Recrooit Privacy Policy

Last updated: 15.11. 2021

The Recrooit Privacy Policy describes our procedures, on the collection, use and disclosure about the personal data, types of personal data or personal information we collect, how we use the information, how we process and protect the information we collect, for how long we store it, with whom we share it, to whom we transfer it and the rights that individuals can exercise regarding our use of their personal data.

We also describe how you can contact us about our privacy practices and to exercise your rights. In general, our privacy practices conform with local law and regulation, including where applicable the provisions of the European Union’s General Data Protection Regulation (GDPR).

We use Your Personal data to provide and improve the service provided by Recrooit. By using Recrooit, Personal data collected by the Data Controller – Omnes Group OÜ as a data controller. (as applicable, hereinafter each separately and/or jointly called the “Data Controller”). will be controlled and processed in accordance with the terms of this Privacy Notice, GDPR and other applicable laws and regulations. You agree to the collection and use of information in accordance with this Privacy Policy.

Definitions

For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.
User means a legal person that created the account for use of our Services providing recruitment services or company or other legal entity in pursuit of recruitment of Candidates.
User Recruiter refers to a legal person using the Service to broker Candidates and their information contained in a resume to another User acting on behalf of the company that is in search of Candidates for their job positions. For the purposes of this Privacy policy, when not explicitly using terms User or User Recruiter to explain the function of the Service, the term User refers to both.
Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Omnes Group OÜ , Lasnamae tn 4b-26 Tallinn, 11412 Estonia.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to: Estonia
Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
Personal Data is any information that relates to an identified or identifiable individual.
Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.
Data Processor means any natural or legal person who processes the data on behalf of the Data Controller.
Data Subject is any living individual who is using our Service and is the subject of Personal Data.
Service refers to the Website – Recrooit.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Website refers to Recrooit, accessible from https://recrooit.com
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Resume or CV refers to document containing personal information and employment history that is used for recruitment purposes, submitted by Users, for purpose of recommendation of Third party user via Service
Candidates– refers to individuals referred by User for recruitment purposes that have their resume and other information submitted to us via Recrooit.

Information We Collect

While using Our Service, We may ask you as a user to provide us with certain personally identifiable information that can be used to contact or identify you and third party for the purpose of service fulfillment. Personally identifiable information may include, but is not limited to(as permitted under local law):

For the individuals – User Recruiter:

contact information (such as name, email address and telephone number);
username and password (hashed via Bcrypt encryption algorithm) when you register on our Site;
information about candidates (The Controller assumes that the other person previously gave an authorization for such communication); and
other information you may provide to us, such as in surveys or through the “Contact Us” feature on our Site.

It is important that before you disclose to us Personal Data of another person via their Resume, you have to obtain that person’s consent to both the disclosure and the processing of that person’s Personal Data in accordance with this Privacy Policy. Failure to obtain is breach of Terms and Conditions, Privacy Policy and Recrooiter Agreement.

For the companies and other legal entities using Service for recruitment.

Name of the company
First Name and Surname of the representative of the company registering on behalf of the company;
Information about the company provided by the User such as but not limited to: description of the company used in job advertisements, description of job position, job location, salary range (if applicable), recruitment process, and other information provided by the company to the other User of the Service that uses the service as recruiter – User Recruiter.

In addition, we may collect information you provide to us about other individuals, such as information related to emergency contacts.

How We Use the Information We Collect

The Data Controller collects and uses the data gathered for the following purposes (as permitted under local law):

How we use of Your Personal Data

The Company may use Personal Data for the following purposes:

To provide and maintain our Service, including to monitor the usage of our Service.
To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
To contact You: To contact You by email, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
To process payments: We use the information you provide to us to process Payments for the job ads published on our website, to transfer funds to the User Recruiters via wire transfer, utilizing Stripe API for payment processing, and that were previously deposited via Escrow.com
To manage Your requests: To attend and manage Your requests to Us.
For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.

We may share Your personal information in the following situations:

With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You.
For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
With law enforcement agencies: We may share your information with law enforcement to comply with legal standards and procedures when necessary
With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
With Your consent: We may disclose Your personal information for any other purpose with Your consent.

All processing done by Data Processor will be carried out based on adequate necessity of information, making sure that only the necessary information is collected, and for legal grounds which may fall into a number of categories, including:

consent or explicit consent from the data subject, where required by applicable law;
to ensure that we comply with a statutory or contractual requirement, or a requirement necessary fulfill legal obligation (e.g. processing your personal data to ensure that necessary invoices for Users an); or

We also may use the information in other ways for which we provide specific notice at or prior to the time of collection.

The Company complies with the principles of GDPR. The six overall guiding principles are:

Lawfulness, transparency and fairness – We act in accordance with local laws, GDPR and other legal requirements, adhering to the transparency and making sure that everything is done in fair procedure.
Purpose Limitation – We only gather information that our Service requires so that you can use it.
Data Minimisation – We only gather necessary amounts of information
Accuracy – We are committed to making sure that data is accurate and according to what you provide us
Storage limitation – We are dedicated to limiting storing of your personal data and other information to the period up to 5 years
Confidentiality and integrity – We take all necessary steps to ensure that confidentiality and integrity are maintained during all time.

Use of Automated Data Collection Methods

When you visit our Sites, we may collect certain information by automated means, such as cookies, web beacons and web server logs. The information we may collect in this manner includes IP address, unique device identifier, browser characteristics, device characteristics, operating system, language preferences, referring URLs, information on actions taken on our Sites, dates and times of visits to our Sites and other usage statistics.

A “cookie” is a file that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser.

A “web beacon” also known as an Internet tag, pixel tag or clear GIF, links web pages to web servers and their cookies and is used to transmit information collected through cookies back to a web server.

Through these automated collection methods, we may obtain “clickstream data,” which is a log of the links and other content on which a visitor clicks while browsing a website.

Our Sites use these types of cookies:

a) Technical Cookies

Technical cookies are those used exclusively with a view to “carrying out the transmission of a communication on an electronic communications network, or insofar as this is strictly necessary to the provider of an information society service that has been explicitly requested by the contracting party or user to provide the said service.”

We use both Session and Persistent Cookies for the purposes set out below:

Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

b) Profiling Cookies

Profiling cookies are aimed at creating user profiles. They are used to send ads messages in line with the preferences shown by the user during navigation. In light of the highly invasive nature of these cookies, vis-à-vis users’ private sphere, local and European legislation requires users to be informed appropriately on their use so as to give their valid consent.

How We Collect Information by Automated Means

As you click through our Sites, a record of the action may be collected and stored. We link certain data elements we have collected through automated means, such as your browser information, with other information we have obtained about you to let us know, for example, whether you have opened an email we sent to you. Your browser may tell you how to be notified when you receive certain types of cookies or how to restrict or disable certain types of cookies. Your browser will allow you to block cookies, however, you may not be able to use all of the features of our Sites without cookies.

Providers of third-party apps, tools, widgets and plug-ins on our Sites, such as social media sharing tools, also may use automated means to collect information regarding your interactions with these features. This information is collected directly by the providers of the features and is subject to the privacy policies or notices of these providers. Subject to applicable law, Omnes Group OÜ is not responsible for these providers’ information practices.

To the extent required by applicable law, we will obtain your consent before collecting information using cookies or similar automated means.

How We Use Information Collected through Automated Means

We use information collected through cookies, web beacons, pixels, web server logs and other automated means for purposes such as

customizing our users’ use of our Sites;
delivering content tailored to our users’ interests and the manner in which our users use our Sites; and
managing our Sites and other aspects of our business.

Third-Party Cookies

We also use third-party analytics services on our Sites, such as those of Google Analytics, Facebook Pixels, LinkedIn Insight Tag and Intercom. The analytics providers that administer these services use technologies such as cookies, web server logs and web beacons to help us analyze your use of our Sites. The information collected through these means (including IP address) may be disclosed to these analytics providers and other relevant third parties who use the information, for example, to evaluate use of the Sites. To learn more about these analytics services and how to opt out, please visit the following sites and any sites contained in the country-specific addenda:

Google Analytics – here
Facebook Pixel – here
LinkedIn Insight Tag – here
Intercom – here

Information collected through third-party plug-ins and widgets on the Sites (such as information relating to your use of a social media sharing tool) is collected directly by the providers of the plug-ins and widgets. This information is subject to the privacy policies of the providers of the plug-ins and widgets, and Omnes Group OÜ is not responsible for those providers’ information practices.

Links to Third-Party Sites, Apps and Services

For your convenience and information, our Sites may provide links to third-party sites, apps and services that may be operated by companies not affiliated with Omnes Group OÜ. These companies may have their own privacy notices or policies, which we strongly suggest you review. We are not responsible for the privacy practices of any non-Omnes Group OÜ sites, apps or services.

Legitimate Interest

The Data Controller may process personal data for certain legitimate business purposes, which includes some of all of the following:

where the process enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our clients, candidates and associates;
to identify and prevent fraud;
to enhance security of our network and information systems;
to better understand how people interact with our websites;
for direct marketing purposes;
to determine the effectiveness of promotional campaigns and advertising.

Whenever we process data for these purposes we will ensure that we keep your rights in high regard and take account of these rights. You have the right to object to such processing, and may do so by contacting us as described below. Please bear in mind that if you exercise your right to object, this may affect our ability to carry out and deliver services to you for your benefit.

How We Process and Protect Personal Information

We process the personal data we collect, also by automated means, for the purposes defined above and for a specific period of time, which complies with our internal retention policy, in order to ensure that the personal data are not kept longer than necessary.

We maintain administrative, technical and physical safeguards designed to protect the personal data you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. In order to ensure adequate security and confidentiality of the personal data, we may apply the following security measures as appropriate:

Encryption of data in transit; such as passwords (using Bcrypt)
Strong user authentication controls;
Hardened network infrastructure; and
Network monitoring solutions.

How Long We Store Data We Collect

We store in our systems the personal data we collect in a way that allows the identification of the data subjects for no longer than 5 years in light of the purposes for which the data was collected, or for which that data is further processed.

We determine this specific period of time by taking into account:

The necessity to retain the personal data collected, in order to offer services established with the user;
The legitimate interest of the Data Controller, as described in the purposes above; and
The existence of specific legal obligations that make the processing and related storage necessary for a specific period of time.

Information We Share

We do not disclose personal data that we collect about you with any Third Party, except as described in this Privacy Notice or in separate notices provided in connection with particular activities.

Information disclosure

In addition, we may disclose personal data about you

(i) if we are required to do so by law or legal process;

(ii) to law enforcement authorities or other government officials based on a lawful disclosure request; and

(iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity.

We also reserve the right to transfer personal data we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, merger dissolution or liquidation). If such a case were to occur we will provide you with a notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Data Transfers

We also may transfer the personal data we collect about you to countries outside of the country in which the information originally was collected. Those countries may not have the same data protection laws as the country in which you initially provided the personal data. When we transfer your information to other countries, we will protect that data as described in this Privacy Notice and such transfers will be in compliance with applicable law.

The countries to which we may transfer the personal data we collect about you may be:

Within the European Union
Outside the European Union

When we transfer personal data from within the European Union to countries or international organizations that are based outside the European Union the transfer takes place on the basis of:-

An adequacy decision by the European Commission; or
In the absence of an adequacy decision, other legally permitted grounds: (a) a legally binding and enforceable instrument between public authorities or bodies; (b) binding corporate rules; or (c) standard data protection clauses (formerly called the Model Clauses) promulgated by the Commission.

Your Rights as a Data Subject

When authorized by applicable law, a data subject may exercise certain specific rights, such as:

Right of access: A data subject may access his or her personal data in order to verify that his or her personal data is processed in accordance with law.
Right to rectification: A data subject may request the rectification of any inaccurate or incomplete data held about him or her, in order to protect the accuracy of such information and to adapt it to the data processing.
Right to erasure: A data subject may request that the Data Controller erases information about him or her and to no longer process that data.
Right to restriction of processing: A data subject may request that the Data Controller restricts the processing of his or her data.
Right to data portability: A data subject may request data portability, meaning that the data subject can receive the originally provided personal data in a structured and commonly used format or that the data subject can request the transfer of the data to another data controller.
Right to object: A data subject who provide a Data Controller with personal data may object, at any time, to the data processing on a number of grounds as set out under GDPR without needing to justify his or her decision.
Right not to be subject of automated individual decision-making: A data subject may request not to be subject to a decision based solely on automated processing, including profiling, if such profiling produces a legal effect concerning the data subject or similarly significantly affects him or her.
Right to lodge a complaint with a supervisory authority: Every data subject has the right to lodge a complaint with an applicable supervisory authority; in particular in the EU Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes GDPR.

Whenever data processing is based on consent as described under Article 7 of the GDPR, the data subject may withdraw his or her consent at any time.

In case that the subject withdraws his consent for data processing at any time while using the Service, he can request access to his data in electronic form that can be exported, per Right to portability, as well the closure of the account and deletion of data in accordance with the Right to erasure as specified in section above.

If you require more information about the processing of your personal data, please refer to the How to Contact Us section below.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children’s Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

Updates to Our Privacy Notice

This Privacy Notice (including any addenda) may be updated periodically to reflect changes in our privacy practices and legal updates. For significant changes, we will notify you by posting a prominent notice on our Sites indicating at the top of each notice when it was most recently updated.

How To Contact Us

If you have any questions or comments about this Privacy Notice, or if you would like to exercise your rights, please write to hello@recrooit.com

Alternatively, if you are located in the European Union, you may contact your local Data Protection Officer, as identified in the Privacy Notice on your local website.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.