The meaning of Personal Data
“Personal Data” is defined in data protection laws applicable in your country. It includes any information relating to an identified or identifiable natural person. This means any individual who can be identified directly or indirectly by reference to an identifier such as name, identification number, location data, online identifiers (for example, IP addresses – if they can be used to identify you) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Put simply, this includes data which either by itself or with other data held by us or available to us, can be used to identify you.
Important notice about international transfers
We are part of the Aspen Group which has databases in different jurisdictions. We may transfer your data to one of the Group’s databases outside your country of domicile. These other countries will either have different data protection laws than your country of residence or they will not have data protection laws. They may not be deemed by the European Commission as providing adequate protection for Personal Data. Even if the country to which the data is to be transferred does not require us to provide adequate protection for your data, we will nonetheless seek to ensure that data transfers to Aspen Group databases in that country are adequately protected.
The categories of Personal Data we may collect, the purpose and the lawful basis
Personal Data collected from you include the following:
|Categories of Personal Data||Purpose||Lawful basis|
|Application data (e.g. name, CV)||Processing of this personal data is required to enable Aspen Oss to administer the recruiting process, including the set-up of an electronic job applicant HR file, managing your application, organizing interviews.||Processing is necessary for us to entering into a contract with you.|
|Contact information (e.g. full name, postal address, e-mail address, employer/business and professional information, job titles, telephone and fax numbers)||Managing and responding to your queries.||Performance of contract and legitimate interests – it’s important that we can respond to your enquiries.|
|Browsing information (IP address, browser information)||Monitoring and producing statistical information regarding the use of our platforms, and analysing and improving their functionality.||Legitimate interests – we need to perform this limited routine monitoring to make sure our website works properly, to diagnose any problems with our server and administer our Site|
|All information||Establishing and enforcing our legal rights and obligations and monitoring to identify and record fraudulent activity Complying with instructions from law enforcement agencies, any court or otherwise as required by law For our general record-keeping and customer relationship management Managing the proposed sale, restructuring or merging of any or all part(s) of our business, including to respond to queries from the prospective buyer or merging organisation Resolving any complaints from or disputes with you||Legitimate interest (see column on left)|
In summary, we need certain categories of Personal Data because that is necessary in order to administer any contract with you (where relevant). Certain other Personal Data is processed for our legitimate interests in cases where this does not result in prejudice to you.
Data anonymisation and use of aggregated information
We may convert your Personal Data into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from that data. We may use this aggregated data to conduct market research and analysis, including to produce statistical research and reports.In particular, we use technology to collect anonymous information about the use of this Site. For example:
- We use technology to track which pages of our Site visitors view. We also use technology to determine which web browsers our visitors use. This technology does not identify you personally, it simply enables us to compile statistics about our visitors and their use of our Site.
- Certain pages of this Site may contain hyperlinks to other pages of it. We may use technology to track how often these links are used and which pages on our Site our visitors choose to view. Again this technology does not identify you personally — it simply enables us to compile statistics about the use of these hyperlinks.
We use this anonymous data to improve the content and functionality of this Site and consider areas and subjects which are attracting interest so that we can focus our e-mail updates (for those that wish to receive such communications). This allows us to better understand our Site visitors’ interest areas generally and therefore to improve our Site and products and services we offer.
Cookies and analytic tools
- Strictly Necessary Cookies
These cookies are essential, because they enable you to move around our Web sites and use certain features, e.g., to access secure areas of the Web site or in connection with information searches. Without these cookies, certain services you may ask for could not be provided.
- Performance Cookies
These cookies may be used to collect information about how you use our Web sites, for example which pages you visit most often. These cookies do not collect information that identifies you. These cookies are only used to learn how our Web sites are performing and make relevant improvements.
- Functionality & Profile Cookies
These cookies may be used to allow our Web sites to store information about choices that you make and provide you with more personal features. We may also use such cookies to ensure that onsite marketing and experience is relevant to you. The information these cookies collect may be anonymous and they cannot track your browsing activity on other Web sites.
- Advertising Cookies
These cookies may be used to deliver advertisements that are more relevant to you and your interests. They are usually placed by advertising networks with our permission.
You can disable cookies using your Internet browser settings. Please consult your browser’s help function for information on how to disable cookies. Note that if you disable cookies, certain features of our Site may not function properly.
Disclosure of your Personal Data to third parties
We may disclose your Personal Data to third parties, including but not limited to as follows:
- to third parties who supply services to us and who help us and our group of companies to operate our business. For example, sometimes a third party may have access to your Personal Data in order to support our information technology;
- to our legal and other professional advisers;
- as necessary in order to comply with a legal requirement, to protect vital interests, to protect the security or integrity of our databases or this Site, to take precautions against legal liability; and
- to regulatory authorities, courts and governmental agencies to comply with legal orders, legal or regulatory requirements and government requests.
Security of Personal Data
We endeavour to use appropriate technical and physical security measures to protect Personal Data which is transmitted, stored or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access, in connection with our Site. These measures include computer safeguards and secured files and facilities. Our service providers are also selected carefully and required to use appropriate protective measures. In certain areas, Aspen Oss uses industry-standard SSL-encryption to protect data transmissions. Most current browsers support the level of security needed to use these areas.
In particular, we endeavour to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including as appropriate: (a) pseudonymisation (such as where data is separated from direct identifiers so that linkage to an identity is not possible without additional information that is held separately) and encryption, (b) ensuring the ongoing confidentiality, integrity, availability and resilience of systems and services used to process your Personal Data, (c) ensuring the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and (d) ensuring a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational security measures.
Retention period or criteria used to determine the retention period
We keep your Personal Data for as long as it is necessary to do so to fulfil the purposes for which it was collected as described above.The criteria we use to determine data retention periods for Personal Data include the following: (i) Retention in case of queries. We will retain it for a reasonable period after the relationship between us has ceased (up to 6 months) in case of queries from you; (ii) Retention in case of claims. We will retain it for the period in which you might legally bring claims against us (in Germany this means we will retain it for 10 years) if and to the extent we have entered into any contract with you; (iii) Retention in accordance with legal and regulatory requirements. We will consider whether we need to retain it after the period described in (ii) because of a legal or regulatory requirement.If your application for employment is successful and you commence employment with Aspen Oss, your Personal Data will be transferred to your personnel file and will be processed for employment purposes. If your application for employment is not successful, we will keep your Personal Data for a period compliant with applicable laws, after notification that your application was not successful.
If you would like further information about our data retention practices please contact us.
Your rights under data privacy laws
You have various rights under data privacy laws in your country. These may include (as relevant): the right to request access to the Personal Data we hold about you; the right to rectification including to require us to correct inaccurate Personal Data; the right to request restriction of processing concerning you or to object to processing of your Personal Data, the right to request the erasure of your Personal Data where it is no longer necessary for us to retain it; the right to data portability including to obtain Personal Data in a commonly used machine readable format in certain circumstances such as where our processing of it is based on a consent; the right to object to automated decision making including profiling (if any) that has a legal or significant effect on you as an individual; and the right to withdraw your consent to any processing for which you have previously given that consent. You can also lodge a complaint with a supervisory authority in the country of your residence.
Please see “Contact Us” if you wish to exercise any of these rights (as relevant).
Links to Other Websites
Alternatively, write to our Data Protection Coordinator:
Aspen Oss B.V.
Attn: Data Protection Coordinator
PO Box 98
5340 AB Oss
Last updated: December 17, 2018