Norconsulting Group S.L. (“Norconsulting”, “we, us, our”) is a leading recruitment company where we take the personal data you provide to us when using our services very seriously and are committed to keeping your personal data completely safe.

In accordance with European Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016, the General Data Protection Regulation of the European Union, and Organic Law 3/2018, of the 5th of December, on the Protection of Personal Data and guarantee of digital rights, we inform you that your personal data will be processed in accordance with the requirements set out in the aforementioned regulation.

Grupo Norconsulting S.L., acts as the party responsible for the processing of personal information obtained on:

– clients’ personnel in need of recruitment services.

– Candidates interested in job offers.

– Other users of our website.

Below you can find more information about our commitment to your privacy.

 

WHO IS THE DATA CONTROLLER?

The person responsible for processing your data is:

CIF: B15987100

COMPANY NAME: GRUPO NORCONSULTING S.L.

ADDRESS: C/ FERNANDO MACÍAS Nº 7, 15004 A CORUÑA

CONTACT: Tel: (+34) 91436 7379, Tel (+34) 981915798

E-MAIL: dpo@gnorcon.com

 

WHAT PERSONAL DATA IS COLLECTED AND PROCESSED?

Our main objective is to provide you with recruitment services and to facilitate a recruitment process. To do so, we collect the personal information mentioned in this section.

For users of “Catsone”, which may include client personnel in need of recruitment services and candidates interested in job vacancies, the personal data (which means any information about a living individual whose identity is apparent or can be reasonably ascertained from such information, including when combined with our information sources) that we collect, may include the following:

– Identity information: name, address, gender, personal contact details and, if provided, photographs, images, and videos.

– Employment details: information you provide us with about your CV, job title, job description, job contact details, technical skills details, and employment history, i.e., previous roles.

– Background information: details and professional membership interests and preferences in a professional/personal sense, which can be inferred from the information provided by you.

If the provision of certain personal information is mandatory in order to process your requests and to enable us to provide you with a service, we will mark such fields with an asterisk or equivalent. Failure to provide such mandatory information may prevent us from providing all or part of the requested service.

We also collect information about how you navigate our website using cookies and similar technologies. Please see our Cookie Policy for more information on how this works.

 

HOW WILL YOUR PERSONAL DATA BE USED?

In order to provide you with our products and services, your personal information may be held, processed and disclosed by us for the following purposes:

– Provision of services and internal processing basis for lawful processing.

– To provide a service to you (for example, to facilitate the recruitment process by matching candidate details with job opportunities) and to provide information about those services, including notifying you of changes to those services. Necessary for us to perform our contract with you and Norconsulting’s Legitimate Interests.

– To allow our clients to view details of the skills and experience of candidates, who we believe may be interested in engaging your services. Necessary to enable us to perform our contract with you and Norconsulting’s Legitimate Interests.

– To carry out our obligations under contracts entered between you and us. Necessary for us to carry out our contract with you.

– To confirm, update and improve our customer records to maintain an accurate and rich database. Legitimate interests of Norconsulting.

– To respond to any queries or complaints you raise with us. Necessary for us to carry out our contract with you and Norconsulting’s Legitimate Interests.

– Management of the basis of the relationship for lawful processing.

– To manage, analyse, understand, and develop your relationship with us. Necessary to perform a contract and Norconsulting’s Legitimate Interests.

– To keep you informed of any of our other/new services in connection with our existing relationship. Legitimate interests of Norconsulting.

– Where you have subscribed to receive job matching, skills, and interview request notifications. You may unsubscribe from such notifications at any time. Necessary to enter into a contract.

– Direct marketing basis for legal processing

– To keep you informed about any of our other services and to identify services that may be of interest to you, where these do not fall within our existing relationship, and you have chosen to be informed of this (see further section on Marketing below). This could include information about newly registered candidates/consultants, client workshops we are organising, market updates, new software or training courses that may be of interest to you. Norconsulting’s legitimate interests and your consent.

– To keep you updated about services provided by our external business partners that are relevant to you. Your consent.

– Basis of analysis and statistics for lawful processing

– To review the service, we provide or have provided to you and to perform analytics and report on engagement. Norconsulting’s legitimate interests

– Legal obligations basis for lawful processing

– If we are required to disclose information under any law, regulation, or court order. Necessary for compliance with a legal obligation.

– To take steps to enforce or defend any legal claim made by, against or involving you. This includes any associated investigation or discovery exercise. Necessary for compliance with a legal obligation and the legitimate interests of Norconsulting.

– Other bases for lawful processing.

– For any other purpose to which you are notified.

– Please note that we may carry out further processing activities. If the purpose of such further processing is not incompatible with the above, we may use your personal data for that purpose, but we will inform you before further processing.

Norconsulting’s legitimate interests the “legitimate interests” referred to above are:

– the purposes of processing described in the table above to the extent that the processing is not necessary for: (i) entering into contracts with you and performing our obligations under those contracts; or (ii) complying with our legal obligations under the laws of the European Union and its Member States;

– comply with and fulfil our worldwide legal obligations and liability requirements.

– exercise our fundamental rights and freedoms, including our freedom to conduct business and our right to property.

– We may also process your personal data if necessary for the establishment, exercise, or defence of legal claims.

– Norconsulting does not use your personal information to make solely automated decisions affecting you legally or similarly.

– Marketing: From time to time, where we have obtained your prior consent, we may send you information that we perceive may be of interest to you (including in relation to the services of our partners, our subsidiaries, and our affiliates). You may receive this information by SMS or email. If, at any time, you prefer not to receive further communications from us in any form (other than in relation to information or services you specifically request), you will have the ability to unsubscribe from such communications via a link provided in each email or SMS we send to you or by contacting us at dpo@gnorcon.com.

 

WHO WILL HAVE ACCESS TO YOUR PERSONAL INFORMATION?

We share personal information with clients who we believe may be interested in engaging your services, whether as employees or not. We do this while providing our services to you.

In addition, from time to time, we may need to share personal data with third parties in order to provide as complete a service as possible and to support your recruitment needs. These may include:

-Our subsidiaries or affiliates for the purpose of administering and managing our business and to provide you with information that may be of interest to you.

– Entities that may acquire or acquire any rights in us – for the purpose of a sale or business reorganisation.

– Our advisers, which include our accountants, auditors, lawyers, other professional advisers, and business contacts, in order to help us better manage, support or develop our business and comply with our legal and regulatory obligations.

-Third party service providers: who need to know the information to provide services to us or to you (including our third-party service providers who process information on our behalf to help run some of our internal business operations, including email distribution, data warehousing, information technology and marketing services, customer services and data analytics).

-Law enforcement agencies and regulators, to comply with any legal obligation or court order.

TRANSFER OF YOUR PERSONAL INFORMATION

In some situations, your personal information may be sent outside Europe to countries whose laws do not protect personal information in accordance with European standards. The countries concerned include: USA; Canada; Hong Kong; Singapore; Japan; India, Turkey; Africa and United Arab Emirates. Different privacy laws may apply in these countries. We only make such arrangements or transfers where we are satisfied that adequate levels of protection are in place to protect any personal data held in that country or that the third party will at all times act in accordance with standards equivalent to the applicable privacy laws.

Where personal data is transferred outside the EEA, unless the receiving country is deemed to provide an adequate level of protection, we will implement safeguards to ensure such adequacy. The safeguards we rely on in respect of international transfers include the following: data transfer agreements incorporating the standard contractual clauses or, where applicable, the EU-US Privacy Shield. You can request to see a copy of these documents using the contact details below.

HYPERLINKS:

Our website may contain links to other websites, which are outside our control and are not covered by this Privacy Policy. If you access other sites using the links provided, the operators of these sites may collect information from you, which will be used by them in accordance with their privacy policy, which may differ from ours.

DATA QUALITY

We depend on you to ensure that your personal information is complete, accurate and up to date. Please inform us immediately of any changes or inaccuracies in your personal information using the contact details below. Candidates can also update their CV at any time using the Norconsulting website. To log in use your username and password. If you do not currently have a username and password, please contact dpo@gnorcon.com.

 

DATA RETENTION

– We retain your data in order to provide you with future recruitment services and to manage our business relationship with you.

– We retain personal data for varying periods of time to help us comply with legal and regulatory obligations, to enable compliance with any requests made by regulators or other relevant authorities and agencies, to enable us to establish, exercise and defend legal rights and claims, and for other legitimate business reasons.

– We retain your personal data for the period of time necessary for the purposes for which it was collected, any compatible purposes we subsequently establish, any new purposes to which you subsequently consent or to comply with legal, regulatory and policy requirements.

 

SECURITY

– We have appropriate technical and organisational security measures in place to ensure the security of your information and to protect it against deliberate or accidental manipulation, destruction, loss, or unauthorised access. Despite our security efforts, it is important to note that the Internet is not a secure medium of communication. Personal information communicated over the Internet can be intercepted by others. We cannot guarantee the security of personal information submitted to us through this website. By using this website and entering your personal information, you agree that you use this website at your own risk.

– If you choose, or you are provided with, a user identification code, password, or any other information as part of our security procedures for one of the registration-only sections of the website, you are responsible for maintaining the confidentiality of your password and website username and you are responsible for all activities that occur under them. We have no means of verifying the identity of persons using the Website and will not be liable when someone else uses your password or username.

YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA

RIGHT CONTENT

Access

You may consult your personal data included in NORCONSULTING GROUP files.

Modification

You will be able to modify your personal data when it is inaccurate.

Deletion

You may request the deletion of your personal data.

Opposition

You may request:

– not to have your personal data processed, and/or

– not to be subject to automated decisions

Limitation of processing

You may request the limitation of the processing of your data in the following cases:

  • While the accuracy of your data is being challenged.

  • When the processing is unlawful, but you object to the deletion of your data.

  • When NORCONSULTING GROUP does not need to process your data, but you need them for the exercise or defence of claims.

  • When you have objected to the processing of your data for the fulfilment of a mission in the public interest or for the satisfaction of a legitimate interest, while it is being verified whether the legitimate reasons for processing prevail over yours.

Portability

You may receive, in electronic format, the personal data that you have provided us with and those that have been obtained from your contractual relationship with NORCONSULTING GROUP, as well as to transmit them to another entity.

CONTACT DETAILS

If you wish to exercise your rights or have any queries or requests about how we process your personal information, you can contact us at dpo@gnorcon.com.

To exercise your rights, you must enclose a copy of your ID card or equivalent document proving your identity with your request.

Exercising these rights is free of charge.

If you are dissatisfied with the way we use your personal information, we hope that in the first instance you will let us know. However, you can also contact our data protection officer at dpo@gnorcon.com

You also have the right to lodge a complaint with your data protection regulator, in Spain at www.aepd.es

CHANGES TO THIS POLICY

Any changes we make to our Privacy Policy in the future will be posted on this page. We encourage you to check the date of this Policy each time you visit our website for updates or changes.

DATE: 11/06/2021