Privacy Statement

WHO ARE WE AND WHAT DO WE DO?

We are MrWork B.V. We offer services in the field of online recruitment processes via social media, search engines and other online marketing ("Services"). You can find more information about our Services on the website:mrwork("Website").

This privacy policy applies to the use of our Website and the Services we offer.

WHAT IS THIS?

This is a Privacy Policy. In this document, we explain what kind of personal data we collect through our Website and Services. We also explain the purposes for which we use the data, how we secure it and how we store it.

PRIVACY AND RELEVANT LEGISLATION

We consider your privacy very important. We comply with the new General Data Protection Regulation ("AVG"), which replaced the various privacy laws in European member states as of 25 May 2018. This legislation will be referred to below as the "Relevant Legislation".

APPLICABLE LAW AND COMPETENT COURT

Personal data refers to any information by which you can be directly or indirectly identified. This definition is in line with Relevant Legislation. Incidentally, this is a broad definition: even dynamic IP addresses are considered personal data under certain circumstances.

OUR POSITION AS PROCESSORS AND CONTROLLERS

We collect and process most personal data on behalf of our clients as part of our Services. Our clients determine the purpose and means of these processing of personal data, which means that they act as "Processors" within the meaning of the Relevant Legislation. We process this personal data only in accordance with our customers' instructions and not for our own purposes. In this context, we therefore act as a "Processor" within the meaning of the Relevant Legislation.

Apart from processing personal data on behalf of our clients, we also collect and process some personal data for our own purposes. In this context, we ourselves act as Processors within the meaning of the Relevant Legislation.

WHAT PERSONAL DATA DO WE COLLECT?

As data controller

As the Controller, we collect and process the following personal data:

Data of potential applicants who e-mail a job offer to themselves

  • Email address.
  • Contact details of our clients
  • Name;
  • Company name;
  • Phone number;
  • Email address;
  • Function within the company;
  • Company address;
  • Other data shared via email, contact form, phone or other messaging services;
  • Bank account number;
  • VAT number;
  • Chamber of Commerce number.

Login details of our users' accounts

  • Name;
  • Email;
  • User ID;
  • Password;
  • IP address;
  • Browser data;
  • Registration details;
  • Registration time;
  • History time of login;
  • History time of password change

Contact details of persons (potential clients) who fill in a form on, for example, our website

  • Name (optional);
  • Company name (optional);
  • Phone number (optional);
  • Email address;
  • Position within the company (optional);
  • Other data shared within the message (optional).

WHAT WILL PERSONAL DATA BE USED FOR?

As a processor

Data of potential applicants

We process the data of potential applicants on behalf of our clients solely to provide our Services to them. This includes using trackers to show personalised ads (also known as 'interest-based ads' or 'retargeting') and to measure the conversion of an online campaign. We will delete personal data as soon as our customers request it. These and other agreements are set out in the processor agreement [link] we enter into with our customers.

As data controller

We use personal data as Processor for the following purposes:

Data of potential applicants emailing the job to themselves

  • These data are used to send an email as a reminder to yourself or to alert an acquaintance to a vacancy. These data are only used to enable us to send the e-mail. We do not use this data for other purposes and do not share it with our customers or other parties.

Contact details of our clients

  • To identify our clients, to maintain contact about the cooperation and to send our clients, invoices for the Services we perform for them.
  • To contact clients to keep them informed of developments in our services and offer our Services to them.

Login data of the accounts of our users and clients

  • To create and manage accounts for users and clients on our Website;
  • Recognition of the logged-in user;
  • Protection of data in case of misuse via same IP address;
  • Protection of IP address on password reset request.

Contact details of persons (potential clients) who fill in forms on our website, for example

  • To approach and inform recruitment and HR departments of companies about our Services.

Data of potential clients and applicants (at MrWork)

  • We process the data of potential clients and job applicants (at MrWork) to be able to show personalised ads (also known as 'interest-based ads' or 'retargeting') using trackers and to measure the conversion of an online campaign. We also use the data of potential customers who have filled in a form on the website to send the relevant and additional information requested.

HOW LONG DO WE KEEP PERSONAL DATA?

As data controller

As the Controller, we delete personal data as soon as it is no longer necessary for the above purposes, unless a longer period is necessary to comply with legal obligations (such as tax obligations) or to defend a legal claim. If you would like to receive more information about how long we keep your personal data, access your data or have it deleted, please contact mrwork.

DO WE SHARE YOUR PERSONAL DATA WITH OTHERS?

As a Processor

As a Processor, we only process personal data on behalf of our clients according to their instructions. We will never share this personal data with anyone unless our clients instruct us to do so.

However, it is possible that we use the services of "Sub-Processors" (on behalf of our clients), for e.g. data storage and monitoring of recruitment campaigns. In this context, these Sub-Recessors will receive personal data. The Sub-Recessors must strictly follow our instructions and those of our customers on the processing of this personal data. They will therefore not use the personal data for their own purposes. We ensure that all Sub-Processors comply with the requirements set out in the Relevant Legislation. The Sub-Processors we may use as Processors for this purpose with the consent of our customers include: Amazon Web Services, Google and Mandrill.

We may also use the services of Sub-Processors for personalised advertising (also known as 'interest-based advertising' or 'retargeting'). The Sub-Processors we may use as Processors for this purpose with the consent of our customers include: Google, Facebook, Twitter and LinkedIn. These third-party vendors may display your ads on sites across the internet.

As data controller

We also use the services of Sub-Processors for the personal data we process for our own purposes. The Sub-Processors we may use as Processors include: Amazon Web Services, Google, MailBlue, and Salesforce.

Apart from the above, we will not share your data with third parties - unless we are legally obliged to do so.

EXPORT OF DATA OUTSIDE THE EUROPEAN UNION

We may transfer personal data to parties outside the EU, if requested by our clients or if one of our Sub-Processors is located outside the EU. Personal data will only be transferred to countries and/or parties offering an adequate level of protection that complies with European standards. Among other things, we will check whether a non-EU organisation is on the Privacy Shield List and whether the third country's level of protection has been approved by the European Commission.

If, for the benefit of our clients, we use processors based outside the EU that do not provide an adequate level of protection that meets European standards, we will stipulate this in the agreements with the client. The customer, as Controller, will ensure the required consent of data subjects for the use of these parties.

The transfer of data outside the EU will always take place in accordance with Relevant Legislation (such as Article 76 paragraph 1 of the Personal Data Protection Act - as of 25 May 2018 replaced by chapter 5 of the AVG).

GENERAL AGGREGATED (NON-PERSONAL) DATA

We can convert your personal data into non-personal data. This means that the data will be completely and irreversibly anonymised and aggregated: it then no longer contains any personal data as no identification can take place on the basis of the data. We may share this aggregated data with trading partners for analysis purposes, building demographic profiles and improving our services.

HOW DO WE PROTECT PERSONAL DATA?

We protect the all personal data we process against unauthorised or unlawful access, modification, disclosure, use and destruction. We take the following technical and organisational measures to protect the data:

  • Securing network connections via Transport Layer Security (TLS);
  • Limited access to (personal) data for employees via two-step verification;
  • Encryption for passwords and authentication tokens;
  • Passwords that are complex and need to be replaced every 2 months;
  • Encryption with personal data using XTS-AES-128 encryption with a 256-bit code;
  • While signing the employment contract, the employee has agreed, in addition to the general terms and conditions and privacy policy, to the confidentiality of all data and all details both during and after employment;
  • Every employee at MrWork is aware of the latest developments in privacy policy. Furthermore, there is a privacy FAQ and hotline where people can ask questions;
  • Every employee at MrWork is aware of the clean desk policy. Hardcopy documents are physically stored in locked cabinets and laptops are automatically locked within 15 minutes
  • Annual internal security audits.

COOKIES

We may use cookies on our Website. In doing so, we act as the Controller. A cookie is a simple small text file that can be placed on your computer when you visit the Website. This text file identifies your browser and/or computer. When you visit our Website again, the cookie ensures that our Website recognises your browser or computer.

We use the following types of cookies

Functional cookies

Functional cookies are essential for the operation of our Website. They enable you to navigate through our Website and use the features incorporated therein.

Analytical or statistical cookies

Analytical cookies are used to examine the quality and effectiveness of the Website. For example, we can see how many users visit the Website and which pages are visited. We use this information to improve our Website and services.

If you do not want cookies to be sent to your computer, you can change this using your browser's cookie settings. Please note that some functions or services of our Website may not function properly or at all without cookies.

Tracking cookies

Tracking cookies track the click and browsing behaviour of our visitors. Cookies from external suppliers, including Google, Facebook, Twitter and LinkedIn, may be used to display advertisements based on a user's previous visits to our (job) website.

We use the following cookies

  • Google Tag Manager;
  • Cookie Consent;
  • Facebook Connect;
  • Google Analytics;
  • Linkedin Analytics;
  • Google Analytics Audiences;
  • DoubleClick;
  • MailBlue;
  • Linkedin ads;
  • Facebook Custom Audiences.

If you do not want cookies to be sent to your computer, you can opt out of the use of a third-party vendor by visiting the Network Advertising Initiative opt-out page.

You can also opt out of Google cookies. Information about this is available in Google's Advertising Settings.

THIRD-PARTY WEBSITES

You may find (hyper)links on our Website that link to the websites of partners, suppliers, advertisers, sponsors, licensors or other third parties. We have no control over the content or links that appear on these websites and we are not responsible for the practices of websites linked to or from our Website. In addition, these websites, including their content and links, may change constantly. These websites may have their own privacy policies, terms of use and customer policies. Browsing and interaction on any other website, including websites linked to or from our Website, are subject to the terms and policies of that website.

CHANGES TO THIS PRIVACY POLICY

We are constantly looking for ways to improve our Website and Services. We may therefore update this privacy policy from time to time. If we change the privacy policy in any significant way, we will post a notice on our Website along with the updated privacy policy.

YOUR RIGHTS AND OUR CONTACT DETAILS

As defined in the Relevant Legislation, you have the right to:

  • Requesting us to correct or update your data;
  • Requesting us to remove your data from our database, without giving reasons;
  • Request a copy of all personal data we have processed about you from us
  • We can also forward this copy to another data controller at your request;
  • Revoke your consent to the processing of your data. This does not affect the validity of the processing operations before the moment you withdraw your consent;
  • Object to the processing of your data with us;
  • To file a complaint with the Personal Data Authority if you believe we are processing your data unlawfully.
  • If you have any questions, comments or concerns about how we handle your personal data, please contact us using the contact details below.

MrWork B.V.
Wilhelminakade 320
3072 AR Rotterdam

T: 010 737 15 21
M:mrwork
W:mrwork

Chamber of Commerce number: 57298890
VAT number: NL852521480