GDPR

Intellectual Property

All rights reserved. All text, images, graphics, sound, animation, video, and how they are positioned on the site are QOSMO Brașov Hotel full ownership copyright and are protected by law for the copyright protection and intellectual property laws. They may not be copied for commercial use or distribution, nor may be modified or reposted to other sites.

Use of any items listed above without the QOSMO Brașov Hotel consent shall be punished according to law.

GDPR – Recruitment

Data protection policy, dedicated to recruitment

Dear candidate,

We would like to inform you that, from 25th May 2018, the Regulation on the protection of individuals concerning the processing of personal data and on the free movement of such data (‘GDPR’) will be applied by all European Union countries. In this context, our company is committed to protecting and respecting the privacy of your personal data.

If, after reading this policy, you send us your personal data (in the form of a Curriculum Vitae) through one of the multiple channels provided, you have been informed based on art. 13 of Regulation 2016/679 of the European Parliament and of the Council / 27 April 2016, that we will collect and process this on a personal basis (name, email address, telephone number, home address, etc.) to carry out the process of recruitment and selection initiated by the company’s representatives and that you have given your consent for them.

We emphasize that we use this data only for the purpose for which they were requested, respectively to complete the recruitment process. In this regard, based on the details and information you kindly provide to us and for which we have your consent for analysis, it will be determined whether or not you are a suitable candidate for the vacancies within the company, as well as to contact you with a proposal, to establish an interview or to request/provide you with additional information related to our offer. Please note that we will not provide any third party with the information provided by you, except as provided by law.

It is also very important for us that you know that you have the right to information, the right to access data, the right to intervene on data, the right not to be subject to an individual decision, the right to request the deletion of data at any time. and the right of opposition, as follows:

– you can request at any time, through a request addressed to our company, the update, modification, or deletion of your personal data, transmitted through the communicated CV;

– you have the right to obtain from the company, upon request and free of charge, confirmation that the data concerning you are or are not processed by it;

– you have the right to object at any time, for justified and legitimate reasons related to your particular situation, to the data concerning you being processed.

For any of the above reasons as well as to exercise your rights guaranteed by the law on the protection of individuals concerning the processing of personal data and the free movement of such data, please contact the PDO of our company, via the address email dataprotection@qosmohotels.com and we guarantee a response in 24h – 48h.

The company’s GDPR policy follows the following steps, regarding the processing of the data transmitted by you:

– the eligible candidates are always contacted (by telephone or in writing), within a very short time (up to 48 hours), to communicate the details related to the recruitment and selection process;

– the data collected in a recruitment process are deleted as soon as it becomes obvious that we will not contact the candidate, as it is not suitable for the position for which he/she applied;

– if the mismatch is only temporary and we want to keep the data of a candidate (CV, letter of intent, portfolio, etc.) to contact him on the next occasion, the candidate will be contacted to obtain his written consent;

– if the data subject objects to the extension of the data retention and processing period, we immediately destroy his data.

Within our company the recruitment is done internally and therefore the information does not leave its physical and digital limits. Within the company, the people exposed to this data are:

– members of the human resources department (responsible for the recruitment area);

– the managers of the departments with vacant jobs, within the company, persons who play the role of analysis and deciding factor in the recruitment process.

As a protection measure, all personnel involved in this process are properly trained in data protection and understand the risk of compromise. Ensuring an adequate level of security of the data processed in the context of recruitment is an obligation for us, which implies compliance with the following conditions:

– the transmission of the forms (CVs) is done by a secure method;

– the storage of the forms (CVs) is done on a storage space / virtual (or physical) location to which only the persons involved in the recruitment and selection process have access;

– in the case of forms submitted directly at the company’s headquarters, or by post or fax, the route taken by them to a secure storage place is as short as possible.

Glossary of terms used:

Personal data means any information concerning an identified or identifiable natural person (“data subject”); an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifying element, such as a name, an identification number, location data an online identifier, or one or more specific elements, specific to his physical, physiological, genetic, mental, economic, cultural or social identity.

Processing means any operation or set of operations performed on personal data or personal data sets, with or without the use of automated means, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consulting, using, disclosing by transmission, dissemination or making available in any other way, alignment or combination, restriction, deletion or destruction.

Consent means a manifestation of free will specific, informed, and unambiguous information of the data subject by which he accepts, by an unequivocal statement or action, that the personal data concerning him be processed.

The DPO (data protection officer) is responsible for data protection, appointed by the company.

GDPR stands for EU Regulation no. 679/2016 applicable from 25 May 2018 at the level of the entire European Union as well as in any other state in the world where personal data of EU citizens are used.

Thank you!