You have the right to access your personal data for free, except in the following cases, where there may be a reasonable charge to cover the administrative expenses of the Company or / and the Group:
- Manifestly Unfounded or excessive in particular because of their repetitive character
- Additional copies of the same information
- Right to Rectification
You have the right to request the correction of your personal data if it is inaccurate or incomplete.
- Right to Erasure
You have the right to request the deletion or removal of your personal data when it is no longer necessary for the purposes collected or there is no legitimate reason to continue processing it. The right to erasure is incomplete, if there is a specific legal obligation or other legal reason for keeping your personal data by the Company or / and the Group.
- Right to Restriction of Processing
In some cases, you have the right to restrict or terminate further processing of your personal data. In cases where processing has been restricted, your personal data remains stored, without being subject to further processing.
- Right to Data Portability
You have the right to request your personal information, which you have provided us, structured and commonly used format readable by machines and forward that data to another data controller.
- Right to Object
You have the right to object at any time and for reasons related to your particular situation to the processing of your personal data, unless the Company or / and the Group demonstrate imperative and legitimate reasons for such processing.
- Rights on automated individual decision-making and profiling
The Company and the Group do not make automated individual decision-making, including profiling.
The right to data portability
You have the right to request your personal information, which you have provided us, structured and commonly used format readable by machines and forward that data to another data controller
Withdrawal of consent
Right to complain
For any further information in relation to your rights or in case to complain can contact to the Hellenic Data Protection Authority (HDPA), phone number: +30-210 6475600, site: : http://www.dpa.gr/
Modifications to the present Privacy Statement
Our goal is to review and to update this Privacy Statement, so as to comply with the relevant legislative and regulatory requirements and provide at the same time the optimum personal data protection. Any further update will be shared through this site.
Processor: means a person or legal entity, public authority, agency or other body which processes personal data on behalf of the controller.
Consent: any freely given, specific, informed and unambiguous indication of the data subject's will, by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed
Phone number: +30 210 3616776
Address: 64, Dinokratous Str & Iatridou
Athens, Greece, 11521
PRIVACY STATEMENT CONCERNING CANDIDATES FOR EMPLOYMENT
LEVERAGE AUDIT S.A. (Hereinafter referred to as "the Company") takes a highly responsible approach towards the protection of personal data and privacy, and views these issues as priorities. As part of this approach, and in accordance with Article 13 of the General Data Protection Regulation, we have published this Statement to inform candidates for employment about the processing of their personal data.
- Contact Details for Data Protection Officer (DPO)
Contact Telephone Number: +30 210 3616776
Address: 64, Dinokratous Str & Iatridou
Athens, Greece, 11521
- Collection and processing of personal data
Personal Data collected from the candidates themselves include:
- Name and Surname
- Contact details (phone numbers, email, physical address)
- Details of Education
- Military Service status (for male candidates)
- Other identification details (TIN, Social Security number - AMKA)
- Copies of other documents (Certificate of Military Obligation, Degrees, Driving License, Work Permits, etc.)
- Other information provided by candidates through job search websites, email, personal interviews and/or any other method.
- Personal data collected about candidates from other sources include: Verification of the information provided during the recruitment process by contacting relevant third parties (for example previous employers, educational institutions and/or institutions and providers)
- Information from social networking sites of which the candidate for employment, is a member and which is related to job search aims and recruitment.
- Information from employment agencies and candidate evaluation agencies.
Creation of personal data during the recruitment process.
As part of the recruitment process, the Company creates personal data such as the following in relation to the candidates:
- Interview and evaluation results
- Purposes of Processing
The Company collects and processes the abovementioned data about candidate employees mentioned for the following purposes:
- To examine candidates' applications for a particular job.
- To communicate with candidates during the recruitment process.
- To enrich the data it has received from candidates with information from third parties.
- To find suitable candidates to fill vacancies.
- To keep recruitment records.
- To ensure the Company complies with the requirements of the legal framework under which the Company operates.
The Company may use third parties/associates/specialized personnel to select candidates for evaluation on the basis of specified criteria it has set. However, the process of finding suitable candidates is not automated and any decision related to choosing people to fill any position is made by the Company's staff.
- Legal Basis
The legal basis for the collection and processing of candidates' data is the Company's legitimate interest, more specifically its recruitment of suitable personnel for each position in the company.
Health data is collected from candidates for employment, in accordance with the relevant legal provisions, in order to assess their ability to undertake a particular job.
When collecting personal data from the candidates themselves, the Company will inform the candidates on whether or not it is obligatory to provide the personal data requested at any time. In the event of failure to provide some of the requested information, for example a failure to send a required degree, the Company will not be able to assess the candidates for the particular position for which they have applied.
When candidates send CVs or personal information to the Company on their own initiative, without the Company having announced that any particular position is vacant, the candidates give their consent to the processing of their data in accordance with the applicable legislative framework and this Statement.
- Data Transfers
The Company may transmit data to candidates for employment as part of its cooperation with providers which provide services that require the use and/or creation of data on candidates, in relation to the purposes described in this Privacy Statement and in accordance with the current legislative framework. In these limited cases, selected third parties may have access to the candidates' data. Before disclosing any information to a third party, the Company will ensure that each recipient has committed to adhering to strict safety standards and to maintaining confidentiality.
In the event of a merger and/or acquisition, the Company may disclose the information on the candidate employees to interested third parties.
The Company does not sell or market candidate employees’ data to third parties. The Company may be obliged to disclose certain candidate data to third parties, such as government authorities, in accordance with applicable laws. In addition, the Company may disclose candidates' data if this is necessary to protect its legal rights in accordance with applicable laws.
- Data Security
The Company takes appropriate security measures to ensure all personal data is kept in the best possible manner and to prevent accidental loss or use of, or unauthorized access to, personal data, and limits access to candidates' personal data to people who actually require it to carry out their duties.
People who process personal data on behalf of the Company, do so in accordance with the authorization given to them by the Company and have committed to keeping their actions confidential. The Company has put in place procedures to deal with any data security breaches, so that it can comply with its legal obligations in the event of any breach of personal data.
Although the Company takes appropriate security measures to safeguard the confidentiality, integrity and availability of personal data, transmission of information over the Internet is never completely safe. As a result, the Company cannot guarantee the security of information when it is transmitted by any electronic means. Because of this, any such transfer is carried out at the sender’s responsibility.
- Data Storage
The personal data of candidates for employment is stored on servers located in Greece and is not transferred to third countries.
Countries in the European Economic Area are considered to provide the same level of protection of personal data as Greece does. If, in the future, the Company transfers personal data outside the European Economic Area, it undertakes the obligation to inform the data subjects and to provide appropriate or suitable safeguards to protect the personal data transmitted.
- Period for which personal data is kept
After the evaluation process is complete, and the necessary number, as foreseen by the Company, of candidates have been hired to fill the positions, the data of the candidates who are not immediately recruited by the Company are kept for a reasonable period, which will be determined according to the Company's requirements for filling the posts and which will be notified to the participants.
The request for revocation does not affect the legality of the processing which has been carried out up until that time.
- Data Subjects’ Rights
Under the General Data Protection Regulation, individuals may exercise the following rights:
- To be informed about the processing of their data
- To have access to their personal data
- To require that inaccurate data which concern them and are maintained by the Company be corrected.
- In some cases, to require that personal data that concerns them be deleted.
- To receive the personal data which concern them and have been provided to the Company in a structured, commonly used and machine-readable format, as well as to request the transmission of such data to third parties in some cases
- To object, at any time, to the processing of their personal data
- To request restriction of processing in relation to their personal data in certain circumstances
- To submit a complaint to the supervisory authority
More information on these rights, including the circumstances in which they can be exercised and how they are exercised, is included in the PRIVACY STATEMENT posted on the Company's website
- Changes to this Privacy Statement
The Company reserves the right to modify and update this Statement, whenever deemed necessary, as a result of legal, technical or business developments, and the changes will take effect upon their being published, either by posting them on the Internet or by any other means the Company considers appropriate and which ensures the consent of data subjects where required by the applicable legal framework