This notice describes how we collect and use personal data about you, in accordance with the General Data Protection Regulation (GDPR) and Romanian Data Protection Law in force, as amended or updated from time to time, in Romania (‘Data Protection Legislation’). Please be advised that the Romanian national implementing law is still in draft version, pending Parliament approval steps. We may change our privacy notice at any time without giving you early indication in this respect, so please check it each time you visit our website. Current version has been last updated on 24th of May, 2018.
DEFINITIONS
Personal data means “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” (Art. 4 GDPR).
Processing of personal data means “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction” (Art. 4 GDPR).
ABOUT US
KMT, hereinafter referred to also as the Company, represents the company K.M.Trust & Partners SRL, with head-office in Bucharest, 9 Aleea Alexandru, registered at the Registry of Commerce under the number J40/20870/12.12.2005, having unique code of registration RO 18208900, owner of the Internet web-site http://www.kmtrust.com , having the following contact data: phone +40-31-805.95.41; fax +40-31-805.95.42 e-mail: romania@kmtrust.com .
KMT is an executive search and leadership development company, having as purpose and main objects of its activity the matching of professionals’ skills, expertise, studies and interests with potential job opportunities that the company may have in time, as well as leadership/executive development activities.
We are accountable for deciding how we hold and use personal data about you. We are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.
HOW WE COLLECT YOUR PERSONAL DATA
This privacy policy applies to the collection, storage and use of personal information collected by KMT:
WHAT PERSONAL DATA WE COLLECT ON CANDIDATES
KMT aims to collect the minimum data it needs to perform its role. Typically, this is name, address, job title and contact details. In addition, if you are a candidate being considered for a role it may also include your CV / resume as well as other details about your skills and experience.
A comprehensive list of personal data we collect on candidates is below:
If you have been indicated by one of our candidates for reference check process: we collect basic contact details (such as name, title, address, email and mobile phone number) so that we can contact you for a reference check on one of our candidates.
WHAT IS OUR LAWFUL BASIS FOR PROCESSING CANDIDATE PERSONAL DATA
We use the data we collect to perform a number of tasks, including:
Client contacts: We use the information collected from clients to ensure that we provide business services to you. This will involve identifying candidates that will meet your requirements, or providing other business services from our portfolio.
The exchange of personal data of our candidates and client contacts is an essential part of what we do as an executive search business and, as such, it is in our legitimate interests to process your data for such purpose.
Suppliers: we use the data collected to ensure the business arrangements between us run smoothly.
Referees: we use the data collected to contact you for a reference on one of our candidates.
We believe that it is necessary for our legitimate interests as a recruitment and leadeship development business to process your personal data. We would never process your data otherwise. At different stages in the recruitment processes we also have other lawful grounds for processing your data such as compliance with our legal obligations and where it is necessary for the performance of contracts related to the recruitment process.
Below is a list of cases in relation to which we believe we hold a legitimate interest in processing your personal data:
This storage and use of your personal information allows you to be contacted about roles which may be of interest to you, now or in the future, and we do not believe that this storage and use will unduly prejudice your rights or freedoms. However, please note that we do not consider CVs older than 3 years absent any update to be relevant for our executive search business.
WHOM WE SHARE YOUR PERSONAL DATA WITH
For executive search projects your personal data provided to us as candidate is processed by K.M.Trust using “Not Actively Looking” platform. We will ensure that:
For more information about Not Actively Looking’s privacy notice please read here https://notactivelylooking.com/terms#information-notice
For leadership development services we may share your data with executive education providers or administrators of digital apps that facilitate interaction with executive program participants. Any such data sharing will only be done in order to deliver our service to you and in full transparency.
YOUR RIGHTS
It is important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details below.
Under certain circumstances, by law you have the right to:
You also have the right to object where we are processing your personal information for direct marketing purposes.
If you want to exercise any of the above rights, please email our data protection point of contact using dataprotection@kmtrust.com
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
RIGHT TO WITHDRAW CONSENT
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email our data protection point of contact dataprotection@kmtrust.com
Once we have received notification that you have withdrawn your consent, we will no longer process your personal information (personal data) for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so.
CHANGES TO THIS NOTICE
Any changes we may make to our privacy notice in the future will be updated on this web page.
We will also make you aware of changes to this policy by e-mail if applicable.
CONTACT US
If you have any questions regarding this notice or if you would like to speak to us about the manner in which we process your personal data, please email us at dataprotection@kmtrust.com
You also have the right to make a complaint to the Romanian Data Protection Authority should you believe we have, at any time, mistreated your personal data. The Romanian DPA’s contact details are as follows:
Address: B-dul G-ral. Gheorghe Magheru 28-30
Sector 1, cod postal 010336
Bucuresti, Romania
Phone: +40.318.059.211
+40.318.059.212
Fax: +40.318.059.602
Email: anspdcp@dataprotection.ro
Website: www.dataprotection.ro