Privacy Policy

Update: 26 May 2022

The aim of this Privacy Policy is to describe the purposes and methods by which Meritocracy, a business line of Seltis Hub S.r.l. with registered offices in Milan, Via Assietta 19, in its capacity as Data Controller (“Company” or "Controller"), collects and processes the personal data of users ("User/Users”) who interact with the meritocracy.is website (“Site”), with the different services it offers, as well as for the “Meritocracy” technological platform, owned by the Controller, aimed at promoting labour supply and demand matching (“Platform”).

The information set out in this Privacy Policy is provided pursuant to EU Regulation no. 679 of 27 April 2016 (“Regulation”), to Italian Leg. Decree 196/2003, as subsequently amended and supplemented (“Privacy Code”), as well as to the Provisions issued by the Data Protection Authority (“Authority”) and the Guidelines of the European authorities (collectively "legislation").

Information concerning the processing of personal data is provided only for the Site and the Platform, as well as for the processing carried out by the Company, and does not regard the processing carried out by third parties through other sites that the User may consult through links. With regard to such further processing, the Company does not assume any liability, since the User shall refer to the individual Privacy and Cookie Policies of third-party sites.

1. This privacy policy
This privacy policy refers to the Site and the Platform, including the areas dedicated and reserved for Users who browse the Site and/or register with the Platform, and describes the personal data processing operations carried out by the Company through them.

This privacy policy specifies who the data controller is (tasked with checking and handling the personal data collected and processed through the Site and the Platform), the kind of personal data collected, why personal data are processed and how, the scope of disclosure of such data to third parties and how Users can check the processing of data concerning them and exercise the rights laid down by Legislation.

This privacy policy forms an integral part of the service conditions for Users who register with the Platform by creating a personal (Candidates) or corporate (employees of active and/or potential client companies) account.

2. Data Controller
The Data Controller is the Company, as detailed above. The Company is controlled by Openjobmetis S.p.A. with registered offices in Milan, Via Generale Gustavo Fara 35 (hereinafter “Openjobmetis”), and is part of a Group of companies that are all controlled by Openjobmetis (hereinafter, “Group”). This list of companies may be viewed at www.openjobmetis.it.

3. Purposes and legal basis of processing
The Company, through the Site and the Platform, may process the User's data for the purposes specified below:

    a) Submission of free application and registration with the Platform. The Controller gives the User the opportunity to submit a free application in order to register with the Platform that manages the Company's database. Registration with the Platform allows the User to browse on the Platform and view any staff positions that Company Clients list as vacant. The personal data provided by the User are used by the Platform to suggest any open positions in the platform which are in line with the User's professional profile.

    Users are invited not to include "special" and/or sensitive data (e.g. relating to health, political opinions, sexual life, etc.) in their CV, other than those strictly necessary by law for CV selection and assessment purposes (e.g. member of a protected category).

    Registration with the Platform allows the User to receive job advertisement by e-mail. The User can deactivate this service through the preferences of his / her Account.

    The legal basis for this kind of processing is the performance of a service expressly requested by the User and any refusal by the User to provide his/her personal data will make it impossible for the Company to register the User with the Platform.

    b) Registration with the Platform and submission of applications for open positions. The Controller offers the User the opportunity to apply for a specific position among those offered by the Company's Clients, after registering with the Platform. For this purpose, the Company will acquire and use the information provided by Users who have applied for a specific position in order to perform the labour demand/offer matching activities requested by its Clients.

    Users are invited not to include "special" and/or sensitive data (e.g. relating to health, political opinions, sexual life, etc.) in their CV, other than those strictly necessary by law for CV selection and assessment purposes (e.g. member of protected categories).

    Furthermore, following registration, Users will have free access to the Platform and will be able to view any open positions and submit their application including for positions other than the one for which they originally registered/ applied.

    Applying for a specific position entails the Client viewing the information entered by the User in his/her profile. More specifically, the Client may view the following information: ID and contact details, work experience, skills and (if uploaded by the Candidate) CV and other documents.

    The legal basis for this kind of processing is the performance of a service expressly requested by the User, which entails the possibility for the Client to view the Candidate's details; any refusal by the User to provide his/her personal data will make it impossible for the Company to manage the User's application and to register the User with the Platform.

    c) Registration and creation of a corporate account. The Controller provides companies interested in its services with credentials to access the Platform, after contacting the Company's sales network. The personal data collected are used by the Controller to prepare and perform the services requested by the Client.

    The legal basis for this kind of processing is the performance of a service/contact expressly requested by the User and any refusal by the User to provide his/her personal data will make it impossible for the Company to handle and reply to the request for contact.

    d) What they say about us. Subject to the data subject's explicit consent, the Controller may publish on the Site the experience of whoever has come into contact with the Company and the services it provides. The legal basis for this processing is the explicit consent of the data subject who is requested by the Company to talk about his/her experience.

    e) Browsing data. The Controller collects browsing data as better described in the cookie policy to which reference is made.

    f) Sending newsletters. Subject to the User's consent, receipt of newsletters by e-mail, such as updates on Meritocracy blog content and Platform development updates.

    The legal basis for these processing operations is the User's explicit consent to one or several of the purposes specified herein.

    g) Blog. The Company offers the option to leave a comment on the articles published on its Blog, and to receive notifications in the event of a reply to its comments, again through the Blog. In order to comment and/or respond to a comment on the Blog, data will be requested that will not be processed by Meritocracy, but only by the WordPress platform on which the blog is hosted; Users are therefore requested to refer to the data processing policy of the third party provider.

    The legal basis for the processing is the Controller's legitimate interest to know the name of the User who issued the comment.

    h) Pursuing the legitimate interests of the Company and/or third parties. The User's data may also be used for exercising the rights and legitimate interests of the Company and/or third parties (including other Group companies), which constitute the legal basis for the processing, for example the right of defence in court, handling claims and disputes, any debt recovery, and the prevention of fraud and/or illegal activities. In these cases, although the provision of the User's personal data is not mandatory, it is nevertheless necessary because these data are strictly connected and instrumental to pursuing these legitimate interests, which do not prevail over the User's fundamental rights and freedoms; any refusal to provide them could make it impossible for the Company to provide the services requested.

    i) Complying with legal obligations and/or applicable obligations. The Company may also use the personal data provided by the User or otherwise acquired during the User's interaction with the Site and/or the Platform for purposes related to the performance of legal obligations, regulations, national and/or EU legislation, as well as arising from provisions issued by legally empowered authorities, which represent the legal basis for the processing, without need for the User's prior consent.

    j) Performing anonymous aggregate statistical analyses, in order to improve the performance and services offered by the Company through the Site and/or the Platform. In this case, the User's consent shall not be requested, since the processing will be carried out only on anonymous data.

4. Categories of data processed
The Company receives and collects information, through the Site and the Platform, about Users who visit the Site pages and use the web services available on the Site. More specifically, the Company acquires and processes the following information.

    4.1 Data provided on a voluntary basis by the User
    The Company only collects information provided on a voluntary basis by the User which is necessary to pursue the purposes detailed under paragraph 3 above and the services expressly requested. Furthermore, the Company may collect and process further personal data, where such data are provided on a voluntary basis by the User as part of the services offered by the Site and/or the Platform, for example if the User contacts the Company to report any inefficiency or malfunctioning, to request assistance, to exercise his/her rights regarding the processing of personal data, etc. These data will be processed by the Company solely for purposes strictly related to the User's request. Failure to provide such data may make it impossible for the User to receive the service requested.

    4.2 Data collected through browsing and through cookies
    When the Site is visited by Users, it collects data such as the pages viewed, the links or buttons clicked by the User, the date and time of access, the User's IP address, the browser and the operating system used (so-called “browsing data”). Given their very nature, browsing data may allow the User to be identified through processing and association with data held by third parties. However, the Company uses these data solely to obtain statistical and anonymous information about use of the Site for purposes strictly related to its operation. The browsing data could be used to determine liability in the event of any computer crimes against the Site. For any matter not expressly specified herein, please refer to the cookie policy.

5. Disclosure of data to third parties
The data provided by the User as well as the data collected by the Site and/or the Platform as part of the relevant services will not be disseminated and may be disclosed, for the purposes and in the manner detailed in this privacy policy, to the categories of parties specified below:

  • to Openjobmetis Group companies, for administrative purposes, for pursuing the legitimate interests of the Company and/or third parties and for the purposes of performing the services expressly requested by the User;
  • companies, contract workers, consultants or freelance professionals that the Company uses to perform tasks of a technical or organisational nature (such as IT service providers), or with which the Company cooperates for the delivery and operation of its services, or for any communication activities;
  • individuals, companies or professional firms providing assistance and consulting services to the Company, with specific but not exclusive reference to accounting, administrative, legal, tax and financial matters;
  • parties to whom the right to access data is recognised by legal provisions or by order of the authorities.
The parties belonging to the aforementioned categories will use the data as autonomous data controllers in accordance with the law or as data processors duly appointed by the Company.

These parties may be established in Italy and/or EU Countries.

6. Data retention
The User's data will be kept as long as necessary to pursue the purposes for which they were collected as well as to carry out any activities that are connected and instrumental to such purposes, as specified in paragraph 3 above.After that, the data may in any case be stored in compliance with the ordinary time limits identified by the Italian Civil Code or by specific provisions of law, for administrative purposes and/or to enforce or defend a right or legitimate interest, and the data will be deleted when the purposes for which they were stored cease to apply.

Finally, the data collected for the purpose of sending newsletters are kept until the User unsubscribes / opposes.

At the end of these time limits, the data will be kept anonymously for analysis and statistical purposes.

7. Rights
Where applicable, the User may exercise the rights envisaged by Legislation. Specifically, the User has the right to:

  • request confirmation that his/her personal data are being processed and, if so, ask the Data Controller for access to information concerning the processing (e.g. . purposes, categories of data processed, recipients or categories of data recipients, retention period, etc.);
  • request the correction of inaccurate or incomplete data;
  • request the deletion of data;
  • request the restriction of processing;
  • receive, in a structured, commonly used and machine-readable format, personal data concerning him/her and transmit them to another data controller, or request that they be transmitted directly from one data controller to another, where technically feasible (so-called “data portability");
  • withdraw his/her consent at any time, without prejudice to the lawfulness of the processing based on the consent granted before withdrawal.
Furthermore, the User has the right to object in whole or in part, for legitimate reasons, to the processing of personal data concerning him, as well as the right to object at any time to marketing purposes (partially included for individual channels).

These rights may be exercised directly by sending a communication to the following email: [email protected].

Finally, if the User believes that the processing of the data provided breaches personal data protection regulations, he/she has the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it).

8. Amendments to the Privacy Policy
The Company reserves the right to amend this privacy policy at any time by way of publication on the Site. Users are invited to check these updates on the Site.

If the changes are particularly significant and/or greatly affect the User's rights, the Company may also disclose them to the User in a different way (for example, by sending an email).

9. Data Protection Officer
The Data Protection Officer (“DPO") may be contacted at the following email [email protected].

Privacy Policy updated on 26/05/2022