Privacy policy for recruitment using Teamtailor
1. Contacting Us
Qinshift is a multinational group of companies, thus we have offices around the globe. In case you provide and share information for the purposes of interaction with a particular Qinshift entity (for example, sending a CV on our Career site for job application in a specific Qinshift entity), then such Qinshift entity shall be deemed your data controller, and the respective local supervising data protection authority shall be the corresponding authority. Where several Qinshift entities jointly determine the purpose and means of the processing of your personal data, these Qinshift entities shall be deemed as joint data controllers in the sense of Art. 26 GDPR.
In order to achieve high level of protection of your data, we have established safeguards and measures on group level and applied them so adequate organization, administrative and technical protection is achieved and applied through our corporate and intercompany policies.
For questions specifically about this Policy, or our collection and/or processing of your personal information, cookies or similar technologies, please contact us by email at privacy@qinshift.com. You may also contact the Group Data Protection Officer at dpoqinshiftgroup@qinshift.com or send a letter via traditional post at:
Voctarova 20a,
Prague 8, 18000,
Czech Republic
2. Collection and Use of Information
The collection and use of information enable us to provide the services and products we offer, meaning, they are inevitable in order to be able for us to perform our business and provide services or offer products to you. We do not use or share your information in any other way except what is prescribed in this Policy.
Information you provide to us, such as e-mail address, name and surname, address or postal code, telephone number, can be collected by us in several ways, if the website you contact offers the type of way prescribed here, such as:
When applying for a job position through our Carrier site
When you contact us via our websites for possible business cooperation or contact us by sending e-mail to any of our contact mail addresses on the Sites
Schedule Demo Web Form
If you send us your CV via the Contact form on qinshift.com,
If you order, use or access any of Qinshift products and services, including Atlassian Apps.
If you apply for a job position at Qinshift:
(i) Categories of personal data we collect from you:
• First name and Last name
• Country of residence
• Email address
• Telephone number(s)
• Any personal data included in the CV, cover letter, job reference and/or referrals provided
We process your personal data only as far as necessary for the recruitment process and in connection with any subsequent employment, unless otherwise indicated. We will not use your personal data for any other purposes, unless the further processing of the personal data is compatible with the purposes for which this data was originally processed.
Your information will be used by Qinshift for the purposes of carrying out its application and recruitment process which includes:
1. Recruitment, selection, evaluation and appointment of job candidates (temporary or permanent) for the job you have applied for and for subsequent job opportunities.
2. General HR administration and management (in case you become a Qinshift employee).
3. Carrying out satisfaction surveys (for example, to manage and improve the recruitment process).
4. Application analysis such as verification of your employment reference(s) that you have provided, background checks and related assessments.
5. Compliance with corporate governance and legal requirements (for example, to monitor diversity requirements).
6. Communicate with you and inform you of current status of your application and future opportunities (unless you have told us that you do not want us to keep your information for such purposes).
If you are offered and accept employment with Qinshift, the information collected during the application and recruitment process will become part of your employment record.
If you’re offered and accepted employment with Qinshift, we may use your private e-mail address to create accounts for different systems (internal or external) used for different internal purposes according to Qinshift processes. No later than the day your employment with Qinshift begins, the business e-mail address will be used in systems while your private e-mail address remains in systems as your secondary contact.
(ii) Legal basis under which Qinshift processes your personal information:
The legal basis under which Qinshift further processes your personal data is comprised of the following:
• Qinshifts’ legitimate interests, namely the recruitment, selection, evaluation and appointment of new employees and the management and administration of the recruitment and HR process, to the extent these activities do not prejudice or harm your rights and freedoms.
• Compliance with Qinshifts` legal obligations where employment law or other laws require the processing of your personal information (for example to the extent the law requires the monitoring equality of opportunity and diversity).
(iii) Who may have access to your personal data?
We may transfer your personal data to companies affiliated with us acting either as joint controllers or data processors depending on whether they determine the purpose and means of processing your personal data provided this is permissible within the scope of the purposes and legal bases outlined above. Your information will be shared internally for the purposes of the recruitment process, including but not limited to the members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy, internal and external auditors and IT staff if access to the data is necessary for the performance of their roles.
Qinshift will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. Qinshift will then share your data with former employers to obtain references for you.
Qinshift may share your personal data with third parties in order to obtain pre-employment references from other employers, obtain employment background checks from third party providers and to obtain necessary criminal record checks in relevant cases.
(iv) How long do we hold your personal data?
We will only retain your personal data for as long as is reasonably necessary for the applicable purpose or to otherwise comply with any applicable laws and regulations concerning the mandatory retention of certain types of information. Should any personal data held by us no longer be required to be retained, we undertake to take reasonable steps to destroy or de-identify any personal data after a reasonable period of time has elapsed.
If you have provided us with your consent for personal data processing for recruitment purposes and in connection with any subsequent employment, and in case your job application was not successful, we will hold your data on file for 2 years after the end of the relevant recruitment process. At the end of that period, you will automatically receive an email informing that your personal information will be retained unless you actively opt-out and withdraw your consent. Once you withdraw your consent, your data is deleted, destroyed or anonymized after 7 days.
If you have decided to proceed with applying for the job opportunity without providing us with your consent for personal data processing for recruitment purposes, we will keep your personal data collected in the recruitment process until its closure but in any case, no longer than 90 days from your application for such job opportunity.
If your application for employment is successful, in any case, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.
Please consider that you have the right to request a copy of the recruitment-related personal data that we process about you or withdraw your consent for personal data processing at any time, which you can exercise through qinshift career site.
Information we collect automatically
In order to be able to conduct our business and offer you our services, we collect information about you and your use of the Sites automatically, such as:
• device IDs or other unique identifiers; device and software characteristics (such as type and configuration), connection information, statistics on page views, referral URLs, IP address (which may tell us your general location), browser and standard web server log information.
• Information collected via the use of cookies, web beacons and other technologies, including ad data (such as information on the availability and delivery of ads, the site URL, as well as the date and time, Heatmaps). See our Cookies Marketing and Advertising section for more details.
Information from other sources:
We might supplement the information described above with information we obtain from other sources, including from both online and offline data providers. See our Cookies Marketing and Advertising section for more details.
Use of Information:
We use the information in the manner prescribed by corresponding applicable law and the General Data Protection Regulation - GDPR (in force as of May 25th 2018).
The use of your information, its collection, processing and transfer is done following the principles of the GDPR and under one or more of the lawful purposes specified in Article 6 GDPR
3. Disclosure of Information
We might transfer your data within Qinshift Group of companies in order to be able to achieve the best possible service to you. Other companies within Qinshift Group act as joint controllers, depending on whether they jointly determine the purpose and means of processing your personal data. The companies within Qinshift Group regulate and safeguard the processing of your personal data through intercompany data sharing agreements and procedures and this Policy applies to all of them.
Personal data may also be disclosed to subcontractors and partners that Qinshift engages with, to perform a better service towards you, i.e. invitations, recruiting, partnering, subcontracting services for an end client, products purchases and promotions etc. Such contractors are personal data processors for Qinshift to which Qinshift requires the same level of organizational and technical measures to safeguard your data and with whom Qinshift has concluded a personal data processing agreement in accordance with Art. 28 GDPR.
In connection with any reorganization, restructuring, merger or sale, or other transfer of assets, we will transfer information, including personal information, provided that the receiving party agrees to respect your personal information in a manner that is consistent with our Privacy and Cookies Policy and safeguard procedures, as well as applicable laws and regulations.
Personal data may be disclosed to the police or other authority provided that Qinshift is required to disclose the information by mandatory law or by mandatory ruling of an authority.
4. International Transfers of Information
How does Qinshift transfer information about you to other countries?
Whenever in the course of sharing information we transfer personal information to countries outside of the European Economic Area or Switzerland and other regions with comprehensive data protection laws that are not recognized by the European Commission as ensuring an adequate level of protection pursuant to Directive 95/46/EC or GDPR, we will ensure that the information is transferred in accordance with this Policy, and as permitted by GDPR and the applicable laws on data protection.
Qinshift is multinational group of companies. For the purposes explained in this Policy, your information may be transferred to Qinshift group companies (including service providers operating on their behalf) and other third parties in countries which might not have the same level of data protection laws as those in the country where you are located. Each of those Qinshift group companies (and their authorized data processors) will however comply with Qinshift internal policies and procedures or have same level of their own policies and procedures, relating to collection and processing of personal data which complies with the key data protection principles of fair handling of personal data and ensuring adequate level of protection of personal data according to GDPR and the applicable laws on data protection.
5. Your Information and Rights
In this section, we have summed up the rights that you have. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read this Policy in full, as well as if needed further relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights with regard to your personal data are:
a) the right to access;
b) the right to rectification;
c) the right to erasure;
d) the right to restrict processing;
e) the right to object to processing;
f) the right to data portability;
g) the right to complain to a supervisory authority; and
h) the right to withdraw consent.
You can exercise these rights by contacting us in the manner prescribed in our Contacting Us section.
If you would like a copy of the personal information that we may have collected or process about you, you have the right to request it in writing be signed by you via e-mail or post. You may be asked to provide some proof of identification so that we can verify that it is you making the request.
This is in addition to your legal rights, including the right to access a copy of your personal information, the right to request the deletion or updating of any inaccurate personal data and the right to object or request suspension, in some cases, to our processing of your personal data.
You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed. In some cases, you have the right to the erasure of your personal data without undue delay. Those circumstances include:
the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
you withdraw consent to consent-based processing.
However, there are certain general exclusions of the right to erasure.
Those general exclusions include where processing is necessary:
for exercising the right of freedom of expression and information;
for compliance with a legal obligation or contract; or
for the establishment, exercise or defense of legal claims.
In some cases, you have the right to restrict the processing of your personal data. Those circumstances are:
you contest the accuracy of the personal data;
processing is unlawful but you oppose erasure;
we no longer need the personal data for the purposes of our processing,
but you require personal data for the establishment, exercise or defense of legal claims;
and you have objected to processing, pending the verification of that objection.
Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for mandatory legal obligation prescribed by law; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
You have the right to object to our processing of your personal data on grounds relating to your particular situation at any time, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party.
If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing, or the processing is for the establishment, exercise or defense of legal claims.
You have the right to object to our processing of your personal data for direct marketing purposes. If you make such an objection, we will cease to process your personal data for this purpose.
To the extent that the legal basis for our processing of your personal data is consent, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
If you consider that our processing of your personal information is not compliant with applicable regulation, you have a right to lodge a complaint with our leading authority responsible for data protection. You may do so in the local data protection authority in your habitual residence, your place of work or the place of the considered noncompliance occurred.
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
We may reject requests that are unreasonable or not required by law, including those that would be extremely impractical, impossible or absurd, could require disproportionate technical effort, or could expose us to operational risks such as free trial fraud. We may retain information as required or permitted by applicable laws and regulations, including to honor your choices, for our billing or records purposes and to fulfill the purposes described in this Policy.
6. Security and Encryption
Security
We take great care in maintaining the security of your personal data to prevent unauthorized access to it, through the use of appropriate technology and internal procedures. We take a number of steps to protect your information from unauthorized access, use or alteration and unlawful destruction, including where appropriate:
Using Secure Sockets Layer (SSL) encryption when collecting or transferring sensitive information
Limiting access to the information we collect about you (for instance, only those of our personnel who need your information to carry out our business activities are allowed access)
Putting in place physical, electronic, and procedural safeguards in line with industry standards
Encryption
Any contact you initiate with us via the Sites, whether submitting an application or an enquiry on a corresponding form, will always be encrypted. However, Qinshift cannot accept any liability for e-mails sent via your respective service provider. When using this form of contact, please ensure that your message is encrypted. Please note that any information that is sent unencrypted is not protected from third-party access.
7. Other Websites, Platforms and Applications
The Sites may contain reference and linked third party websites, platforms, applications and advertisers. We are not responsible for the privacy practices or the content of such websites, so by clicking on those links you may be directed to those websites which are not under control of Qinshift and need to comply with those respective third-party policies. If you have any questions about how these other websites use your information, you should review their policies and contact them directly.
Social plugins and social applications are operated by the social network themselves and are subject to their terms of use and privacy policies.
8. Surveys and Contests
From time-to-time we collect information via surveys or for participation of any contests organized by us on the Sites. Participation in these surveys and/or contests is completely voluntary. You may choose whether or not to participate and thereby disclose any information about you.
Information requested may include contact information (such as name and shipping address), and/or demographic or similar information. By agreeing to participate in the survey, appropriate consent based opt in will apply.
10. Policy Effect and Changes to this Policy
We will update this Policy from time to time in response to changing legal, regulatory or operational requirements. We will provide notice of any such changes (including when they will take effect).
Your continued use of the Sites after any such updates take effect will constitute acceptance of those changes. If you do not accept any updates to this Policy, please do not use the Sites.
This Policy shall take effect on the date of public announcement. Any updates related with the GDPR shall be in effect as of May 25th 2018. The latest version of this Policy is effective as of July 8th 2024 and replaces all previous versions of the Policy.