MGR HUMAN RESOURCES LTD (“MGR”) is committed to protecting the privacy of your personal data.
- MGR – who we are
MGR Human Resources Ltd, member of MAP S.Platis Group of Companies, is a leading, broad HR Consulting, Recruitment and Temporary Placements Agency, with offices in Nicosia and Limassol.
As the Controller, MGR determines the purpose and means of processing individuals’ personal data. In each case, the personal data controller will be MGR.
- Personal data we may collect:
MGR processes different personal data for a variety of reasons, for example: data of candidates who have applied through us for a position with one of our clients, candidates whom we have found a job, personal data given by candidates such as a referees, website users, clients, etc. We only ask for data that are necessary for us to be able to provide a service to you.
Categories of data collected::
- Personal data for contact, service provision and other purposes:
These may include: name, date of birth, contact details (i.e. telephone number, email, home address), academic and professional qualifications, employment history, remuneration history, photo identification (e.g ID card, passport or other) social media profile and information,, referees contact details or any other information an individual chooses to share with us. In some cases and where applicable by the law, we may also collect information related to diversity, immigration status, health, criminal convictions, etc.
- Information necessary to make payments (i.e. payroll or other service provision payment):
This may include: bank account details, social security number, financial information in case we need to carry out a financial background check or any other relevant info.
- Compliance with statutory obligation:
MGR may process personal data where obliged to do so under the law (e.g. employment records, company records, tax reporting obligations, personnel recruitment laws, contractual duties).
- Time of collection of personal data (How)
Personal data may be collected by MGR where you or an organisation with which you are related in any capacity (e.g. employee, officer, representative) (the “Client Entity”) contacts MGR in relation to any services that it may provide.
Your personal data may also come to our possession directly from you in case you express any interest to and/or become an employee of MGR.
In addition, your data may be collected when an organisation engages MGR to provide services and you are engaged in the organisation in any capacity that is relevant (for example: director, representative or employee of such entity with which MGR deals in providing any services).
- Use of your personal data
MGR will process your personal data to:
- Provide you with recruitment activities which is the main are of work of MGR;
- Assess whether a vacancy is suitable for you and make suggestions to you;
- Send your information to Clients in order to apply for a job role or assess whether you are eligible to apply for a role;
- Provide its services or enter into discussions for the provision of services to you or a Client Entity;
- Manage the day-to-day tasks relating to the business relationship with you or a Client Entity (e.g. communication, payments, invoicing, support);
- Analyse, market and improve its services as well as develop new services that may be of interest to you or a Client Entity;
- In compliance with its legal obligations including contractual documentation, payroll, accounting and tax;
- To be able to identify the individuals acting for a Client Entity or engaged by a Client Entity in a task which requires that MGR communicates with such individuals;
- To defend or uphold its legal rights;
- To comply with any order of a responsible court or other authority;
- For research purposes regarding customer satisfaction surveys, effectiveness of our website services, marketing, advertising and sales efforts;
- To keep you or a Client Entity informed in relation to our services and products;
- For purposes that are similar or connected to the above or for any other purpose that you or a Client Entity will provide personal data to us.
- Legal ground for personal data processing
MGR may process the personal data set out above on one or more of the following reasons:
- You have provided your consent to MGR for the specific purpose of processing;
- The processing is necessary for the performance of a contract to which you or a Client Entity are party or in order to take steps at your or a Client Entity’s request prior to entering into a contract with MGR;
- Processing is necessary for compliance with a legal obligation to which MGR as the controller is subject;
- Processing is necessary in order to protect the vital interests of you or of another natural person;
- Processing is necessary for the purposes of the legitimate interests pursued by MGR as the controller or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where the data subject is a child. Examples where MGR may process personal data on this ground include product development, communications and marketing, insurance purposes, employment and recruitment purposes, IT purposes (e.g. data loss prevention, information, system, network and cyber-security, employment data processing, general operations and due diligence (e.g. internal customer analysis, reporting and management information).
- Provision of your personal data to third parties
- MGR may share information in the context of providing its services to you or any Client Entity with other third parties including for example, any groups companies, individual and organisations who hold information related to your employment application such as current, past or prospective employers, payment processors, tax, audit or other authorities, database service providers, MGR’s own legal and/or other advisors, other third party service providers who perform functions or our behalf (e.g. business associates, accountant, IT consultants, cloud service providers, statistics monitoring).
- MGR may also share your information where obliged to do so by an applicable court order and/or where required to do so by an applicable law.
- The safety of your personal data
MGR is committed to take all the appropriate measures (physical, organisational and technical) to ensure the safety of your personal data. We also have measures to deal with any suspected data breach. Your personal data may be stored electronically or in paper form.
- Personal data that you or a Client Entity provide to us in relation to other individuals.
- Where you or a Client Entity provides to MGR personal data of other individuals (e.g. officers, secretary, employees, other individuals that the Client Entity interacts with or persons related to you) you or the Client Entity (as the case may be) represent to MGR that you or the Client Entity are duly entitled to do this.
- You or a Client Entity also represent that the individual in question is aware of MGR’s data protection practices as stated in this policy which may be relevant to the individual, how MGR may be contacted as well as such information that you or a Client Entity are obliged to provide to such individual under applicable laws in relation to MGR.
- How long do we keep your personal data for?
MGR stores personal data for no longer than is reasonably necessary for its processing purposes. Where MGR stores personal data based on your consent, it will delete such personal data when you withdraw your consent and provided that it is not obliged under law to maintain such data. In case of recruitment activities, MGR will delete your personal data from our systems if we have not had any meaningful contact with you for two (2) years, if you have not been employed by us or any of our clients unless you expressly consent for to the storing of your personal data for potential future roles and/or other relevant purposes. If you accept an offer of employment by MGR or one of MGR’s clients, any relevant personal data collected during the pre-employment period will become part of your personnel records and will be retained. MGR may in any case, keep personal data as long as is necessary for the defending or making of legal claims as provided by applicable limitation laws in Cyprus.
- Transfers of personal data to third countries
MGR may transfer personal data to third countries outside the EU/EEA where required for any of the purposes stated above including for storage purposes. In each such case, MGR will ensure that such transfers will comply with the General Data Protection Regulation (Regulation EU 2016/679 based on a Commission Adequacy decision, or appropriate safeguards (e.g. standard contractual clauses) or other grounds provided by GDPR. You may contact MGR in order to be informed of the appropriate or suitable safeguards (as the case may be).
- Your rights as a data subject
- Right of access – you have the right to request from MGR acting as your controller, to provide you with a copy of the personal data that we hold about you in which case we shall do so.
- Right of rectification – you have the right to request from MGR acting as your controller to correct the personal data that it holds about you that is inaccurate or incomplete in which case MGR acting as your controller shall do so.
- Right to be forgotten – you have the right to request from MGR acting as your controller in certain circumstances to erase your personal data from its records. In case that these circumstances apply to your case and provided that no exception to this obligation applies (e.g. where we are obliged to store your personal data in compliance with a legal obligation under Cypriot or EU law), MGR acting as your controller will erase your personal data from its records.
- Right to withdraw consent – Where we have obtained your consent to process your personal data for certain activities you may withdraw this consent at any time and we shall do so unless we consider that there is an alternative reason to justify our continued processing of your data for this purpose in which case we will inform you of this condition.
- Right to restriction of processing – you have a right to request from MGR acting as your controller where certain conditions apply, to restrict the processing of your personal data. Where these conditions apply MGR will restrict the processing of your personal data.
- Right of portability – you have the right to request from MGR acting as your controller where certain conditions apply, to have the data it holds about you transferred to another organisation. Where these conditions apply MGR will transfer your personal data to another organisation.
- Right to object – you have the right to object on grounds relating to your particular situation, to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review – in the event that MGR refuses your request for any rights of access, it will provide you with a reason as to why.
MGR may charge you a reasonable administrative fee for of your requests that are unreasonable or excessive as well as where you request additional copies.
MGR will endeavour to satisfy your requests promptly and no later than the time limits set by the applicable law. If you have a complaint, you may submit a complaint as stated below.
- Failure to provide personal information
If MGR requests you to provide personal data and you fail to do so, we may not be in a position to provide a service and/or enter into an agreement with you, in which case we will inform you accordingly and terminate our relationship.
- How to contact us
MGR Human Resources Ltd is the legal name of trading name MGR and is solely responsible for processing all your personal data. The Company is registered under Cyprus Law with registration number HE349300, employment licence number 280 and temporary employment licence number 2.
You can write to us at the following address:
P.O.Box 59521, CY-4010, Limassol, Cyprus
Alternatively, you can send us an email at: email@example.com or call us at +357 2525 6868.
We take your privacy seriously and we will make sure to come back to you as soon as possible.
Reasons to contact us may be:
- To access, amend or take back the personal data that you have given to us;
- If you suspect any misuse or loss of or unauthorised access to your personal information;
- To withdraw your consent to the processing of your personal data
- To update your marketing preferences
- Your right to make a complaint
MGR will endeavour to promptly respond to your requests and complaints. In the event that you are unsatisfied, you may submit a complaint to MGR at the following email address: firstname.lastname@example.org.
If you are still unsatisfied you may submit a complaint to the Commissioner for the Protection of Personal Data. MGR can provide you with the contact details upon request.
- Equal opportunities
MGR is an equal opportunities Employer and our recruitment processes are aligned with our approach to this. As part of our recruitment process, we may collect sensitive or other diversity information related to you. Such data can be gender, age, ethnic background disability, religion, social and/or economic background.