Protecting your privacy is important to
53-55, Gen. E. I. Totleben Blvd., suite 001
Sofia 1606, Bulgaria
(“Controller”,"Langmann," "we," "us," or "our").
Where the term “data” and “personal data” is used in the text, in each case it refers only to personal data as defined in the General Data Protection Regulation (“GDPR”, REGULATION (EU) 2016/679).
At Langmann we protect your data by applying all technical and organizational means which are at our disposal, in order not to allow unauthorized access to or use of data, data loss or untimely erasure or destruction of data.
1. Cookies and Website Visitors
Our web server, located in Bulgaria, processes a range of data for each request, which your browser automatically transmits to our web server. This includes the IP address allocated to your device, the date and time of the request, the time zone, the specific page or file accessed, the http status code and the data quantities transmitted, the browser used, the operating system of your device and the language used. The web server uses these data to make the contents of this website available in the best possible way on your device.
Cookies are small text files – a packet of data, which is sent by a web server to a web browser, such as Internet Explorer, Microsoft Edge, Safari, Firefox, Chrome, etc. and then sent back by the browser every time it gains access to the said server.
Langmann does not process, use nor share personal data collected by the functional cookies used on its site.
Langmann’s site collect data for the following purposes: troubleshooting, website administration, trend analysis, compliance with applicable law and cooperation with the law enforcement authorities. We may also share such information with our authorized third-party service providers such as hosting or web design providers.
A cookie remains on your device to be used during the next session, and it may be deleted meanwhile.
You may change cookies setting of disable them. Normally you may find those settings by clicking the "options" or "preferences" menu of your browser.
If third-party cookies is a cause for concern, you may find useful information and to disable them from here: Your Online Choices site
2. Potential Candidates
2.1. Langmann collects and processes name, title, position, employer and business contact data (business card data) from potential candidates.
2.2. We collect data from the following publicly accessible sources: public business websites, services such as LinkedIn, Xing or other business press or publications.
2.3. Your data, described in 2.1. and 2.2. above, are processed for the purpose of providing intermediary recruitment services to potential employers.
2.4. The legal basis for the processing activity in 2.1. and 2.2. above is our legitimate interest to provide such services (Article 6 (1) point (f) GDPR).
2.5. The retention period of data of the potential candidates processed in such manner is 3 (three) years, after which they will be destroyed. The potential candidates have the right to object at any given time against processing of their data and the data may be deleted before expiry of the retention period by request of the potential candidate.
3.1. If you authorize Langmann to list you as a candidate for job offerings, we may process personal data such as:
• full name,
• business and private contact data,
• place of living
• résumé and data in it,
• employment history
• certifications, diplomas, education, qualifications,
• compensation levels
• records of interviews and assessments
• and any other details you choose to share with us.
3.2. Your data may be collected from you, from publicly accessible sources like websites (e.g. company or private websites, LinkedIn) and third parties that you have named as potential references.
3.3. Your data from 3.1. and 3.2. above are processed for the purpose of providing you with employment opportunities and job or career related information.
3.4. The legal basis for our processing activity is your consent (Article 6 (1) point (a) GDPR).
3.5. The data retention period for these data is 3 (three) years from the last completion of the client engagement or documented contact with you, whichever is later. After the retention period your data will be destroyed. The candidates have the right to withdraw their consent for data processing at any given time so the data may be deleted before expiry of the retention period by request of the candidate.
3.6. In some instance we provide with your consent your data to service providers – Data Processors, specialized in providing personal profiles, 360-degree feedback, assessment centers, trainings, etc.
3.6.1. The data we provide according to 3.6. above are:
• Position (for which you apply)
• Personal or Business contact details – phone number, email,
• Nationality, age and gender.
3.7. You may refuse to give consent for processing of your personal data for evaluation and presentation of your job application to potential employers. However, without your consent we cannot provide you with intermediary services for recruitment nor we cannot present your job application to potential employers.
3.8. As a Controller we are subject of legal obligation to conclude Contract for intermediary recruitment services. Its content is approved by the Bulgarian Employment Agency (“EA”), and the Contract is registered at EA.
3.8.1. In order to conclude such a Contract for intermediary recruitment services, we collect from the candidates the following data:
• Full name,
• Date of birth,
3.8.2. The retention period for the above data is 3 (three) years after signing of such a Contract, after which the data is destroyed.
3.9. Candidates’ data may be shared with or granted to the Bulgarian Employment Agency, National Revenue Agency, Labor Inspection, Commision for Personal Data Protection, judicial and other state authorities in relation to controls, audits, disputes and for protection of our rights and legal interests.
4. Service Providers, Business Partners and their Employees
4.1. We process data of these data subjects’ categories for the purpose of preparation and performance of the contractual relationship and for the fulfilment of our legal responsibilities as Controller.
4.2. The legal grounds for processing are:
• in case of contracts with natural persons Article 6(1)(b) GDPR (contract),
• in case of contracts with legal entities Article 6(1)(f) GDPR (legitimate interest, specifically communication with contact persons relevant to the contract),
• as well as always Article 6(1)(c) GDPR (legal obligations, in particular commercial and tax provisions),
• when checking, asserting or rejecting claims, the legal basis is Article 6(1)(f) GDPR (legitimate interest, specifically asserting or defending claims).
4.3. Recipients of data may include:
• banks for the processing of payments,
• public authorities and offices may receive data within the scope of their duties, insofar as we are obligated or entitled to transmit data,
• Notary offices, consultants, accounting or legal offices, for protection of our legal interests,
• service providers (data processors) – for example companies which provide, maintain and support IT systems, landlords, etc.
4.4. All contractual data and data relevant for accounting are stored for 10 (ten) years, in accordance with the storage periods under tax and commercial laws, and after that are being destroyed.
4.5. Processing of the contact data from service providers and business partners is necessary in order to perform the contract or order. If the data are not provided, the contract cannot be established or carried out.
5. Your rights
GDPR protects the rights of all European Union citizens and, if such, you have the following rights:
5.1. You may withdraw your consent at any time, if your data is processed based on your consent. The withdrawal of consent does not affect the lawfulness of processing before the withdrawal of consent.
5.2. You may at any time object to the further processing of your data if your data is processed based on our legitimate interest.
5.3. You may at any time request information whether we process your personal data and if this is so, to request information about the purpose of the procession, what categories of data are processed, the period for which the data will be stored, and which are the potential recipients of the data.
5.4. If the processing is based on your consent you have the right to data portability, i.e. to receive the personal data concerning you, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
5.5. You may request at any time access to your data or rectification of your personal data.
5.6. You may request erasure of your personal data at any time (“right to be forgotten”), provided that no right or legal obligation of Langmann as Controller requires further processing of your personal data.
5.7. You may request restriction of processing of your data at any time, on the grounds of Art. 18 (1) GDPR.
5.8. You may at any time file an inquiry or complaint with the supervisory authority, in particular the Bulgarian Commission for Personal Data Protection - www.cpdp.bg
, 2, Tzvetan Lazarov Blvd., Sofia 1592, Bulgaria, firstname.lastname@example.org
In case of further questions regarding application of this policy, or to request exercising of your rights, please contact us at email@example.com
Last update: 1.2/24.08.2018