Skip to content
Privacy Policy

Privacy Policy

We are the company jobox s.r.o., with its registered office at Varšavská 715/36, Vinohrady, 120 00 Praha 2, Id. No. 093 08 580. We run the Jobox application, which can be found on jobox.io website. Our services are intended for employers, employees, and job seekers. Our application connects and mediates job offers and demands of particular employees. It is possible, that the personal data may be processed when we are providing our services. You will find how your data is handled and what entitles us to do so below.

If you have any questions or do not understand any part of this policy, please feel free to contact us at [email protected].

Which Personal Data We Will Be Processing?

When providing our services and processing personal data, it will depend on whether you are an employer who is looking for potential job seekers through our application, or a user who is looking for a job through the application.

I'm looking for a job through the application:

As a potential job seeker, you have the opportunity to respond to job offers as either a registered or unregistered user. We will process the following personal data about you:

  • Personal data you provide to us. This is the personal data you provide to us when using the services of our application when filling out any forms on the website or registering. This includes, in particular, data such as your e-mail, name, surname, telephone number, photographs, CV, information about your person, including links to your professional websites and social networks, set preferences, tools, technologies, and other related data. In addition to the above, we also process records of which offers you have applied for.
  • Information about your device when using the application. When providing services, we also work with your device data, such as IP address, information about saved search preferences, etc.
  • Information about your activity on the website . We store cookies on websites and in the application and use the services of third parties. You can find more information about cookies in Annex A of this policy.

I offer the job through the application as an employer:

If you are an employer and you publish the job offers through the application, we only obtain the information that is necessary to publish this job offer and, for specific employees of the employer, information about the device when using the application and information about activity on the website.

How We Use Personal Data and What Authorizes Us to Do It

  • We use the data you provide (communicate) to us in order to be able to provide you with our services, while the service consists mainly of providing your data to specific employers. We will always pass the data to the employer for whom you filled in the form. We also use the data so that you can register in the system and we can inform you about all changes in the application. The legal basis for this processing is the necessity for the performance of a to which the data subject is a party according to Article 6 paragraph 1 letter b) GDPR.
  • We will also use the information you provide (communicate) to us, information about the device when using the application and activity on our website to defend our own claims, and to fulfill all legal obligations that may affect us, especially accounting and tax obligations. The legal basis for this processing is our legitimate interest according to Article 6 b) GDPR, which consists of the protection of our economic interests and the necessity to fulfill the legal obligations under Article 6 paragraph 1 letter c) GDPR.
  • We will also use the data you provide (communicate) to us, information about the device when using the application to improve our services, provide data backup and recovery, contact for the purpose of developing a mutual relationship, evaluate the quality of services provided and to provide support. The legal basis for these purposes will be our legitimate interest under Article 6 paragraph 1 letter f) GDPR, which consists of ensuring physical, IT, and network security and ensuring trust in the contractual relationship.
  • We may use your e-mail address to send business messages. We will do so on the basis of our legitimate interest under Article 6 paragraph 1 letter f) GDPR, which consists of supporting our brand. See section 5 of this policy for more information.

We use your data in our internal documentation, in which we keep records of where your personal data is stored, how they are secured, whether your data has been deleted, who deleted it within our company and when , so that we can prove our compliance with legal regulations in the field of personal data protection and at the same time to be able to fulfill other obligations arising from other legal regulations.

Who Has Access to Your Personal Data

To ensure the provision of our services, personal data may be passed on or processed by other recipients of personal data. We would like to share with you all of the potential recipients who may have access to personal data.

The following recipients have access to your personal data:

  • employers to whom your personal data will be provided when using the service based on your response to their offer;
  • accounting service provider, company TaxCounting, s.r.o.;
  • external staff who provide us with their services, such as programmers, network administrators etc.;
  • DigitalOcean, LLC, a cloud services company. The company is located outside the EU, but only data centers in EU are used for storage of personal data;
  • Amazon Web Services, Inc., a cloud services company. The company is located outside the EU, but only data centers in EU are used for storage of personal data;
  • Company Wildbit, LLC, which provides the Postmark service. The company is located outside the EU, and the transfer is carried out on the basis of appropriate safeguards, as data processing agreement was concluded including standard contractual clauses according to the Article 46 GDPR;
  • Google Ireland Limited, which provides the Google G Suite service;
  • Company Keyword LLC. (Ottomatik), which provides data backup on our servers, which are provided by Amazon company and data are stored at Franfurt.

Individual recipients of personal data may differ in the future. The current list of recipients can be found here.

For How Long We Will Process Your Personal Data

We will only process your personal data for the strictly necessary time to fulfill the above purposes for which they were collected - providing services, completing required tasks, or other necessary purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements.

We will process personal data only for the time you have a registered account, or for the duration of the relationship with a specific employer. As the storage time may vary in different cases, please do not hesitate to contact us at [email protected] and we will tell you how long we will specifically store your data.

Remember that we cannot influence the deletion of data that was passed on to a particular employer when you used our services and responded to a job offer. In this case, you must contact the relevant employer and ask him to delete your personal data.

In some cases, we may store personal data for longer than just the existence of the registered account and the carrying out services. These are especially cases where retention is required by law (tax and accounting purposes), or we protect our own legal claims. However, we always keep only the necessary data.

After the expiration of the time, personal data will be completely anonymized and we will no longer be able to identify who´s data it is.

Newsletter

You may receive an e-mail from us from time to time. In some cases, it will be information that is related to the operation of our application and the provision of our services and it will not be a business message.

However, if you have registered with us or are an employer, we may send you a business message from time to time. As you are our contractual partners, sending is our legitimate interest in a way of direct marketing. However, you can unsubscribe from commercial communications at any time, either at the following email address [email protected] or via a link in each of these emails.

What Are Your Rights In Relation to the Protection of Your Personal Data

In relation to the processing of your personal data by us, you have the following rights:

  1. The right of access to personal data;
  2. The right of rectification;
  3. The right to erasure („the right to be forgotten“);
  4. The right to restrict processing;
  5. The right to object against the processing;
  6. The right to data portability;
  7. The right to make a complaint about data processing.

Your rights are explained below so that you can get a clearer idea of their content.

The right of access means that you can ask us at any time to confirm whether the personal data which concerns you, are being processed or not and if they are, you have the right to the information for what purposes, to what extent and to whom they are disclosed, for how long we will process them, whether you have the right to rectification, erasure, restriction of processing or to object; from which source we obtained the personal data, and whether automated decision-making, including any profiling, occurs on the basis of the processing of your personal data. You also have the right to obtain a copy of your personal data, while the first provision is free of charge, for the next provision, we can demand reasonable payment of administrative costs, namely in the amount of CZK 100.

The right to rectification means that you may request us at any time to rectify or supplement your personal data if they are inaccurate or incomplete.

The right to erasure means that we must erase your personal data if (i) they are no longer necessary for the purposes for which they were collected or otherwise processed; (ii) the processing is unlawful; (iii) you object to the processing and no overriding legitimate grounds for processing exists; or (iv) this is required of us based on a legal obligation or (v) in relation to personal data that you have consented to the processing after you revoke your consent.

The right to restrict processing means that until we resolve any disputes regarding the processing of your personal data, we cannot process your personal data in another way than storing it only and, if necessary, using it only with your consent or for the purpose of determination, performance or defense of legal claims.

The right to object means that you may object to the processing of your personal data that we process for the purposes of our legitimate interests, especially for the purposes of direct marketing, include the profiling. If you object to processing for the purposes of direct marketing, we will no longer process your personal data for those purposes. In the event of an objection to processing based on other reasons, this objection will be evaluated and we will then inform you whether we have complied with it and will not continue to process your data, or that the objection was not justified and processing will continue. In any case, processing will be limited until the objection is resolved.

The right to data portability means that you have the right to obtain personal data concerning yourself and provided to us by consent or contract, which are also processed automatically, in a structured, commonly used and machine-readable format, and the right to this personal data to be transferred directly to another controller.

If you have any comments or complaints regarding the protection of personal data or a question about the person responsible for data protection in our company or you exercise any of your rights, please contact us at [email protected]. We will answer your questions or comments as soon as possible, within one month at the latest.

Our activities are also supervised by the Personal Data Protection Office, where you can file a complaint in case of your dissatisfaction. You can find out more on the Office's website (www.uoou.cz).

Changes of the Policies

These policies may change from time to time. We will post any changes to our privacy policy on our Privacy Policy page and will notify you in more detail if there are any significant changes (for some services, we may notify you of policy changes by email). We archive previous versions of this policy for you so that you can access it in the future.

This Privacy Policy is effective as of 10.08.2020.

Annex A

The Usage of Cookies on Our Websites

1. What the cookies are

Cookies are small text files that websites store on your computer or mobile device when you start using these sites. This way, the site remembers your preferences and the actions you take on them for a period of time (such as login information, language, font size, and other display preferences), so you don't have to re-enter and jump from one page to another. Other cookies help us monitor your activity on the website. Below we inform you about what cookies are stored on the website.

We use the following cookies:

  • Technical cookies that ensure that our website works.
  • Other cookies, which are used to customize the website, use its functionality and personalize ads.

We will also use the third-party services listed in Section 3 of this Annex.

2. Why are we using cookies?

Our website, like almost all other websites, uses cookies in order to provide you with the best possible user experience. Specifically, our cookies help us:

  • to make our website works as you would expect;
  • to speed up and better secure our site;
  • to allow you to share posts on social networks;
  • to continuously improve our website.

We are not using cookies for:

  • collection of any sensitive data;
  • transfer of personal data to third parties;
  • getting a commission from the sale.

3. More information about cookies?

3.1 Cookies used for the proper functioning of the website

We use some cookies to make our website work properly, such as:

  • to find out whether or not you are logged in to the system;
  • to remember your search history and search filter settings;
  • to remember the language you have chosen;
  • to allow you to manage companies and store entered data.

Unfortunately, there is no way to prevent the use of these cookies other than to stop using our website.

Specifically, the following cookies are used (storage time in parentheses):

  • csrftoken (1 year) – used to increase the security of the website;
  • jobox_sessionid (2 months) – used to preserve the content of individual site visitors, save recently used filters and favorite offers for unlogged-in users;
  • cookieconsent_status (1 year) – used to store banner cookie confirmation information;
  • messages (until session is ended, e.g. until browser is closed) - used to show some of the error messages or information while making some authentication actions, e.g. login, registration or password change.

3.2 Third-party functions

Our website, like most other websites, also includes functionality provided by third parties.

All data is collected through our website using marketing tools, namely through Google Analytics, Google AdWords, Facebook Pixel, and Seznam.cz. These tools are used solely to improve existing services and marketing purposes.

Specifically, we use the following cookies (storage time in parentheses):

Necessary cookies:

  • _stripe_mid, private_machine_identifier, scfc (1 year) – used by Stripe payment gateway for authentication and security;
  • m (2 years) – used by Stripe payment gateway for authentication and security;
  • _stripe_sid (30 minutes) – used by Stripe payment gateway for authentication and security;
  • stripe.csrf, cid (until session is ended, e.g. until browser is closed) - used by Stripe payment gateway for authentication and security;
  • machine_identifier (does not expire) - used by Stripe payment gateway for authentication and security;
  • __cfduid (30 days) - used by Cloudflare to increase security of our website.

Analytical cookies:

  • _ga (2 years) – used to monitor website traffic;
  • _gid (24 hours) – used to monitor website traffic;
  • _gat (1 minute) – used for basic control when using analytical cookies;
  • __stripe_orig_props (1 year) - used by Stripe payment gateway to measure the effectiveness of marketing campaigns;
  • site_sid (2 hours 30 minutes) - Stripe "session ID" used for analytics and service improvement.

Marketing cookies:

  • IDE (1 year) – used to evaluate marketing campaigns, and information may be shared with Google;
  • NID (6 months) – used to target advertising on Google platforms with which information may be shared;
  • fr (90 days) – used to personalize ads;
  • _fbp (90 days) – used to personalize ads and information can be shared with Facebook;
  • sid (1 month) – is used to personalize ads and information can be shared with Seznam company.

You can find more information about individual cookies at the addresses https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usagehttps://www.facebook.com/policies/cookies/https://stripe.com/cookies-policy/legal and https://support.cloudflare.com/hc/en-us/articles/200170156-Understanding-the-Cloudflare-Cookies.

3.3 How to reject the usage of cookies

By setting your browser in a way that allows cookies to be stored, you agree with their storage. However, you can choose to block cookies. If you choose to block cookies, you may not be able to log in or use these features, and your cookie-based preferences may be lost. The use of cookies can be set using your internet browser. Most browsers automatically accept cookies by default. You can use your web browser to reject cookies or set the usage of only certain cookies.

You can find information about browsers and how to set preferences for cookies on the following websites:

An effective tool for managing cookies is also available on the website http://www.youronlinechoices.com/cz/