Infomediji Candidates Privacy Policy

Infomediji d.o.o., a Slovenian company with a registered address at Tehnološki park 19, 1000 Ljubljana, Company ID number: 6450784000 is committed to protecting the privacy and security of personal data of its job applicants.

This policy explains how we collect, use, and protect personal data during our recruitment process, in accordance with the General Data Protection Regulation ((EU) 2016/679) (GDPR), and laws implementing or supplementing the GDPR; and to the extent applicable, the data protection or privacy laws of any other country (collectively: Data Protection Law).

1. Data Protection Principles

In compliance with Data Protection Law, we ensure personal data is:

• Processed lawfully, fairly, and transparently.
• Collected for specified, explicit, and legitimate purposes.
• Adequate, relevant, and limited to what is necessary.
• Accurate and, where necessary, kept up to date.
• Retained only as long as necessary.
• Secured against unauthorized or illegal processing and loss.

2. Personal Data Collection

During the recruitment process, we may collect applicants':

• Personal and contact information.
• Curriculum vitae, cover letters, portfolios, and reference letters.
• Public profiles (e.g., LinkedIn).
• Eligibility to work and disability information.
• Interview and assessment results.
• Identification and regulatory compliance documents.

3. Collection Methods

Personal data is obtained directly from candidates, through recruitment agencies, and from publicly accessible sources. Consent is sought for collecting data beyond what is required by labor legislation or for special categories of personal data.

4. Purpose and Legal Basis for Processing Data

Candidates’ personal data is processed to assess their suitability for collaboration or employment, communicate during the recruitment process, comply with legal requirements, and maintain recruitment records.

The legal basis for processing is to potentially enter into an employment contract, as outlined in Article 6(1)(b) GDPR.

5. Data Sharing

Personal data is shared only with related companies and third-party service providers under strict data protection measures (only for specified purposes and in accordance with our instructions).

Data may also be disclosed to any supervisory or any similar regulatory authority that is responsible for the enforcement of the Data Protection Law or other law enforcement authority upon their request.

6. International Data Transfer

Data may be transferred outside the European Union (EU), Switzerland and European Economic Area (EEA) for the purpose of assessing Candidates’ suitability for collaboration or employment. For this intention candidates give their explicit consent for the transfer of their personal data, including but not limited to their name, contact information, employment history, and qualifications, to third countries outside the European Economic Area (EEA) as part of the recruitment process. The candidates explicitly confirm that they have been informed and that they understand that these countries may not provide the same level of data protection as the EEA, and that they have been informed about the potential risks associated with such transfers.

7. Data Security and Retention

The company implements robust security measures to protect personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, personal data access is limited to those employees, agents, contractors and other third parties who have a business need-to-know and they are subject to a duty of confidentiality.

8. Consent for Data Retention

The retention period of candidates' personal data is 24 months after which the data is being permanently deleted unless the candidates have been hired or being actively involved into recruitment procedure.

Candidates who requested their personal data to be deleted are automatically removed from the records in 14 days.

9. Candidates' Rights

Candidates have rights to access, correct, erase, restrict, or transfer their personal data, and to object to its processing. Requests should be directed to careers@infomediji.com, potentially requiring identity verification.

10. Withdrawal of Consent

Consent for data processing can be withdrawn at any time, leading to the cessation of processing and secure data disposal.

11. Contact

For inquiries or concerns related to this policy, please reach out to us via email at legal@infomediji.com.

Complaints can also be lodged with the local data protection authority, though the company requests the opportunity to resolve issues first.

This Privacy Policy ensures the protection of personal data in line with GDPR and applicable laws, emphasizing Infomediji d.o.o.’s commitment to privacy and legal compliance throughout the recruitment process.

Our contact information:

If you believe that the processing of your data violates data privacy law or that your data privacy rights have been violated in some other way, you can also lodge a complaint with your local data protection authority (see https://edpb.europa.eu/about-edpb/board/members_en). In Slovenia this is Information Commissioner Office https://www.ip-rs.si/en/, who can be contacted via phone: +386 1 230 97 30 or email: gp.ip(at)ip-rs.si. We would, however, appreciate the opportunity to deal with your concerns before you approach the authorities, so please contact us in the first instance.