Data Protection privacy policy

"Globalturn.dk" and "Denmarkstudy.com" and "recommenditt.com" including all subdomains of Globalturn

(1) Processing activities

Operation of career network and job exchange for (registered) customers.

This agreement is made between you, the registered user (either company or candidate), and GLOBALTURN, Ørstedsgade 40, 2, 5000 Odense C, Denmark.

(2) Controller

GLOBALTURN.

(3) Contact details of responsible entity for data protection

Globalturn

c/o Data Protection

E-mail:info@globalturn.dk

Address: Ørstedsgade 40, 2, 5000 Odense C, Denmark

(4) Purposes of data processing

on the legal basis of performance or preparation of contracts

(b) Keeping job advertisements accessible to prospective employees and employers, informing interested parties about suitable offers.

(c) Provision of communication channels to the controller for servicing the contractual relationship.

(d) Maintaining and enhancing customer satisfaction and customer retention through an analysis of user behaviour.

(e) Collecting user data to document reach.

(f) Recommending jobs and candidates in the following cases:

show best matching candidates to a job

show best matching jobs to a candidate

show best matching jobs to a job

show best matching candidates to a candidate

(g) Enable network participants to establish and maintain networks

on the legal basis of the (overriding) legitimate interests of the controller: direct marketing

(h) Customer recovery and attracting new customers

(i) Dissemination/presentation of advertising for (other) goods and services of the controller by means of direct marketing ("marketing purposes"), to the extent permitted by law

(j) Analysis of the reader behaviour and personal preferences of customers for the purpose of targeted dissemination of advertising with the aim of avoiding scatter losses (using profiling, see paragraph 9)

(5) Legal basis for data processing

(1) Online use. Performance of the contract. The use of the career network and job exchange is already based on a contract as defined in Art. 6 (1) (b) GDPR; a registration relationship is established upon registration. Through the use of the social media channels of the controller the primary contractual relationship exists with the respective service provider.

(2) Additional services. Consent. The controller will obtain the customer's express consent for specific services (e.g. social media tools, ). Such consent may be withdrawn at any time with effect for the future.

(6) Description of (overriding) legitimate interests for the purposes

Of IT security

The controller will store the IP addresses of its customers for a period of 7 days in order to protect against targeted attacks in the form of server overloads (Denial of Service attacks) or other damage to the systems. The controller has an overriding legitimate interest in such data processing for the purposes of maintaining the functionality of its online services (Recital 49 GDPR).

(7) Evaluating personal aspects of the customer (profiling)

Type

Evaluation of personal interests with regard to jobs

Description

For the purpose of compiling suitable job offers the controller processes and evaluates search and user behaviour, and draws conclusions about specific personal interests. The controller uses those evaluated interests to send the customer targeted job offers.

(8) Objection to profiling

The customer may object to the use of his personal data for the purpose of profiling at any time and without having to state reasons. Upon objection the controller will no longer use the customer's personal data for the purposes of profiling.

(9) Obligation to provide data

The customer is under no obligation to provide data. Reasonable use of the platform is, however, inconceivable without entering any data.

(10) Automated decision-making

The customer is subject to no automated decision-making which would become legally effective vis-à-vis him.

(11) Processed types of data

Provided by the customer

Name/Company name, academic degree

Username

Phone number

Email address

Place of residence or address

Title

Date of birth

Application text

Message contents

Password

Curriculum vitae

Photo, Video

Uploaded data

Information on the desired job

Current occupation, work experience

Languages and other skills

Training and continuing education

Contact requests

Bookmarked jobs

Additionally collected by the controller

IP addresses (log files)

Data on the terminal equipment

Browser used

Equipment used

Communications protocol

Information on account use (e.g. date created, number of logins, date of the last request)

Information on newsletter subscription

User ID

Facebook user ID

Facebook email address

Facebook profile link

Date of the last Facebook alignment

LinkedIn user ID

LinkedIn email address

LinkedIn profile link

Date of the last LinkedIn alignment

(12) Data sources (to the extent not provided by the customer nor collected by the controller)

Source

Facebook login

Types of data

Email, name, sex, Facebook UID, Facebook link, photo

Source

Xing login

Types of data

Email, name, sex, Facebook UID, Facebook link, photo

Source

Google login

Types of data

Email, name, sex, Facebook UID, Facebook link, photo

Source

LinkedIn login

Types of data

Email, name, sex, Facebook UID, Facebook link, photo, current occupation

Source

MailChimp

Types of data

IP location, preferred email client, registration source, campaign details (receipt, open, click)

Social media channels:

Facebook

Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, https://de-de.facebook.com/about/basics

LinkedIn

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, https://www.linkedin.com/legal/impressum

Twitter

Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, https://twitter.com/de/tos

Google Plus

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, https://www.google.com/contact/

(13) External recipients of data:

All external recipients can be written to and contacted via the controller with regard to questions under data protection law.

(14) Transfer to third countries

The following data will be transmitted to countries outside of the EU in connection with data processing:

Country

USA

Application

One.com

Types of data

Google Analytics: anonymised IP address, website title, browser-specific information, information about website use

One.com (storage): email address, name

Country

Denmark

Application

Facebook

Types of data

Social plug-ins (upon consent using double click): IP address, website title, browser-specific information, information about website use

(15) Storage period

Non-registered users: Personal data (in particular the IP address) of (non-registered) visitors to the website will be stored for purposes of IT security for a period of 7 days.

Registered users: Data on registered users will be processed by the controller on the legal basis stated above for the term of the contractual relationship. Users may edit or delete such data at any time. In any case the use agreement will end upon deletion of the account by the customer or after a period of 7 years of inactivity; this will lead to immediate deletion.

Registered employers: Generally, personal data of registered employers will be processed by the controller on the legal basis stated above for another 40 months after termination of the contract (= 36 months for potential contractual claims for damages + max. 4 months service period for a statement of claim) and then deleted (in any case, links to personal data). In any case the use agreement will end after a period of 7 years of inactivity and will lead to immediate deletion.

(16) Rights of the data subject

Basis

Art 15 GDPR "Access"

Contents

The customer shall have the right to obtain confirmation as to whether or not his personal data is being processed.

Basis

Art 16 GDPR "Rectification"

Contents

The customer shall have the right to obtain without undue delay the rectification of inaccurate personal data or to have them completed.

Basis

Art 17 GDPR "Erasure"

Contents

The customer shall have the right to obtain the erasure of personal data within 4 days as long as the reasons stated in Art 17(1) GDPR are fulfilled.

Basis

Art 18 GDPR "Restriction"

Contents

The customer shall have the right to obtain restriction of processing of personal data as long as the reasons stated in Art 18(1) GDPR are fulfilled.

Basis

Art 21 GDPR "Objection"

Contents

Objection to profiling. The customer shall have the right to object to processing of his personal data for the purposes of profiling at any time. Objection to direct marketing: The customer shall have the right to object to processing of his personal data for the purposes of direct marketing at any time.

Basis

Art 20 GDPR "Data portability"

Contents

The customer shall have the right to receive the personal data concerning him in a structured, commonly used and machine-readable format.

(17) Right to lodge a complaint

Basis

Art 77 GDPR

Contents

Each customer shall have the right to lodge a complaint with the supervisory authority if he considers that the processing of personal data relating to him infringes this Regulation.

(18) Data portability:

We have built a feature that allows you to download the data from your profile. You will get the data in a structured format. You will find this feature in your account settings and you can always request us to do so .We will do it by 3 days of the request.