Log In

Don't have an account? Sign up now

Lost Password?

Sign Up

Password will be generated and sent to your email address.

General Data Protection Regulation (GDPR)

EASYJOBHUNT GDPR PRIVACY NOTICE

1. Introduction and Scope of This Notice

This General Data Protection Regulation Privacy Notice (“GDPR Notice” or “Notice”) is provided by EasyJobHunt  (“EasyJobHunt,” “we,” “our,” or “us”) and is specifically addressed to individuals in the European Economic Area (EEA), United Kingdom, and Switzerland, as well as to other individuals whose personal data is protected under the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR, or similar data protection laws. 

This Notice supplements our general Privacy Policy and provides detailed information about how we process personal data subject to the GDPR and the rights afforded to data subjects under this regulation. EasyJobHunt recognizes the fundamental importance of data protection and is committed to processing your personal data responsibly and in compliance with applicable data protection laws. This Notice applies to all processing of personal data conducted by EasyJobHunt in relation to our website, mobile applications, and related services (collectively, the “Platform”), regardless of where such processing occurs, when such processing relates to personal data of individuals who are in the EEA, United Kingdom, or Switzerland, or is otherwise subject to the GDPR. 

This Notice covers personal data collected and processed when you create an account on our Platform, submit applications for employment opportunities, post job listings, communicate with other users, or otherwise interact with our services. It also applies when we collect data about you from third parties or public sources in connection with our services, or when we automatically collect certain technical information when you use our Platform. This Notice does not apply to personal data that we process solely on behalf of our corporate customers, such as employers or recruiters, as a data processor. In such cases, our corporate customers are the data controllers and their privacy policies govern how they process your personal data. 

However, this Notice does apply to the personal data we control directly in connection with operating and providing our Platform and services. If there is any conflict between this GDPR Notice and our general Privacy Policy with respect to the processing of personal data subject to the GDPR, this GDPR Notice shall take precedence. We encourage you to read this Notice carefully to understand our policies and practices regarding your personal data and how we will treat it.

2. Data Controller Information and Representative

For the purposes of the GDPR and UK GDPR, EasyJobHunt , a company registered in the State of Washington, United States, with its principal place of business at 100 North Howard Street., Suite R Spokane, WA 99201, United States., acts as the data controller with respect to the personal data processed as described in this Notice. As the data controller, we determine the purposes and means of processing personal data collected through our Platform and are responsible for compliance with applicable data protection laws.

EasyJobHunt currently operates without designated representatives in the European Union or United Kingdom. Based on our current assessment of the nature, context, scope, and purposes of our processing activities, we have determined that our operations do not currently require the mandatory appointment of such representatives under Article 27 of the GDPR or the equivalent provision in the UK GDPR. We continuously monitor and evaluate our obligations under these regulations as our business evolves and may appoint representatives in the future if necessary.

To ensure effective oversight of our data protection practices regardless of geographic location, we have appointed a Data Protection Officer (DPO) who is responsible for monitoring our compliance with the GDPR, UK GDPR, and other applicable data protection regulations. Our DPO supervises all matters relating to the protection of your personal data and serves as the primary contact point for data subjects and supervisory authorities.

You may contact us regarding our data protection practices through the following channels:

Data Protection Officer: dpo@easyjobhunt.com
General Privacy Inquiries: privacy@easyjobhunt.com

For European and UK users with questions about our data protection practices or who wish to exercise their data subject rights, we recommend contacting our DPO directly at the email address provided above. Despite not having local representatives, we remain fully committed to complying with all applicable requirements of the GDPR and UK GDPR and to responding promptly to inquiries from European and UK data subjects.

All communications regarding data protection matters are handled centrally through our Data Protection team to ensure consistent, compliant, and timely responses to all inquiries regardless of their origin.

3. Data Protection Principles

EasyJobHunt is committed to processing personal data in accordance with the data protection principles established under Article 5 of the GDPR. These principles form the foundation of our approach to data protection and inform all our data processing activities. We implement these principles through comprehensive policies, procedures, and technical measures designed to ensure compliance. The Lawfulness, Fairness, and Transparency principle is fundamental to our data processing activities. 

We ensure that all processing of personal data is based on legitimate legal grounds as outlined in Article 6 of the GDPR (and, where applicable, Article 9 for special categories of data). We process personal data fairly, without unduly affecting the rights and freedoms of data subjects. Our commitment to transparency is demonstrated through this comprehensive Notice and other communications that clearly explain what personal data we collect, how we use it, and the rights you have in relation to your data. We adhere to the Purpose Limitation principle by collecting personal data only for specified, explicit, and legitimate purposes as detailed in this Notice. 

We do not process personal data in a manner that is incompatible with those purposes unless we have obtained your consent or the processing is permitted by law. If we intend to process your personal data for a new purpose not covered by this Notice, we will provide you with information about that new purpose before initiating the new processing. The Data Minimization principle guides our collection practices, ensuring that the personal data we process is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. We regularly review the data we collect and maintain to identify and remove unnecessary data points, and our systems are designed to collect only the information required for the relevant purpose. 

We uphold the Accuracy principle by taking reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date. Our Platform provides you with the ability to review and update your personal information. We also implement procedures to correct or erase inaccurate personal data when notified by you or when we otherwise become aware of its inaccuracy. For the Storage Limitation principle, we maintain personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed. 

We have established data retention schedules that determine how long we keep different types of personal data, taking into account legal requirements, contractual obligations, and legitimate business needs. When personal data is no longer necessary, we securely delete or anonymize it. The Integrity and Confidentiality (Security) principle is implemented through appropriate technical and organizational measures designed to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage. 

These measures include encryption of sensitive data, access controls, staff training, regular security assessments, and detailed security policies and procedures, which we regularly review and update to address emerging threats and vulnerabilities. Finally, we embrace the Accountability principle by taking responsibility for and being able to demonstrate compliance with the above principles. 

We maintain records of our processing activities, conduct data protection impact assessments for high-risk processing activities, implement data protection by design and default in our systems and processes, and regularly review and update our data protection program to ensure ongoing compliance with the GDPR.

4. Categories of Personal Data Processed

EasyJobHunt collects and processes various categories of personal data in order to provide and improve our services. The specific types of personal data we process depend on your relationship with us and how you interact with our Platform. For all Platform users, we process identification and contact information, which includes your name, email address, telephone number, postal address, and in some jurisdictions, national identification numbers when required for identity verification or tax purposes. 

We also process account credentials and security data, including your username, password hash, security questions and answers, and authentication data such as IP addresses and login timestamps. Technical and usage data is collected automatically when you use our Platform, including your IP address, device information, browser type and settings, operating system, referring URLs, pages visited, links clicked, and other information about your interactions with our Platform, which is collected through cookies and similar technologies as further described in Section 12 of this Notice. 

For job seekers, we process professional and employment information, which includes your work history, employment status, job titles, employer names, professional skills, qualifications, educational background, certifications, licenses, professional references, and salary information or expectations. We also process job application data, including information you provide when applying for specific positions through our Platform, such as cover letters, responses to application questions, and other materials submitted as part of your applications. 

Communication data includes messages exchanged with other users through our Platform, including with potential employers or recruiters, as well as communication with our customer support team. User-generated content encompasses any additional content you choose to share on our Platform, such as profile photos, portfolios, projects, or other materials you upload to enhance your profile. We may also process preference data, including your job search criteria, saved searches, notification settings, and other preferences that help personalize your experience. 

For employers and recruiters, we process business and organizational information, including company name, size, industry, employer identification numbers where applicable, and hiring needs. We also process information about job postings created on our Platform, including job descriptions, requirements, location, salary ranges, application instructions, and other details included in your listings. For users who subscribe to premium services or make purchases, we process financial and transaction data, including payment card information (processed through secure third-party payment processors), billing addresses, subscription details, purchase history, and related transaction records. 

In certain contexts and with your explicit consent, we may collect and process special categories of personal data as defined in Article 9 of the GDPR, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data used for identification purposes, data concerning health, or data concerning sexual orientation. This information is typically collected on a voluntary basis for diversity monitoring purposes or to facilitate accommodations for disabilities during the application process, and is subject to enhanced protection measures. 

We also process technical identifiers and online tracking data, including cookie identifiers, mobile device identifiers, and similar technologies that may be considered personal data under the GDPR. All personal data is processed with appropriate safeguards as required by the GDPR, and we adhere to data minimization principles, collecting and retaining only the personal data that is necessary for the specified purposes.

5. Legal Bases for Processing

EasyJobHunt processes personal data only on the basis of a valid legal ground as required by Article 6 of the GDPR. Depending on the specific processing activity and the context of data collection, we rely on one or more of the following legal bases for processing. We process personal data on the basis of contractual necessity (Article 6(1)(b) of the GDPR) when the processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract. 

This legal basis applies when you create an account on our Platform, as we need to process your personal data to establish and maintain your account in accordance with our Terms of Service. Similarly, when you apply for jobs through our Platform, we process your application data to facilitate the application process as requested by you. For employers and recruiters who use our services to post jobs and search for candidates, we process personal data necessary to provide these services in accordance with our contractual obligations. When you subscribe to premium services or make purchases through our Platform, we process transaction and payment data as necessary to complete the transaction and provide the services you have purchased. 

We process certain personal data on the basis of our legitimate interests (Article 6(1)(f) of the GDPR) where the processing is necessary for the purposes of the legitimate interests pursued by EasyJobHunt or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. We have carefully assessed these balanced interests for each processing activity. Our legitimate interests include: improving and personalizing our Platform and services; ensuring the security and integrity of our Platform and user accounts; preventing fraud, spam, and abuse; analyzing usage patterns to enhance the user experience; promoting our services to potential customers; protecting our legal rights and interests; and conducting business analytics to improve our operations. 

When we rely on legitimate interests as a legal basis, we conduct a balancing test to ensure that our processing does not override your fundamental rights and freedoms, taking into account the nature of the personal data, the reasonable expectations of data subjects, and the potential impact of the processing. In some cases, we process personal data on the basis of your consent (Article 6(1)(a) of the GDPR), which must be freely given, specific, informed, and unambiguous. We obtain your explicit consent before processing special categories of personal data (such as data revealing racial or ethnic origin or health data) in accordance with Article 9 of the GDPR, before sending marketing communications, and before using certain tracking technologies on our Platform. 

When consent is the legal basis for processing, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. We provide clear mechanisms for withdrawing consent, such as unsubscribe links in marketing emails, privacy preference settings in your account, or by contacting our Privacy Team. We may process personal data when necessary for compliance with a legal obligation to which EasyJobHunt is subject (Article 6(1)(c) of the GDPR). This includes processing necessary to comply with laws, regulations, court orders, or other legal requirements, such as tax laws, employment laws, anti-money laundering regulations, or responses to valid legal process from government authorities. In exceptional circumstances, we may process personal data when necessary to protect the vital interests of the data subject or of another natural person (Article 6(1)(d) of the GDPR). This legal basis is invoked only in situations involving potential threats to someone’s life or physical safety, which rarely occur in the context of our Platform. 

We may also process personal data when necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Article 6(1)(e) of the GDPR), though this legal basis is not commonly relied upon in our standard processing activities. For each processing activity, we identify and document the appropriate legal basis, and we ensure that all processing is consistent with the legal basis identified. If the legal basis for processing changes, we will notify you of the change and any implications for the processing of your personal data.

6. Purposes of Processing

EasyJobHunt collects and processes your personal data for specific and clearly defined purposes that are directly related to the operation of our Platform and the provision of our services. This section details the primary purposes for which we process your personal data. We process your personal data to establish and manage your user account on our Platform, including registering your account, authenticating you when you log in, maintaining the security of your account, personalizing your account settings and preferences, and providing core functionality that enables you to create and maintain your profile. 

Account management is essential for accessing our services and is primarily based on the legal grounds of contractual necessity and our legitimate interests in providing a secure and personalized user experience. For job seekers, we process your personal data to facilitate your job search and application process, including creating and maintaining your professional profile, storing your resume and other application materials, submitting job applications on your behalf to employers that use our Platform, recommending relevant job opportunities based on your qualifications and preferences, and enabling communication with potential employers. 

These processing activities are based on contractual necessity, our legitimate interests in providing effective job search services, and, where applicable, your consent for specific features such as making your profile visible to potential employers. For employers and recruiters, we process personal data to enable recruitment and candidate sourcing functions, including posting job listings on our Platform, managing applications received through our Platform, searching for and evaluating potential candidates, and communicating with applicants. 

This processing is based on contractual necessity in providing our recruitment services and our legitimate interests in facilitating effective hiring processes for our business customers. We process personal data to enable communication between users of our Platform, including messages between job seekers and employers, notifications about application status updates or interview requests, alerts about new job opportunities matching a job seeker’s criteria, and system notifications about account activities or service updates. 

These communications are integral to the functioning of our services and are based on contractual necessity and our legitimate interests in facilitating effective interaction between Platform users. For users who subscribe to premium services or make purchases through our Platform, we process personal data to facilitate payments and manage subscriptions, including processing payment transactions, sending invoices and receipts, managing subscription renewals and cancellations, and addressing billing inquiries or disputes. This processing is based on contractual necessity for executing the transaction and providing the purchased services. 

We process personal data to improve and personalize our Platform and services by analyzing user behavior and preferences, testing new features, conducting surveys and collecting feedback, identifying trends and patterns in Platform usage, and developing enhancements to our user interface and functionality. This processing is based on our legitimate interests in continuously improving our services and providing a better user experience. In accordance with applicable law and your communication preferences, we may process your personal data for marketing and promotional purposes, including sending you information about new features, premium services, job opportunities, career resources, or special offers, as well as displaying targeted content on our Platform.

Marketing processing is generally based on your consent or our legitimate interests, and we always provide mechanisms to opt out of such communications. We process personal data to ensure the security and integrity of our Platform, including monitoring for and preventing potential security incidents, detecting and preventing fraudulent activities or violations of our policies, protecting user accounts from unauthorized access or misuse, and maintaining the overall stability and reliability of our Platform. Security processing is based on our legitimate interests in protecting our systems and users, as well as our legal obligations to implement appropriate security measures. We also process personal data to comply with our legal obligations, enforce our Terms of Service and other policies, establish, exercise, or defend legal claims, and protect our legal rights and interests. 

This processing is based on our legitimate interests in protecting our business and our legal obligations. For each of these purposes, we ensure that our processing is limited to what is necessary to achieve the specified purpose, and we maintain appropriate records of our processing activities as required by the GDPR. If we intend to process your personal data for a purpose not covered in this Notice, we will provide you with information about that new purpose before initiating the new processing.

7. Recipients of Personal Data and International Transfers

EasyJobHunt shares your personal data with various recipients in connection with the operation of our Platform and the provision of our services. This section describes the categories of recipients with whom we share personal data and our approach to international data transfers. We share your personal data with service providers and processors who perform functions on our behalf and require access to personal data to provide essential services to support our Platform. 

These processors include: cloud hosting and infrastructure providers that store and process data on our behalf; payment processing services that securely process subscription fees and other transactions; email and communication service providers that help us deliver messages and notifications; analytics providers that help us understand user behavior and improve our Platform; customer support and helpdesk services; security and fraud prevention service providers; and software development contractors who help maintain and enhance our Platform. 

We establish contractual relationships with all processors in accordance with Article 28 of the GDPR, requiring them to implement appropriate technical and organizational measures to protect your personal data, process it only according to our documented instructions, and prohibit unauthorized disclosure or access. When you submit job applications through our Platform, the personal data included in your application materials is shared with the prospective employers or recruiters to whom you have applied. Similarly, when you enable your profile to be visible to employers or recruiters, your profile information becomes available to these parties for recruitment purposes. 

The specific information shared depends on what you include in your profile and application materials, and the sharing is based on your request to apply for positions or be considered for opportunities. Some features of our Platform involve integration with third-party services, such as allowing you to import profile information from LinkedIn or other professional networking sites, or to share content on social media platforms. 

When you choose to use these integrations, certain personal data may be shared with these third parties in accordance with your privacy settings on those platforms and your explicit instructions to enable the integration. We may share personal data with our corporate affiliates and subsidiaries for purposes consistent with this Notice. Any such sharing is governed by intra-group data protection agreements that ensure appropriate safeguards for your personal data regardless of location. 

In limited circumstances, we may disclose your personal data to legal and regulatory authorities, such as law enforcement or government agencies, when required by law, legal process, or regulatory obligation, or when we believe disclosure is necessary to protect our rights and property, the safety of our users, or to investigate potential violations of our Terms of Service or applicable laws. In the event of a merger, acquisition, reorganization, bankruptcy, or other similar event involving all or a portion of EasyJobHunt, your personal data may be transferred to our successor or assignee to the extent necessary to complete the transaction and ensure continuity of service. 

Any entity that acquires our business or assets would continue to be subject to the obligations described in this Notice unless you agree otherwise. EasyJobHunt is based in the United States and may transfer your personal data to countries outside the European Economic Area (EEA), United Kingdom, or Switzerland, including to the United States or other countries where we or our service providers operate. These countries may not provide the same level of data protection as your home country. When transferring personal data outside the EEA, UK, or Switzerland to countries not deemed to provide an adequate level of data protection by the European Commission, UK authorities, or Swiss authorities, we implement appropriate safeguards in accordance with Chapter V of the GDPR. 

These safeguards primarily include entering into Standard Contractual Clauses (SCCs) approved by the European Commission, UK International Data Transfer Agreement (IDTA), or similar approved transfer mechanisms with recipients of the data. We supplement these contractual safeguards with additional measures where necessary, such as encryption, pseudonymization, strict access controls, and regular monitoring, to ensure an essentially equivalent level of protection for your personal data. 

For transfers to the United States, we assess whether recipients can provide protection consistent with GDPR requirements in light of the Schrems II decision and implement supplementary measures where necessary. You may request a copy of the safeguards we have put in place for specific international transfers by contacting our Data Protection Officer at dpo@easyjobhunt.com. 

Before sharing your personal data with any third party, we conduct appropriate due diligence to ensure they can provide a level of protection appropriate to the risk of processing, and we regularly monitor their compliance with data protection obligations. We maintain records of all third parties with whom we share personal data, including documentation of the transfer mechanism relied upon, the categories of data transferred, and the purposes of the transfer.

8. Data Subject Rights

Under the GDPR, individuals in the EEA, UK, and Switzerland have specific rights regarding their personal data. EasyJobHunt is committed to facilitating the exercise of these rights in accordance with Articles 15-22 of the GDPR. This section explains these rights and how you can exercise them in relation to the personal data we process about you. You have the right to access your personal data (Article 15), which allows you to obtain confirmation as to whether we process your personal data and, if so, receive a copy of that data and additional information about the processing. 

This information includes the purposes of processing, categories of personal data concerned, recipients of the data, retention period, and the source of the data if not collected directly from you. You can access much of your personal data directly through your account on our Platform, or you can submit a formal access request using the contact details provided in this Notice. The right to rectification (Article 16) enables you to have inaccurate personal data about you corrected without undue delay. You can update many aspects of your personal data directly through your account settings on our Platform. 

For information that cannot be updated through the Platform, you may submit a correction request, and we will make the necessary changes after verifying your identity. You have the right to erasure, also known as the “right to be forgotten” (Article 17), which allows you to request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected, you withdraw consent (where consent was the legal basis for processing), you object to processing and there are no overriding legitimate grounds for the processing, or the data has been unlawfully processed. There are certain exceptions to this right, such as when processing is necessary for compliance with a legal obligation or for the establishment, exercise, or defense of legal claims. 

Under the right to restriction of processing (Article 18), you can request that we limit the use of your personal data in certain circumstances, including when you contest the accuracy of the data (until we verify the accuracy), when the processing is unlawful but you oppose erasure, when we no longer need the personal data for the original purposes but you require it for legal claims, or when you have objected to processing pending verification of legitimate grounds. When processing is restricted, we may store the data but not use it further without your consent, except for legal claims, protecting another person’s rights, or for reasons of important public interest. 

The right to data portability (Article 20) allows you to receive personal data you have provided to us in a structured, commonly used, machine-readable format, and to transmit this data to another controller without hindrance from us. This right applies when processing is based on consent or contract and carried out by automated means. You can download certain personal data directly from your account settings, or submit a portability request for data that cannot be directly downloaded. You have the right to object to processing (Article 21) of your personal data in certain circumstances. 

You can object at any time to processing based on legitimate interests, including profiling, and we will cease processing unless we demonstrate compelling legitimate grounds that override your interests or rights, or the processing is necessary for legal claims. You can also object at any time to processing of your personal data for direct marketing purposes, including profiling related to such marketing, and we will cease this processing immediately upon receiving your objection. The GDPR provides the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or similarly significantly affects you (Article 22). 

While EasyJobHunt employs algorithms to enhance job matching and provide personalized recommendations, these automated processes generally support rather than replace human decision-making and do not produce legal or similarly significant effects. However, if you believe an automated process on our Platform has made a decision about you that falls under Article 22, you can contact us to request human intervention, express your point of view, and contest the decision. You have the right to withdraw consent (Article 7(3)) at any time when we process your personal data based on consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. 

You can withdraw consent for specific processing activities through your account privacy settings, by clicking unsubscribe links in marketing communications, or by contacting our Privacy Team. In addition to the rights specified in the GDPR, you have the right to lodge a complaint with a supervisory authority (Article 77), particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe the processing of your personal data infringes the GDPR. 

To exercise any of these rights, you may submit a request through our dedicated GDPR Rights Portal available at www.easyjobhunt.com/gdpr-rights, by emailing dpo@easyjobhunt.com, or by contacting our EU or UK representative using the details provided in Section 2 of this Notice. We will respond to all legitimate requests within one month as required by the GDPR, though we may extend this period by up to two additional months where necessary, taking into account the complexity and number of requests. 

We may request specific information to help us verify your identity before processing your request. In certain circumstances, we may charge a reasonable fee or refuse to act on a request if it is manifestly unfounded or excessive.

9. Data Security Measures

EasyJobHunt implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with processing personal data, as required by Article 32 of the GDPR. We take data security very seriously and have developed a comprehensive security program designed to protect your personal data from unauthorized access, accidental loss, disclosure, alteration, and destruction. 

Our security measures take into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. Our technical security measures include encryption of sensitive personal data both in transit and at rest using industry-standard encryption protocols such as TLS (Transport Layer Security) for data in transit and AES-256 encryption for stored data. Particularly sensitive information, such as authentication credentials and payment information, is subject to enhanced encryption standards and additional security controls. 

We implement secure access controls and authentication mechanisms, including role-based access controls limiting data access to authorized personnel on a need-to-know basis, multi-factor authentication for critical systems and administrator access, strong password policies, regular access reviews, and automated access revocation procedures when employees leave the company or change roles. Our network security infrastructure includes firewalls, intrusion detection and prevention systems, regular vulnerability scanning, network segmentation to isolate sensitive data, DDoS protection, and web application firewalls to protect against common web application vulnerabilities. 

We conduct regular security assessments, including penetration testing performed by qualified third-party security specialists, automated vulnerability scanning across our infrastructure, code security reviews prior to deployment, and comprehensive risk assessments for new features and systems. All security testing follows a documented methodology and findings are tracked to resolution. We maintain detailed logging and monitoring systems that allow for detection and investigation of potential security incidents. 

This includes centralized log collection and analysis, automated alerting for suspicious activities, 24/7 monitoring of critical systems, and established incident response procedures for timely investigation and remediation of security events. We have implemented formal incident response procedures in accordance with Article 33 and 34 of the GDPR, including a defined incident response team, documented investigation processes, established criteria for determining whether a breach requires notification to data protection authorities or affected individuals, and templates for breach notifications. We regularly test our incident response process through tabletop exercises. 

Our organizational security measures include comprehensive data protection policies and procedures, regular mandatory security awareness training for all staff, specific role-based security training for technical teams, background checks for employees with access to sensitive data, confidentiality agreements, and clear disciplinary procedures for security violations. We carefully select vendors and service providers, conducting security due diligence before engaging them and requiring contractual commitments to maintain appropriate security measures. We regularly assess their compliance through security questionnaires, review of certifications, and in some cases, on-site assessments or penetration testing. 

We maintain business continuity and disaster recovery plans, including regular data backups stored securely in multiple locations, documented recovery procedures that are regularly tested, redundant infrastructure for critical systems, and contingency plans for various failure scenarios. We regularly review and update our security measures to address new threats, vulnerabilities, and regulatory requirements. Our security program follows industry frameworks such as ISO 27001 and NIST Cybersecurity Framework, and we conduct periodic independent assessments of our security controls. While we implement these and other appropriate security measures, it is important to note that no method of transmission over the Internet or electronic storage is 100% secure. Despite our best efforts and robust security measures, we cannot guarantee absolute security. 

We encourage you to help protect your personal data by maintaining the confidentiality of your account credentials, logging out of your account after use (particularly on shared devices), and promptly reporting any suspected unauthorized activity to our security team at security@easyjobhunt.com.

10. Data Retention Periods

EasyJobHunt maintains a comprehensive data retention policy that governs how long we keep your personal data. In accordance with Article 5(1)(e) of the GDPR, we retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. Our retention practices are designed to minimize data storage while ensuring we have the information necessary to provide our services effectively. The specific retention periods vary based on the category of data, the purpose of processing, and legal requirements applicable to different types of information. 

For active user accounts, we retain personal data for the duration of your relationship with EasyJobHunt, which typically means as long as you maintain an active account on our Platform. This includes your account information, profile data, job search history, application materials, and communications. This retention is necessary to provide our services and maintain the functionality of your account. Following account closure, we implement a tiered retention approach. 

When you close your account or request deletion of your personal data, we will delete or anonymize your personal information within 30 days, subject to the exceptions described below. Some information may be retained for a limited time in backup systems until the scheduled backup rotation is complete, typically not exceeding 90 days. 

Certain limited personal data may be retained even after account deletion if required for specific legitimate purposes, such as: information necessary to comply with legal retention requirements, which may include application data (typically retained for 1-4 years for employment law compliance), transaction records (typically retained for 7 years for tax and financial reporting requirements), and dispute-related information (retained until the dispute is resolved and the applicable statutory limitation periods have expired); anonymized or aggregated data that no longer identifies you, which we may continue to use for analytical, statistical, or research purposes; and information necessary to prevent fraud, enforce our Terms of Service, or protect our legal rights, which is retained only as long as necessary for these specific purposes. For job applications submitted through our Platform, the retention period depends on whether you are hired for the position. 

If you are not hired, your application data is typically retained for a period established by the employer in accordance with applicable employment laws (generally 1-4 years), after which it is deleted or anonymized unless you choose to save it in your account for future applications. If you are hired, your application data becomes part of your employment record and is governed by the employer’s retention policies. For employers and recruiters who use our Platform, we retain business account information, transaction records, and related data for the duration of our business relationship and for a period thereafter as required by applicable tax, commercial, and other laws (typically 7 years). Job postings are retained in accordance with the employer’s subscription terms and applicable employment record-keeping requirements, usually for 1-3 years after the posting expires or the position is filled. 

For technical data, including log files, IP addresses, and usage statistics, we typically implement shorter retention periods, generally between 90 days and 18 months, based on the specific purpose of collection. After this period, the data is either deleted or anonymized for analytical purposes. Marketing-related personal data is retained as long as you are opted in to receive marketing communications. If you opt out or unsubscribe, we retain only the minimum information necessary to comply with your opt-out request and prevent future communications. Data collected through cookies and similar technologies is retained according to our Cookie Policy, with retention periods varying by the type and purpose of the cookie (typically from session-based to up to 24 months). 

These retention periods are regularly reviewed and updated as necessary to ensure they remain appropriate for the purposes of processing and compliant with applicable laws. You can request information about the specific retention periods applicable to your personal data by contacting our Data Protection Officer at dpo@easyjobhunt.com. In all cases, when personal data reaches the end of its retention period, it is securely and permanently deleted or anonymized using appropriate technical measures to ensure it cannot be reconstructed or read. 

The deletion process is documented and conducted in accordance with our data deletion procedures, which specify the methods to be used for different types of data and storage systems.

11. Automated Decision-Making and Profiling

EasyJobHunt employs certain automated processing techniques, including profiling, to enhance our services and provide personalized experiences for our users. In compliance with Article 22 of the GDPR, this section explains the automated processing activities we conduct, their purpose and logic, and your rights in relation to these activities. Our Platform uses algorithms to analyze job seeker profiles and job postings to provide job matching and recommendations. 

This automated processing evaluates factors such as skills, experience, education, location preferences, and previous search behavior to identify and suggest potentially relevant job opportunities to job seekers. Similarly, for employers and recruiters, our system analyzes job requirements and preferences to suggest potentially suitable candidates. These recommendation systems use machine learning techniques that improve over time based on user interactions and feedback. This profiling helps job seekers discover opportunities they might otherwise miss and helps employers identify qualified candidates more efficiently, thereby enhancing the core functionality of our Platform. It is important to note that these automated recommendations are supplementary in nature and do not replace human decision-making in the hiring process. 

Job seekers retain full control over which positions they choose to apply for, and employers make independent decisions about which candidates to interview and hire based on their own criteria and processes. Our Platform also employs automated processing to personalize your user experience based on your behavior and preferences on the Platform. This includes customizing the content displayed on your dashboard, determining the order of search results, suggesting features you might find useful, and adapting the user interface to better align with your usage patterns. This personalization aims to make the Platform more intuitive and efficient for individual users by prioritizing information and features most relevant to them. 

For premium subscribers, we may use automated systems to detect patterns indicative of potential account sharing or unauthorized use, which helps us enforce our Terms of Service and protect the security of our Platform. These systems analyze login patterns, device information, and account usage metrics to identify anomalous activity that may require further investigation. In most cases, these automated processes support rather than replace human decision-making and do not produce legal or similarly significant effects on users as defined in Article 22 of the GDPR. However, in certain limited scenarios, our Platform may involve automated decision-making that could fall under Article 22, such as automated account suspension for detected violations of our Terms of Service or automated removal of content that violates our content policies. 

In these cases, we implement appropriate safeguards, including: clear explanations of why an automated decision was made; human review of automated decisions upon request; mechanisms to contest decisions and provide additional information; and regular testing and updating of our algorithms to minimize bias and inaccuracies. We do not conduct automated decision-making or profiling based on special categories of personal data (as defined in Article 9 of the GDPR) unless you have provided explicit consent or the processing is otherwise permitted under the GDPR. We take steps to prevent our algorithms from creating or reinforcing discrimination based on protected characteristics by regularly testing for bias, implementing fairness constraints in our models, and conducting human oversight of system outputs. 

You have specific rights regarding automated decision-making and profiling. When subject to fully automated decision-making that produces legal or similarly significant effects, you have the right to: obtain human intervention from EasyJobHunt to review the decision; express your point of view regarding the decision; contest the decision if you believe it is incorrect or unfair; request an explanation of how an automated decision was reached; and opt out of certain automated decision-making processes where appropriate and technically feasible. 

To exercise these rights or to ask questions about our automated processing activities, you may contact our Data Protection Officer at dpo@easyjobhunt.com.

12. Cookies and Similar Technologies

EasyJobHunt uses cookies and similar technologies on our Platform to enhance your experience, analyze usage patterns, deliver personalized content, and improve the overall functionality of our services. This section provides detailed information about how we use these technologies in compliance with the GDPR and the ePrivacy Directive (Directive 2002/58/EC, as amended by Directive 2009/136/EC). Cookies are small text files that are placed on your device when you visit our website or use our services. 

They enable us to recognize your device and store certain information about your preferences or past actions. Web beacons (also known as clear gifs, pixel tags, or web bugs) are tiny graphics with a unique identifier that may be included on our Platform for several purposes, including to deliver or communicate with cookies, track and measure the performance of our Platform, monitor how many visitors view our pages, and understand the effectiveness of our marketing. 

We place strict cookie taxonomy and categorization in alignment with the GDPR and the ePrivacy Directive, classifying cookies as follows: Strictly Necessary Cookies are essential for the operation of our Platform, enabling core functionalities such as security, network management, account authentication, and remembering your privacy choices. These cookies cannot be disabled as they are required for basic Platform operations and do not require consent under the ePrivacy Directive (as implemented in national laws), though we still provide transparency about their use. 

Preference or Functional Cookies enhance your experience by remembering your preferences, language settings, and other choices to provide a more personalized experience. While these improve usability, they are not essential for the functioning of the website, and you have the right to opt out of these cookies. Analytics or Performance Cookies collect information about how you use our Platform, helping us understand visitor behavior, identify popular features, detect usability problems, and improve overall performance. We use these insights to make improvements to the functionality and user experience of our Platform. These cookies require your consent before being placed. Marketing or Advertising Cookies are used to deliver relevant advertisements, track the effectiveness of marketing campaigns, and limit the number of times you see an advertisement. 

These cookies may be placed by us or by third-party advertising partners and require your explicit consent before being activated. We comply with the GDPR and the ePrivacy Directive by obtaining your informed consent before placing non-essential cookies (i.e., all cookies except Strictly Necessary Cookies) on your device. When you first visit our Platform, we present a cookie consent banner that allows you to accept or reject different categories of cookies. This banner provides clear, comprehensive information about the types of cookies we use, their purposes, whether they are first or third-party cookies, and their duration. You can change your cookie preferences at any time through our Cookie Preference Center, accessible via the “Cookie Settings” link in the footer of our website. 

This gives you granular control over which types of cookies you accept, allowing you to withdraw previously given consent or provide new consent for specific cookie categories. The specific information collected through cookies and similar technologies includes: your IP address and device information; browser type and settings; operating system; referring URLs; pages viewed and actions taken on our Platform; dates and times of visits; and information about how you interact with our content and advertisements. When these data points can be used to identify you directly or indirectly, they constitute personal data under the GDPR and are protected accordingly. 

For essential cookies, the legal basis for processing is our legitimate interest in providing a functioning and secure Platform (Article 6(1)(f) of the GDPR). For all other cookies, we rely on your consent (Article 6(1)(a) of the GDPR) as the legal basis for processing. Most web browsers allow you to control cookies through their settings preferences. You can typically remove or reject cookies via your browser settings. However, please note that if you choose to disable cookies, some features of our Platform may not function properly or optimally. Some browsers include “Do Not Track” (DNT) features that can send a signal to websites you visit indicating you do not wish to be tracked. 

Because there is not yet a common understanding of how to interpret the DNT signal, EasyJobHunt does not currently respond to DNT signals. However, you can use our Cookie Preference Center to control data collection regardless of DNT settings. For third-party cookies, particularly those used for advertising purposes, you can also opt out through industry mechanisms such as the European Interactive Digital Advertising Alliance (www.youronlinechoices.eu) or the Digital Advertising Alliance (www.aboutads.info/choices). 

We regularly review our Cookie Policy to ensure it remains current with our practices and applicable regulations. The most up-to-date information about our use of cookies and similar technologies is available in our separate Cookie Policy, accessible via a link in the footer of our website.

13. Children’s Data

EasyJobHunt’s Platform and services are designed for individuals who are at least 16 years of age, which is the age at which individuals can provide valid consent to data processing under the GDPR in most EEA member states, unless a member state has established a different age (not below 13 years). We do not knowingly collect or process personal data from children below this age threshold. 

This age restriction is appropriate given the nature of our services, which focus on professional employment opportunities and career development. The minimum age for creating an account on our Platform is explicitly stated in our Terms of Service, and we implement reasonable measures to verify age during the registration process, including age confirmation prompts and automated screening of profile information that might indicate an underage user. 

These measures are designed to be proportionate to the risks involved while recognizing the practical limitations of age verification techniques. In the event that we discover we have inadvertently collected personal data from a child under the applicable minimum age threshold, we will promptly take steps to delete such information from our systems. If this occurs, we will also implement measures to prevent similar occurrences in the future, which may include adjusting our age verification processes. 

If you believe that we might have collected personal data from or about a child under the applicable age threshold, please contact our Data Protection Officer immediately at dpo@easyjobhunt.com so that we can investigate and delete any such data if appropriate. We recognize that in certain jurisdictions within the EEA, UK, or Switzerland, the age of digital consent may be different from the default of 16 years established in the GDPR. For example, some member states have set the age of consent at 13, 14, or 15 years. In such cases, we apply the relevant age threshold applicable in the data subject’s country of residence. 

This means that for users in those countries, the minimum age for using our Platform without parental consent is adjusted accordingly. For individuals who have reached the relevant age of consent in their jurisdiction but are still minors under applicable law, we implement additional protections in our data processing activities. These include limiting the types of personal data collected to what is strictly necessary for the use of our services, applying enhanced security measures to protect their data, restricting marketing communications, and providing age-appropriate privacy notices and terms. 

The processing of personal data of users who have reached the relevant age of consent but are still minors is conducted in accordance with all principles and requirements of the GDPR, with particular attention to fairness, transparency, and the best interests of the data subject.

14. Changes to This GDPR Notice

EasyJobHunt reserves the right to modify, update, or amend this GDPR Notice at any time to reflect changes in our practices, services, legal requirements, or other factors that may affect how we process personal data subject to the GDPR. We are committed to maintaining transparency regarding such changes and to ensuring that data subjects are appropriately informed about how their personal data is processed. 

When we make material changes to this Notice that affect the ways in which we process personal data or your rights regarding your personal data, we will provide clear notice to you through appropriate channels. For significant changes, this may include prominent notices on our website or direct email communications to registered users whose personal data is affected by the changes. We will typically provide this notice at least 30 days before the changes take effect, unless changes are required immediately for legal compliance reasons or to address an urgent security concern. 

Each updated version of this GDPR Notice will include an effective date and version number at the bottom of the document, allowing you to determine whether the Notice has changed since your last review. We maintain an archive of previous versions of our GDPR Notice that can be made available upon request, enabling you to understand how our data processing practices and policies have evolved over time. Minor or administrative changes that do not materially affect your rights or our obligations under the GDPR, such as correcting typographical errors or updating contact information, may be implemented without specific notification, though the updated Notice will always be accessible through our website. 

We encourage you to review this GDPR Notice periodically to stay informed about our data protection practices and your rights regarding your personal data. Your continued use of our Platform after changes to this Notice take effect constitutes your acknowledgement and, where required, acceptance of the updated terms. However, where the GDPR requires explicit consent for certain types of processing, we will obtain your consent before applying new or different processing operations to your personal data, regardless of any changes to this Notice. 

If you do not agree with the changes to our GDPR Notice and do not wish to continue using our Platform under the revised terms, you may close your account and request deletion of your personal data in accordance with the procedures described in this Notice. If you have questions about changes to this Notice or how they may affect the processing of your personal data, you may contact our Data Protection Officer at dpo@easyjobhunt.com for clarification or assistance.

15. How to Contact Us and Complaints Procedure

If you have any questions, concerns, or requests regarding this GDPR Notice or the processing of your personal data by EasyJobHunt, we encourage you to contact us. We are committed to addressing your inquiries promptly and effectively. Our Data Protection Officer (DPO) serves as the primary point of contact for data protection matters and can be reached at dpo@easyjobhunt.com. The DPO is responsible for monitoring compliance with the GDPR and other data protection laws, providing advice on data protection obligations, conducting internal audits, and cooperating with supervisory authorities.

For general privacy inquiries or to exercise your data subject rights, you may contact us through our dedicated GDPR Rights Portal available at www.easyjobhunt.com/gdpr-rights, by emailing gdpr-requests@easyjobhunt.com, or by postal mail addressed to: EasyJobHunt LLC, Attn: Data Protection Officer, 100 North Howard Street., Suite R Spokane, WA 99201, United States.

We strive to respond to all legitimate inquiries within one month, as required by the GDPR. However, particularly complex or numerous requests may require up to three months. If we need to extend the response time beyond one month, we will notify you and explain the reasons for the delay.

If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a formal complaint with a data protection supervisory authority in your country of residence, your place of work, or the place of the alleged infringement. You can find contact details for data protection authorities within the European Economic Area at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

For UK residents, you may contact the Information Commissioner’s Office (ICO) at https://ico.org.uk/global/contact-us/ or by telephone at +44 0303 123 1113.

For Swiss residents, you may contact the Federal Data Protection and Information Commissioner at https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html.

Before filing a formal complaint with a supervisory authority, we encourage you to contact us directly, as we are committed to working with you to resolve any concerns you may have about our data processing activities. Many concerns can be addressed quickly and satisfactorily through direct communication.

16. Data Protection Governance

EasyJobHunt has established a comprehensive data protection governance structure to ensure ongoing compliance with applicable data protection laws, including the GDPR and UK GDPR. This structure defines clear roles, responsibilities, and accountability for data protection within our organization.

At the center of our data protection governance is our Data Protection Officer (DPO), who operates independently and reports directly to the highest level of management. The DPO is responsible for monitoring compliance, providing advice on data protection matters, cooperating with supervisory authorities, and acting as the primary point of contact for data subjects regarding all issues related to the processing of their personal data.

Our data protection governance framework includes:

  • A Data Protection Steering Committee composed of senior representatives from key departments including Legal, IT, Security, Product Development, and Customer Support, which meets quarterly to review compliance status, address emerging issues, and set strategic direction for data protection initiatives
  • Regular data protection impact assessments for new processing activities, products, or significant changes to existing systems
  • Comprehensive policies and procedures covering all aspects of data protection compliance, including data subject rights fulfillment, breach notification, data retention, and security
  • Regular training and awareness programs for all staff who process personal data, with specialized training for teams with elevated data protection responsibilities
  • Internal compliance monitoring and auditing to verify adherence to policies and procedures
  • Clear escalation paths for data protection concerns or incidents
  • A documented framework for selecting and managing vendors who process personal data on our behalf

Though we currently do not maintain designated representatives in the EU or UK, we have established internal processes to ensure that inquiries from European and UK data subjects and supervisory authorities are addressed promptly and effectively through our DPO.

Our governance framework is designed to be flexible and responsive to the evolving data protection landscape, allowing us to adapt quickly to new regulatory requirements, guidance from supervisory authorities, or changes in our business operations that affect personal data processing.

17. Children’s Privacy

EasyJobHunt’s Platform and services are directed at professionals and individuals seeking employment opportunities or hiring candidates. Our services are not intended for children under the age of 16, and we do not knowingly collect personal data from children under this age.

Under the GDPR, the processing of personal data of a child under 16 years of age (or a lower age if permitted by Member State law, but not below 13) is only lawful if consent is given or authorized by the holder of parental responsibility for the child. Given the professional nature of our services, we have established 16 as the minimum age for using our Platform across all EU Member States, the UK, and Switzerland.

We implement the following measures to prevent the collection of personal data from children under 16:

  • Age verification prompts during the registration process that require users to confirm they are at least 16 years old
  • Terms of Service that clearly state the minimum age requirement
  • Account review processes that may flag profiles that appear to belong to underage users
  • Prompt removal of any personal data when we become aware that it relates to a child under 16

If we discover that we have inadvertently collected personal data from a child under 16, we will promptly:

  • Cease processing the personal data
  • Delete the personal data from our systems
  • Take reasonable measures to ensure that the data is not further processed or used
  • Document the incident and the remedial actions taken

If you are a parent or guardian and believe that your child under 16 has provided personal data to EasyJobHunt without your consent, please contact our Data Protection Officer immediately at dpo@easyjobhunt.com. We will take steps to delete such information from our files within a reasonable time.

For users who are 16 or 17 years old, while they may legally use our Platform with their own consent in many jurisdictions, we recognize that they may still be considered vulnerable data subjects deserving of particular protection. For these younger users, we implement enhanced privacy protections and clear, age-appropriate privacy information.

18. Additional Information for Specific Data Processing Activities

This section provides additional information about specific data processing activities that may be of particular interest to European Data Subjects using our Platform.

Job Application Processing

When you use our Platform to apply for jobs, your application materials (including your resume, cover letter, and any responses to application questions) are submitted to the potential employer. In this process, EasyJobHunt acts as a data processor for the employer, who becomes the data controller for your application data once received. This means that the employer’s privacy policy and data retention practices will govern the processing of your data after submission.

We recommend reviewing the privacy policy of any employer before applying. While we require all employers using our Platform to comply with applicable data protection laws, we cannot control their specific data processing activities once they receive your information.

EasyJobHunt retains a copy of your application materials in your account to facilitate your job search activities. You can delete these materials from your account at any time through your account settings.

Skills Assessments and Psychometric Tests

Some positions on our Platform may require candidates to complete skills assessments or psychometric tests. If you choose to participate in such assessments:

  • You will be informed about the specific types of data collected and how they will be used before you begin the assessment
  • Results are typically shared with the potential employer and retained in your account for your reference
  • You have the right to request deletion of assessment results from our systems
  • Automated analysis of assessment results may be used to evaluate your suitability for positions, but significant decisions (such as hiring decisions) are made by human reviewers, not solely by automated processing

Professional Development and Learning Features

If you use our professional development resources or learning features:

  • We track course completion, quiz results, and interaction with learning materials to provide you with personalized learning paths and certification records
  • This data is stored in your account and can be accessed or deleted through your account settings
  • With your consent, achievements and certifications may be displayed on your public profile

Platform Analytics and Service Improvement

We analyze user behavior and Platform performance to improve our services. This processing is based on our legitimate interest in enhancing user experience and developing our business. This analytics processing:

  • Uses aggregated or pseudonymized data wherever possible
  • Employs technical safeguards to protect user privacy
  • Includes analysis of job search patterns, application completion rates, and feature usage
  • May involve limited profiling to provide personalized job recommendations and content

Communications and Notifications

Our Platform sends various types of communications, including:

  • Essential service messages about account activity, application status updates, and security alerts
  • Optional job alerts and recommendations that you can configure or disable through your account settings
  • Marketing communications that are always subject to your explicit consent and include an unsubscribe option in every message
  • Surveys and feedback requests, which you can decline without penalty

For each communication type, we maintain records of your preferences and consent status to ensure we respect your choices.

Mobile Application Data Processing

If you use our mobile applications, additional data may be processed, including:

  • Device identifiers and mobile operating system information
  • Mobile location data (if you grant permission)
  • Push notification tokens (to deliver notifications you have opted into)
  • App usage analytics

You can manage permissions for our mobile applications through your device settings, and you can configure notification preferences within the app.

19. Glossary and Key Terms

To ensure clarity and common understanding of the terminology used in this GDPR Notice, we provide the following definitions of key terms:

Personal Data: Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data Controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Data Processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Data Subject: An identified or identifiable natural person to whom the personal data relates.

Consent: Any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Legitimate Interest: A lawful basis for processing personal data where the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

Special Categories of Personal Data: Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data processed for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Data Protection Impact Assessment (DPIA): A process designed to help identify and minimize the data protection risks of a project or processing activity, particularly when the processing is likely to result in a high risk to individuals.

Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Supervisory Authority: An independent public authority established by a Member State pursuant to Article 51 of the GDPR, responsible for monitoring the application of the GDPR.

Profiling: Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

Pseudonymization: The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Third Party: A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Cross-border Processing: Either (a) processing of personal data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State; or (b) processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the Union but which substantially affects or is likely to substantially affect data subjects in more than one Member State.

20. Conclusion

This General Data Protection Regulation Notice represents EasyJobHunt’s commitment to transparency, accountability, and the protection of your personal data in accordance with the GDPR and UK GDPR. We recognize the importance of privacy and data protection as fundamental rights and are dedicated to handling your personal data with the utmost care and in compliance with applicable laws.

As we continue to develop our Platform and services, we remain vigilant about our data protection practices and obligations. We strive to implement privacy by design and by default principles in all our operations, ensuring that data protection considerations are integrated into our business processes from their inception.

We encourage you to exercise your rights as a data subject and to contact us with any questions, concerns, or requests regarding your personal data. Your trust is important to us, and we are committed to maintaining that trust by being transparent about our data processing activities and respecting your privacy choices.

This GDPR Notice will evolve alongside regulatory developments and changes to our business practices. By reviewing this notice periodically and reaching out to our Data Protection Officer with any questions, you can stay informed about how we protect your personal data and what choices you have regarding its processing.

Thank you for taking the time to understand our data protection practices. We look forward to providing you with a valuable, privacy-respectful service as you pursue your professional goals on the EasyJobHunt platform.

Effective Date: April 16, 2025
Last Updated: April 16, 2025

Version: 1.0