Dear Madam, dear Sir,

our companies from the SYNERGIE group, namely:

• SYNERGIE, s.r.o., Company ID No.: 458 08 139, registered in the Commercial Register maintained by the Municipal Court in Prague under File No.: C 12217;
• SYNERGIE TEMPORARY HELP s.r.o., Company ID No.: 267 11 834, registered in the Commercial Register maintained by the Municipal Court in Prague under File No.: C 88950, both companies with registered office at Na příkopě 854/14, Nové Město, 110 00 Prague 1, Czech Republic;
• SYNERGIE Slovakia s.r.o., Company ID No.: 357 66 239, registered in the Commercial Register maintained by the Municipal Court in Bratislava III under Section: Sro, Insert No.: 19040/B;
• SYNERGIE TEMPORARY HELP s.r.o., Company ID No.: 482 65 403, registered in the Commercial Register maintained by the Municipal Court in Bratislava III under Section: Sro, Insert No.: 105834/B, both companies with registered office at Dunajská 4, 811 08 Bratislava, Slovak Republic

(all companies collectively hereinafter the “Data Controllers” or the “Companies“)

process personal data in connection with the operation of the websites at www.synergie.sk, www.synergie.sk/cs/, www.synergie.sk/en/, syn.cz, sandyou.sk, sandyou.cz, sandyou.sk/cs/, sandyou.sk/en/ (hereinafter the “Website” or “Websites“) and the provision of services as joint controllers of personal data. We hereby inform you of the following facts related to the processing of personal data.

 

1. Who is the data controller and how you can contact us?

The data controller are all the Companies which you can contact the contacts below:

SYNERGIE, s.r.o. (Czech Republic)

Tel: +420 607 065 264

E-mail: synergie@syn.cz

 

SYNERGIE TEMPORARY HELP s.r.o. (Czech Republic)

Tel: +420 607 065 264

E-mail: synergie@syn.cz

 

SYNERGIE Slovakia s.r.o. (Slovakia)

Tel: +421 2 54 41 55 22

E-mail: synergie@synergie.sk

 

SYNERGIE TEMPORARY HELP s.r.o. (Slovakia)

Tel: +421 2 54 41 55 22

E-mail: synergie@synergie.sk

 

2. For what purpose and on what legal basis do we process your personal data?

We process your personal data in accordance with Regulation (EU) No 2016/679 of the European Parliament and of the Council (hereinafter the “GDPR“) and Act No. 110/2019 Sb., on the processing of personal data. The purpose of processing your personal data is in particular:

• obtaining access to and use of the Websites,
• communicating with the Companies,
• the provision of services by the Companies to job applicants, employers and others,
• the use of services for job applicants (e.g. receiving alerts for job offers).

The legal basis under which we process your personal data are as follows:

a) Conclusion and execution of the contract you enter into with us

b) Processing of your personal data on the basis of your explicit consent

• In this case, we process your personal data only for the purposes and to the extent specified in the consent.
• These are purposes for which we cannot process your personal data on any other legal basis.
• This includes, for example, the processing of personal data for the purpose of a possible future approach with another job offer after the end of selection procedure or another approach with a relevant job offer.

c) We may process personal data without your consent in the following cases:

• compliance with reporting obligations to public authorities,
• compliance with enforcement obligations,
• compliance with archiving obligations,
• existing legitimate interest of the Companies, e.g.:
  • protection of Companies’ the rights and legally protected interests,
  • the resolution of disputes, in particular for the purposes of litigation or other disputes.

 

3. How is personal data processed within the Refer a Friend program?

a) Purpose

In the framework of the Refer a Friend program, we process the personal data of the data subject who referred a friend (referrer) as well as the and the referred friend (referee). We process personal data for the following purposes:

• communication with the referrer and payment of the remuneration for the referral according to the terms of the program, and
• communication with the referred friend.

b) Legal basis

The legal basis for the processing of the referrer’s personal data is the fulfillment of the contract between the Companies and the referrer, as well as the fulfillment of the Companies’ obligations related to the contract, primarily communication with the referrer.

The legal basis for the referee’s personal data processing of is the consent and legitimate interest of the Companies, which is their interest in the effective search for candidates for vacant job positions and communication with these suitable candidates and, if the conditions for payment of remuneration to the referrer are met, also the interest in fulfilling the Companies’ contractual obligations towards the referrer.

c) Source of personal data

The source of the personal data under the Refer a Friend program is the referrer, both his or her personal data and the personal data of the person referred.

d) Automated processing

Automated processing of personal data takes place in the context of the Refer a Friend program.

Unless otherwise stated in this section, the general rules on the processing of personal data set out in this Policy apply to the Refer a Friend program.

 

4. To what extent will your personal data be processed?

The Companies will process your personal data only to the extent necessary for the provision of the services, in particular the following personal data:  

• Data collected when applicants send their CV: surname, first name, e-mail address, telephone number, CV and any personal or professional information contained in the CV. Some of this information is marked as mandatory. If the job applicant refuses to provide them, he/she will not be able to access the services offered.
• Data collected when submitting a request for a price quotation: surname, first name, job title, company name, phone, e-mail address. Some of these data are marked as mandatory. If the Website user refuses to provide them, he/she will not be able to access the services offered.
• Data collected when submitting the contact form: surname, first name, telephone, e-mail address. Some of this information is marked as mandatory. If the Website user refuses to provide them, he/she will not be able to access the services offered.
• Data collected when submitting the Refer a Friend form: surname, first name, e-mail address and job title. Some of this information is marked as mandatory. If the Website user refuses to provide them, he/she will not be able to access the services offered.
• Login information collected when logging in and using the Website.

The provision of personal data is not obligatory, but the absence of certain personal data (in particular those allowing proper identification of the person acting) may result in the failure to conclude a contract or to provide other services requiring proper identification of the person on the Website.

The processing of personal data does not involve automated processing of personal data within the meaning of Article 22 of the GDPR Regulation.

 

5. How are personal data processed within the Staffino application?

a) Purpose

Within the Staffino application, we process personal data of employees and customers (including candidates and job applicants) for the following purposes:

• evaluating and improving the services we provide, and
• promotion and marketing activities of the Companies.

b) Legal basis

The legal basis for the processing of personal data for each purpose is as follows:

• Evaluating and improving services

The Companies’ legitimate interest, which is to continuously improve their services through the feedback received from customers.

• Promotion and marketing activities of the Companies

Consent to the processing of personal data for the above purpose.

c) Scope of the personal data processed

Within the Staffino application, the Companies process the following personal data:

• Employee data: surname, first name, e-mail address, job title and photo.
• Customer data (including candidates and job applicants): surname, first name, e-mail address, telephone number, the job which the customer has applied for, or the service provided, the reason for rejection by the Companies, their client or the customer himself/herself, dates of relevant events (interview, rejection, acceptance, starting at work), information obtained when contacting the customer or provided by the customer via Staffino application.

d) Source of personal data

The source of personal data within the Staffino application is the customer, or personal data obtained from the system for the registration of candidate and client profiles and for the management of selection procedures held by the Companies.

e) Automated processing

The processing of personal data by the Companies within the Staffino application does not involve decision-making pursuant to Article 22 of the GDPR Regulation, which is based exclusively on automated processing with legal effects that concern or otherwise significantly affect the person concerned.

f) Data processor

Personal data within the Staffino application is processed by the company STAFFINO s. r. o. as a data processor on behalf of the Companies, with its registered office at Volgogradská 84, 080 01 Prešov, Slovak Republic, Company ID No.: 47 645 407, registered in the Commercial Register maintained by the District Court in Prešov, Section: Sro, Insert No.: 31750/P.

Unless otherwise stated in this section, the general rules for the processing of personal data within the Staffino application as set out in this Policy shall apply to the processing of personal data.

 

6. To whom do we transfer personal data?

Your personal data may also be transferred to external companies that assist us with various activities involving the processing of personal data (accounting, IT services, marketing services, legal services, etc.). Your personal data may also be transferred to potential employers.

Personal data is only ever transferred to third parties if all legal requirements relating to the protection of personal data are met. Your personal data may be transferred to entities within the European Union and to countries outside the European Union. In any such transfer of personal data, appropriate measures will be taken to ensure the protection of your personal data.

 

7. How long do we keep personal data?

We process personal data only for the time necessary for the purposes of processing. We assess on an ongoing basis whether there is still a need to process certain personal data necessary for a specific purpose. If we determine that they are no longer necessary for any of the purposes for which they were processed, we will delete the data.

Personal data processed for the performance of a contract and for the implementation of pre-contractual measures taken at the request of the data subject are processed for the duration of the contractual relationship with the data subject.

In order to fulfil a legal obligation, personal data is processed for the period of time stipulated by the relevant legal regulation (accounting documents are processed for ten years, other documents for their legal archiving period).

For the purposes of protecting the legitimate interests of the Companies, we process personal data for the duration of the legitimate interest, unless some event occurs that results in an earlier termination of processing (e.g. objection to processing for direct marketing purposes); for the purposes of protecting rights in potential litigation, we generally retain personal data for a period of 4 years from the time of the first possible litigation in court.

On the basis of your consent, we process personal data for the period for which the consent was given or until you withdraw your consent. The validity of the consent, unless it is renewed, is 3 years from the date of its granting.

 

8. Security of personal data

The Companies have taken all appropriate technical and organizational measures to secure personal data and have taken technical measures to secure data storage and storage of personal data in paper form.

The Companies declare that only vetted and authorized persons committed to the protection of personal data have access to personal data.

 

9. What rights you have in relation to the processing of your personal data?

As a data subject, you have the following rights:

• The right to access to your personal data within the meaning of Article 15 of the GDPR Regulation, i.e. in particular, the right to request that we tell you what personal data we process and provide you with copies of the documents on which your personal data are located, as well as to inform you of appropriate safeguards if personal data are transferred to a third country or an international organization.
• The right to request that we correct inaccurate personal data within the meaning of Article 16 of the GDPR Regulation, i.e., the right to request rectification of personal data if incomplete or incorrect personal data is processed.
• The right to request the erasure of your personal data or the restriction of its processing within the meaning of Article 17 of the GDPR Regulation, i.e. deletion of personal data if (i) they are no longer necessary for the purposes for which they were collected, (ii) consent has been withdrawn and there is no other legal basis for the processing of personal data, (iii) you as a data subject object to the processing on the basis of legitimate interest and your interests, rights and freedoms are not overridden by the legitimate interests of the Data Controllers or you object to the processing for direct marketing purposes, (iv) the personal data were processed unlawfully.
• The right to restriction of processing within the meaning of Article 18 of the GDPR Regulation, i.e. if you as a data subject believe that (i) we are processing incorrect personal data, we will restrict the processing of the personal data until its accuracy is verified, (ii) the processing of the personal data is unlawful and you as a data subject request a restriction of processing instead of erasure of the personal data, (iii) as Data Controllers we no longer need the personal data, but you, as the data subject, need it to establish, exercise or defend your legal claims, (iv) if you, as the data subject, object to the processing, we will restrict the processing of the personal data until it is verified that the legitimate interests of the Data Controllers outweigh your interests, rights and freedoms.
• The right to data portability within the meaning of Article 20 of the GDPR Regulation, i.e., the right to request the transfer of personal data in a structured, commonly used and machine-readable format to another data controller where the personal data is processed on the basis of consent and/or a contract and the processing of personal data is carried out by automated means.
• The right to object to the processing of personal data within the meaning of Article 21 of the GDPR Regulation, i.e. (i) as a data subject, you have the right to object to the processing of personal data for direct marketing purposes. If you object, we will not process your personal data for this purpose, (ii) if we process personal data for our legitimate interests or the legitimate interests of others, you as a data subject may object to such processing on grounds relating to your situation. In this case, we will only further process the personal data if we can demonstrate the existence of compelling legitimate grounds for the processing which override your interests or rights and freedoms or for the establishment, exercise or defense of legal claims.
• The right to withdraw your consent to the processing of personal data, either in the same manner in which it was granted by you or through the means or manners referred to in the last paragraph of this Article; withdrawal of consent shall not affect the lawfulness of processing based on consent granted prior to its withdrawal.
• The right to file a complaint with a supervisory authority within the meaning of Article 77 of the GDPR Regulation, which is the Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov Slovenskej republiky) and which is the leading supervisory authority, if you believe that your data protection rights have been violated. You may also contact the Czech supervisory authority as the supervisory authority concerned, which is the Office for Personal Data Protection (Úřad pro ochranu osobních údajů).

The user of the Website may access and modify his/her personal data through the form available on the Website, at https://www.synergie.sk/en/personal-data-legal-information/ or by sending an e-mail to osobneudaje@synergie.sk or osobniudaje@syn.cz or by post to the address of any Data Controller referred to in Article 1.

 

10. Cookies

The Websites use cookies. Detailed information on the use of cookies can be found further in this article and in the cookie bar when viewing the Website. A cookie is a small text file that is stored on the user’s computer for recording purposes. The cookie itself helps to keep key features of the Website running. However, for this purpose, cookies collect and store information about you and may be used to identify you. For this reason, they may be considered personal information.

Cookies can be used for various purposes. Below you will find the most common types:

• Necessary cookies – are necessary to view the website and use its features, for example, to access secure areas of the website. Without these cookies you would not be able to use our website properly.
• Preference cookies – these cookies allow the website to remember information that changes how the website behaves or looks. This includes, for example, your preferred language or the region where you are located.
• Statistical cookies – these cookies generally collect information about how users use the website. For example, they allow the Website to track sessions, the number of users visiting. They may also be third party cookies from analytics services.
• Advertising (marketing) cookies – their purpose is to help advertisers deliver more relevant advertising by tracking your online activity (e.g. how many times you clicked on an ad). These cookies may share this information with other entities, especially if they are third party cookies.

As a user of the Website, you can accept or refuse the use of different types of cookies (other than necessary cookies) via the cookie information bar that appears when you enter the Website. You will also find an explanation of each type of cookie in this information bar.

Information about the use of cookies is available directly in your browser. You can find information about the use of cookies by the following browsers on the following pages:

• Chrome (Google): Clear, allow, & manage cookies in Chrome
• Safari (Apple): Clear cookies in Safari on Mac, Clear the history and cookies from Safari on your iPhone, iPad, or iPod touch
• Edge (Microsoft): Delete cookies in Microsoft Edge
• Firefox (Mozilla): Cookies – Information that websites store on your computer

 

11. Supervisory authority

If you believe that the processing of your personal data has violated the data protection rules, you have the right to file a complaint with the leading supervisory authority. The leading supervisory authority is:

Úrad na ochranu osobných údajov Slovenskej republiky (Office for Personal Data Protection of the Slovak Republic)

Hraničná 12

820 07 Bratislava 27

Slovak Republic

Phone: +421 2 3231 3214

Website: https://dataprotection.gov.sk/

E-mail: statny.dozor@pdp.gov.sk

 

You can also contact the Czech supervisory authority as the supervisory authority concerned, which is:

Úřad pro ochranu osobních údajů (Office for Personal Data Protection)

Pplk. Sochora 27

170 00 Prague 7

Czech Republic

Phone: +420 234 665 111

Website: https://www.uoou.cz/

E-mail: posta@uoou.cz

 

This Personal Data Processing Policy has been updated as of 26 July 2023.

The Companies reserve the right to change at any time, effective upon their posting on the Websites.

 

SYNERGIE, s.r.o.

SYNERGIE TEMPORARY HELP, s.r.o.

SYNERGIE SLOVAKIA s.r.o.

SYNERGIE TEMPORARY HELP s. r. o.