Your message was successfully sent!
Thank for contacting us.
Last updated 16 March 2023
Language: BG / EN
We hereby present you information on how KPMG IT Service OOD, UIC 203572873 (“KPMG ITS” or the “Company”), in its capacity as data controller within the meaning of the General Data Protection Regulation, collects, processes, stores or otherwise uses your personal data, which you provide when applying for a job at KPMG ITS.
1. What are the purposes and legal grounds for processing your personal data?
By submitting your CV and the supporting documentation thereto under an advertisement for a job at KPMG ITS, published on Company’s internet page or on a job searching platform, as well as where you provide consent before a recruitment/temporary staffing services company engaged by us, you allow us to process your personal data in the course of the current recruitment campaign for the following purposes:
We rely on your consent to process your data when you submit your CV to our email requesting to join our team without applying for a specific open position.
2. What categories of personal data do we collect?
When you apply for a job at KPMG ITS, we process the following categories of personal data:
In the initial stages of the recruitment process, we do not seek to collect special categories of personal data from you, such as information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, information concerning health, information concerning a natural person’s sex life or sexual orientation.
If you are a selected candidate for employment, KPMG ITS may require additional personal details, as necessary for the conclusion of an employment contract and/or otherwise you becoming a KPMG person, including special categories of data, if local employment laws requires us to do so and we will notify you explicitly of this.
Please do not include any special categories of personal information in your application documents.
3. How do we collect personal data for recruitment purposes?
The personal data we process about you are provided to us either by yourself and/or by the recruitment/temporary staffing services company we work with.
We may obtain information about you from our employees if they refer you as suitable candidate to KPMG ITS.
If you have a social media profiles with provider facilitating professional communication, such as LinkedIn or on your current employer’s website, we may review it. We will not inspect any purely personal social media activities of yours.
4. Are you obliged to provide your personal data to us?
Providing personal information to us is voluntary, but necessary for the recruiting process. You are under no statutory or contractual obligation to provide your personal information to KPMG ITS during the recruitment process. However, if you do not provide sufficient information, we may be unable to consider your employment application.
5. Do we share personal data with third parties?
We may share personal data with trusted third parties to help us carry out our business activities and deliver us services. These third parties are contractually bound to safeguard the data we entrust to them. We may share your personal data with the following categories of third parties:
6. Do we transfer your personal data outside the European Union and the European Economic Area?
KPMG ITS may share your personal data with KPMG International Limited (“KPMG International”), a private English company limited by guarantee, or with other member firms of the global KPMG organization of independent member firms associated with KPMG International, or with current and/or potential clients of KPMG ITS, whenever this is necessary for duly conduction of the recruitment campaign in view of ongoing or potential engagements the Company has undertaken or bids for. Your personal data may be shared with companies under the previous sentence only and as far as said companies are based within the European Union (EU) or the European Economic Area (EEA) or, where these are outside said area, these organizations are still based in a country which is considered to provide an adequate level of protection in accordance with a Decision of the European Commission. A complete list of the countries which provide an adequate level of protection may be found on the Internet page of the European Commission at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en. If you need further information in this regard, you may contact us.
In addition to the above situations, for that same purposes, KPMG ITS may transfer personal data outside the EU/EEA to KPMG member firms or to external companies, present and/or potential clients of KPMG ITS, which are based in countries which are not considered to provide an adequate level of protection in accordance with a Decision of the European Commission. If your personal data is to be transferred in inadequate countries outside the EU/EEA, this will be done in the presence of suitable transfer mechanism and protection of the personal data in compliance with applicable legislation, e.g. under a contract containing standard clauses for protection of personal data according to a template approved by the EU Commission, or in the presence of particular statutorily determined conditions, e.g. where the transfer is necessary for the performance of contract between you and KPMG ITS, or for conclusion or performance of a contract concluded in your interest between KPMG ITS and another person, or you have provided your explicit consent in this regard.
7. How long do we retain your personal data?
The personal data you provided when applying shall be processed for the purposes of the current recruitment campaign and will be deleted not later than 1 (one) month as of its completion, unless you are a selected applicant. If in the course of the current recruitment campaign you provided original or notarized copies of documents, these documents will be returned to you within the term stated above.
Any internal documentation containing your personal data, which was created by KPMG ITS in the course of the current recruitment campaign or thereafter on the basis of the information and documents you provided, may be stored by KPMG ITS for a period of 3 (three) years as of the completion of the campaign for the establishment, exercise or defence of legal claims.
KPMG ITS, upon your consent, may keep your personal data and use it in the course of subsequent recruitment campaigns to inform you of available positions and include your application in the selection process. Under this scenario, we will store your personal data for a period of 2 (two) years as of the end of the current campaign. After that your personal data will be permanently deleted.
Sometimes KPMG ITS receives personal data from candidates who are interested in working at KPMG ITS without applying for a specific job position, for example by sending a CV to our official e-mail address or in the course of KPMG ITS’ participation in various events (e.g. career days organized by universities and others) in order to promote the activities of the Company and recruit potential staff. In these cases, the personal data is processed on the basis of consent given by the job applicant for a period of 2 (two) years upon submission of the relevant application.
8. What are your data protection rights and how you can exercise them?
The General Data Protection Regulation guarantees you a certain set of rights that you may exercise in relation to your personal data processed by us. The Regulation provides for the following rights:
You may exercise your rights by means of sending a request to the above addresses. Before we address your request for withdrawal of consent or for exercising another rights we may request additional information to confirm your identity.
If you believe that KPMG ITS has violated your data protection rights, you can always lodge a complaint with the Commission for Personal Data Protection of the Republic of Bulgaria.
9. Do we change this Privacy Notice?
When we make amendments to this Privacy Notice, we will revise the “updated” date at the top of this documents. Any changes to the processing of personal data as described in this Privacy Notice affecting you will be communicated to you through an appropriate channel, depending on how we normally communicate with you.