Please, read this policy carefully. By accessing or using any website that belongs to Sii, sending us any personal data in order to answer job offers, recommend a candidate, ask for an offer etc. or reading this policy, the User accepts its terms and confirms that he/she is familiar with its content.
Personal data − as defined by GDPR, any information relating to an identified or identifiable natural person. Identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an email address or a telephone number of the person and other data which, when combined with the above, may identify the User.
GDPR − General Data Protection Regulation 2016/679 of 27 April 2016 is a regulation in EU law that aims at protecting individuals with regards to processing personal data, free flow of such data and the repeal of Directive 95/46/EC (general data protection regulation). Sii processes Users’ personal data according to this regulation.
Specialist− a candidate offered by Sii to its clients.
User – a job candidate, newsletter subscriber, participant of a competition or training, person making an inquiry, recommending someone for a job or visiting any website that belongs to Sii including candidate portal.
Services − understood as services performed by Sii electronically by the website e.g. subscribing to a newsletter, sending inquiries via a contact form, sending documents necessary in the recruitment process, entering a competition, signing up for training, setting up an account on candidate portal.
By providing personal data on www.sii.pl and any other website that belongs to Sii, the User confirms that he/she has all necessary permissions to disclose personal data that will be later used by Sii in a manner described in this Policy.
Sp. z o. o., al. Niepodległości 69, 02-626 Warsaw, tel. (22) 486 37 37 is the Controller of User’s personal data provided while using any Sii’s website; in particular, while partaking in the recruitment process, conducting training, sending marketing information (e.g. newsletters), accepting participation in conferences or events or using other services available on the website.
Any questions regarding regulations concerning personal data processing described in this Policy should be sent to the Data Protection Officer appointed by Sii at firstname.lastname@example.org.
Sii processes personal data in order to:
In case of contacting Users in order to respond to an inquiry, the legal basis for processing personal data is Sii’s interest as a Controller of personal data provided on the contact form (Art. 6(1)(a) of the GDPR). It is justified by the need to provide a complex answer to the inquiring party. Without processing personal data (contact data in particular), Sii would not be able to do it and, as a result, help in addressing the issue defined in the inquiry.
What’s important in terms of consent for sending marketing information, if Users inquire about a particular offer (e.g. implementing CRM) by sending a contact form, they consent to receiving this offer by clear affirmative action. Thus, point 1 regarding unwanted marketing information is invalid.
In case handling a job application, the legal basis for processing personal data is User’s consent to process personal data (Art. 6(1)(a) of the GDPR). More detailed information regarding processing personal data in terms of recruitment activities is provided in the chapter IX of this Policy.
In case of partaking in competition, the legal basis for processing personal data is User’s consent to process personal data (Art. 6(1)(a) of the GDPR). Regulations regarding providing consent are as described in point 1, paragraph 1-2 of this chapter. More detailed information regarding competitions is provided in the chapter XIII of this Policy.
In case of trainings, the legal basis for processing personal data is the agreement for the provision of training services concluded with Sii by sending an order form (Art. 6(1)(b) of the GDPR).
Sii is entitled to disclose personal data to parties authorized by law.
Sii can disclose Users’ personal data to parties supporting Sii in fulfiling particular orders in cooperation. Such parties may include:
Disclosing personal data occurs by entrusting personal data processing. In order to do so, Sii concludes entrusting personal data processing agreements with the abovementioned parties that meet requirements of Art. 28 (3) of GDPR.
Sii may also disclose Users’ personal data to its clients during recruitment conducted for them in order to process employment and delegate Workers to provide services within outsourcing of Specialist and whole teams. Sii have concluded relevant agreements or contracts that define rules for entrusting personal data.
Each User, according to rules defined in the chapter VII of this policy, is entitled to receive information regarding a client that received their personal data.
Taking into account that Sii cooperates with subsidiary Sii Sweden AB (registered in Stockholm, BOX 47089, 100-74 Stockholm, register number: 559188 – 7954; later referred to as Sii Sweden) that uses solutions and resources (business processes, IT systems) that belong to Sii, Sii Sweden has access to Users’ personal data. Such data may be processed:
Asserting rights by the User is possible according to regulations of processing personal data by Sii defined in the chapter VIII of this Policy.
In accordance to Chapter III, Art. 15-21 of the GDPR, the User has following rights in connection to processing his/her personal data by Sii:
All of these rights are executed at the request sent by the User at email@example.com. Sii verifies each request and provides a response within 1 month of sending. Such response includes information on activities that have been undertaken as well as the estimated time for handling the request itself if it requires further action.
Taking into account point 8, the User may at any given moment withdraw the consent to process personal data for purposes that require his/her consent. It may be done if the withdrawal does not affect the legal use of personal data in activities conducted on the basis of the consent granted before the withdrawal.
As a part of the right to access personal data, the User is entitled to obtain copies of information on:
Sii informs that every following copy of personal data is connected with a fee resulting from costs incurred while creating another copy. The cost is provided to the User after estimating the scope of information defined in the request.
Sii reserves the right to respond later than indicated above (up to two months) in case of a large number of requests or complex nature of the inquiry. Complex nature is understood as a need to prepare a summary of personal data from multiple systems, a need to consult with more than one person from one or more departments in order to obtain requested information. Sii is obliged to inform the User about such situation and provide a relevant explanation.
Sii is entitled to refuse recognition any of the rights defined in Art. 15 – 22 of GDPR if the User makes request repeatedly, excessively and without proper justification. Each time Sii will justify the refusal to recognize any right mentioned in the request. Repeated and excessive manner includes sending several request of similar nature to the first one even if the issue was handled the first time and all necessary information was provided e.g. the User sends a request to access information, Sii provides it but the request is repeated without proper justification.
Sii recruits for its own needs as well as for its clients due to e.g. services connected with providing Specialists. Therefore, be mindful that your personal data may also be processed by Sii’s clients. Such information is provided in job advertisements which specify that the recruitment process is conducted on the behalf of the client. In addition, note that the consent provided to partake in a given recruitment process on a chosen job position also covers partaking in recruitment processes in the future. This means that personal data will be stored in Sii’s database in order to send information on positions tailored to a profile and professional experience of the User.
According to the chapter VIII of this Policy, the User may withdraw consent to further processing of personal data. It may be done if the withdrawal does not affect the legal use of personal data in activities conducted on the basis of the consent granted before the withdrawal.
Personal data may be also processed if the User has been recommended by another person. In such case, the recommending person enters own personal data, data of the recommended person with his/her CV. Sii verifies the received CV taking into consideration the consent, that meets the requirements of the GDPR, of the recommended person to process his/her personal data. If such consent has been granted, Sii has permission to use the data for recruitment process’ purposes.
By submitting an inquiry or signing up for a training, conferences or other event organized by Sii, the User may consent to processing of personal data in order to receive marketing information on products and services offered by Sii, including newsletters. The rules for obtaining such consent have been described in the chapter VI points 1-2 of this Policy. The consent may be withdrawn anytime taking into consideration rules defined in the chapter VIII of this Policy.
User’s consent for processing personal data (Art 6 (1) (a) of GDPR) is the legal basis for sending newsletters. It can be granted while providing one’s e-mail address in the newsletter subscription form or gated content as well as by checking a box while completing a contact or recruitment form. Providing the e-mail address in the newsletter subscription form is a clear affirmative action of consenting to processing personal data as defined in the Art 4 (11) of GDPR regarding the definition of consent as well as connected 32nd motif of GDPR explaining the clear affirmative action.
According to the abovementioned motif, a clear affirmative action includes informing Sii that User’s e-mail address provided in the form may be used for sending newsletter that includes Sii’s promotional information. It is one of acceptable forms of consenting to using provided e-mail address for the defined purpose (such forms also include checking a box located near the content of the consent).
Consent to sending unsolicited marketing information, according to Art. 10 of rules for electronically supplied services and Art. 172 (1) of Telecommunication Act, is provided by the user independently and separately by checking a dedicated box located near the content of the consent.
In order to obtain some materials uploaded to Sii’s website, it may be necessary to complete a form that requires providing personal data. Such data will be processed according to the consent (Art 6 (1) (a) of GDRP) expressed by a clear affirmative action. If the User wishes to receive other marketing information, he/she may state so by checking a relevant box. If the User will not state so, it means that he/she is not interested in receiving other information thus Sii will not send it.
Sii provides open and dedicated training organized for clients and other interested parties. Therefore, Sii processes personal data of Users partaking in trainings for the purposes of organizing and handling any issues surrounding the training.
In Sii, profiling is understood as a form of automated processing of personal data that includes using some of User’s personal data. Obtained data may include information from social media profiles, location or data provided by Users via Sii’s website. It allows Sii to:
One of the tools used for profiling is Social Discovery which is a part of Click Dimensions application. It binds data provided to Sii by the User during recruitment process or subscribing to a newsletter with data available on social media (e.g. LinkedIN, Goldenline) also provided by that User. Data binding allows Sii to create User’s profile which can be used in:
Owing to that, we do not sent irrelevant and unwanted information as well as reduce the risk of creating spam.
An example of such activities may be binding data provided during recruitment process (e.g. CV, covering letter) and contact data (e.g. e-mail, phone number) with information provided on websites such as LinkedIn or Goldenline (e.g. identification and contact data, professional experience description, education, skills or interests). In this case, binding data means connecting information from own IT systems (such as job candidate data kept in CRM) with information provided online.
Using this tool influences the scope of information sent to the User e.g. content of newsletter that may include information on trainings, events, current promotions or discounts. In case of recruitment, the obtained data allows making a decision whether the User should be still processes as a job candidate, have technical tests or be presented to a client.
All of the abovementioned aspects of using the tool and its effects are the justified interest of Sii as a Data Controller (Art 6 (1) (f) of GDPR). The reason being that personal data obtained by the tool allows Sii to make decisions that enable decreasing the operational cost of recruitment processes, marketing activities that aim at building Sii’s reputation as a reliable company which focuses on the quality of provided services and worker satisfaction as well as respecting User’s needs and requirements in terms of sent information.
Sii ensures that information or data gained by the tool are used only for purpose described above and are not shared with other parties that specialize in creating such profiles. The User may object to profiling at any given moment according to chapter VIII, points 6-7 of this Policy. As a result, the User will not receive any marketing or sales information as well as updates with job offers tailored to his/her profile or competences. In addition, it also means that Sii will stop using the tool to profile this User’s personal data but is still able to process it in case of having a different legal basis e.g. consent.
Sii processes Users’ personal data in relation to organizing and holding competitions. By signing up for an event using a special form or contact by e-mail, the User allows processing his/her data in order to carry out all activities connected with a given competition. The legal basis for processing such data is a consent (Art 6 (1) (a) of GDPR) provided by a clear affirmative action. The User may withdraw the consent according to chapter VIII, point 8 of this policy but as a result he/she will not be able to partake in the competition.
Sii has implemented appropriate (organizational and technical) security measures to protect personal data from loss, misuse, unauthorized processing or modification. Sii is obliged to protect any information disclosed by Users in accordance to security and confidentiality standards.
Sii has implemented the Information Security Management System that is certified as compliant with international ISO 27001 security norms which ensure that Sii operates according to GDPR regulations in terms of implemented security measures for processing personal data (Art 32 of GDPR). Sii has proper procedures for managing accesses to IT systems that disable unauthorized workers from processing data. Sii’s workers are subjected to regular trainings regarding secure processing of personal data and current threats. In order to guarantee the security of personal data provided by the users, Sii uses dedicated SSL certificates that use data encryption keys based on most reliable encryption algorithms such as RSA or SHA (min. 1024 bites) to transfer data provided on Sii’s websites to IT systems.
Sii declares that www.sii.pl and other websites that belong to Sii
on his/her device as explained below.
Settings regarding cookies used on the www.sii.pl and other websites may be modified via our website or via a third-party website. Cookies are used to:
Types of cookies used by Sii: