Data Processing Policy in Application Management

 

1.Data Protection Commitment

Rovensa, S.A., hereinafter referred to as Rovensa, legal person with NIPC 514194910, complies with the applicable Community and national legal rules in the field of data protection, privacy and security of candidates’ personal information, in accordance with the general terms of the Data Protection and Privacy Policy which is accessible at www.rovensa.com or at any of its service points.

 

2.Personal Data

Rovensa collects and processes the following personal data from applicants: name, title, job title, company where you work and contacts within the company, as well as business card details and all data on your CV or application form.

 

3.Data Sources

Rovensa collects applicants’ personal data from the submission of personal CVs, the completion of the application form or from various sources of personal information accessible to the general public (websites, professional networks, media, etc.), as well as on the basis of personal references.

 

4.Purpose of Treatment

Rovensa processes the personal data of applicants exclusively for the purposes of human resources management and the selection or recruitment of employees.

 

5.Lawfulness of processing

Rovensa bases the legitimacy of the processing of candidates’ personal data according to the specific processing activities, either on the basis of the consent of the candidates, on the basis of the execution of pre-contractual relations, or on the basis of the legitimate interest of human resources management for the pursuit of selection and recruitment of human resources in the context of the exercise of a legitimate economic activity.

 

6.Data Retention Period

Rovensa keeps the data for the period necessary to achieve the purposes of the processing, complying with the legal deadlines, with the candidate being able to request, at any time, its deletion or exercise any other right and being two years, the period, by default, of conservation of curricula and personal data of candidates processed by human resources management services.

 

7.Communication of Personal Data

Candidates’ personal data are processed exclusively by Rovensa’s human resources management services, with no data being communicated to third parties.

 

8.Data Processing Information Sheets

In accordance with the principle of loyalty and transparency and to ensure compliance with the duty of information, Rovensa directly delivers or makes publicly available to all data subjects, depending on the form of collection of their personal data, the information sheets on the data processing activities carried out, these sheets being accessible for consultation at any service point or by request to the Data Protection Officer.

The Information Sheet on Data Processing in Application Management is accessible at www.dataprotectionofficer.help/rovensa/information/ .

 

9.Applicants’ rights

Rovensa facilitates the exercise of candidates’ rights regarding the protection of personal data.

In addition to always being able to lodge a complaint with the respective supervisory authority, for the exercise of any type of data protection rights, in particular the rights of withdrawal of consent, information, access, rectification, opposition, limitation of processing or erasure, candidates may contact Rovensa’s Data Protection Officer directly by email at dataprotection@rovensa.com, describing the subject of the request and indicating an email address, a telephone contact address or a correspondence address for reply.

A Form for Exercising the Rights of Personal Data Subjects is accessible at www.dataprotectionofficer.help/rovensa/forms or at any Rovensa service point.

 

10.Reporting of Personal Data Breach Incidents

Rovensa has implemented an incident management system for data protection and information security.

If any User, Service Recipient or User wishes to report the occurrence of any personal data breach, which causes, accidentally or unlawfully, the unauthorized destruction, loss, alteration, disclosure or access to personal data transmitted, stored or subject to any other type of processing, you may contact Rovensa’s Data Protection Officer or use Rovensa’s general contacts.

A Personal Data Breach Incident Reporting Form is accessible at www.dataprotectionofficer.help/rovensa/forms or at any Rovensa service point, and can also be requested by email, by requesting the Data Protection Officer.

 

11.Security Permanent Contact Point

Rovensa has implemented a Permanent Contact Point for the management of information security and cyberspace security incidents.

If any Applicant, User, Service Recipient or User wishes to report an information security incident or a cyberspace security incident, they may contact the Rovensa Permanent Contact Point through the communication channels available at www.dataprotectionofficer.help/Rovensa/security/ .

An Information Security or Cyberspace Security Incident Reporting Form is accessible at www.dataprotectionofficer.help/Rovensa/forms/ or at any Rovensa service point, and can also be requested to be sent by email, by requesting the Permanent Contact Point.

 

12. Whistleblower Protection

Rovensa has implemented a Whistleblowing Channel, in compliance with the legal regulations in force, guaranteeing the protection of the personal data of data subjects, under the terms of the Whistleblower Protection Policy accessible at https://www.dataprotectionofficer.help/rovensa/whistleblowing/.

The Rovensa Whistleblower Officer can be contacted through the contact details available at https://www.dataprotectionofficer.help/rovensa/whistleblowing/.

The Rovensa Whistleblowing Platform is accessible via the link available at https://www.integritycounts.ca/org/rovensa .

A Whistleblowing Form is accessible at www.dataprotectionofficer.help/Rovensa/forms/ or at any Rovensa service point, and can also be requested to be sent by email by asking the Whistleblower Officer.

 

13.Prevention of Corruption

Rovensa has implemented a Regulatory Compliance Program in the scope of Corruption Prevention, in accordance with the legal rules in force, guaranteeing the protection of the personal data of the holders, under the terms of the Corruption Prevention Policy accessible at www.rovensa.com.

For the purpose of submitting complaints under the corruption prevention regime, any interested party may use,

– the Rovensa Reporting Platform, accessible through the link available at https://www.integritycounts.ca/org/rovensa or

– the Whistleblowing Form, accessible at www.dataprotectionofficer.help/Rovensa/forms/ or at any Rovensa service point.

 

14.Data Protection Policies

The Personal Data Processing Policy in Application Management is complemented by Rovensa’s General Data Protection Policy, which is accessible at www.rovensa.com, and it is also possible to consult the Data Protection and Privacy Policy in the Employment Context,

– either through a request addressed to the Human Resources Department, at the email address info@rovensa.com;

– or through face-to-face contact with any service point.

 

15.Versions of the Data Protection and Privacy Policy

This version of the Data Processing Policy in the context of Application Management has been published with the reference Version 202306.

In order to ensure its updating, development and continuous improvement, Rovensa may, at any time, make changes that are considered appropriate or necessary to its different Personal Data Protection Policies, being ensured the respective publication in the different channels to guarantee transparency and information to Users, Recipients of Services, Customers, Employees, Candidates or Suppliers.

To consult the previous versions of the Data Protection and Privacy Policy, please send a request by email to dataprotection@rovensa.com.