Privacy Policy of Penumbra People

Penumbra People ("we", "our", or "us") is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect, use, process, and disclose your information when you access or use our human resources consulting services through our online platform or other interactions.

1. Information We Collect

We collect various types of information in connection with the human resources consulting services we provide.

1.1 Personal Data You Provide Directly To Us

This includes information you provide when you engage with us for services such as Talent Acquisition & Recruitment, Employee Relations Management, HR Policy Development, Performance Management Systems, Training & Development Programs, HR Analytics & Reporting, Compensation & Benefits Strategy, Workforce Planning & Succession, Diversity & Inclusion Initiatives, and HR Technology Implementation. This may include:

• Contact Information: Name, address, email address, phone number.
• Professional Information: Job titles, employment history, educational background, skills, qualifications, references, and other information relevant to recruitment or HR consulting, including CVs/resumes.
• Client/Business Information: Details about your organization, its structure, employees, and any specific HR challenges or objectives.
• Communications: Records of your correspondence and communications with us.
• Payment Information: Financial information necessary for processing payments for our services (though actual payment processing may be handled by third-party providers with whom you interact directly).

1.2 Information Collected Automatically

When you visit our online platform, we may automatically collect certain information about your device and usage patterns. This may include:

• Technical Data: IP address, browser type and version, operating system, device type, and referral source.
• Usage Data: Pages viewed, time spent on pages, navigation paths, and other statistics related to your interaction with our site.

1.3 Information from Other Sources

We may receive information from other sources, such as business partners, public databases, social media platforms, and third-party data providers, especially in the context of recruitment and talent acquisition services, always in compliance with applicable law.

2. How We Use Your Information

We use the information we collect for various purposes relating to our human resources consulting services, based on legitimate business interests, contractual necessity, legal obligations, or your consent.

• To Provide Our Services: Delivering Talent Acquisition & Recruitment, Employee Relations Management, HR Policy Development, Performance Management Systems, Training & Development Programs, HR Analytics & Reporting, Compensation & Benefits Strategy, Workforce Planning & Succession, Diversity & Inclusion Initiatives, and HR Technology Implementation. This includes matching candidates with roles, developing HR strategies, and providing advice.
• To Communicate With You: Responding to inquiries, sending service-related updates, and providing information about our services.
• For Internal Operations: Administering our site, troubleshooting, data analysis, testing, research, statistical, and survey purposes.
• For Marketing and Promotional Purposes: With your consent, we may use your information to send you marketing communications about our services, events, or news that may be of interest to you.
• To Comply with Legal Obligations: Fulfilling our legal and regulatory requirements.
• To Protect Our Rights: Enforcing our terms and conditions, preventing fraud, and ensuring the security of our services.

3. Legal Basis for Processing Personal Data

We rely on the following legal bases for processing your personal data under the General Data Protection Regulation (GDPR):

• Performance of a Contract: When processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
• Legal Obligation: When processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests: Where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.
• Consent: Where you have given explicit consent for us to process your personal data for one or more specific purposes.

4. Disclosure of Your Information

We may share your personal data with third parties in the following circumstances:

• With Service Providers: We employ third-party companies and individuals to facilitate our services (e.g., IT and system administration services, data analytics, recruitment platforms, and marketing assistance). These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
• With Clients: In the context of recruitment and talent acquisition services, we may share candidate information with our clients for potential employment opportunities, always with appropriate safeguards and consent where required.
• For Business Transfers: If we are involved in a merger, acquisition, or asset sale, your personal data may be transferred as a business asset.
• For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
• With Your Consent: We may share your information with any other third party with your explicit consent.

5. International Data Transfers

As a global human resources consulting firm, your data may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws, including implementing appropriate safeguards like Standard Contractual Clauses approved by the European Commission.

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

7. Your Data Protection Rights

Under GDPR, you have the following rights concerning your personal data:

• The Right to Access: You have the right to request copies of your personal data.
• The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data, under certain conditions.
• The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
• The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• The Right to Withdraw Consent: Where we rely on your consent to process your private data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.

8. Security of Your Information

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal data we process. However, please remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal data, transmission of personal data to and from our online platform is at your own risk. You should only access the services within a secure environment.

9. Links to Other Websites

Our online platform may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. How to Contact Us

If you have any questions about this Privacy Policy, your personal data, or wish to exercise any of your data protection rights, please do not hesitate to contact us at:

Penumbra People
14 Fitzwilliam Square, Floor 3
Dublin, County Dublin, D02 W286
Ireland

12. Complaints

Should you wish to report a complaint or if you feel that Penumbra People has not addressed your concern in a satisfactory manner, you may contact the Data Protection Commission of Ireland:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2, D02 RD28
Ireland