GTC / Privacy Policy – Vol 1

Privacy Policy
This Privacy Policy describes our collection, use, disclosure, retention and protection of your personal information. It applies to any ERNI site where this Privacy Policy appears in the footer, and to any ERNI application, service, or tool (collectively "Services") where this Privacy Policy is referenced, regardless of how you access or use them, including through mobile devices. This policy is based on the requirements of GDPR (EU) and the Swiss Data Protection law.
By using our Services and/or registering for an account with us, you are accepting the terms of this Privacy Policy and our User Agreement, and you are consenting to our collection, use, disclosure, retention and protection of your personal information as described in this Privacy Policy. If you do not provide the information we require, we may not be able to provide all of our Services to you.
The company you are contracting with is your data controller, and is responsible for the collection, use, disclosure, retention and protection of your personal information in accordance with our global privacy standards as well as any applicable national laws. Your data controller may transfer data to other members of the ERNI Group as described in this Privacy Policy. We may process and retain your personal information on our servers in Europe and elsewhere in the world where our data centres or cloud service provider are located. In any case we implement appropriate measures (technical and/or contractual) to ensure the data privacy level at all our data centres or with all our cloud service provider.
1.1 PERSONAL INFORMATION
"Personal information" is information that can be associated with a specific person and could be used to identify that specific person whether from that data or from that data and other information that ERNI has or is likely to have access to. We do not consider personal information to include information that has been made anonymous or aggregated so that it can no longer be used to identify a specific person, whether in combination with other information or otherwise.
1.2 CHANGES TO THIS PRIVACY POLICY
We may amend this Privacy Policy at any time by posting the amended terms on this site. All amended terms automatically take effect 30 days after they are posted. We will announce any material changes to this Privacy Policy on the Website or via email.
ERNI operates a certified Information Security Management System (ISMS) according to ISO 27001:2013 including all Sites and Companies from ERNI Group in order to protect all relevant data.
We may collect, process and retain the below described personal information from you and any devices (including mobile devices).
- Candidate personal data
- Customer personal data
- Employee and Alumni personal data
- Supplier personal data
- Website visitors personal data
3.1 CANDIDATE PERSONAL DATA
The personal information we collect includes the following information:
- Name;
- Age;
- Sex/gender;
- Profile picture;
- Marital status;
- Contact details;
- Education details;
- Employment history;
- Languages;
- Personal goals;
- Salary expectations;
- Referee details;
- Immigration status (whether you need a work permit);
- Nationality/citizenship/place of birth;
- Social security number (or equivalent in your country) and any other tax-related information;
- Details about your current remuneration, pensions and benefits arrangements;
- Information on your interests and needs regarding future employment, both collected directly and inferred, for example from jobs viewed or articles read on our website;
- Extra information that you choose to tell us;
- Extra information that your referral contact chooses to tell us about you;
- Extra information that our Clients may tell us about you, or that we find from other third party sources such as job sites;
- IP address;
3.1.1 WE COLLECT CANDIDATE PERSONAL DATA IN THE FOLLOWING WAY:
- Personal information you give us
- Personal information we collect automatically
- Personal information we collect using cookies, web beacons and similar technologies
- Personal information from other sources
PERSONAL INFORMATION YOU GIVE US
- Entering your personal information on our recruiting websites (application form)
- Leaving a hard copy CV at a recruitment event, job fair or in one of our offices
- Mailing your CV to ERNI
- Applying for jobs through a job aggregator
- Participating in a campaign on social media channels such as Facebook or Twitter
PERSONAL INFORMATION WE COLLECT AUTOMATICALLY
- Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device's settings' menu
- Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information
PERSONAL INFORMATION WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES
- We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content. For more information about our use of these technologies and how to control them, see our policy on Cookies, Web Beacons and Similar Technologies.
PERSONAL INFORMATION FROM OTHER SOURCES
• From third party researcher, recruiting agencies and by analysing online and offline media
• From our employees to the extent that they provide us with your details to act as a referral
• If you give us personal information about someone else, you must do so only with their explicit and prior consent. You have to inform them how we collect, use, disclose and retain their personal information according to our Privacy Policy.
3.2 CUSTOMER PERSONAL DATA
The personal information we collect includes the following information:
- Name,
- Sex/gender,
- Position,
- Company,
- Contact details,
- Employment history,
- Information on your interests and needs, for example from articles read on our website;
- Extra information that you choose to tell us;
- IP address;
- The dates, times and frequency with which you access our websites
3.2.1 WE COLLECT CUSOTMER PERSONAL DATA IN THE FOLLOWING WAY:
- Personal information you give us
- Personal information we collect automatically
- Personal information we collect using cookies, web beacons and similar technologies
- Personal information from other sources
PERSONAL INFORMATION YOU GIVE US
- in meetings and personal conversations
- Participating in a campaign on social media channels such as Facebook or Twitter
PERSONAL INFORMATION WE COLLECT AUTOMATICALLY
- Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device's settings' menu
- Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information
PERSONAL INFORMATION WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES
- We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content. For more information about our use of these technologies and how to control them, see our policy on Cookies, Web Beacons and Similar Technologies.
PERSONAL INFORMATION FROM OTHER SOURCES
- From third party researcher, recruiting agencies and by analysing online and offline media
- From our employees to the extent that they provide us with your details to act as a referral
- If you give us personal information about someone else, you must do so only with their explicit and prior consent. You have to inform them how we collect, use, disclose and retain their personal information according to our Privacy Policy.
3.3 EMPLOYEE AND ALUMNI PERSONAL DATA
The personal information we collect includes the following information:
- Name,
- Sex/gender,
- Position,
- Company,
- Contact details,
- Employment details
- Account Information,
- Social contribution information,
- Employment history,
- Timesheets including all booking types such as sick leave, annual leave, performance time, …
- Extra information that you choose to tell us;
- Information discussed in Dialogs
- The dates, times and frequency with which you access our websites and systems
- Pictures
- Network usage
- Information on your interests and needs, for example from articles read on our website;
3.3.1 WE COLLECT EMPLOYEE PERSONAL DATA IN THE FOLLOWING WAY:
- Personal information you give us
- Personal information we collect automatically
- Personal information we collect using cookies, web beacons and similar technologies
- Personal information from other sources
PERSONAL INFORMATION YOU GIVE US
- in appointments, Dialogs
- in personal discussions with your superior or with other business related roles
- by participating in a campaign on social media channels such as Facebook or Twitter
PERSONAL INFORMATION WE COLLECT AUTOMATICALLY
- Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device's settings' menu
- Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information
PERSONAL INFORMATION WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES
- We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content. For more information about our use of these technologies and how to control them, see our policy on Cookies, Web Beacons and Similar Technologies.
PERSONAL INFORMATION FROM OTHER SOURCES
• Customer feedback about mandate performance
• Pictures from events
• If you give us personal information about someone else, you must do so only with their explicit and prior consent. You have to inform them how we collect, use, disclose and retain their personal information according to our Privacy Policy.
3.4 SUPPLIER PERSONAL DATA
The personal information we collect includes the following information:
- Name,
- Sex/gender,
- Position,
- Company,
- Contact details,
- Extra information that you choose to tell us;
- The dates, times and frequency with which you access our websites
3.4.1 WE COLLECT SUPPLIER PERSONAL DATA IN THE FOLLOWING WAY:
- Personal information you give us
- Personal information we collect automatically
- Personal information we collect using cookies, web beacons and similar technologies
- Personal information from other sources
PERSONAL INFORMATION YOU GIVE US
- in appointments,
- in any kind of conversation,
- Participating in a campaign on social media channels such as Facebook or Twitter
PERSONAL INFORMATION WE COLLECT AUTOMATICALLY
- Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device's settings' menu
- Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information
PERSONAL INFORMATION WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES
- We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content. For more information about our use of these technologies and how to control them, see our policy on Cookies, Web Beacons and Similar Technologies.
PERSONAL INFORMATION FROM OTHER SOURCES
• If you give us personal information about someone else, you must do so only with their explicit and prior consent. You have to inform them how we collect, use, disclose and retain their personal information according to our Privacy Policy.
3.5 WEBSITE VISITOR DATA
The personal information we collect includes the following information:
- Name,
- Sex/gender,
- Position,
- Company,
- Contact details including email address
- Extra information that you choose to tell us;
- The dates, times and frequency with which you access our websites;
- IP Address
3.5.1 WE COLLECT VISITOR PERSONAL DATA IN THE FOLLOWING WAY:
- Personal information you give us
- Personal information we collect automatically
- Personal information we collect using cookies, web beacons and similar technologies
- Personal information from other sources
PERSONAL INFORMATION YOU GIVE US
- Filling out webforms
- Participating in a campaign on social media channels such as Facebook or Twitter
PERSONAL INFORMATION WE COLLECT AUTOMATICALLY
- Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device's settings' menu
- Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information
PERSONAL INFORMATION WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES
- We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content. For more information about our use of these technologies and how to control them, see our policy on Cookies, Web Beacons and Similar Technologies.
PERSONAL INFORMATION FROM OTHER SOURCES
• If you give us personal information about someone else, you must do so only with their explicit and prior consent. You have to inform them how we collect, use, disclose and retain their personal information according to our Privacy Policy.
4.1.1 CANDIDATE PERSONAL DATA
We use personal information we collect for:
- Recruiting Activities
- Marketing Activities
4.1.2 CUSTOMER PERSONAL DATA
We use personal information we collect for:
- Recruiting Activities
- Marketing Activities
- Providing our Services
4.1.3 EMPLOYEE PERSONAL DATA
We use personal information we collect for:
- Recruiting Activities
- Marketing Activities
- HR related Activities
- Providing our Services
4.1.4 SUPPLIER PERSONAL DATA
We use personal information we collect for:
- Supplier management Activities
4.1.5 WEBSITE VISITORS PERSONAL DATA
We use personal information we collect for:
- Marketing Activities
- Provide, improve and personalize our Websites
4.2 MARKETING ACTIVITIES
The following describes our use of personal data for marketing purposes:
- Targeted E-mail
- Customer Relationship Management(CRM) Databases
- Combining and Analysing Personal Data
4.2.1 TARGETED E-MAIL
We send commercial e-mail to individuals at our client or other companies with whom we want to develop or maintain a business relationship in accordance with applicable marketing laws. Our targeted e-mail messages typically include web beacons, cookies, and similar technologies that allow us to know whether you open, read, or delete the message, and links you may click. When you click a link in a marketing e-mail you receive from ERNI, we will also use a cookie to log what pages you view and what content you download from our websites, even if you are not registered at or signed into our site.
All our commercial emails include a link where you can opt out from our mailing lists.
Targeted e-mails from ERNI may include additional data privacy information, as required by applicable laws.
4.2.2 CUSTOMER RELATIONSHIP MANAGEMENT (CRM) DATABASES
Like all companies, ERNI uses customer relationship management (CRM) database technology to manage and track our marketing efforts. Our CRM databases include personal data belonging to individuals at our client and other companies with whom we already have a business relationship or want to develop one. The personal data used for these purposes includes relevant business information.
If you wish to be excluded from our CRM databases, please inform us via the Contact Us form or by sending us an email to [email protected]
4.2.3 COMBINING AND ANALYZING PERSONAL DATA
As described above, we may combine data from publicly available sources, and from our different e-mail, website, and personal interactions with you (this includes information collected across our different websites such as our careers and corporate sites and information collected when you sign-up or log on to our sites or connect to our sites using your social media credentials (such as LinkedIn and Xing). We combine this data to better assess your experience with ERNI and to perform the other activities described throughout our privacy policy.
4.2.4 YOUR RIGHTS
You can exercise your right to prevent marketing communications to you by checking certain boxes on the forms we use to collect your personal data, or by utilizing opt-out mechanisms in e-mails we send to you. You can also exercise the right to discontinue marketing communications to you, or to have your personal data removed from our customer relationship management (CRM) databases at any time by using our Contact Us form. In such cases, we will retain minimum personal data to note that you opted out in order to avoid contacting you again.
4.3 RECRUITING ACTIVITIES
Recruiting Activities includes the following processes:
- Validation of the candidate in order to check whether the candidate suits one or multiple vacancies (based on the screenings by recruiters, line managers and domain experts of ERNI).
- Keeping the candidate in a candidate pool for later consideration up to three years after receiving the candidate’s personal data.
- Linking personal data, which has been submitted via above defined sources, and information which were provided by the candidate during the screening/interview process (including technical exercises, email correspondence, written telephone protocols and similar data).
- In case of an employment, the personal data may be forwarded to external partners for work contract preparation and work permit organization.
4.4 HR RELATED ACTIVITIES
HR Activities includes the following processes:
- Entry & leave process
- Performance review
- Employee development
- HR Administration processes including pay-rolling
4.5 PROVIDING OUR SERVICES
Providing our Services includes the following processes:
- Winning Mandates (submitting CV to Customers)
- Project Performance Review
4.6 PROVIDE, IMPROVE AND PERSONALIZE OUR WEBSITES
- Provide access to and use of our Services.
- Offer you site content that includes items and services that you may like.
- Customize, measure and improve our Services
- Provide other services requested by you as described when we collect the information
- We may use geo-location information to provide you with location based services (such as advertising, search results and other personalized content)
4.7 PREVENT, DETECT, MITIGATE AND INVESTIGATE FRAUDULENT OR ILLEGAL ACTIVITIES
- Prevent, detect, mitigate and investigate fraud, security breaches, potentially prohibited or illegal activities
- Enforce our Privacy Policy, our User Agreement or other policies
4.8 DATA RETENTION
We retain your personal information as long as it is necessary and relevant for our operations, in general 10 years. In addition, we may retain personal information from closed accounts to comply with national laws, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce our User Agreement and take other actions permitted or required by applicable national laws. After it is no longer necessary for us to retain your personal information, we dispose of it in a secure manner according to our data retention and deletion policies.
4.8.1 RETENTION CANDIDATE DATA
The personal data of the candidate will be saved up to two years. Afterwards, the personal data of the candidate will get deleted automatically. However, saving the personal data of the candidate for a longer time range than three years can be agreed between the candidate and ERNI in a written form (where applicable; depending on legal situation of the corresponding country).
The candidate will always be able to request a deletion of her/his personal data via email or via post (see imprint of join.ERNI for further information).
You have a choice about how we use your personal information to communicate with you and to send you marketing information.
5.1 MARKETING AND COMMUNICATION PREFERENCES
If you do not wish to receive marketing communications from us, you can unsubscribe from the link in the email you received, change your Communication Preferences or indicate your communication preferences within the direct communication from us.
5.2 WITHDRAW CONSENT
If you wish to withdraw you consent, please send us an email to [email protected]. Please consider, that if you withdraw your consent for the use or disclosure of your personal information for purposes set out in this Privacy Policy, you may not have access to all our Services and we might not be able to provide you all of the Services and customer support offered to our users and authorized under this Privacy Policy.
We take steps to ensure that the personal information we collect is accurate and up to date.
You have the right to ask us to confirm what information we hold about you at any time, and you may ask us to stop processing or to modify, update or Delete such information. Therefore, please send us an email to [email protected]. In such a case, we may verify your identity, or ask for more information about your request. Where we are legally permitted to do so, we may decline your request with a reason.
We may disclose your personal information to other members of the ERNI Group or to third parties as described below. This disclosure may be required for to operate (for example Cloud Services) and to provide you access to our Services, to perform Customer satisfaction surveys, to comply with our legal obligations, to facilitate our marketing and advertising activities, or to prevent, detect, mitigate and investigate fraudulent or illegal activities related to our Services. We minimize the amount of personal information we disclose to what is directly relevant and necessary to accomplish the specified purpose. As stated above, we do not disclose your personal information to third parties for their marketing and advertising purposes.
We may disclose your personal information to the following parties and for the following purposes:
7.1 ERNI GROUP MEMBERS, WHO MAY USE IT TO:
- provide joint content and services (such as customer support)
- help detect and prevent potentially fraudulent and illegal acts, violations of our User Agreement and data security breaches
- guide decisions about their products, sites, applications, services, tools and marketing communications. Members of ERNI Group will use your personal information to send you marketing communications only if you have consented to receive such communications from them
7.2 ERNI CUSTOMERS
- submitting professional CV of our employees towards Customers to verify the expertise level
7.3 SERVICE PROVIDERS AND FINANCIAL INSTITUTION PARTNERS
- Third party service providers who help us to provide our Services, payment processing services, assist us in providing customized advertising, to assist us with the prevention, detection, mitigation and investigation of potentially illegal acts, violations of our User Agreement, fraud and/or security breaches, bill collection, and other business operations
- Third party service providers who provide us Cloud Services and Cloud Storage
7.4 LAW ENFORCEMENT, LEGAL PROCEEDINGS AND AS AUTHORIZED BY LAW
- to comply with our legal requirements, respond to claims that a listing or other content violates the rights of others, or protect anyone's rights, property or safety.
- to law enforcement or governmental agencies, or authorized third-parties, in response to a verified request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, User ID history, IP address, fraud complaints
- to third parties involved in a legal proceeding, if they provide us with a subpoena, court order or substantially similar legal procedure, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity
We manage Information Security with our ISO 27001:2013 certified Information Security Management System(ISMS). Within ISMS we protect your information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centres and information access authorization controls. If you believe your personal data had been misused, please contact us following the instructions in the Contact Us section below.
This Privacy Policy addresses only the use and disclosure of personal information we collect from you. If you disclose your information to others, or if you are directed to a third-party website, their privacy policies and practices will apply.
We cannot guarantee the privacy or security of your information once you provide it to a third party and we encourage you to evaluate the privacy and security policies before you share your information.
If you have a question or a complaint about this Privacy Policy, our global privacy standards or our information handling practices, you can reach the Global Information Security Office in writing by sending us a letter or postcard to: ERNI Management Services AG, Group Information Security Office, Löwenstrasse 11, 8001 Zürich, Switzerland or by email to [email protected],
You can also find more information on how to contact us at privacypolicy.ERNI
Download here our latest version of the Privacy Policy.