Skip to main content

Processing of (personal) data by the entity in charge of the online application process

This Candidate Privacy Policy ("Candidate Policy") informs you about the processing of personal data carried out for candidates ("Candidates" or "You") applying for recruitment processes at ROCA JUNYENT, S.L.P. ("RocaJunyent").
If you have any questions or would like further information regarding this matter, you may contact RocaJunyent at: dataprotection@rocajunyent.com.

DATA CONTROLLER INFORMATION

Company name: ROCA JUNYENT, S.L.P.
Tax Identification Number (NIF): B60985421
Postal address: Calle Aribau, 198. 08036 Barcelona (Spain)
Telephone: +34 93 241 92 00
Contact details of the Data Protection Officer ("DPO"): dataprotection@rocajunyent.com

FOR WHAT PURPOSE DOES ROCAJUNYENT PROCESS YOUR DATA?

Your personal data will be processed in order to:
a) Manage your participation in the current recruitment processes of RocaJunyent.
b) Manage your potential participation in future recruitment processes.

SOURCE AND CATEGORIES OF DATA

The personal data processed by RocaJunyent come from the information you provide by completing the forms available on the RocaJunyent website or through any channel used to participate in RocaJunyent recruitment processes.
Specifically, RocaJunyent may process the following data:
a) Identification data: name, surname, identification document, postal address, email address, etc.
b) Curriculum vitae data provided during recruitment processes.
c) Special categories of personal data, such as information relating to disabilities, where such information is necessary to facilitate your incorporation into RocaJunyent.
In some cases, your data may be obtained from third parties such as job portals, professional social networks, temporary employment agencies, recruitment consultancies or headhunters, as well as educational institutions or universities, all of which are subject to their own terms and conditions and privacy policies.

LEGAL BASIS FOR PROCESSING YOUR DATA

RocaJunyent may process your personal data for the purposes described above on the basis of the following legal grounds:
a) For contacting RocaJunyent: your consent provided through registration in the corresponding forms or, in some cases, the implementation of pre-contractual measures where necessary to address your request.
b) For managing your participation in recruitment processes: the legal basis is the implementation of pre-contractual measures necessary, where applicable, to enable your possible future employment at RocaJunyent.
c) For retaining your data for future recruitment processes that match your professional profile: the legal basis is your consent.

HOW LONG WILL YOUR DATA BE RETAINED?

Your data will be retained for the period necessary to manage your participation in recruitment processes, specifically:
a) For the duration of the recruitment process for which you have applied. If you are selected and accept the job offer, the retention period applicable to RocaJunyent employees will apply.
b) If you have given consent for your data to be processed in relation to future recruitment opportunities that match your professional profile: for a maximum period of two years from the date the data was provided, provided that you have not been selected in any process, as after this period the information in your CV is likely to become outdated. RocaJunyent may contact you before the end of this period to ask whether you wish to update your information.
Once the data are no longer necessary for the purpose for which they were collected, they will remain blocked solely for the purpose of meeting any liabilities or obligations arising from their processing.

TO WHOM WILL YOUR DATA BE DISCLOSED?

Your data may be disclosed to service providers that assist RocaJunyent in carrying out its activities, such as IT tools, technical support services, Human Resources software providers, and similar service providers.
The data may also be disclosed to other companies within the RocaJunyent Group where the services in which the Candidate participates are provided through one of those companies; as well as to companies within the RocaJunyent Group and/or companies affiliated with the RocaJunyent Group for internal administrative purposes, such as coordinated human resources management, collective agreement amendments, project management across Group companies, facilitating communication among professionals, and improving working procedures.
Some of the above-mentioned service providers may have processing and/or support centres located outside the European Economic Area (EEA).
RocaJunyent guarantees that where your data are transferred outside the EEA, they will continue to receive the same level of protection in accordance with European data protection legislation. In this regard, international data transfers will take place:
i) to countries that have been recognized by the European Commission as providing an adequate level of protection;
ii) on the basis of appropriate safeguards (such as Standard Contractual Clauses or Binding Corporate Rules); or
iii) pursuant to authorization from the competent supervisory authority or other circumstances provided for under applicable law.
For further information regarding international transfers or to obtain confirmation or a copy of the safeguards used, you may contact RocaJunyent at dataprotection@rocajunyent.com.
Where necessary to comply with RocaJunyent's legal obligations, personal data may also be disclosed to public authorities and law enforcement agencies.

WHAT ARE YOUR RIGHTS?

As a data subject, the Candidate may request confirmation as to whether personal data relating to them are being processed and, where that is the case, access to such data.
You may also request the rectification of inaccurate data or, where appropriate, request their erasure where, among other reasons, the data are no longer necessary for the purposes for which they were collected.
In certain circumstances, you may request the restriction of the processing of your data, in which case the data will only be retained for the establishment, exercise or defence of legal claims.
You may withdraw your consent at any time. Such withdrawal will not have retroactive effect unless required by law. Following withdrawal, your data may remain blocked for the limitation periods established under applicable legislation.
You also have the right to object to the processing of your data, particularly in relation to commercial communications, in which case the data will no longer be processed unless compelling legitimate grounds exist or such processing is necessary for the establishment, exercise or defence of legal claims.
To exercise the above rights, you may contact the DPO of RocaJunyent by sending proof of identity to:
dataprotection@rocajunyent.com

To facilitate the processing of your request, please include “Data Protection” in the email subject line.

If you have any questions regarding the exercise of your rights, before contacting the supervisory authority, you may, if you wish, consult directly with RocaJunyent by contacting its DPO, who will endeavour to assist you as effectively as possible.
Finally, RocaJunyent reminds you that you have the right to lodge a complaint with the competent data protection supervisory authority (in Spain, www.aepd.es) if you become aware of or believe that any situation may constitute a breach of applicable data protection regulations.

Processing of (personal) data by the operator of the recruitment website

General information

This recruitment website is operated by Personio SE & Co. KG, which offers a human resource and candidate management software solution (https://www.personio.com/legal-notice/). Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The sole controller of this data within the meaning of article 24 of the GDPR is the enterprise carrying out this online application process. Personio’s role is limited to operating the software and this recruitment website and, in this context, being a processor under article 28 of the GDPR. In this case, the processing by Personio is based on an agreement for the processing of orders between the controller and Personio. In addition, Personio SE & Co. KG processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website. We will refer to this in more detail below.

The controller

The controller under data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 München
Tel.: +49 (89) 1250 1004
Entry in the commercial register
Commercial register entry number: HRA 115934
Registration Court: Amtsgericht München
Data Protection Officer contact: privacy@personio.com

Access logs (“server logs”)

Each access to this recruitment website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web. These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected. These error logs are stored for a period of up to 7 days. There is no right to object to this.

Use of cookies

So-called cookies are used on parts of this recruitment website. They are small text files which are stored on the device with which you access this recruitment website. As a general rule, cookies serve the purpose of ensuring secure access to a website (“absolutely necessary”), implementing certain functionalities such as standard-language settings (“functional”), improving the user experience or the performance of the website (“performance”), or placing targeted advertisements (“marketing”). On this recruitment website, we generally use only cookies that are absolutely necessary, functional or performance-related, in particular for implementing certain default settings such as language, for identifying the job advertising channel, or for analyzing the performance of a job advert via which a user accessed this recruitment website. The use of cookies is absolutely necessary for providing our services and thus for the performance of the contract (article 6 (1) b) of the GDPR). Period of storage: up to 1 month or until the end of the browser session Right to object: You can determine via your browser settings whether you allow or object to the use of cookies. Please note that deactivating cookies may result in limited or completely blocked functionalities of this recruitment website.

Rights of data subjects

If Personio SE & Co. KG as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Personio SE & Co. KG’s Data Protection Officer (see item B).

Concluding provisions

Personio reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.