Jobs Privacy policy
The CRM Group’s DataPrivacy Statement with respect to the Recruitment Process
The entities of the CRM Group, namely CRMasbl and AC & CS scrl, undertake to protect the privacy of the data of job applicants.
The protection of the privacy of the personal data of applicants is of the utmost importance for the CRM Group, and represents a significant aspect of how it creates, organizes and implements its recruitment activities.
Please read this Data Privacy Statement carefully. It explains why and how we collect information about you, how we protect it and how long we keep it. We keep your data as safe and secure as possible against loss and unauthorized disclosure or access, and we will treat your personal data strictly in accordance with applicable data protection legislation, in particular the General Data Protection Regulation 2016/679 of 27 April 2016 (‘GDPR’).
This Statement is written in the form of a Q&A.
1 Who will process my personal data?
The 'controller' of your personal data is the CRM Group, which is constituted by the legal entity CRM asbl (Research Center for Metallurgical Research), with its registered office at 1000 Brussels, rue Ravenstein, 4 and whose company number is 0406.015.373 and the legal entity AC & CS scrl (Advanced Coatings &
Construction Solutions), whose registered office is at 4000 Liege, Allée de l'Innovation, 1 and whose company number is 0434.800.025.
2 What is the purpose, and under what legal basis, are my personal data processed?
The purpose of the processing of your personal data is the registration of your application for a job within our group, and, if this application involves the start of our selection process, we establish your profile, which means that the CRM Group will process all the data it needs to evaluate your application for potential recruitment.
The processing of your data is therefore necessary, to be able to take steps prior to the conclusion of a contract of employment, and this is in the legitimate interest of the CRM Group, namely the interest of being able to evaluate the group’s interest in the application before deciding to make a job offer.
In the event of a positive evaluation, and commitment decision, we will also use your personal data to prepare an employment contract.
In the event of a decision not to commit, we will retain your personal data for a specific period of time (see point 5) so that we can contact you in the future if new opportunities should appear that matches your profile. It is also in the legitimate interest of the CRM Group.
3 What categories of your personal data will be processed?
Personal data includes all the information that concerns you and on the basis of which you can be identified. Anonymous data, which does not identify you, are therefore not considered to be personal data.
The CRM Group collects and processes the data (required and optional) provided directly by the applicant. It collects and processes candidate data obtained through personal contacts, telephone interviews, letters or emails.
In order to achieve the above-mentioned objectives, the processing of personal data will concern the
following:
- standard data relating to your identity (last name, first name (s), address,...);
- personal data (date and place of birth, nationality, gender, telephone number, e-mail address, hobbies and interests, ...);
- your photo, if you decide to send us a photo;
- affiliations;
- information relating to your professional experience (profile, data on previous employers, termination of last jobs and work performed, special projects, ...), including reference checks if you have provided them in your resumé (which means that you have consented that we contact these referees);
- information about your education and training (diplomas, certificates, internships, specific training,...);
- language skills;
- if applicable, if you have a work and/or residence permit in the European Economic Area (EEA);
- any other personal data that you communicate to us during your application process, relating to the exercise of the function;
- digital assessment via the internet (presence on social networks), to the extent that this presence is accessible to us;
- any other personal data (other than those mentioned above) that require treatment under the law.
The CRM Group does not collect or process any sensitive data of the applicant, such as data revealing race or ethnic origin, political, religious or philosophical opinions, union membership, health or sexual life. If, due to special circumstances, the CRM Group has to collect sensitive data from candidates, the candidate's explicit consent will first be requested. Please note that the applicant who communicates unsolicited sensitive data to the CRM Group consents to the processing of such data for recruitment purposes.
4 Who will have access to my personal data?
The HR department of the CRM Group and your eventual future supervisor(s) may have access, according to internal procedures responding to the principles of proportionality and limitation (principle of 'need-toknow'), to your personal data, for the purposes of attaining the objectives mentioned above.
We do not transfer this data to other third parties. An exception is however possible for 'assessment centers' etc., or for any other relevant third party for the recruitment procedure.
Prior to the transmission of any data to any third party, the CRM Group will ensure that this third party is bound by strict data security standards.
The CRM Group does not sell, or trade, data from applicants to third parties. It may be required to disclose certain applicant data to third parties, such as government authorities, under applicable laws. It may also be necessary to disclose applicants’ data in order to safeguard the rights of the CRM Group, again respecting the applicable law.
5 How long will my personal data be retained?
We keep your personal data only as long as necessary for the purposes described above. The CRM Group will only retain the candidate's data after the recruitment and selection process if there is a legal obligation (e.g. equal opportunity requirements under national law), or if there is a ‘need related to research and development’ to keep the candidate's data, for example to keep a candidate's resumé …..if an adequate job offer is made to the candidate
If the application does not result in a working relationship, the CRM Group will keep your personal data for a maximum period of two years after the end of the solicitation process, for the purposes described in point 2 above.
If you do not agree, or if you would like to adapt this timeframe, please let us know via job@crmgroup.be.
6 Security
The CRM Group uses a significant number of technical, physical and organizational security measures to ensure the integrity, confidentiality and availability of applicants’ data. It has implemented security techniques to protect candidates’ stored data from unauthorized access, misuse, alteration, unlawful or accidental destruction and accidental loss. It continues to strengthen its security procedures as new technologies become available. Access to candidate data is limited to the CRM Group processors involved in the group's recruitment activities. These processors who have access to the data of the candidates are obliged to respect the privacy of the persons who visit the CRM Group's website and the confidentiality of their data.
The CRM Group provides sufficient security for the manual and electronic processing of candidate data, and to prevent misuse, while respecting the applicable local requirements. It also guarantees (contractually) that third parties and subsidiaries that process data of applicants on its behalf, will adhere to similar security
measures, again respecting the requirements of local rules.
7 What are my rights regarding the processing of my personal data by the CRM Group, and who can I contact?
You can contact the CRM Group at any time if you need any support when you apply, or for the management of your personal data. You also have the right to contact the CRM Group at any time for the following matters:
- access, rectification or erasure of your personal data;
- limitation or dispute relating to the processing and transfer of your personal data;
- withdrawal of your consent for the processing or transfer of your consent-based personal data (however, this will not affect the lawfulness of the past treatment activities);
- receipt of your data to communicate to another responsible party (“right of data portability”);
- filing a complaint with the supervisory authority, if you consider that the CRM Group has not acted in accordance with the data protection legislation.
Please send any questions, comments or concerns about this statement or about the data collection or data
processing activities with respect to applicants to: dpo@crmgroup.be
Please note that this contact form can only be used for data privacy-related queries.
8 Modifications
We may amend this Data Privacy Statement at any time to comply with the law or to reflect business developments. If necessary, this will take place in accordance with the limitations imposed by the applicable rules on privacy and data protection.
9 Confirmation
By submitting my application, I confirm that I have read and understood this Data Privacy Statement, and I
agree with its content.