Company Data Protection Policy

The General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Act (Cap 440) regulate the processing of personal data whether held electronically or in manual form. Easy Job Bridge (EJB) is set to fully comply with the Data Protection Principles as set out in such data protection legislation.

DEFINITIONS & ABBREVIATIONS

 

PURPOSES FOR COLLECTING DATA

EJB collects and processes personal data information to carry out its nature of work in Malta. All data is collected and processed in accordance with European SMEs Data Protection Legislation.

 

RECIPIENTS OF DATA

Personal Information is only accessed by EJB coordinators who are assigned to carry out tasks in line with duties assigned by management. Personal Data will be disclosed to third parties to carry out internships.

 

PARTICIPANTS RIGHTS

Participants are entitled to know, free of charge, what type of information EJB holds and processes and why, who has access to it, how it is held and kept up to date, for how long it is kept, and what EJB is doing to comply with data protection legislation.

The GDPR establishes a formal procedure for dealing with data subject (participants’) access requests. All data subjects have the right to access any personal information kept about them by EJB, either on computer or in manual files. Requests for access to personal information by data subjects are to be made in writing and sent to the Manager/s of EJB, whose contact details are provided below. Identification details such as ID number (or passport number), name and surname must be submitted with the request for access. In case we encounter identification difficulties, you may be required to present an identification document.

EJB aims to comply as quickly as possible with requests for access to personal information and will ensure that it is provided within a reasonable timeframe and in any case not later than one month from receipt of request, unless there is good reason for delay. When a request for access cannot be met within a reasonable time, the reason will be explained in writing to the data subject making the request. Should there be any data breaches, the data subject will be informed accordingly.

All data subjects have the right to request that their information is amended, erased, or not used in the event the data results to be incorrect. In case you are not satisfied with the outcome of your access request, you may refer a complaint to the Information and Data Protection Commissioner, whose contact details are provided below.

 

Easy Job Bridge (EJB) Contact Details:

Galeann Barbara

Operations Manager

Rita Ellul

Business Development Manager

Easy Job Bridge

Flat 3, 6, Spencer Flats, Triq Dun Gorg Preca, Hamrun, HMR 1605, Malta

Tel: +356 2122 5505

Mobile: +356 7987 7798 (office hours only)

 

The Information and Data Protection Commissioner’s Contact Details:

The Information and Data Protection Commissioner may be contacted at:

Level 2, Airways House, High Street, Sliema SLM 1549

Telephone: 23287100

Email: idpc.info@gov.mt

 

Policy regulating the Retention of External Documentation 

1. SCOPE

The General Data Protection Regulation (GDPR) (EU) 2016/679 and the Data Protection Act (DPA), Cap. 586 of the Laws of Malta put forward the principle that personal data and sensitive personal data should not be retained for periods that are longer than necessary. In this context, Easy Job Bridge has drawn up a retention policy for all external/internal documentation that it collects and processes, with the purpose of ensuring compliance and to ensure that no resources are utilised in the processing and archiving of data which is no longer of relevance.

This policy is aimed at regulating the retention, maintenance, and disposal of external/internal documentation in accordance with the principles of data protection legislation, and other legal provisions in Maltese Law.

2. OBJECTIVES

This policy aims to achieve the following objectives:

  1. Regulate the retention of and disposal of the various types of documentation whether held in manual or automated filing systems within EJB, while adhering to the data protection principle that personal data should not be retained for a longer period than necessary.

  2. Dispose of unnecessary documentation that is no longer relevant and is taking up useful storage space.

  3. Promote the digitisation of documentation as may be reasonably possible to minimize the use of storage space required to store documentation, as well as to promote a sustainable use of paper and printing consumables.

3. ADMINISTRATION

Documentation is held and recorded by EJB employees. This policy is therefore applicable to all such documentation. It will be the responsibility of the management to ensure that all provisions of this policy are adhered to.

4. DOCUMENTATION HELD WITHIN EJB AND THEIR RETENTION PERIOD

As part of its operating requirements EJB, requests, keeps and maintains a wide range of documentation including personal information. The retention of different categories of documents is governed by different requirements and different legislation and regulations and may be categorised as follows:

Consumer Affairs:

  • Documentation in relation to consumer enquiries and complaints: 5 years

EU funded projects:

  • Documentation in relation to EU funded projects: 10 years

Recruitment:

  • Documentation in relation to the recruitment process i.e. published calls for posts, application forms/ covering letters, CV of any applicant, related correspondence, attendance at interviews, publication of results etc.: 5 years from publication of call for post.

  • Documentation related to CVs of persons who applied for a post but were not chosen. EJB shall request such applicants if they would like to grant their consent to the Authority to keep their CVs in case of any future similar posts: 1 year from end of recruitment process.

  • Jobsplus report: 5 years from end of recruitment process.

  • Application Forms for the filling of positions co-financed from EU Funds: 8 years from end of recruitment process.

Internship Programmes:

  • Documentation in relation to the internship process i.e. application form/ covering letter, CV of participant, related correspondence, attendance at interview/s with host company, results etc.: 5 years from application date.

  • Application Forms for the filling of internships co-financed from EU Funds: 8 years from end of recruitment process.

Other:

  • CCTV monitoring: 45 days ▪ Affidavits: 10 years

5. SECURITY OF DOCUMENTATION
  1. Documentation is maintained in an accessible but secure location with adequate access provided to EJB personnel who have the clearance level to access the relevant documentation. In the case of documents with sensitive personal data with higher clearance levels, access control protocols are fully adhered to, to ensure that only those that have the required security clearance have access to such documentation.

  2. In the case of personal information, the GDPR also stipulates that only those required to process personal information should have access to personal records.

  3. Personnel who are found to be in breach of these security protocols, and thus in breach of the GDPR, will be subject to disciplinary action.

6. MANUAL VS ELECTRONIC RECORDS 

In terms of retention periods, it needs to be pointed out that the same retention period will apply for both electronic and manual information.

7. CONCLUSION

This data retention policy aims to achieve a good working balance between the retention of useful and meaningful information in line with the provisions of the relevant legislation and the disposal of information which is no longer required and is being archived unnecessarily. Data that needs to be destroyed after the noted timeframes will be disposed of in an efficient manner to ensure that such information will no longer be available within EJB. Data Protection Controllers are aware of the noted retention periods and will instruct all relevant personnel to follow the indicated procedures accordingly. It is to be noted that anonymised or statistical data do not fall within the parameters of this data retention policy, since they do not constitute identifying personal data.

 

Cookies Policy

 

WHAT ARE COOKIES?

Cookies are small text files which are downloaded to your computer or mobile device when you visit a website or application. Your web browser (such as Internet Explorer, Mozilla Firefox, Safari or Google Chrome) then sends these cookies back to the website on each subsequent visit so that they can recognise you and remember things like personalised details or user preferences.

Cookies are very useful and do lots of different jobs, helping to make your experience on our website as enjoyable and useful as possible. They remember your preferences and generally improve your experience.

There are two different types of cookie:

Session Cookies:

These only last for your online session and disappear from your computer or device when you close your browser.

Persistent Cookies:

These stay on your computer or device after the browser has been closed and last for the period of time specified in the cookie. These persistent cookies are activated each time you visit the site where the cookie was generated.

 

WHICH COOKIES DO WE USE?

When you use our website or mobile site, the following categories of cookies may be set on your device:

‘Strictly Necessary’ Cookies: These cookies are essential because they help you to move around our websites and use features such as the Subscriptions page. Without these cookies the website simply would not work properly. These cookies do not gather information about you.

Functional Cookies: These cookies allow websites to remember choices you make (such as your user name and language preferences). They allow us to provide you with enhanced and more personal features. The information these cookies collect will not allow us to identify you personally.

Analytics Cookies: In order to keep our website and mobile site relevant, easy to use and up-to-date, we use web analytics services such as Google Analytics to help us understand how people use them. For example, we can see which parts of our websites are most popular and make sure we are constantly updating and improving our content. The information we collect is anonymous and only used for statistical purposes.

Embedded Content and Third Party Cookies: To help us deliver the best possible content, we sometimes use third party tools to embed photos and video content from websites such as YouTube, Facebook and Instagram. As a result, when you visit a page containing such content, you may be presented with cookies from these websites. We do not control the use of these cookies and cannot access them. You should check the third party websites for more information about these cookies.

Across our websites and mobile site you will also see embedded ‘share’ buttons. These enable you to easily share content with friends through a number of popular social networks. When you click on one of these buttons, a cookie may be set by the service you have chosen to share content through. Again, EJB does not control these cookies and cannot access them.

 

HOW DOES EJB USE COOKIES?

Whenever you use our website and mobile site, information may be collected through the use of cookies and similar technologies.

We don’t sell the information collected by cookies, nor do we disclose the information to third parties, except where required by law (for example to government bodies and law enforcement agencies).

By using our website and mobile site you agree to our use of cookies as described in this Cookie Policy.