Privacy policy

Preamble

Global Web Solutions Kft. (hereinafter referred to as “Controller“, headquarters 8060 Mór, Kert utca 18.) as a (Data) Controller in the processing of personal data acts in accordance with the provisions of the regulation and the applicable laws (regulation No 2016/679 of the European Parliament and the Council of 27 April 2016) on the protection of individuals with regard to the processing of personal data and the free movement of such data.

Global Web Solutions Kft. respects your rights (hereinafter referred to as “Data Subject“) to protect your personal data. This information material summarizes, in a compact, simple way, what information we collect, how we can use it, and describes the tools we use, as well as the privacy and enforcement capabilities of the Data Subject.

Detailed rules are laid down in the aforementioned Regulation. For further information, we recommend that the Regulation is to be studied.

 

Definitions

  • Personal data – any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • Processing – any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • Controller – a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
  • Data Processor – a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • Recipient – a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
  • Third Party – a natural or legal person, public authority, agency or body other than the Data Subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
  • Consent – consent of the Data Subject means any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
  • Profiling – means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
  • Personal data breach – means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;
  • Authority: National Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság), naih.hu

 

1.      Designation and contact details of the Controller (service provider)

Name of Controller:                                                                Global Web Solutions Kft.

Headquarters:                                                                            8060 Mór, Kert utca 18.

Postal address:                                                                           8060 Mór, Kert utca 18.

Company registration number:                                       07-09-025475

Data Protection Officer:                                                       Dávid Nemes

E-mail of Data Protection Officer:                                  data.incident@gwshub.com

E-mail of Customer Service:                                               info@gwshub.com

 

2.      Purpose of processing, scope of processed data, duration of processing, and scope of entitled third parties to access data

Purpose of processing

Personal data can only be processed for a specific purpose, to the extent necessary, to exercise a right and to fulfill obligations. At all stages of processing, the purpose of processing must be met, data entry and management must be fair and legitimate. Personal data can only be handled to the extent and for the duration required to achieve the goal. Controller’s internal instructions specified that only the recipients contributing to and needed to achieve the purpose of processing can manage the data.

 

The Controller manages personal data on the basis of a Data Subject’s legitimate interest in the following cases:

  • Fast track application: registration and application for job opportunity monitoring and/or job opportunity notification
  • CV Creation: application for job opportunity monitoring and/or job opportunity notification
  • Applying for a specific job
  • Presenting a customized offer
  • Creating a MatchMaker profile and participating in the MatchMaker Network to earn money with member recommendations
  • Finding new applicant (via MatchMaker)
  • Creating and publishing / presenting a corporate profile on the website
  • Creating and publishing / presenting a supplier profile on the website
  • Potential partners EDM
  • Registering Data Subject’s relevant data for service providing.
  • Operating IT background for service providing.

 

The Controller manages personal data on the basis of a Data Subject’s explicit and voluntary consent in the following cases:

  • Sending electronic newsletters
  • Online system usage: comment, rating, event application
  • Displaying targeted ads

The provision of data based on a voluntary consent is not a prerequisite for the conclusion of a contract, it is not obligatory for these purposes to provide personal data.

 

The scope of processed data, the duration of processing, and entitled third parties to access data

Referring to the above, the following data are collected and treated for the designated retention period by reference to the claimed legal basis.

 

Data PROCESSED by LEGITIMATE INTEREST

Name of dataRetention time
Name, nickname, email, telephone numberRetention time according to the termination of legitimate interest or according to the related statutory provision (Hungarian Civil Code 6:22§), which is 5 years
location
online user ID
work experience
spoken languages
area of expertise
uploaded CV
birth year
Facebook ID
Linkedin ID
billing and payment information
profile image
cookie: IP, browser, information needed to access the service

 

Data PROCESSED by voluntary CONSENT

Name of DataRetention time
user nameRetention time until unsubscription
name, email addressRetention time until unsubscription
nicknameRetention time until unsubscription
telephone numberRetention time until unsubscription
profile imageRetention time until unsubscription
cookie: convenience functionsRetention time until unsubscription or according to related legal requirements

 

About the method of unsubscription Data Subject can find information in Chapter 6 of this material.

 

Notice on the use of cookies

Controller uses cookies when visiting its site. Cookies are information packages made of letters and numbers that Controller’s website sends to Data Subject’s browser to save certain settings, facilitate the use of the website and help Controller collect some relevant, statistical information about the website visitors.

The acceptance of cookies is mandatory to use Controller’s service detailed in the General Terms and Conditions, which will be done at the time of registration. For marketing purposes beyond the use of the service, Controller kindly asks for Data Subject’s voluntary consent for their use.

Controller informs its users that, in order to measure the attendance of its website family (gwshub.com, sscheroes.com, etc., and all the services available on Controller’s partner sites), monitor visitor behavior, study statistics, and boost the performance of its ads, Controller uses Google Remarketing, AdWords Conversion Tracking, and Facebook Remarketing cookies. Please refer to Google’s and Facebook’s privacy policies for further information on their operation and function.

The IP address of visitors to our site is recorded by Google and Facebook. Within 30 days of the visit Google Display Network and Facebook news feed wall will display ads.

 

3.      Automated decision-making, profiling based on personal data

  • Following registration and the completion of the user profile, we collect the data provided by the user
  • Following the application for a job and the completion of the tests, we collect the data provided by the user
  • We collect the user’s behavior factors during the use of the website
  • We analyze the collected data and compare them with the job opportunities
  • Based on this, we offer potential jobs and employers to the users
  • Based on this, we offer potential applicants to the employers
  • If, based on the provided and collected data, the profile created for the user does not match the profile required by the employers, we do not recommend the user for the given position within the frameworks of our referral service

 

4.      Collection, use, and transmission of personal data

When collecting personal data, the Controller complies with applicable legal regulations, restrictions, and ethical standards.

Controller:

  • Informs Data Subject of Controller’s processing practices as prescribed in a timely manner, before data is processed.
  • Collects, stores and uses personal data for a specific purpose only. The information collected is always relevant and appropriate to the given purpose.
  • Makes reasonable steps to ensure that Data Subject’s personal data is entire, accurate, up-to-date and reliable to Data Subject’s intended purpose.
  • Uses Data Subject’s personal data for promotional purposes only with Data Subject’s explicit consent and provides the opportunity to withdraw consent for, thus prohibit such communication.
  • Takes reasonable and prudent steps to protect Data Subject’s personal data, including cases when personal data is transmitted to third parties. Data transfers to third parties without Data Subject’s prior express consent will not happen.

For the processing of personal data by the Controller, the following Data Processor(s) will be used for the indicated activities:

Data ProcessorCompany reg. numb. / VAT numb.Data processing activity
Tárhely.eu                  01-09-909968Operating an IT background to provide service
Google368047Measuring visitor numbers, data storage
FacebookMeasuring visitor numbers, behaviour monitoring
Mailchimpsending newsletters
Accounting officeinvoicing, accounting services
Contracted partners (vendors)Financial services, IT services, Marketing, Recruitment and Business consulting

 

5.      Access, modification, correction, and portability of personal data

Access

Data Subject has the right to receive feedback from Data Controller as to whether Data Subject’s personal data is being processed and, if such processing is in progress, has the right to have access to his or her personal data and the following information:

  1. purposes of processing;
  2. categories of personal data concerned;
  3. categories of recipients or recipients with whom or which personal data was communicated or will be communicated.

Modification, correction

Data Subject is entitled to request the Controller to correct any of his or her inaccurate personal data without undue delay. Taking into account the purpose of the data handling, Data Subject is entitled to request the supplementation of incomplete personal data, including by means of a supplementary statement.

 

Portability

Data Subject has the right to receive the personal data previously provided to Controller in a commonly used, machine-readable format and is entitled to transmit this data to another Controller without being obstructed by the Controller, who was given access to these personal data in the first place, if:

  1. processing is based on a voluntary contribution or on a contract where Data Subject is one of the parties; and
  2. processing is carried out in an automated manner.

 

6.      The deletion, limitation and right to object

Deletion

(1) Data Subject has the right to terminate Data Subject’s personal data on Data Subject’s request without any undue delay by Controller and Controller is obliged to delete personal data relating to the subject without undue delay if one of the following reasons exists:

  1. personal data is no longer required for the purpose from which they have been collected or otherwise handled;
  2. Data Subject withdraws the voluntary consent given to Controller through the contact opportunity provided by Controller and there is no other legal basis for processing;
  3. Data Subject has been concerned with data handling for reasons related to Data Subject’s own situation or Data Subject objects to data processing because of direct business information management, and there is no priority legitimate reason for data processing;
  4. personal data has been unlawfully handled;
  5. personal data is to be deleted in order to comply with legal obligations imposed on the Controller in the European Union or Member States’ law;
  6. the collection of personal data was directly related to the provision of information society services specifically to children.

(2) If the Controller has disclosed personal data and is required to cancel it pursuant to paragraph 1, it shall take reasonable steps, including technical measures, to take into account the available technology and implementation costs in order to inform the Controllers handling the data, that Data Subject has requested from them to delete any referring links, duplications or copies of such personal data.

(3) Paragraphs (1) and (2) shall not apply where data processing is required:

  1. to exercise the right to freedom of expression and information;
  2. to fulfill an obligation under EU or Member State law for the processing of personal data, which is applicable to the Controller, based on public interest or to carry out tasks in accordance with exercising public authority;
  3. based on public interest in the fields of workplace health or public health;
  4. for purposes of public interest archiving, for scientific and historical research purposes or for statistical purposes, where the law referred to in paragraph 1 is likely to render impossible or seriously jeopardize this data processing; or
  5. to file, enforce or protect legal claims.

 

Limitation

(1) Data Subject has the right to request Controller to limit the processing of data on request if one of the following is true:

  1. Data Subject dispute the accuracy of the personal data; in this case, the limitation concerns the period of time where Controller can verify the accuracy of personal data;
  2. data processing is unlawful, and Data Subject opposes the deletion of data and instead requests their use to be limited;
  3. Controller no longer needs personal data for data processing, but Data Subject requires them to submit, enforce, or protect legal claims; or
  4. Data Subject has objected to data handling for reasons related to Data Subject’s own situation; in this case, the restriction applies to the duration of determining whether the rightful reasons of Controller have priority over Data Subject’s legitimate grounds.

(2) If the processing of data is restricted under paragraph 1, such personal data may only be used with the consent of the Data Subject concerned or with the submission, enforcement or protection of legal or other rights of the natural or legal person, or in an important public interest of the EU or a Member State.

(3) Controller shall inform Data Subject in advance the dissolution of limitation of the previously limited processing of data requested by Data Subject pursuant to paragraph (1).

 

Objection

Data Subject is entitled to object to the handling of Data Subject’s personal data for any reason relating to Data Subject’s own situation if the Controller carries out a task in the exercise of a public authority license or processing is necessary to enforce the legitimate interests of the Controller or a third party including profiling based on those provisions. In this case, Controller may not process personal data unless Controller proves that processing is justified by legitimate reasons of enforceability that prevail over the interests, rights and freedoms of the Data Subject, or for the submission, enforcement or protection of legal claims related.

If Data Subject’s personal data is handled for direct marketing, Data Subject is entitled to object at any time to the handling of personal data relating to that purpose, including profiling, if it relates to direct marketing.

If Data Subject objects the handling of personal data for direct business acquisition, personal data may no longer be processed for that purpose.

 

7.      Cookie Policy

Controller uses cookies when visiting its site. Cookies are information packages made of letters and numbers that Controller’s website sends to Data Subject’s browser to save certain settings, facilitate the use of the website and help Controller collect some relevant, statistical information about the website visitors.

The acceptance of cookies is mandatory to use Controller’s service detailed in the General Terms and Conditions, which will be done at the time of registration. For marketing purposes beyond the use of the service, Controller kindly asks for Data Subject’s voluntary consent for their use.

Controller informs its users that, in order to measure the attendance of its website family (gwshub.com, sscheroes.com, etc., and all the services available on Controller’s partner sites), monitor visitor behavior, study statistics, and boost the performance of its ads, Controller uses Google Analytics, Google Remarketing, AdWords Conversion Tracking, and Facebook Remarketing cookies. Please refer to Google’s and Facebook’s privacy policies for further information on their detailed operation.

The IP address of visitors to our site is recorded by Google and Facebook. Within 30 days of the visit Google Display Network and Facebook news feed wall will display ads.

Cookies may be deleted from the browser anytime according to the following procedure:

https://support.google.com/chrome/answer/95647?hl=hu&co=GENIE.Platform%3DDesktop

https://support.mozilla.org/hu/kb/weboldalak-altal-elhelyezett-sutik-torlese-szamito

Please find detailed information on the cookies used by us in the following section:

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

NameProviderPurposeExpiryType
__cfduidsscheroes.comUsed by the content network, Cloudflare, to identify trusted web traffic.1 yearHTTP
CookieConsentsscheroes.comStores the user’s cookie consent state for the current domain1 yearHTTP
PHPSESSIDsscheroes.comPreserves user session state across page requests.SessionHTTP
siteLangsscheroes.comSet website language.29 daysHTTP

 

 

 

 

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

 

NameProviderPurposeExpiryType
collectgoogle-analytics.comUsed to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.SessionPixel
_gasscheroes.comRegisters a unique ID that is used to generate statistical data on how the visitor uses the website.2 yearsHTTP
_gatsscheroes.comUsed by Google Analytics to throttle request rateSessionHTTP
_gidsscheroes.comRegisters a unique ID that is used to generate statistical data on how the visitor uses the website.SessionHTTP
jv_pages_count_q8kfQkZRLjsscheroes.comJivoChat using this cookie and store number of pages viewed.SessionHTTP
jv_refer_q8kfQkZRLjsscheroes.comJivoChat using this cookie and store source of entry to the website.SessionHTTP
jv_visits_count_q8kfQkZRLjsscheroes.comJivoChat using this cookie and store number of visits to the website.1 yearHTTP
@@History/@@scroll|# [x3]sscheroes.com
youtube.com
youtube-nocookie.com
PendingPersistentHTML

 

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

 

NameProviderPurposeExpiryType
IDEdoubleclick.netUsed by Google DoubleClick to register and report the website user’s actions after viewing or clicking one of the advertiser’s ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.1 yearHTTP
test_cookiedoubleclick.netUsed to check if the user’s browser supports cookies.SessionHTTP
frfacebook.comUsed by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.3 monthsHTTP
ads/ga-audiencesgoogle.comUsed by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behaviour across websites.SessionPixel
jv_utm_q8kfQkZRLjsscheroes.comJivoChat using this cookie and store ID of the marketing campaign of the visit.SessionHTTP
GPSyoutube.comRegisters a unique ID on mobile devices to enable tracking based on geographical GPS location.SessionHTTP
PREFyoutube.comRegisters a unique ID that is used by Google to keep statistics of how the visitor uses YouTube videos across different websites.8 monthsHTTP
VISITOR_INFO1_LIVEyoutube.comTries to estimate the users’ bandwidth on pages with integrated YouTube videos.179 daysHTTP
YSCyoutube.comRegisters a unique ID to keep statistics of what videos from YouTube the user has seen.SessionHTTP
trfacebook.comPendingSessionPixel
ads/user-lists/#google.comPendingSessionPixel

 

Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.

 

NameProviderPurposeExpiryType
jv_enter_ts_q8kfQkZRLjsscheroes.comJivoChat using this cookie and store the first visit to the website.SessionHTTP

 

Since the Data Processor uses various services of Google Inc. (as specified above), the Data Subject may read details about Google’s data collection activities at the following link: http://www.google.com/intl/hu/policies/privacy/ads/.

 

8.      Data Subject’s Enforcement Opportunities

In the event of violation of Data Subjects personality rights and in the cases specified in the Regulation, Data Subject may request the assistance of the National Authority for Data Protection and Freedom of Information:

Name:                      National Authority for Data Protection and Freedom of Information

Postal address:   1530 Budapest, Pf .: 5.

Address:                 Szilágyi Erzsébet fasor 22 / c., 1125 Budapest, Hungary

Phone:                    +36 (1) 391-1400

Fax:                           +36 (1) 391-1410

Web:                        naih.hu

E-mail:                     ugyfelszolgalat@naih.hu

 

9.      Changes in this Information material

The Controller reserves the right to modify or update this “Information” at any time, without prior notice, and publish the updated version on its websites. Any modification applies only to personal data collected after the publication of the revised version.

Please check this “Information” regularly to review the changes or to know how the changes affect you.

Last update: May 14, 2018