Privacy Policy - Marketing
Jobilla Oy
Privacy Policy - Marketing
Version: Apr 25, 2023
General Information
This privacy policy explains how Jobilla (“Jobilla” or “we”) collects, stores, uses, discloses, and protects your personal data as a data controller in relation to our marketing activities as well as the rights you have under this Privacy Policy. We only process personal data in accordance with the European General Data Protection Regulation (2016/379) (the “GDPR”) and the applicable national laws.
This Privacy Policy applies to all data processing that is not related to Jobilla’s own personnel, Jobilla’s existing customers or users of Jobilla’s Recruitment System. This can be for example employees of potential customers, visitors to Jobilla’s webpages, attendees in events organized by Jobilla and persons who have subscribed to Jobilla’s marketing communications.
For information on data processing when Jobilla acts as the data processor on behalf of our customers, see the privacy policy of the data controller in question.
For information on data processing when Jobilla acts as the data controller in relation to Jobilla’s recruitment software, see the Privacy Policy - Jobilla Recruitment System.
We may update this privacy policy from time to time to reflect changes in our data protection practices or legal requirements. We will notify you of any material changes to this privacy policy by posting a notice on our website or through other communication channels.
Data Controller and Data Protection Officer
If you have any questions or concerns about our data protection practices, or if you have any requests for resolving issues with your personal data, please contact us:
Data Controller: Jobilla Oy
Business ID: 2655898-5
Address: Vuorikatu 16 A 8, 00100 Helsinki, Finland
Data Protection Officer: Janne Rotko
E-mail address: privacy@jobilla.com
Jobilla Oy is the parent company of Jobilla Group. The subsidiary companies carry out some of the processing on behalf of Jobilla Oy under a separate data processing agreement.
Jobilla Group subsidiaries
Jobilla DACH GmbH
Handelsregister: HRB223154B
Friedenstraße 91 / 91 a
10249 Berlin
Jobilla Benelux B.V
KVK-nummer: 88288528
Regentesselaan 2 C
7316AC Apeldoorn
Legal Basis for Processing Personal Data
We process your personal data on the basis of one or more of the following legal grounds:
- Contractual necessity: We process your personal data to fulfill our obligations under a contract with you, such as providing you with our products and services.
- Legitimate interests: We process your personal data for our legitimate interests, such as improving our products and services, conducting market research, and protecting our website and services from fraud and abuse. We will only rely on this legal basis when we have carefully considered and balanced any potential impact on your privacy rights and freedoms.
- Consent: We will obtain your consent before processing your personal data for certain purposes, such as sending you marketing communications.
- Legal compliance: We may process your personal data to comply with applicable laws, regulations, or legal obligations, such as responding to a lawful request for information from a government authority.
More exact information for the legal basis for each processing activity is provided later in this Privacy Policy in chapter ‘Use of Personal Data’.
Where we rely on your consent as the legal basis for processing your personal data, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us at privacy@jobilla.com. We also provide options to unsubscribe from our marketing communications at the end of each message.
It is to be noted that if necessary consents are not granted to Jobilla, we are not able to take any actions with consent as the legal basis for processing of your personal data.
If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).
Similarly, if we collect and use your personal data in reliance on our (or a third party’s) legitimate interests which are not already described herein, we will make clear to you at the relevant time what those legitimate interests are.
Personal Data We Collect
We may collect the following categories of personal data about you:
- Contact information, such as your name, email address, postal address, and phone number;
- Marketing and communication preferences, such as your opt-in preferences for receiving marketing communications and newsletters.
- Usage information of our websites, services and products through the use of cookies and other technological means.
We collect this personal data directly from you when you provide it to us, or automatically when you use our products and services, such as when you browse our website. Contact information may be provided to us by third parties.
Cookies and Other Technologies
We use cookies and similar technologies to collect information about your use of our products and services. Cookies are small text files that are stored on your device when you visit our website. They help us remember your preferences, understand how you interact with our products and services, and personalize your experience. We use cookies mainly to create and analyze the best possible user experience on our websites. Cookies are also used for marketing purposes.
We use the following categories of cookies:
- Necessary cookies, which are essential for the website and cannot be disabled on our systems. They are usually set based on the choices you make in relation to the services, such as privacy settings, logging in and filling in forms;
- Analytics cookies, which help us understand how visitors use the website. We may use cookies to collect information and provide statistics on the use of the website. The information collected may be used not only to provide website usage statistics, but also in conjunction with some of the advertising cookies described below, which help us to target online advertising and to measure the impact of advertising on users;
- Advertisement cookies, which we use to make ads as interesting and useful as possible for our website visitors. Most commonly, cookies are used to tailor advertising to the user, to improve campaign performance reporting and to prevent the repetition of ads you have already seen;
- Functionality cookies that are not necessary for the functionality of the website. They are usually set based on information provided on the website to customize and optimize the user experience and to store chat history, remember your preferences and personalize your experience, such as language and location settings.
We may also use third-party cookies, such as those provided by advertising and analytics partners, to collect information about your use of our website and services.
We provide functionality for you to choose to block some cookies. You can also manage your cookie preferences through your web browser settings. However, please note that blocking certain types of cookies may negatively affect the experience of using the website and limit the use of the services we can offer.
Use of Personal Data
We process your personal data for the following purposes:
Purpose | Legal Basis |
To provide and improve our products and services, including processing transactions, providing customer support, and personalizing your experience | Contractual necessity; Legitimate interest |
To communicate with you about our products and services, including sending you marketing communications and newsletters, where you have opted in to receive them | Consent |
To communicate with you about our products and services when we have a commercial interest, for example contacting employees of our previous, existing or relevant potential customers. Opt-out mechanisms are provided for these communications.The processing of personal data for the purposes of direct marketing can be considered as processing serving a legitimate interest. GDPR Art. 6(1)(f), recital 47 sentence 7. | Legitimate interest |
To comply with our legal obligations and enforce our rights, including protecting our intellectual property and preventing fraud | Legal compliance |
To perform research and analysis to better understand our customers and improve our products and services | Legitimate interest |
Disclosure of Personal Data
We only share personal data within Jobilla’s organization if and as far as reasonably
necessary for fulfillment of the processing purpose in question.
We do not share any personal data with third parties outside Jobilla’s
organization unless one of the following circumstances applies:
- We share personal data with our authorized service providers (processors) who process personal data on our behalf for specific purposes described in this Privacy Policy, such as cloud hosting providers, advertising and analytics partners. We have legally binding agreements with these service providers to ensure their commitment to the privacy and security standards at least as stringent as the terms of this Privacy Policy.
- We may share your personal data to third parties if it is necessary to (a) meet any applicable law, regulation and/or court order; or (b) detect and prevent security or technical issues or frauds; or (c) protect the interests, properties or safety of Jobilla, our Personnel or the public in accordance with the applicable law. In this case we will, if possible, inform you about such transfer.
- If Jobilla is involved in a merger, acquisition or business asset sale, we may transfer personal data to the third party involved. However, we will continue to ensure the confidentiality of all personal data. We will notify you when your personal data is transferred or becomes subject to a different privacy policy as soon as reasonably possible.
- We share personal data with third parties outside Jobilla’s organization for other reasons than the ones mentioned before, only when we have your explicit consent to do so.
Data Transfers
We store all personal data within the European Union and European Economic
Area to the extent it is possible. We have, however, service providers and business interests also located outside of the European Economic Area (meaning all European Union countries as well as Norway, Iceland and Liechtenstein, together the “EEA”), which means that we may transfer any personal data to service providers located in territories outside the EEA if necessary.
We strive to ensure that when your personal data is transferred outside of the EEA by
our service providers and hosting providers, appropriate measures and controls are in
place to protect that information in accordance with the applicable data protection
regulation. In each case, such transfers are made in accordance with the requirements
of the GDPR and may be based on the use of the European Commission’s Standard
Model Clauses for transfers of personal data outside the EEA.
Data Retention
The personal data we process is retained only as long as necessary for the purposes set forth in this Privacy Policy, unless longer retention is required by applicable law or where we have a legitimate and lawful purpose to do so.
When the personal data is no longer needed, we will destroy all such data in our possession within a reasonable time. Your personal data may also be destroyed upon your request unless the applicable law in force at the time of the request prevents deletion of such data.
Data Security
We take appropriate administrative, organizational, technical and physical measures to protect your personal data against unauthorized or unlawful access, processing, disclosure, alteration, accidental loss or destruction. These measures include, e.g., encryption, firewalls, secure facilities, and access right systems. We regularly test our websites, data centers, systems, and other assets for security vulnerabilities.
Should despite of the security measures, a security breach occur that is likely to have
negative effects to your privacy, we will inform you and other affected parties, as well as relevant authorities when required by applicable data protection laws, about the breach as soon as reasonably possible.
Third-Party Websites and Services
Our website and services may contain links to third-party websites and services that are not owned or controlled by us. We are not responsible for the privacy practices or content of these third-party websites and services. We encourage you to read the privacy policies of these third-party websites and services before providing any personal data to them.
Your Rights
Right to access your data. You have a right to access your personal data processed by us. If you wish to receive a copy of such personal data, please send
us an e-mail by using the contact information below.
Right to rectification. If your personal data changes, or if you find your personal data to be inaccurate, you may correct, update, or delete inaccuracies by sending us an e-mail by using the contact information below.
Right to withdraw consent. You have a right to withdraw your consent regarding the
processing of your personal data and require us to erase such data we have
processed based on your consent. We will retain and use such information only if we
have a legitimate and lawful purpose to do so, e.g., to comply with our legal obligation or resolve possible disputes. The withdrawal of your consent will not affect the processing already incurred prior to such withdrawal of the consent.
Right to erasure. You have the right to have us erase your personal data if (a)
such data is no longer necessary for the purposes for which it was collected or processed, (b) there is no justified reason for us to process your personal data or
(c) your personal data has otherwise been processed unlawfully. If you would like to have your personal data erased, please send us an e-mail by using the contact information below.
Right to restriction. You have a right to request us to restrict the processing of your
personal data e.g., when you are waiting for our response for your request to
access or erase your data.
Right to data portability. You have a right to receive your personal data you have provided us in a structured, commonly used, and machine-readable format and, if
you so desire, have your data transmitted to another controller, when technically feasible.
Right to lodge a complaint. If you feel our processing of your personal data is in breach of the GDPR or you are not satisfied for any other reason, please send us an
e-mail by using the contact information below. You also have a right to lodge a
complaint with a local supervisory authority.
How to use the above rights. The above-mentioned rights may be used by sending an e-mail to us on the addresses set out below, including the following information: name, e-mail, address and phone number. We may request the provision of additional information necessary to confirm your identity.
To exercise any of these rights, please contact us at privacy@jobilla.com.