Last Revision Date: 12th of January, 2023
Fiducitrust Services Limited (hereinafter referred to as “we”, “us”, “our” and/or the “Firm”) is committed to respecting and protecting the privacy of the information you entrust us and to achieving the best means for processing it in a lawful, fair and transparent manner in line with the principles of the European General Data Protection Regulation EU 2016/679 (“GDPR”) and any national law implementing or supplementing the GDPR as may be amended from time to time (collectively hereinafter referred to as the “Data Protection Requirements”).
This Applicants Privacy Notice (hereinafter referred to as the “Notice”) explains how we collect, use, store and protect the personal data of individuals who apply for a job with us in the context of our recruitment processes (hereinafter referred to as “you”, “your” and/or “candidate”). It is important that you read this Notice so that you are fully aware of how and why your data is being used
1. What data we collect
The data we may collect and process in connection with your job application and in the context of our recruitment processes include the following:
- Data provided in your curriculum vitae (CV), cover letter(s), reference letter(s), and/or any other supporting documentation,
- Self-identification and contact details such as name, date/place of birth, identification number, telephone number(s), e-mail address, residential address, etc.,
- Details of employment history, academic/professional background, educational achievements, professional body memberships (if any), qualifications, skills, diplomas, transcripts, languages, etc.
- Any other data and information that may be provided to us when applying for a job and/or during the recruitment process and interactions with us in any form.
The sensitive data that we may collect include:
- Nationality that may also reveal information about racial or ethnic origin,
- Health related data but only to the extent that is necessary to assess, monitor and control the spread of infectious diseases and provide a safe working environment,
- Any other sensitive data you may elect to provide us and/or that you have made public.
We do not collect sensitive data other than as above mentioned unless you elect to provide us with such information (e.g. when you request for specific physical access adjustments) or where we are authorised/required to do so by law.
Information about criminal convictions and offences
We may collect information about criminal convictions and offences to the extend necessary and provided it is appropriate given the nature of the job role and where we are legally able to do so. Where appropriate, we may collect such information during the recruitment process or we may be notified of such information either by you / other parties at any time. However, we will only use such information where the law allows us to do so.
2. How is your data collected
We collect data about candidates from the following sources:
- Directly by you, the candidate,
- Parties acting on your behalf such as recruitment agencies (if applicable),
- Your named referees (if any), former employer(s), etc.,
- Publicly available sources such as social media, internet, etc
3. Why we collect data and how we use it
It is in our legitimate interests to decide whether to recruit you and take certain steps to ensure that we hire individuals who are suitable for the job and who will contribute to the success of the business. In this context, we will use your data to the extent necessary in order to:
- Process and assess your application, qualifications, skills and suitability for the job,
- Decide whether you meet the basic requirements to invite you for an interview and/or enter into a contractual relationship with you,
- Carry out background and reference checks to the extent applicable or required,
- Communicate with you and/or your referees, former employers, etc.,
- To comply with legal and/or regulatory requirements to which we are subject to and may involve the processing of personal data.
If you do not provide us with data
Where we need to collect data that is necessary for us to properly process and assess your application and suitability for the job and you do not provide us with the relevant data, please note that we may not be able to process your application further. In any such event you will be notified accordingly.
Automated decision making
Please note that our hiring decisions are not based on automated processing and/or decision making
4. Who we may share your data with
Your data will usually be shared with authorized officers and employees of the Firm and/or other group/affiliated entities on a need-to-know basis and to the extent that access to your data is necessary for processing and assessing your job application. Where we are acting on behalf of a Firm client in relation to available vacancies with such a party, your data will also be shared with the relevant Firm client.
In certain circumstances, your data may also be shared with / accessed by third-party service providers that we engage to assist/support in the management and operation of our business such as HR consultants, professional advisors, parties providing IT / technological administration and support services, etc.
All our third-party service providers and other group/affiliated entities are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow such parties to use your data for their own purposes and only permit processing of your data for specified purposes.
5. How long we keep your data
We will keep your data for a period of 12 months following your last application date for consideration in future job openings. After this period, we will securely destroy your data in accordance with our data retention policy unless otherwise required/permitted by law. If you do not wish for your data to be retained by us for the period as abovementioned, please send your request to our Data Privacy Team at firstname.lastname@example.org.
6. Data security
7. Your rights in relation to your data
Under certain circumstances and subject to applicable law, you have the following rights in relation to your data. The exact definitions of the below have the meaning assigned to them by the GDPR:
- Right to be informed as to the data we hold/process about you and the reasons we do so,
- Right of access which enables you to access or receive copies of the data we hold about you and to check whether we are lawfully processing it,
- Right to rectification which enables you to have your data corrected, for example, if it is incomplete or incorrect,
- Right to erasure (also known as the right ot be forgotten) which enables you to request erasing your data in certain circumstances,
- Right to restriction of processing in certain circumstances,
- Right to object to processing in certain circumstances,
- Right to object to automated processing or profiling in cases where automated processing results in decisions that produced legal effects concerning your or similarly significantly affect you,
- Right to data portability which enables you to request the transfer of your data to another party,
- Right to withdraw consent which enables you to withdraw a previously given consent at any time without however affecting the lawfulness of processing based on consent before it was withdrawn,
- To opt out of receiving marketing communications at any time and to object to processing for direct marketing purposes.
If you have a query or wish to exercise any of your rights, please write to our Data Privacy Team at the details provided below. While no fee is required to make a request, please note that in certain occasions, for example for requests that are clearly unfounded, repetitive or excessive, a reasonable fee may apply.
8. Queries / Complaints
We have a dedicated Data Privacy Team that remains committed to acknowledge, consider and respond to all queries received. If you need additional information as to how we handle your data or wish to make a complaint, please write to our team at email@example.com or at:
Fiducitrust Service Limited – Data Privacy Team
66 Akropoleos Avenue,
2012, Nicosia – Cyprus
Right to lodge an official complain
If, despite our efforts, you feel that your data are not being adequately protected, you have the right to lodge an official complaint with the Office of the Commissioner for Personal Data Protection of the Republic of Cyprus (the “Commissioner”). For more information see the Commissioner’s website at www.dataprotection.gov.cy.
9. Changes to this notice
This Notice is subject to periodic reviews and may be modified and/or amended at any time. Any modifications and/or amendments hereof will be published on the Firm’s website (that is, https://fiducitrust.com/) and shall be effective as at the last revision date which is as stated at the top left corner of the first page of this Notice. Therefore, we encourage you to periodically review this Notice so as to remain informed of any updates.