Eneba logo
Eneba logo

Candidate Privacy Notice

We prepared this Privacy Notice to answer the most important questions about how we at ENEBA collect, use, and store information relating to you. We follow the requirements of the so-called European Union General Data Protection Regulation (GDPR) and other laws protecting your personal information. For more information, please carefully read this Privacy Notice.

This Privacy Notice can be updated from time to time. We will inform you about updates by placing the latest version of the notice here, along with dates when modifications were introduced.

If you have any questions regarding this Privacy Notice or your privacy, please contact us at privacy@eneba.com

Why do you collect information about me?

We are always looking for bright minds and, if you are one, we encourage you to contact us and join our awesome team. When you apply to open positions at ENEBA, your publicly available professional background is suitable for us or someone you know refers you to us, we process your personal data for recruitment purposes, to assess your application and your suitability to enter into an employment contract and suggest a job offer for you.

What information do you collect?

We collect, use, and store the information which is necessary for the recruitment purposes as described above:

  • Your name and surname, contact information (such as phone number, email address or, in cases where you include it in your CV or otherwise decide to provide it to us - home or office address);
  • Information you submit when applying to a job ad (including your CV, cover letter and any attachments);
  • Your employment and education history, skills, work experience, referrals or references (including language proficiency, awarded diplomas / certifications, additional training, current workplace and employment history, previously held job positions and performed tasks);
  • work permit or visa information (if applicable to you);
  • any prior employer obligations (such as signed non-disclosure agreements); 
  • Desired salary, willingness to relocate, other job preferences;
  • Information that you make publicly available such as contact information, your education, and work experience information (e.g. when you share information via job search and career networking sites as far as it is relevant to consider you for career opportunities). This includes your LinkedIn profile, GitHub profile, personal website(s);
  • Interview details and outcomes of any recruiting exercises you complete;
  • If disclosed, any special needs or health condition and information relating to accommodations that you may request during the recruiting process;
  • If you're being referred by someone else, we process information that the person referring you provides about you.

When applying please do not include information on your personal identification numbers in the submitted documents and consider whether there is any other sensitive personal information, such as health information, information on family relations, or similar, that is not necessary for the recruitment process.

Why are you legally allowed to collect my information?

We collect information lawfully about you because:

  • You have given consent to the processing of your personal data– when you apply for a particular job position and/or when you permit ENEBA to contact you about future job opportunities.
  • We have a legitimate interest to gather and process your personal data from legitimate sources – when we find your publicly available professional background suitable for us or someone you know refers you to us.

We never ask for special categories of data (e.g. health data) during the recruitment process. If you nevertheless provide us with such data, the legal basis for processing is your consent.

Which information do I have to provide and why?

You have to provide us with the information which we need to assess your application and your suitability to enter into an employment contract and suggest a job offer for you. You are not legally obliged to provide us with any of your information – however, if you do not provide your CV, information on your experience, skills, and similar information necessary for us to assess your suitability to join ENEBA, we may be unable to process your application. 

Where do you get my information from?

Generally, we collect the information directly from you when you respond to our job ad or when you communicate with one of our recruiters. However, some of the information we obtain from the following parties:

  • Our employees (referrals);
  • LinkedIn and other business-related social media sources and/or collaboration platforms. If we collect any information from your social media profiles, we make sure that it is relevant to the job position at our company. We base the collection of data from social media profiles on our legitimate interest to assess specific qualities for specific job functions.
  • If you have a publicly available GitHub, Stack Overflow, Behance or similar profile, we may check it out to the extent it is relevant for one of the available positions at ENEBA.

We may also collect personal data related to your professional life from third parties, such as references supplied by former employers, colleagues, or someone you know.

Do you share my information with other entities?

We share the information about you with the following entities only where necessary and permitted by applicable laws and only for the recruitment purposes as described above:

We use various service providers for the processing of your personal data, such as applicant tracking system provider, email service providers, cloud based document storage providers, other information technology infrastructure service providers, and others. They might have access to your personal data, but only to the extent necessary for us to receive their services. In any case, we make sure that they protect personal data and sign data processing agreements according to applicable legal requirements.

Do you disclose information about me outside the European Economic Area?

In most cases, personal data are processed and stored in the territory of the European Union and the European Economic Area. Even if our service providers are US-based, we prioritize the possibility to host our data in data centers located within the EU. Only if absolutely necessary, the data may be transferred and processed beyond those territories when the adequate level of protection of your personal data is ensured. We ensure that our service providers commit to ensuring adequate security and privacy of your personal data by signing Standard Contractual Clauses adopted by the European Commission.

You may download a copy of the Standard Contractual Clauses at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en.

How long do you use or keep information about me?

When you apply for a particular job position, we, in general, will store your personal data until the end of the recruitment for a particular position. When we collect your information from public sources, we will only store it if you do not object to such collection and storage of your information. If you become an employee, we will save your application information within the employee file.

When you permit ENEBA to contact you about future job opportunities we will store your personal data for up to 3 (three) years.

What privacy-related rights do I have?

GDPR and other laws provide you with certain rights, procedures for implementation of and exceptions to these rights. When allowed by law, you have the following privacy-related rights that you can implement by contacting us at privacy@eneba.com:

  • to request a confirmation that ENEBA is processing personal data related to you;
  • to get familiar with your personal data and how it is processed;
  • to demand to correct inaccurate data;
  • to request us to delete the information we have about you if we use it illegally or there are other legal grounds for deletion;
  • to request us to restrict the processing of your information – if you dispute the accuracy of the data or object to the processing of the data, if you do not accept that your data would be deleted which was illegally processed, or if you need the data to claim, execute or defend legal claims;
  • to demand to transfer your personal data to another data controller or provide it directly to you in a convenient form (applicable to that personal data that you submitted and that is processed on the basis of the agreement or consent);
  • to object to the processing of your personal data if it is processed on the basis of a legitimate interest;
  • in cases where your personal data is processed on a consent basis, you have the right at any time to withdraw your consent to the processing of your personal data.

If you believe that your data is processed unlawfully, you have a right to contact a relevant data protection authority (State Data Protection Inspectorate in Lithuania or respective supervisory authority in one of EU member states). We would appreciate it if, in such cases, you would contact us first to resolve the problem together.