Xpressjob(ESTA 4 d.o.o.) is fully committed to Data Protection and recognise its significance and importance. This policy ensures the protection of all personal information controlled or processed by the organisation and ensures an adequate level of awarenes to ensure Data Protection principles are applied across all areas of operation within Xpressjob(ESTA 4 d.o.o.).
Personal data is identified and managed in accordance with the Data Protectiom risk assessment methodology that endorses acceptable risk levels.
The Data Protection Policy is achieved by a stringent set of controls, including policies, processes, procedures,software and hardware functions. These controls are monitored, reviewed and improved by the Board to ensure that specific data protection, security and business objectives are met. This is operated in conjunction with other business management processes, and incorporates applicable statutory, regulatory and contractual requirements.
In particular, Xpressjob(ESTA 4 d.o.o.) is committed to compliance with all Data Protection requirements and good practice to include:
- Processing personal information only when strictly necessary for legal and regulatory purposes, or for legitimate organisational purposes
- Processing only the minimum relevant and adequate personal information required for the above purposes, and doing so fairly and lawfully
- Providing clear information to candidates and clients about how their personal information can be used and by whom
- Maintaining a documented inventory of the categories of personal information processed by the organisation
- Keeping personal information accurate and, where necessary, up-to-date
- Retaining personal information only for as long as is necessary for legal or regulatory reasons or for legitimate organisational purposes and ensuring timely and appropriate disposal
- Respecting candidates and clients rights in relation to their personal information
- Keeping all personal information secure
- Only transferring personal information outside Slovenia in circumstances where it can be adequately protected
- Developing and implementing our database system to enable the data protection policy to be implemented
- Where appropriate, identifying internal and external interested parties and the degree to which they are involved in the governance of the organisation’s database
- Identify workers with specific responsibility and accountability for the database
- Maintain records of processing of personal information
Xpressjob(ESTA 4 d.o.o.) can share with our contractual clients the personal data of candidates, that have accepted this policy and have given us the consent to share their CV and all the attachments the candidate have sent. We, Xpressjob(ESTA 4 d.o.o.) will store and protect all information provided only by the candidates who gave us the consent.
The Data Protection Policy is readily accessible internally and presented to existing and prospective clients. In addition to employees; suppliers and contractors of Xpressjob(ESTA 4 d.o.o.) are expected to adhere to our Data Protection Policy.
Xpressjob is committed to continual improvement and all employees are empowered to take responsibility for Data Protection, with a robust process for identifying and reporting data breaches in place and subject to regular review.
Through compliance to applicable statutory, regulatory and contractual requirements, and the requirements of the General Data Protection Regulations (GDPR) for the Protection of Personal Information, Xpressjob(ESTA 4 d.o.o.) will demonstrate confidence, integrity and credibility both internally and externally.
Please contact our Data Protection Officer (DPO), Edmond Široka at edmond.siroka(at)xpress-job.com if you wish to receive or know more about:
- Policy on retention of data
- Withdraw/consent forms
- Data protection procedures