Privacy and cookies policy

Effective date: January 22, 2020

IT Easy Master Solutions d.o.o. (“us”, “we”, “our” or “ITems”) is committed to protecting the privacy of individuals who visit our website (“Visitors”) and individuals who register to use the ITems Services on behalf of ITems Customers (“Users”) (collectively “you” or “your”). This Privacy and Cookies Policy (“Policy”) applies to data provided on or through the ITems website located at www.items.rs  and the services offered by ITems through the website (collectively, the “Services”). If you have any questions regarding this Policy, contact office@items.rs   or visit the “Contact Us” section.

This Policy sets out the basis on which the personal data collected from you, or that you provide to us will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it. It also describes the choices available to you with regard to the use of your Personal Data (defined below) and how you can access and update this information. The use of information collected through the ITems Services shall be limited to the purposes of providing the Services for which the User or Customer has engaged ITems and as otherwise described in this Privacy Policy.

Definitions

Personal Data

Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Usage Data

Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Cookies

Cookies are small pieces of data stored on a User’s device.

Data Controller

Data Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Data Processor (or Service Providers)

Data Processor (or Service Provider) means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Data Subject

Data Subject is any living individual who is the subject of Personal Data.

User

The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

Introduction

ITems is committed to safeguarding the privacy of our website visitors and service users.

This policy applies where we are acting as a Data Controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.

In respect of the personal data of an employee of a Customer that uses the ITems services or candidates who apply for a Customer’s opening, ITems shall process personal information as a Data Processor on behalf of its Customers, who use our Services to assist with their talent management and recruitment processes. Where you an employee of a Customer or apply for a role with one of ITems Customers, our Customer’s privacy policy, rather than this Privacy Policy, will apply to our processing of your personal information.       

Privacy Principals

We follow these principals in order to protect your privacy:

  • we do not collect any more Personal Data than is necessary to provide the Services;
  • we only use your Personal Data for the purposes we specify in this Privacy Policy, unless you agree otherwise;
  • we do not keep your Personal Data if it is no longer needed.

The collected data

We collect several different types of information for various purposes to provide and improve our Service to you. Please note that by using our Services, you implicitly agree to this information being gathered, whatever the country from which you are connecting. Moreover, any data that you disclose to us is disclosed on a purely voluntary basis. You have the option to oppose its gathering at any point in time, in accordance with this Privacy Policy, by asking ITems to close your account.

Personal data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City
  • Job title
  • Demographic information such as motivation, preferences and interests
  • Cookies and Usage Data

We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

Account data

We may process your account data. The account data may include your name and email address. The source of the account data is you or your employer. The account data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is consent.

Profile data

We may process your information included in your personal profile on our website. The profile data may include your name, address, email address, profile pictures, gender, date of birth, educational details and employment details. The profile data may be processed for the purposes of providing our services, and enabling and monitoring your use of our website and services. The legal basis for this processing is consent.

Service data

We may process your personal data that are provided in the course of the use of our services. The service data may include your answers on questionnaires and tests, and/or other people answers about you. The source of the service data is you or your employer. The service data may be processed for the purposes of providing our services. The legal basis for this processing is consent.

We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

In addition to the specific purposes for which we may process your personal data set out in this Section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Please do not supply any other person’s personal data to us, unless we prompt you to do so.

Usage Data

We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”).

This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Tracking Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies. We use Security Cookies for security purposes.

Automated decision-making

We will use your personal data for the purposes of decision-making in relation to employee`s diagnostic, selection and development. This decision-making will involve automated processing of your performance at work, preferences, interests or behaviour. However, the final decision will always be made by humans taking care about the wider perspective of the whole process.

Providing your personal data to others

We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.

We will not share or distribute any Personal Data except as provided in the contractual agreement between ITems and Customer, or as may be required by law.

We will never use or sell information provided by you or by Customers, in any other way then for supporting the Services.

International transfers of your personal data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. The hosting facilities for our website, application and data are situated in Germany and Russia (only for Russian candidates).

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Retaining and deleting personal data

Once collected, data are stored on our servers with a view to processing it in connection with the use of the Services. It is kept for as long as necessary for the provision of the Services and functions offered to the Customer.

Your personal information will be deleted on one of the following occurrences:

  • deletion of your personal information by you (or by another person engaged by the Customer); or
  • receipt of a written request by you (or another person engaged by the Customer) to us.

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Security of personal data

We will take appropriate technical and organisational precautions to secure your personal data and to prevent the loss, misuse or alteration of your personal data. We will store all your personal data on secure servers, personal computers and mobile devices, and in secure manual record-keeping systems. Various hardware and software processes have been implemented in order to ensure the protection of your personal data. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

You acknowledge that the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

Your rights

In this Section, we have summarised the rights that you have under the General Data Protection Regulation. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

ITems aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the right:

  • To access and receive a copy of the Personal Data we hold about you
  • To rectify any Personal Data held about you that is inaccurate
  • To request the deletion of Personal Data held about you

You have the right to data portability for the information you provide to ITems. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.

Please note that we may ask you to verify your identity before responding to such requests.

Information Related to Data Collected through the ITems Services

When ITems collects information under the direction of its Customers, we have no direct relationship with the individuals whose personal data it processes.

An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his/her request to the applicable ITems Customer (the Data Controller). The Customer is able to remove the data without ITEMS’s involvement, or will request that ITEems remove the data.

Third party websites

Our website may, from time to time, contain links to, and details of, third party websites. We have no control over, and are not responsible for, the privacy policies and practices of third parties. Please check these policies before you submit any personal data to these websites.

Personal data of children

In order to protect minors, the User must be aged 16 (or such greater age required in your country for you to be authorized to use our Services without parental approval) or over and must have full legal capacity. If we have reason to believe that we hold personal data of a person under that age in our databases, we will delete that personal data.

ITems as a Data Processor

Insofar as we act as a Data Processor rather than a Data Controller, this policy shall not apply. Our legal obligations as a data processor are instead set out in the contract between us and the relevant data controller.

If you are an employee of such a ITems Customer and would no longer like to be contacted by such Customer, please contact the Customer directly. If you seek access or want to correct, amend, or delete inaccurate data, you must direct your request to that ITems Customer (the data controller). If requested to remove data, we will respond within a reasonable timeframe.

Cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

We use only “session” cookies to track your navigation throughout the website and application (e.g. to remember your last table sorting or filtering, did you read instructions, etc.). We do not collect any information that personally identifies a user (e.g. internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data).

We do not use cookies to read any other information on your computer’s hard drive. Most browsers allow you to refuse to accept cookies and to delete cookies. Click here for more information on cookies, including how to disable them. Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.

The use of cookies by our partners and affiliates is not covered by this Privacy Policy. We do not have access or control over those cookies.

Amendments

We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy by email or through the private messaging system on our website.

Our details

This website and application is owned and operated by ITems. We are registered in Serbia and our registered office is at IT Easy Master Solutions d.o.o., Vatroslava Lisinskog 2/1, 11108 Belgrade, Serbia, VAT: 110554596.

You can contact us:

  1. by email: office@items.rs
  2. By visiting this page on our website: items.rs