Jobs list

Information Clause for Candidate (Data Privacy Policy)

 

The Data Controller of your personal data is SNI sp. z o.o. based in Warsaw (registered address: 4C Inflancka Street, 00-189 Warsaw) – a trusted IT and SAP outsourcing/recruitment partner in alignment with the needs of some of the world’s most prestigious firms, having carried out successful projects globally, hereinafter referred to as “Data Controller”.

 

Processed personal data – any information relating to an identified or identifiable natural person (hereinafter: Data subject) including, but not limited to: first name, last name and contact information, such as phone number(s) and email address(es); CV; education and/or professional qualifications (e.g. SAP). SNI does not collect or process any sensitive data.

 

Providing personal data, in accordance with the given consent, is voluntary.

 

Purposes of data processing and legal basis

We inform you that your personal data will be processed based on Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: GDPR or Regulation), for the following purposes:

 

1)             To conduct and complete the recruitment process for the position you applied for, based on Article 6(1)(b) of the GDPR, i.e. taking necessary steps at the request of the data subject prior to entering into a contract – within the scope of data indicated in Article 221 §1 of the Labour Code Act of 26 June 1974 (Journal of Laws of 2019, item 104, as amended), and based on the consent provided by you, i.e. Article 6(1)(a) of the GDPR – for data exceeding the scope specified in Article 221 §1 of the Labour Code Act of 26 June 1974 (Journal of Laws of 2019, item 104, as amended).

2)             To consider your application in future recruitment processes based on the consent you provided, i.e. Article 6(1)(a) of the GDPR.

 

Data retention period

1)            Data will be processed for the time necessary to carry out the recruitment process or until consent is withdrawn – applies to point 1 above.

2)            If consent is given for participation in future recruitments, data will be processed for 5 years from the date the consent was granted or until consent is withdrawn – applies to point 2 above.

 

How data is collected

1)             Upon submission of CV: via email, through applications on our website or other recruitment platforms.

2)            If you contact us directly.

3)            If you are referred by a third party (e.g., candidate referral).

 

How do we contact you

We contact you in order to provide the services you expect, such as informing you about relevant or interesting job opportunities or assignments. An automated email system is not used to send unsolicited messages. Our recruitment team will contact you personally (via email, phone, or social media).

There is no automated decision-making, including profiling, in the personal data processing process.

 

Personal data transmission

The Data Controller is a company engaged in global recruitment and IT/SAP outsourcing, and it takes all reasonable and lawful steps to ensure compliance with our obligations. The legal basis for data processing is the consent of the data subject. We will always ask for your consent before processing and sharing your personal data with our clients. The controller guarantees that personal data will not be used for marketing purposes or shared with any external organization without your consent.

 

As a rule, personal data will not be transferred outside the EEA or shared with international organizations. However, if the Controller uses service providers from outside the EEA that are not recognized by the European Commission as providing an adequate level of data protection, the transfer of personal data to such entities is carried out on the basis of standard data protection clauses adopted by the European Commission. These clauses ensure appropriate safeguards for the protection of privacy, as well as the rights and freedoms of the individuals concerned.

 

Personal data security

Your data will be stored in an electronic database system located in Poland, within the EU, and only authorized SNI employees will have access to it. The data is stored with due care on our secure servers, which are scanned and updated daily, and are appropriately protected from unauthorized access.

 

We have implemented appropriate security measures and policies to prevent accidental loss, unauthorized access, or misuse of personal data. Additionally, we have procedures and protocols in place for suspected data breaches, and we will notify you if required by law.

 

The Data Controller continuously conducts risk analysis to ensure that personal data is processed securely – primarily ensuring that only authorized individuals have access to the data and only to the extent necessary for the performance of their duties. The Controller also takes all necessary steps to ensure that its subcontractors and cooperating entities provide appropriate security measures whenever they process personal data on behalf of the Controller.

 

Your rights

In connection with our processing of your personal data, you have the right to:

 

1)             Receive information about the processing of your personal data,

2)            Request access to your personal data,

3)            Request correction of your personal data,

4)            Withdraw your consent,

5)            Request deletion or restriction of the processing of your personal data,

6)            Object to the processing of your personal data,

7)            Lodge a complaint with the supervisory authority – in Poland, this is the President of the Personal Data Protection Office (PUODO).

 

How to submit a request

1)             You can submit a request to exercise the above rights at any time by sending an email to: [email protected].

2)            You can submit a request for removal of your personal data by clicking here. The request should specify the subject matter as precisely as possible.

 

If we are unable to determine the nature of the request or identify the requester based on the submission, we will ask for additional information. The request will be handled as quickly as possible. Please note, once your data is removed, SNI may no longer be able to provide services to you. If you wish to re-engage with us in the future, you will need to contact us again and provide your data and consent.