Login
globe manpower

Privacy Notice

This Privacy Notice provides a framework for understanding the personal data collected by the Agency MANPOWER d.o.o. Sarajevo (hereinafter referred to as the: Data Controller), as required by the Law on Personal Data Protection in Bosnia and Herzegovina (“The Official Gazette of Bosnia and Herzegovina” number 49/2006, 76/2011 and 89/2011) (hereinafter referred to as the: Law), including the provisions of the EU General Data Protection Regulation (GDPR) in the area of its application.

Data Controller

Data Controller is the Agency MANPOWER d.o.o. Sarajevo, with a legal address in Sarajevo, 1 Fra Anđela Zvizdovića Street. Collected personal data shall be controlled and processed by the Data Controller.

TO WHOM IT APPLIES:

This Privacy Notice applies to: (1) our job candidates and the recipients of our services (2) our associates, i.e. the persons that we engage or appoint to perform a task for some of our clients, or the persons to whom we provide the services of finding a new employment after they have been made redundant, or the services of finding a new employment, (3) the web location and application users at www.manpowergroup.ba, and (4) the representatives of our business partners, clients and suppliers.

The Privacy Notice describes the types of personal data or personal information that we collect, the way we use the information, how we process it and for which purpose, the way we protect the collected information, how long do we store it, whom we share it with, that is, to whom we pass it, to whom we transfer it and the rights that individuals may exercise in relation to the use of their personal data, such as the right to revoke the processing consent, legal consequences of revoking the consent, rights in the case of unauthorised processing, other rights. Also, we describe how you can contact us regarding our privacy protection actions, and how to exercise your rights. Our practices related to the privacy may differ from country to country of doing business, in order to reflect the local practices and legal requirements, and you can check the specific local conditions by visiting the local web pages.

Privacy Notice

  • Information that we collect and a purpose of collection
  • How we use the collected information
  • How we process and protect the personal data
  • How long we store the collected information
  • Information that we share (transfer to the others)
  • Data transfer
  • Your rights and choices
  • Updating our Privacy Notice
  • How To Contact Us

Data that we collect and the collection method

We can collect your personal data in different ways, for example via our Websites that you visit and register to, as well as via social media channels; at our events; via phone; via job applications; in relation to recruitment; or in relation to our interactions with the clients and suppliers:

  • contact information (such as the name, address, e-mail address and phone number);
  • username and password required in the process of registration on our websites;
  • information that you provide about your friends or the other people who you would like that we contact (by making a recommendation, the Controller presumes that the other person in question has previously provided consent for such communication); and
  • other information that you can provide to us, such as the researches or through the “Contact us” function on our websites.

Besides, in case that you are an employment candidate, or you are applying for a position or creating an account in order to apply for a position, we may collect and process the following personal data types:

  • employment and education background;
  • language abilities and other work-related skills;
  • Unique Master Citizen Number, ID Card number or any other state identification number;
  • date of birth;
  • gender;
  • bank account information;
  • citizenship;
  • information provided in references; and
  • information contained in your CV, information that you provide about your career preferences and other information regarding your qualifications for the employment;

and if required by law, with your written consent regarding the:

  • Disability and health-related information;
  • Drug test results, criminal record check, and other checks.

Besides, we may collect the information that you provide to us about other persons, such as the information regarding the emergency contact persons.

Method and purpose of using the collected data

The Controller collects and uses the data collected for the following purposes (according to the Law):

  • providing solutions for the workforce and connecting people with the potential job positions;
  • online accounts creation and administration;
  • managing the relations between clients and sellers;
  • transferring to other persons and managing the participation in special events, promotions, programs, offers, researches, contests and market research, when allowed by the Law,
  • answering your questions and demands;
  • management, assessment and improvement of our business activities (including development, improvement, analysis and enhancement of our services, management of our communications, performing the data analysis and accounting, auditing and other internal functions);
  • protection from fraud, identification and striving to prevent a fraud and other illegal activities, receivables and other commitments; and
  • compliance with and application of the positive legal requirements, relevant industry standards, contractual commitments and our policies.

Processing the above-mentioned data shall be conducted pursuant to the provisions of positive Law and grounds that can encompass a number of categories, as follows:

  • processing without the data subject’s permission, as part of the preparation for Agreement execution;
  • consent or explicit consent by the data subject, if required by the positive law;
  • to secure the compliance with legal and contractual requirements or the requirements that are necessary for concluding the agreement (e.g. processing your personal data in order to enable a salary to be paid, including the associated taxes).
  • substantial and indispensable for a legitimate interest of the Data Controller (e.g. allowing the user to access the website for the offered services provision). At our website www.manpowergroup.ba you can find more about these interests and when we are allowed to process the information in this manner.

Besides the above mentioned activities, if you are a job candidate and applying for a position, or you are creating an account in order to apply for a position, as permitted by the provisions of the positive Law, we use the information described in this privacy notice, by processing it without your consent for the following purposes:

  • provision of jobs and employment;
  • provision of human resource services, including the administration of benefit program, payroll calculation, performance management;
  • provision of the additional services for you, such as trainings, career counselling and services of career transition;
  • assessment of your suitability as an employment candidate and your additional qualifications for the positions; and
  • conducting the data analytics such as: (i) analysis of our candidate for a job position and the adjoined bases; (ii) assessment of the individual performances and capabilities, as well as scoring the work-related skills; (iii) identifying a lack of qualifications; (iv) using the information for individuals and potential possibilities, and (v) data analysis on guidance (trends related to the employment practice).

Also, we can use the information in other purposes, for which we provide a concrete notice, on the day or before the collection time.

Legitimate interest

The Data Controller may process personal data for certain legitimate business purposes, which include some of the following:

  • where the process allows us improvement, modification, personalisation or other way of enhancing our services/communications to the benefit of our clients, candidates and associates;
  • to identify and prevent the frauds;
  • to improve the security of our network and information systems;
  • to better understand the interaction of persons with our web pages;
  • for the needs of direct marketing when necessary;
  • to send you via mail the information that we think it will be of interest to you;
  • to ascertain the efficiency of promotional campaigns and ads.

Whenever we process data for these purposes, we shall make sure that your rights are protected at high level and to take these rights into account. You have the right to oppose to such processing, to withdraw the consent for processing or subsequent data processing, and if you would like to do so please contact a person specified bellow. Also, bear in mind that if you exercise some of the previously mentioned rights, it may affect our ability to perform and provide services for your benefit, that you previously had given a written consent to, or allowed us to process data without the approval, pursuant to provisions of the positive Law.

How we process and protect personal data

We process the collected personal data also with automated devices, for the purposes mentioned above in the text, and during a specified period, which is in accordance with our internal policy of storing, in order to secure that the personal data is being kept no longer than necessary.

We apply the administrative, technical and physical protective measures, designed to protect the personal data that you provide, from an accidental, illegal or unauthorised destruction, loss, modification, access, disclosure or use. In order to provide an adequate security and confidentiality of personal data, we have applied the following safety measures:

  • encryption of data in transit;
  • strong control of the authentication;
  • reinforced network infrastructure;
  • solutions for network monitoring.

How long we store the collected data

In our systems we store the collected personal data, in a way which enables the identification of data subject, no longer than necessary in terms of purpose which data is collected for, or is being further processed. Deadline for storing data is 10 years as of the date we stored them in our database.

This specific time period is defined taking into account the following:

  • Necessity of keeping the stored data due to provision of services agreed with the user;
  • In order to protect a legitimate interest of Data Controller as described in the purpose;
  • Existence of specific legal obligations, required during a specific period of time.

Information that we transfer

We do not disclose the personal data collected about you, except as described in this Privacy Notice or in the specific notices provided regarding the certain activities. We may transfer your personal data to the suppliers who perform services on our behalf, based on our guidelines. We do not authorise these sellers to use or disclose the information, unless if necessary for providing services on our behalf or according to the legal requirements. We might also transfer your personal data (i) to our affiliates and subsidiaries; (ii) if you are a job applicant, to the clients who might offer an employment possibility, or are interested in establishing and employment relationship with a job candidate; and (iii) to the others that we cooperate with, such as the recruitment consultants and subcontractors, with the sole aim of finding a job for you.

Besides, we may disclose your personal data (i) if that is necessary pursuant to the law or legal proceeding; (ii) to the law enforcement authorities or other public officials based on a lawful request for disclosure; and (iii) when we consider that a disclosure is necessary or appropriate for the prevention of physical damage or financial loss, or has to do with an investigation of suspicious or actual fraudulent or unlawful activity. Also, we reserve the right to transfer your personal data in our possession in case that we are selling or transferring our entire business or property, or part thereof (as well as in case of restructuring, dissolution or liquidation) if permitted by law.

Data transfer

We may also transfer the personal data that we collect about you to the countries outside the country where the information was originally collected. Those countries cannot have the same personal data protection laws as the country where you have originally provided your personal data. When we transfer your data to the other countries, we shall protect such data as described in this Privacy Notice, and such transfers shall be in accordance with the positive law.

Countries where we can transfer the personal data collected about you may be:

  • Within the European Union
  • Outside the European Union

When we transfer personal data from the European Union to the countries or international organisations located outside the European Union, such transfer is conducted based on the following:

  • Adequacy decisions, issued by the European Commission;
  • In the absence of adequacy decision, pursuant to the other legally permitted basis (a) legally binding and enforceable instrument between the public authorities and bodies; (b) binding corporate rules; (c) standard data protection clause (previously named a “Model clause”) adopted by the Commission, etc.

With a prior notice from local state authority for personal data protection.

Your rights as a data subject

a) The right to be informed about a data collection: A person is entitled to be informed if the Controller conducts processing of its personal data and in what way such processing is done. A Data Controller informs a Data Subject before it starts to collect data, if the latter has not been previously informed about the following:

a) processing purpose,

b) a controller, receiving authority or third party to whom the data shall be available,

c) whether a delivery of data for processing constitutes a legal obligation,

d) about the consequences in case that a data subject refuses to do so,

e) in which cases a data subject is entitled to refuse to submit the personal data,

f) whether a personal data collection is on voluntary basis,

g) whether there is a right to access and right to rectify the data related to a data subject.

The right to know the source of personal data: If a controller has not acquired personal data from a data subject, it is obliged to inform the latter, without delay, who the third party that submitted personal data to a controller is.

The right to be informed about the processing purpose: A person is entitled to an information about the purpose of processing its data.

The right to be informed about the legal basis of processing: A person is entitled to know what the legal basis of processing its personal data is.

The right to be informed about a location where data is being stored: A person is entitled to know in which files and databases its personal data is being stored.

The right to be informed which persons are using the data: Personal data with the Controller is used only by the Controller’s authorised persons for processing, in order to accomplish the purpose of data collection, or some other legitimate interests.

b) The right to rectification, erasure and data blocking: The Controller shall, upon the data subject’s request, rectify, erase or block the data, for which is concluded that is being incorrect, or incorrectly cited or processed in another way, opposite to the law and regulations referring to the data processing. Upon the data subject’s request, the Controller shall inform the third party to whom data is being transferred, about rectifications.

c) The right to withdraw consent: The consent might be withdrawn in any moment, unless a data subject and data controller explicitly agree otherwise.

d) The right to restrict processing: A person is entitled to ask from the Data Controller a restriction in processing its data.

e) The right to data portability: A person who deals with data is entitled to request a data portability, meaning that a data subject is entitled to know the purpose, legal basis and to whom its data is being transferred.

f) The right not to be a subject to the automated individual decision making: A data subject is entitled not to be subject to a decision based solely on the automated processing, including profiling, if such profiling produces legal effects concerning the data subject or similarly significantly affects him or her.

g) The right to file a request for exercising rights: A data subject is entitled to file a request for exercising any of the previously mentioned rights, to the Data Controller, via its e-mail address from this privacy policy. If you need more information about the processing of your personal data, please check the How to contact us section.

Updating our Privacy Notice

This Privacy Notice (including any of its amendments) may be periodically updated in order to apply the changes in our privacy practices and the updates of the law.

How to contact us

If you have any questions or comments about this Privacy Notice, or if you would like to exercise your rights, click HERE

Need a
face-to-face
meeting?

All the detailed information can be obtained from our office. +387 61 976 691

Fra Anđela Zvizdovića br.1
71 000 Sarajevo.