Privacy and Cookie Policy

Data Management Notice of Virgo Systems Limited Liability Company

 

The protection of your personal data is important to us. For this reason, this Privacy Policy explains the types of personal data that Virgo Systems Kft. processes in the course of its recruitment activity, the purpose and legal basis of such processing, as well as the organisational and technical measures it implements to comply with the data protection rules. The Privacy Policy also sets out the data protection rights that natural persons are entitled to.

The persons applying for jobs or recruitment services are named “applicants”. The data protection legislation names the natural persons “data subjects”, therefore – in addition to or instead of “applicant” – this term is also used in the Privacy Policy.

Those applying for a job or employment recruitment services are required to get acquainted with this Privacy Policy irrespective of whether the applicant comes into contact with Virgo directly or via an intermediary (via a job advertising or employment agency, or through the recommendation of another natural person). Legal person intermediaries shall be deemed as data controllers, and Virgo considers their processing of personal data to be lawful and compliant with the data protection legislation, i.e., they provide all information relating to processing (including data transmission) to the applicant. Concerning personal data of those recommended by a natural person, Virgo presumes that the applicant is aware of the recommendation of such a natural person and that he or she got acquainted with this Privacy Policy before handing over his or her CV.

1. Name and contact details of the data controller

 

  • Data controller: Virgo Systems Kft. (hereinafter: Data Controller or Virgo)
  • Registered seat and mailing address: H-1055 Budapest, Szent István Boulevard. 17. 1. floor 6.
  • Registration authority: Company Registry Court of Budapest
  • Company registration number: 01-09-391374
  • Tax number: 12497278-2-41
  • E-mail address: info@virgo.hu
  • Website: https://virgo.hu/

2. Main legislation relating to data processing

 

  • Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information (hereinafter: Privacy Act)
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter: “GDPR” or “General Data Protection Regulation”)
  • Act I of 2012 on the Labour Code (hereinafter: Labour Code)
  • Act V of 2013 on the Civil Code (hereinafter: Civil Code)

3. Processing activities

 

3.1. Processing relating to job applications and employment agency

3.1.1. Purpose of the processing of personal data

Virgo is engaged in searching for, selecting, and placing professionals seeking a job or a contract, or interested in a job or a contract (applicants), as well as presenting job or contract opportunities, and sending such opportunities to the applicants. The purpose of the processing of the personal data of applicants (data subjects) is to draw the applicant’s attention to an advertised job or contract or to search for a job or contract opportunity for the applicant, as well as to conduct the selection process.

3.1.2. Scope of the processed personal data

The following data are required for recruiting an applicant for a job or a contract:

  • identification data of the applicant (name, place and date of place, mother’s name),
  • contact information (phone number, e-mail address, postal address and/or home address),
  • information relating to his or her expertise and work experience (including but not limited to educational attainment, previous workplaces, jobs, references, project list, language skills, achieved courses)

In addition to the scope of data listed in the foregoing, Virgo processes all personal data that the applicant provides to it during recruitment and placement for a job or contract (including the selection process) (e.g., the applicant’s profile on social media, marital status, interests, the content of the cover letter).

3.1.3. Legal basis of the processing of personal data

The legal basis for processing personal data is the applicant’s consent, which is provided by applying for the job or temporary employment, and by approving Virgo’s data consent during the selection process.

3.1.4. Period of the processing of personal data

The processing of the data of those applying for a job or recruitment services: until the withdrawal of the consent to data processing, but up to 2 years from the acceptance of the GDPR consent. After 2 years – if the applicant does not renew his or her consent – we will delete his or her data.

The consent given to processing can be withdrawn at any time, which also signifies the erasure of the processed data (see also point 8). After the erasure of certain personal data (e.g., identification data, contact information), the recruitment services of Virgo can no longer be used.

3.1.5. Source of personal data

The personal data of the applicant may be received by Virgo either directly from the applicant or via an intermediary. The intermediary of the personal data of the applicant (e.g., CV) can be a natural person (e.g., recommendation by a colleague) or a legal person. Virgo presumes that the applicant is aware of the submission of his or her CV and that he or she got acquainted with this Privacy Policy before handing over his or her CV to the natural person intermediary.

Legal person intermediaries are independent data controllers; therefore, Virgo presumes that in their activities, they comply with the provisions of the data protection legislation applicable to them, including informing the applicant of the accessibility and/or transfer of his or her data.

3.2. Data processing relating to complaints and the exercise of the data subject’s rights

3.2.1. Purpose of the processing of personal data

Should you have any problems in connection with the job or recruitment services of Virgo or the administration or you wish to exercise your rights under point 7, contact us at any of our contact details provided under point 1.

3.2.2. Scope of the processed personal data

The following personal data are necessary for the handling of complaints or the exercise of the data subject’s rights:

– identification data (name, place and date of birth, mother’s name),

– contact information (e-mail address or postal address, or home address)

– description of the complaint or the data subject’s right intended to be exercised.

The identification data (name, place and date of birth, mother’s name) are fully processed only if it is indispensable for the adjudication of the complaint or the exercise of the data subject’s right. If Virgo has any doubt concerning the identity of the person submitting the complaint or exercising the data subject’s right, it may request further identification data to be provided. If the data subject fails to provide the personal data necessary for identifying his or her person which is indispensable for the handling of the complaint or the exercise of the data subject’s rights, Virgo has the right to reject the complaint or refuse the exercise of the data subject’s rights by giving reasons.

3.2.3. Legal basis of the processing of personal data

The legal basis of the personal data concerning the handling of complaints, or the exercise of the data subject’s rights is point (b) of paragraph 1 of Article 6 of the GDPR, i.e., the fulfilment of the legal obligation under Articles 15-18 and 21 of the General Data Protection Regulation.

3.2.4. Period of the processing of personal data

Period of the processing of the personal data relating to complaint handling or the exercise of the data subject’s rights: 5 years from addressing the complaint or completing the exercise of the data subject’s rights (general limitation period referred to in the Civil Code).

4. Processing of data

 

The personal data concerning the applicants are processed by Virgo by electronic means, using the module of Zoho Recruit (Hiring software | Automated hiring platform – Zoho Recruit). Further details concerning Zoho’s data protection and security principles can be found here (Zoho – Data Privacy and our stand against surveillance.), and those of its privacy notice are available here (GDPR Guide | Free e-book – Zoho Recruit).

5. Data transmission

 

Virgo transmits the applicant’s personal data according to the agreement with the applicant to those who offer the job or contract opportunity the applicant is interested in or may find such jobs or contracts for the applicant.

Furthermore, Virgo only transfers to third parties (e.g., authority, court and other public entities) the personal data processed by it for the purpose and in the manner specified in the legislation.

6. Data security

 

Virgo ensures with appropriate IT, organisational and personnel measures the protection of the personal data it processes from – among other things – unauthorised access or the unauthorised change or destruction thereof. Access to the personal data stored in the IT system is logged, that is, it can always be verified who and when accessed which personal data. The personal data processed can be accessed by Virgo’s authorised and trained staff, exclusively for the purpose and to the extent necessary for performing their job functions.

7. The rights of the data subjects relating to data processing

 

7.1. Right to receive information, right of access

By using the contact information specified in point 1, the data subject can request Virgo in writing to provide information on the types of

  • his or her personal data processed
  • the legal basis
  • the purpose of such processing
  • the source of such data
  • the period of the processing;
  • the data subject may also request for information on the persons to whom Virgo provided access to the personal data or transferred the personal data concerning the data subject, and when and on what legal basis it did so.

If the data subject requests the information under this point in several copies, the Data Controller is entitled to charge a reasonable fee proportionate to the administrative costs incurred concerning the preparation of the additional copies.

If the data subject’s right of access under this clause affects the rights and freedoms of others adversely – in particular, their business secrets or intellectual properties, Virgo is entitled to refuse the execution of the data subject’s request to the necessary and proportionate extent.

Given that the exercise of the right of access is guaranteed to the data subject personally, Virgo will request the identification of the applicant’s person prior to the execution of the request. The Data Controller has the right to request the data subject to specify the content of the request, to name the requested information and data processing activities to adequately comply with the request.

Virgo will comply with the data subject’s request within up to one month by sending a letter of response to the contact information provided by the data subject.

7.2. Right to rectification

By using the contact information provided under point 1, the data subject can request Virgo to modify any of his or her data (for example, he or she may change his or her e-mail address or other contact information at any time) or to complete incomplete personal data.

The Data Controller will comply with the request within up to one month and notify the data subject of the execution in a letter of response sent to the contact information provided by the data subject.

Virgo informs of the rectification of those to whom it has transmitted the personal data concerned provided that the provision of this information is not impossible or does not require disproportionate effort from the Data Controller.

8. Right to erasure

 

The data subject may request the deletion of all or specific personal data from Virgo in writing via the contact details provided in point 1. Virgo will not fulfil the deletion request if legislation requires the continued storage of personal data.

If there is no such obligation, Virgo will process the data subject’s request within up to one month and inform the data subject of the result via a letter sent to the contact address provided by the data subject.

Virgo will notify those to whom the data subject’s personal data has previously been transferred about the deletion of the data, provided that such notification is not impossible or does not require disproportionate effort from the Data Controller.

8.1. Right to restriction of data processing (to have data blocked)

By using the contact information provided under point 1, the data subject can request Virgo in writing to process his or her personal data in a restricted manner. Blocking takes place by unambiguously marking the restricted nature of data processing and storing the data separately from any other information. This means that no operation other than storage may be carried out with the data. Blocking shall last as long as the ground specified by the data subject renders the blocked storage of the personal data necessary. The data subject may request the blocking of the personal data if he or she believes that Virgo has processed his or her personal data unlawfully, but it is necessary for the conducting of the administrative or judicial procedure initiated by the data subject that the Data Controller shall not erase the personal data. In this case, until a request is received from the authority or court, Virgo processes the personal data in a blocked manner, and it will erase or continue to process them after the conclusion of the administrative or judicial procedure.

8.2. Right to object

The data subject may object to data processing in writing through the contact details provided in point 1 if Virgo would transfer or use the personal data for purposes other than recruitment without the data subject’s consent.

Virgo will assess the data subject’s objection within up to one month and notify the data subject of the result (including notification of the erasure of any unlawfully processed personal data) in a letter of response sent to the contact information provided by the data subject.

9. Options to enforce rights and legal remedies relating to data processing

 

The data subject can contact Virgo to enforce his or her rights relating to the processing and protection of his or her personal data by using the contact information specified in point 1.

If the data subject believes that his or her rights relating to the protection of his or her personal data have been violated, he or she can apply to the following authority:

Hungarian National Authority for Data Protection (NAIH)

  • registered seat: H-1055 Budapest, Falk Miksa street. 9-11.
  • postal address: H-1363 Budapest, Pf. 9.
  • phone: +36 (1) 391-1400
  • website: www.naih.hu
  • email: ugyfelszolgalat@naih.hu

If the data subject experiences the unlawfulness of the processing of his or her personal data, he or she may initiate court proceedings (civil proceedings) against the Data Controller. The adjudication of the action falls within the competence of the regional court. At the option of the data subject, the action may also be initiated before the regional court according to the domicile of the data subject (contact information of the regional courts can be found at the link below: https://birosag.hu/torvenyszekek

10. Updating and accessibility of the Privacy Policy

 

Virgo reserves the right to unilaterally amend this Privacy Policy. The Privacy Policy may be amended in particular if the amendment is required due to any change in the legislation, the practice of the data protection supervisory authority, a business need, or a newly identified security risk.

11.  Cookie policy

 

11.1 Cookies and web beacons

A cookie is a little information package made of letters and numbers. The web server automatically sends the cookie to the visitor’s browser upon first loading of the site. The visitor’s computer or mobile device stores the cookie for a time period defined by the person placing the cookie. When next visiting the website the browser sends back the cookie to the web server. Then the web server based on the received data can identify the computer or mobile device sending the cookie and can connect cookies sent by the same device. The cookie provides the web server with information on activities between visits. The web beacon is a small, often not recognizable image placed on the website. Placing web beacons gives statistical data on the visitors movements on the site. Virgo Systems Kft. places cookies and web beacons on their sites to recognize visitors that previously already have been on their websites, to monitor the visitor’s interests, to perfect user experience, to display personal ads and to make the websites more secure.

11.2 The lawful basis and purposes of processing

The lawful bases of processing is your consent that can be managed or withdrawn any time in the browser settings. The purposes of the processing are to identify users, to differentiate them from each other, to identify users’ actual processes, to store data they share and to prevent data loss.

11.3 Processed data types and the length of the processing

Processing includes personal identification numbers, dates and times. Visitors and users of the website are affected by it.

Cookie typeCookie’s purposeExpiration dateSESS#Session cookie, required to display the site and to ensure basic functionalitiessession_gaUnique measuring code that generates statistical data of the website usage2 year_gatGoogle Analytics measuring code exceleratorsession_gidUnique measuring code that generates statistical data of the website usage2 yearcollectSends visitor’s device data to Google Analyticssessionpll_languageLanguage1 year

11.4 The receivers of personal data

The recorded data is processed by Virgo Systems Ltd.’s employees. We don’t use automated decision-making on the recorded cookies, we don’t collect personal data of you from third parties.

June 17, 2024