Hashlist
This privacy policy ("Privacy Policy") describes how Hashlist ("Hashlist", "We", "Us" or "Our") collects, protects, and processes the personally identifiable information ("Personal Data") of users ("User") of the www.hashlist.com website and the Hashlist service available on the website (collectively, "Website" or "Services"). This Privacy Policy also covers Personal Data collected by Hashlist in-person, for instance at business conferences and trade shows, and Personal Data collected and processed in connection with client support and direct marketing. "You" refers to both Users and other individuals whose personal data is processed in accordance with this Privacy Policy. This Privacy Policy may be updated to reflect the changes in data processing practices or otherwise. The current version can be found on the Website. We will not make substantial changes to this Privacy Policy or reduce the rights of users under this Privacy Policy without providing a notice thereof.
1. Contact details
Gigarator Oy Business ID: 3153482-2 Lapinlahdenkatu 16, 00180 Helsinki, Finland support@hashlist.com
2. What personal data is collected and from where do we get it?
We may collect the following data: name, email, phone number, country, timezone, resume, employment history, educational background, salary request, current notice period, current and preferred job title, publications, profile picture, presentation video, skills, including language skills, availability to work, willingness to relocate, other employment preferences, voluntary and free-form description of the User, test results, dates on which the tests have been taken, direct marketing opt-ins and rejections, communication between us and the User and job positions
The above user data is collected upon signing up to the Services, when submitting files or filling in online forms on the Website, or in some other connections, such as when communicating with our customer service or at a business conference or trade show. Technical Data When you visit the Website, information that your browser sends will be automatically recorded. This data may include information such as your device's IP address, browser, and operating system type and version, or the webpage you were visiting before you came to our Website, pages of our Website that you visit, the time spent on those pages, access times and dates, and other statistics. Although we do not normally use this kind of technical data to identify you as an individual, you can sometimes be recognized from it when combined with some user data. In such situations, technical data can also be considered Personal Data under applicable laws, and we will treat such data as Personal Data in accordance with this Privacy Policy.
3. What are the purposes and legal grounds for processing my personal data?
Personal Data may be used for the following purposes: Provision of Services (legal ground: performance of a contract and legitimate interest) Hashlist is an online platform with the purpose of letting Users apply to third party jobs via a single application on Hashlist. For this to be possible, we collect necessary Personal Data to offer Users a great experience on the Website and connect them with the right potential employment opportunities. Therefore, we process Users' Personal Data to provide them the Services in accordance with the Terms of Service governing the use of the Services. If you contact our customer service, we will use the information provided by you to answer your questions or solve your problems relating to our Services based on our legitimate interest.
For legal obligations (legal ground: compliance with a legal obligation) We can process Personal Data to enable us to administer and fulfil our obligations under the law. We may for example process Personal Data for providing information to relevant authorities.
For claims handling and legal processes (legal ground: legitimate interest) We may process Personal Data in relation to claims handling and legal processes. We may also process data for the prevention of fraud, misuse of our Services and for data, system, and data network security.
For customer communication and marketing (legal ground: legitimate interest) We may use your contact details to tell you about services we believe will be of interest to you, upcoming events, or other promotions. If we do so, each marketing communication we send you will in most cases contain instructions permitting you to "opt out" of receiving future marketing communications. If this is not the case, you can always contact us directly to opt out. Note, however, that as a User of our Services you cannot opt out of some administrative communications that are reasonably necessary to provide the Services, such as service notifications. In addition, if at any time you wish not to receive any future marketing communications or you wish to have your name deleted from our mailing lists, please contact us as indicated in this document.
For quality improvement and trend analysis (legal ground: legitimate interest) When you interact with Hashlist, through our Services, we receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. Hashlist may store such information itself or such information may be included in databases owned and maintained by Hashlist affiliates, agents or service providers. These services may use such information and pool it with other information to track, for example, the total number of users of our Services, the number of hours worked using our Services, the location of our Users, and how our Users use and interact with the Services. Also, in an ongoing effort to better understand and serve the Users of the Services, Hashlist often conducts research on its customer demographics, interests and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis. Hashlist may share this non- identifiable and aggregate data with its affiliates, agents and business partners, but this type of non-identifiable and aggregate information does not identify you personally. Hashlist may also disclose aggregated user statistics in order to describe our Services to current and prospective business partners, and to other third parties for other lawful purposes. Legal grounds for processing We process your Personal Data to comply with legal obligations and perform our contractual obligations towards you. Furthermore, we process your Personal Data to pursue our legitimate interest to run, maintain and develop our business and to create and maintain customer relationships. When choosing to use your data on the basis of our legitimate interests, we weigh our own interests against your right to privacy and e.g., provide you with possibility to easily opt-out from our marketing communications. We may also process your Personal Data for one or more specific purposes based on your consent. In this event, you may withdraw your consent at any time.
4. Who may receive my personal data?
Users agree that some of their Personal Data collected by us is subject to transfer to the potential employers for the purpose of recruitment. The potential employers process such Personal Data as individual data controllers in accordance with their own applicable privacy policies. Your Personal Data available on your Hashlist profile on the Website is visible to our company partners looking for and hiring candidates. All Users understand that we use external service providers (such as data storage, accounting, sales, and marketing service providers) who process Personal Data on our behalf. When Personal Data is processed by third parties on behalf of Hashlist, we have taken the appropriate contractual and organizational measures to ensure that Personal Data are processed exclusively for the purposes specified in this Privacy Policy and in accordance with all applicable laws and regulations and subject to our instructions and appropriate obligations of confidentiality and security measures. We may also share your Personal Data with third parties if we have a good faith belief that access to and use of the Personal Data is reasonably necessary to: (i) meet any applicable law, regulation and/or court order; (ii) detect, prevent or otherwise address fraud, crime, security or technical issues; and/or (iii) protect the interests, properties or safety of Hashlist, the Users of the Services or the public as far as in accordance with the law. When possible, we will inform you about such processing. If Hashlist is involved in a merger, acquisition, or other business transaction, we may transfer your Personal Data to the third party involved. However, we will continue to ensure the confidentiality of all Personal Data. We will give notice to all the data subjects concerned when the Personal Data are transferred or become subject to a different privacy policy. We may share your Personal Data with third parties when we have your explicit consent to do so. You have the right to withdraw this consent at all times.
5. For how long do you store my data?
Hashlist does not store your Personal Data longer than is legally permitted and necessary for the purposes provided in this Privacy Policy. The storage period depends on the nature of the information and on the purposes of processing. The maximum period may therefore vary per use. Most of the user data is deleted after deletion of User's user account. We can store some essential user data, such as User's contact data and communication data as long as such processing is required by law or is reasonably necessary for our legitimate interest such as claims handling, bookkeeping, internal reporting, reconciliation or other legal action purposes. Your email address is stored for direct marketing purposes until further notice, if you have given your consent for direct marketing. If you later opt out of the direct marketing, we delete other information regarding the direct marketing, but will retain the information that you have opted out of the direct marketing to ensure compliance with the opt-out.
6. Can my personal data be transferred to third countries?
Depending on your location, data transfers may involve transferring and storing your Personal Data in a country other than your own. Hashlist stores your Personal Data primarily within the European Economic Area. However, we have service providers and company partners in several geographical locations. As such, we, our service providers, and company partners may transfer your personal data to, or access it in, jurisdictions outside the European Economic Area or outside your domicile. We will take steps to ensure that Personal Data receives an adequate level of protection in the jurisdictions in which they are processed. We provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers and business partners based on the Standard Contractual Clauses and/or through other appropriate safeguards. You are entitled to learn about the legal basis of information transfers to a country outside the European Economic Area and about the security measures taken by us to safeguard your Personal Data. If any such transfer takes place, you can find out more by checking the relevant sections of this document or inquire with us using the contact information provided in the contact section.
7. Which data protection rights do I have?
You may exercise certain rights regarding your Personal Data processed by us. In particular, you have the right to do the following: You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Data. You have the right to object to the processing of your Personal Data if the processing is carried out on a legal basis other than consent. You have the right to learn if Personal Data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Personal Data you have provided undergoing processing. You have the right to verify the accuracy of your Personal Data and ask for it to be updated or corrected; you have the right, under certain circumstances, to restrict the processing of your Personal Data, in which case, we will not process your Personal Data for any purpose other than storing it. You have the right, under certain circumstances, to obtain the erasure of your Personal Data from us. You have the right to demand the limitation of your Personal Data, for example, when the data concerning you is not correct. You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable to the information you have provided and is processed by automated means and that the processing is based on your consent, on a contract which you are part of, or on pre-contractual obligations thereof. If you have objections or want to file a complaint concerning your rights, you can do so to the Finnish Office of the Data Protection Ombudsman at Lintulahdenkuja 4, 00530 Helsinki.
8. Can I object to the processing of my personal data?
Where information is processed for the public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection.
9. How can I exercise these rights?
Any requests to exercise these rights can be directed to Us through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by Us as early as possible. To verify your identity, we may request for additional information. Please note that you can also delete, update, and correct your user account information by using the functionalities of the Services.
10. Newsletters
We offer electronic newsletters to which you may subscribe upon signing up to the Services. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will continue to receive essential transactional emails as stated above.
11. Cookies
A cookie is a small text file saved in your computer. Cookies do not harm your computer. The Website uses "cookies" to help personalize your online experience. Cookies may be used to collect, store, and track information for statistical purposes to operate our Website and Services. We also may permit certain third-party companies to help us tailor advertising that we think may be of interest to Users and to collect and use other data about User activities on the Website. These companies may deliver ads that might also place cookies and otherwise track user behavior. Information collected by Cookies is not, in principle, associated with personally identifiable information but some information collected by Cookies may be indirectly associated with personally identifiable information. Such information includes e.g., User's IP address and unique device ID. We treat such information as Personal Data in accordance with this Privacy Policy.
12. What type of cookies do we use?
Necessary cookies: Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our Website and using its features. For example, these cookies let us recognize that you have created an account and have logged into that account to access the content. Analytical cookies: These cookies enable us and third-party services to collect aggregated data for statistical purposes on how our visitors use the Website. These cookies do not contain Personal Data such as names and email addresses. Social media cookies: Third-party cookies from social media sites (such as Facebook, Twitter, etc) let us track social network users when they visit our Website, use our Services or share content, by using a tagging mechanism provided by those social networks. These cookies are also used for event tracking and remarketing purposes. Any data collected with these tags will be used in accordance with our and social networks' privacy policies.
13. What are you cookie options?
You can administer cookies on the cookie setting section of our Website. Please note that the use of necessary cookies may not be refused on the cookie setting section of our Website. Please note, however, that if you delete cookies or do not accept them, you might not be able to use all of the features our Website and Services offer. If you do not wish to have necessary cookies stored on your device, you may choose to set your web browser to refuse necessary cookies or delete the cookies stored by the Website. You can re-enable necessary cookies at any time through web browser settings. For example, the following links provide information on how to adjust the cookie setting on some popular browsers: Safari, Google Chrome and Internet Explorer.
14. Analytics
The Website analyzes your behavior for the purpose of improving its services, sometimes using third party software.
15. Do you use web beacons or tracking pixels?
Our emails may contain a "web beacon" (or "tracking pixel") to tell us whether our emails are opened and verify any clicks through to links or advertisements within the email.
16. Information security
We secure information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Data, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our Website cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third- party, despite best efforts.
17. Changes and amendments
We may update this privacy policy from time to time at our discretion and will revise the updated date at the bottom of this page. Any updated version of this privacy policy will be effective immediately upon the posting of the revised privacy policy unless otherwise specified. Contact us if you would like to contact us to understand more about this privacy policy or wish to contact us concerning any matter relating to individual rights and your personal data, you may send an email to support@hashlist.com.
This document was last updated on August 14th, 2023.
