As a result of the General Data Protection Regulation (GDPR) going into force on the 25th of May 2018, MagiCom has updated its Privacy Statement. You may find and read our full updated statement by clicking the link below.
Summary of our GDPR statement
The following changes have been made and will take effect on the 25th of May:
- We have updated some of our service offerings.
- We explain the legal grounds for processing your personal data.
- We state which parties may have access to your personal data.
- We inform you about how long we will keep your personal data.
- We clarify which rights you have under the GDPR and how you can invoke these rights.
Updated Privacy Statement
Who are we?
Since 2001, MagiCom (and its partner companies as E-Trend Ltd., MC ITS Ltd.) provides services in the fields of
- Near shore outsourcing (mainly IT infrastructure design & build, project and program-management, integration, divestiture, and acquisition)
- Software development
- Security consulting and training
In principle, MagiCom Ltd (“MagiCom”) established in Budapest, at Pillangó street 16-20. in Hungary (H-1149), is as data controller responsible for the processing of all your personal data.
This applies when you submit your personal application (your CV) to one of the MagiCom’s partner companies and when you are employed by these firms or you have a business contact with us.
However, if you participate on an event organised by MagiCom in cooperation with other professional bodies and organisations (i.e. SSC Heroes etc.), then this third party will be also as data controller responsible for the processing of your data.
Which data does MagiCom collect?
MagiCom collects and processes the following personal data:
For all our services: your name, job title and contact information.
To be able to use of our services, you must be registered in our system. We will ask you to provide personal data, including your name, job title, home address, e-mail address and other contact information. The requested information depends on the service. The provision of specific data can be required to use our products and services. This will be shown when the information is requested.
For which purposes will your data be processed?
MagiCom collects and uses your personal data:
- To provide you job offers and / or other work-related activities (i.e. trainings).
- For our own administration.
We use your personal data for internal administration purposes, such as record keeping and to comply with our legal and fiscal obligations.
- To provide information and reply to your questions.
If you ask any questions or if we need to provide information to you (e.g. job opportunities, events, meeting options, etc.), we will use your data to contact you.
- To send you our newsletter or personalized offers on MagiCom services.
Results of statistical analyses will not be used for marketing activities targeted especially at you, unless with your prior consent.
- To comply with statutory rules and regulations.
MagiCom collects, stores, and uses your data to comply with MagiCom’s legal and fiscal obligations.
Legal basis for processing personal data
MagiCom processes your personal data to provide our products and services to you, to comply with legal obligations we are subject to, if it is necessary for our legitimate interests or the interests of a third party, or on the basis of consent.
When we process your personal data for our legitimate interests or the interests of a third party, we will take reasonable measures to prevent unwarranted harm to you. Our legitimate interests may, for example, include our interest of improving our product and services. More information on the balancing tests we perform is available upon request. Where we process your personal data for our legitimate interests or the interests of a third party, you have the right to object at any time on grounds relating to your particular situation (please see Section 11 “Your rights” below).
Where we process your personal data on the basis of your consent, you may withdraw your consent at any time by following the specific instructions in relation to the processing for which you provided your consent, by adjusting your setting (if available) or by reaching out to us.
Where we process your personal data for a purpose other than that for which we collected it initially (and we rely on a legal basis other than consent or complying with legal obligations for this new purpose), we will ascertain whether processing for this new purpose is compatible with the purpose for which the personal data were initially collected.
In which way does MagiCom obtain data?
MagiCom obtains your personal data in several ways.
We obtain personal information about you when you send us your CV, or you send a registration to our partnering events (i.e. Family Day etc.)
MagiCom also receives personal data through your former employer who assess your competencies and through the reference check after you have given us permission to do so.
Who has access to your data?
In view of the purposes mentioned above, or in the context of its service provision MagiCom may share, pass on or in any other way make accessible your personal data to MagiCom group companies, other service providers and third parties who may offer job for you.
We have an authorization policy for our systems, so persons and organizations only have access to your data in so far as this is necessary for the performance of their tasks and within the framework of the purposes mentioned. All these individuals and organizations have agreed to treat your data confidentially and with the greatest care.
Next to that, the extent to which we share your data and with whom, depends on the service required.
Parties that have access to your data may be established in countries that have a milder privacy regime than the European Union and Hungary. If such is the case, MagiCom will ensure that appropriate measures are taken and that all statutory rules and regulations are observed. For transfers of personal data outside the European Economic Area, MagiCom will use European Commission approved mechanisms, such as the Privacy Shield certification, and Standard Contractual Clauses as safeguards, such as the “(EU-)controller to (Non-EU/EEA-) controller” Decision 2004/915//EC (see Article 46 GDPR). If you wish to receive a copy of these procedures, regulations, and safeguards, please contact us.
MagiCom implemented appropriate technical and organizational measures to ensure an appropriate level of security against unlawful use, unauthorized access, alteration, or unlawful destruction of your personal data. MagiCom has an Information Security Management System based on ISO / IEC 27001:2013 and the system is regularly audited and certified by SGS. If you are interested in detail you can have access to our certificates.
MagiCom retains your personal data if necessary, in view of the purposes set above, or as long as prescribed by law. Based on these purposes, MagiCom has determined four separate retention periods for different sorts of personal data consisting of 3 months, 3 years, 5 years and over 30 years.
Personal data that has no purpose to be archived will be deleted or anonymized within 3 months. For example, if you provided criminal records at the begin of employment, MagiCom will delete your data once the criminal record will be more than 3 months old and its validity period is over.
Personal data that is required for MagiCom to comply with MagiCom’s legal and fiscal obligations will be kept for 3 or 5 years, after which they will be deleted or anonymized.
After such 5 years, MagiCom will only keep records of personal data that are needed to provide you with evidence of the employment. These evidences are needed for i.e. your finding your retirement pension.
Links to other websites
On our website, you can find several links to websites of third parties. If you follow these links, you will leave the MagiCom website. Although all links have been selected with care, MagiCom cannot be held responsible for the use of data by these organizations. To learn more, read the privacy statement of the website you visit, if available.
You may contact our Data Privacy Officer (please see below in contact details) to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to data portability and (6) the right to object to processing.
1. Right to access
You may ask us whether we process any of your personal data and, if so, receive access to that data in the form of a copy. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of personal data concerned as well as any other information necessary for you to exercise the essence of this right.
2. Right to rectification
You have the right to have your data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal data about you and considering the purposes of the processing, complete incomplete personal data, which may include the provision of a supplementary statement.
3. Right to erasure
You also have the right to have your personal data erased, which means the deletion of your data by us and, where possible, any other controller to whom your data has previously been made public by us. Erasure of your personal data only finds place in certain cases, prescribed by law, and listed under article 17 of the General Data Protection Regulation (GDPR). This includes situations where your personal data are no longer necessary in relation to the initial purposes for which they were processed as well as situations where they were processed unlawfully. Due to the way we maintain certain services, it may take some time before backup copies are erased.
4. Right to restriction of processing
You have the right to obtain the restriction of the processing of your personal data, which means that we suspend the processing of your data for a certain period. Circumstances which may give rise to this right include situations where the accuracy of your personal data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continue storing your personal data. We will inform you before the restriction is lifted.
5. Right to data portability
Your right to data portability entails that you may request us to provide you with your personal data in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible. Upon request and where this is technically feasible, we will transmit your personal data directly to the other controller.
6. Right to object
You also have the right to object to the processing of your personal data, which means you may request us to no longer process your personal data. This only applies in case the ‘legitimate interests’ ground (including profiling) constitutes the legal basis for processing (see Section 4 “Legal basis for processing personal data” above).
At any time and free of charge you can object to direct marketing purposes in case your personal data are processed for such purposes, which includes profiling purposes to the extent that it is related to such direct marketing. In case you exercise this right, we will no longer process your personal data for such purposes.
You may withdraw your consent at any time by following the specific instructions in relation to the processing for which you provided your consent.
For example, you may withdraw consent, by clicking the unsubscribe link in the email, adjusting your communication preferences in your account (if available) or by changing your smart phone settings (for mobile push notifications and location data).
To exercise any of the above-mentioned rights, please contact us using the contact details stated under Section 13 below.
How we look after this policy
If you have any questions regarding this policy or the processing of your personal data, please contact us:
Attn. Data Privacy Officer
Pillangó utca 16-20.