“WorkingDay Latvia” SIA, Reg. No. 40003793545, address: 53-10 Tērbatas Street, LV-1011 (hereinafter – the Controller) implements the processing of personal data that is obtained on the website www.workingday.lv (hereinafter – Website) from the data subject – the user of the Website (hereinafter – the User).
The Controller shall take care of the privacy of the User and the protection of personal data, and shall respect the User’s right to the lawfulness of the processing of personal data in accordance with the applicable regulatory enactments: Regulation No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (Regulation) and other applicable regulatory enactments in the field of privacy and data processing.
The Controller reserves the right to change these terms at any time. The visitor of the Website is obliged to independently check the content of the Website in order to get acquainted with the changes in the rules.
2. The identity of the Controller and its contact details
The Controller is “WorkingDay Latvia” SIA, Reg. No. 40003793545, address: 53-10 Tērbatas Street, Riga, LV-1011, Website: www.workingday.lv, e-mail: firstname.lastname@example.org, phone: +371 67803366.
3. Contact details of the Data Protection Officer
The Data Protection Officer of the Controller is Lauris Klagišs (email@example.com, phone: + 371 29470425).
4. Purposes of processing, legal basis of processing
If the User submits his/her personal data to the Controller, such as name, surname, personal identification number, e-mail or postal address, phone number, personal messages, etc., via the Website contact forms, e-mail or other mail, the Controller stores and uses such information for recruitment purposes in the various recruitment competitions. The data subject may withdraw his or her consent to the processing in written form.
The legal basis for data processing is Article 6 (1) a of the Regulation, which stipulates that the processing of data is lawful, if the data subject has given his or her consent to the processing of his or her personal data for one or more specific purposes.
5. Personal data categories
Categories of personal data – name, surname, personal identification number, e-mail or postal address, IP address, phone number, letters and CV content.
Users are prohibited from entering sensitive personal data (of special categories) in the Controller’s database. The Controller is not obliged to check, whether the User has entered such data.
6. Categories of personal data recipients
The data is disclosed to the Controller’s customers (the potential employers), as well as to those employees of the Controller, who need them for the performance of the direct duties in order to fulfil or to conclude a relevant agreement of service provision.
When acquiring and using personal data, the Controller partially uses outsourced services, which in accordance with the agreement, strictly follow the instructions of the Controller and which the Controller monitors before and during the use of the service.
7. Categories of data subjects
Categories of data subjects – job seekers.
8. Data transfer outside Latvia
The received data, without the consent of the data subject, are not and shall not be transferred outside Latvia, the European Union or the European Economic Area, as well as will not be transferred to any international organisation.
9. Duration of storage of data
Unless otherwise stated in the data protection instructions, the Controller shall delete personal data no later than 3 months after the original reason for retention no longer applies, except for in cases when we are legally obliged to continue to retain such data (for example, but not limited to, for accounting records or for legal purposes). In any case, personal data (CVs) shall not be stored for more than 20 years after their receipt.
10. Access to personal data of the data subject
The data subject has the right to access the personal data of the data subject within one month from the date of submission of the relevant request.
The User may submit a request for exercising his/her rights in writing in person, at the registered office of the Controller (by presenting an ID document) or via e-mail, by signing it with a secure electronic signature.
Upon the receipt of the User’s request for the exercise of the User’s rights, the Controller verifies the identity of the User, evaluates the request and executes it in accordance with the regulatory enactments.
The User has the right to receive the information specified in the regulatory enactments regarding the processing of his or her data, the right to request access to his or her personal data, as well as to request the Controller to supplement, correct or delete the data, restrict the processing of it or the right to object to the processing, as long as such rights do not contradict the purpose of data processing (signing or performance of agreement).
The data subject does not have the right to receive information, if the disclosure of such information is prohibited in accordance with the law in the field of national security, national defence, public safety, criminal law, as well as for the purpose of ensuring public financial interests in tax matters or supervision and macroeconomic analysis of the participants of the financial market.