RULES FOR THE ADMINISTRATION OF PERSONAL DATA

 

SECTION I. GENERAL CONDITIONS

1. The current rules for administration of personal data from the staff of Recruitsdatabase.net hereinafter referred to as "Rules" govern the organization and exercise of control in the processing of personal data by employees of Recruitsdatabase.net under the Data Protection Act (DPA) and procedures for record keeping under the DPA.
1.2. Processing of personal data is any action or set of actions that can be performed upon personal data or other automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution , transmission , alignment or combination, blocking, erasure or destruction.
1.3. Access to certain information relating to the processing of personal data is provided only to authorized personnel.
1.4. Adopt rules to regulate :

• Develop procedures and mechanisms to ensure privacy of the personal life by providing protection to individuals from improper handling of related data in the process of free movement of data ;
• Obligations of persons processing personal data and / or those who have access to personal  data and work under the direction of processing personal data, liability for breach of those obligations ;
• The required technical and organizational measures to protect personal data of the above mentioned persons against accidental or unlawful destruction or accidental loss from unauthorized access, modification or disclosure, and against other unlawful forms of processing.

2. Recruitsdatabase.net is an electronic portal for social networking, which activity requires processing of personal data of any person using the services provided by the website. Recruitsdatabase.net is registered as a data administrator (DA) within the meaning of Article 3 , para . 1 of the Data Protection Act .
2.1. All actions that are performed by Recruitsdatabase.net about any documents and statements in electronic or paper form are performed in strict compliance with the requirements for the protection of personal data under the Data Protection Act and other relevant legislation and current rules in relation to the organization and activity of recording, processing, storing and issuing documents which contains personal data.
3. Personal data is any information relating to a person who is identified or can be identified by it, directly or indirectly by an identification number or one or more specific attributes.
3.1. Protection of personal data is based on the following principles:
3.1.1. Lawful and fair processing;
3.1.2. Limited collection, use, disclosure and storage:

• Limited collection - data collected for specific, targeted goals and can’t be further processed in a way incompatible with those purposes; further processing for purposes other than the purpose for which they were collected shall be permitted only when specified in the law, personal data must be relevant and not excessive related to the purposes for which they are processed;
• Limited use - personal data must not be used for purposes other than those for which they were collected ;
• Limited disclosure - employees of Recruitsdatabase.net who have access to personal data are obliged to prevent the disclosure and dissemination of this data beyond the information provided in the law;
• Reduced Storage - Data is maintained in a form which permits identification of data subjects for no longer than necessary for the purposes for which the data is processed, except in cases provided by law ;

3.1.3. Accuracy - personal data must be accurate, complete and current, to the extent necessary for the stated purposes of their use;
3.1.4. Security and protection - personal data is protected by security measures in accordance with the nature and risks of their processing and stored according to regulations set according to requirements and deadlines.

SECTION II. PROCESSING OF PERSONAL DATA

1. The administrator assigns the processing of personal data to employees of Recruitsdatabase.net according to the specifics of the performance of their official duties.
1.1. The employee who is processing the data informs the holder on the need for recruitment and the purposes for which will be used.
1.2. Form for collecting the data:

• oral submission of data by the person ;
• hard copy ( written documentation ) ;
• electronically ;
• electronic media;
• external sources , implementing regulations.

2. Upon entering, modifying or transmission of personal data in the database the administrator provides storage for information about:
2.1. Time ( date and time ) of the input, modification and transfer of personal data;
2.2. Employees engaged in the introduction, modification or transmission of personal data;
2.3. Persons providing personal data;
2.4. Changed or transmitted personal data which have been introduced.
3. Data organized and stored in electronic form shall be introduced to the hard disk of the PC network server (in case handled by more than one employee) or isolated computer (if it is handled by a single employee or the workplace can’t be granted access to the server). The computer is connected to a local network to access protected data on which can only work the employee processing the data.
3.1. In operation with the data appropriate software is used for the processing of the same. Software processing can be adapted to the specific needs of DA.
3.2. Access to the operating system containing files for processing personal data is gained only to the employee processing the data. Access is gained through a personal password, known only to the employee, and in his absence - of his immediate supervisor or other designated official explicitly.

SECTION III . MEASURES TO ENSURE THE LEVEL OF SECURITY

1. Recruitsdatabase.net takes appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss from unauthorized access, modification or disclosure and against other unlawful forms of processing.
1.1. Measures under paragraph 1 shall include the following types of personal data protection:
1.1.1. Firmware:

• develop and implement a system to restrict access to personal data ;
• protection of electronic data from unauthorized access, damage, loss or destruction is ensured by maintaining antivirus software, periodically backing up the data on separate electronic media, as well as storing information on paper, on the server data archived by the responsible officer with appropriate qualifications, located on isolated computers data archived by the operator of the computer ( data processor ) ;

1.1.2. Regulations:

• compliance with legal requirements and application procedures for the protection of technical and information resources from accidents and disasters ( fire, flood , etc.)
• provide effective controls over internal rules and relevant regulations in Recruitsdatabase.net.

1.2. Measures under paragraphs 1 and 2 are consistent with modern technological advances and provide a level of security appropriate to the risks represented by the processing and the nature of the protected data.
2. All actions that lead or may lead to unauthorized deletion, destruction or alteration of any personal data in electronic or paper form are prohibited.
3. After achieving the purpose of the processing of personal data or prior termination of the processing of personal data Recruitsdatabase.net destroys it.
3.1. After achieving the purpose of the processing of personal data Recruitsdatabase.net store them only in cases provided by law.

SECTION IV. PROVISION OF PERSONAL DATA

1. The Administrator provides data according to statutory obligations.
2. An individual is entitled at any time to request from DA to:
2.1. delete, correct or block his data, the processing of which does not comply with the law;
2.2. notify third parties to which the personal information had been disclosed about any deletion, correction or blocking carried out in accordance with paragraph 1, except when it is impossible or involves a disproportionate effort.
3. Personal data is disclosed to third parties only after obtaining the written consent of the person to whom it relates.
3.1. In the absence of consent from the person or explicit refusal to give consent the data is not provided.
3.2. Consent is not required when obliged by law.
3.3. In cases when implementation of the right of access to an individual personal information may lead to disclosure of personal data for a third party, Recruitsdatabase.net gives access to that part of the information, referring only to him.

SECTION V. RIGHTS AND OBLIGATIONS OF THE STAFF OF RECRUITSDATABASE.NET

1. In relation to the processing of personal data Recruitsdatabase.net employees have rights and obligations in accordance with their job descriptions and are required to observe and implement the internal rules and relevant regulations.
2. For breach of statutory duties in relation to the processing of personal data under paragraph 1 the employees bear financial responsibility under the Data Protection Act as well as disciplinary action by Labor law.