When processing your personal data for Netcompany’s purposes, Netcompany acts as a data controller.
Netcompany is an international organisation with legal entities in several countries. The entity responsible for the processing of your personal data (the data controller) thus depends on which entity you are working with.
Some of your personal data may be shared internally within the Netcompany Group, but only if it is necessary in order to fulfil the purpose of which we are processing your personal data. All entities in the Netcompany Group have entered into an Intra Group Agreement that ensures that everyone follows the same procedures when processing personal data so the same level of security is maintained throughout.
|Purposes for processing of personal data
Netcompany only process personal data where a specific and legitimate purpose exists. Below we have listed the most relevant purposes for Netcompany’s processing of personal data and some of the activities associated herewith:
Applications and recruitment:
|Categories of personal data
Sensitive personal data
Generally, Netcompany does not process sensitive personal data. However, in connection with an application, we may ask for a criminal record to be provided.
|Collection of personal data
We may collect personal data from the following source(s):
(1) Directly from you, such as through an application process or other forms or information you provide to Netcompany in connection with your application, partnership, consultancy work, advisory work etc.
(2) From group entities or subsidiaries such as through an application process or other forms or information you provide to the group entity or subsidiary in connection with your employment, partnership, consultancy work etc.
(3) During your activities in the course of your application, partnership, consultancy work, such as through your performance and interaction with other employees, customers, or other individuals
(4) From third parties which may include (the list is not exhaustive):
(ii) Former employers
(iii) Public authorities (in particular regarding security checks and the obtaining of security licenses)
(iiiv) Other third parties, including background checks, agencies and external recruiters
(v) Websites, LinkedIn or similar public medias
Netcompany hereby explicitly notifies that there is video surveillance at the entries of our premises.
|Legal basis for processing of personal data
We process personal data on the following legal grounds pursuant to the GDPR:
Consent (article 6.1.a):
Necessary for the performance of the contract between you and Netcompany (article 6.1.b):
Necessary for Netcompany to comply with a legal obligation (article 6.1.c):
Necessary for the pursuit of legitimate purposes of Netcompany (article 6.1.f):
Necessary for the purpose of carrying out obligations in the field of employment, social security and social protection (article 9.2.b):
Necessary for the establishment, exercise or defence of legal claims (article 9.2.f):
|Recipients of personal data
Netcompany only shares your personal data to the extent that it is necessary in order to fulfil the purposes with the processing or if required by law. In such cases, we might share your personal data with:
Certain recipients process personal data on behalf of Netcompany (data processors) and may only process your personal data in accordance with the instructions given by Netcompany. These third parties may not process your personal data for their own purposes.
To the extent that Netcompany disclose or transfer personal data to third parties who may use your personal data for their own purposes (joint data controllers), such disclosure or transfer will only take place if it is in accordance with applicable law or with prior consent given from you.
|Transfer to countries outside the EU/EEA
Netcompany generally refrains from transferring personally data to countries outside the EU/EEA.
|(1) If the country has been deemed to have an adequate level of protection of personal data by the Commission of the European Union, and
(2) If the country has not been deemed to have an adequate level of protection of personal data by the Commission of the European Union, where the appropriate safeguards can be guaranteed through either:
(a) The use of “Model Contracts for the Transfer of Personal Data to Third Countries”, as published by the Commission of the European Union, or any other contractual agreement approved by the competent authorities, or
(b) The use of an approved code of conduct pursuant to article 40, an approved certification mechanism pursuant to article 42
We only store personal data for as long as it is necessary in order to fulfill the purposes of the processing, unless there are specific legal reasons, and/or a legal requirement that stipulates a longer storage period.
As such personal data obtained in connection with applications and recruitment will as a main rule be deleted after 12 months from the receiving of the candidate’s application.
|Your rights as a data subject
As a data subject you have certain rights, which are listed and further described below. Netcompany takes all necessary and adequate measures to protect your personal data and ensure your rights as a data subject.
|Your rights as a data subject includes the right to:
|Withdrawal of consent
When the processing of your personal data is based on your consent, you may withdraw your consent at any time by contacting Netcompany’s DPO. However, please note that this does not affect the legal basis for Netcompany’s processing of your personal data prior to the withdrawal of your consent.
|Filing of complaint
If you wish to file a complaint regarding Netcompany’s processing of your personal data, you can always contact Netcompany’s DPO. All complaints filed to the DPO should be resolved, if, however, this is not the case, you can file a complaint to the local data protection supervisory authority.
Data Protection Officer (DPO)
The contact information of Netcompany’s Data Protection Officer (DPO) are as follows:
Latest version was approved and adopted on February 3 2020.