Who does the GDPR compliance commitment apply to?
This GDPR compliance commitment (“Commitment”) applies to you if:
- You are an individual located in the European Economic Area (“EEA”) or the UK.
- Leoforce LLC (“Leoforce”, “we”, “us” or “our”) has collected your personal data.
For the purposes of European data protection laws, Leoforce is the controller of your personal data.
What personal data does Leoforce collect?
Leoforce collects the following personal data: name, employer, employer location, job title, employment dates, previous employers, social profile URLs, and other data made public by you, (collectively “Profile Data”).
Profile data are collected from publicly available sources including, for example, social media platforms and third party partners.
How do we use your profile data?
Leoforce processes your Profile Data where in its legitimate interests to properly manage and administer its client relationships for the following purposes:
- To identify you as a potential candidate for a job position with one or more of our clients (which from an EU data protection perspective may amount to profiling).
- To combine your personal data with personal data from a number of sources so that we may build a better picture of you and ensure the correct candidates are matched with the correct clients.
- To share your Profile Data with one or more of our clients where we believe your Profile Data matches the search criteria of such client. We do not disclose your name or contact details to the client.
- to share your Profile Data with third parties providing us with services; and to seek your approval to be contacted by one or more of our clients.
Your Right to Object: Please note that you have a right to object to the processing of your personal data where that processing (including profiling) is carried out for our legitimate interest.
Sharing your profile data
Your public professional profile data will be treated as strictly confidential and will be shared only in accordance with this Commitment.
We will share your Profile Data with a client where we believe your Profile Data matches the search criteria of such client. It is the client’s responsibility to provide you with its own data privacy notice to the extent it is required by law to do so.
We may use trusted third parties to provide us with services (e.g., technical support for our platform, web-hosting companies, and support services) who may have access to your Profile Data. All service providers are permitted to use data only for the purpose of performing services on our behalf.
We may share your Profile Data with competent authorities, courts and bodies in response to a court order, summons or subpoena, regulatory requests, or as permitted or required by law when we reasonably believe it is necessary or appropriate to investigate, prevent or take action against illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person.
We may also disclose your Profile Data to any third party that acquires, or is interested in acquiring, all or part of our assets or shares, or that succeeds us in carrying on all or part of our business.
How long do we keep your profile data?
We keep your Profile Data only for as long as your Profile Data is relevant for matching against client job descriptions. The criteria used to determine what is relevant include:
- How long the personal data is needed to provide the client services and operate the business.
- The type of personal data collected.
- Whether we are subject to a legal, contractual or similar obligation to retain the data (e.g., mandatory data retention laws, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation or disputes).
Your data protection rights
You have the following rights with respect to your personal data (subject to certain requirements being fulfilled):
- The right to request a copy of personal data which Leoforce holds about you.
- The right to the correction of your personal data when incorrect, out of date or incomplete.
- The right to request that we erase your personal data.
- The right to object to us using / holding your personal data (including for profiling) if we have no legitimate reason to do so.
- The right to request that we restrict the processing of your personal data – i.e., we would need to secure and retain the data for your benefit but not otherwise use it.
- The right to the portability of personal data – i.e., ask for a copy of your personal data to be provided to you, or a third party.
All such requests should be made using the contact details set out below or online via https://leoforce.com/data-privacy-policy/. We will respond to your request as soon as practicable and in any event not more than within one month after receipt of your request. In exceptional cases, we may extend this period by two months and we will tell you why. We may request proof of identification to verify your request. For more details in relation to your rights, including how to exercise them, please contact us using the contact details below.
You also have a right to lodge a complaint about the processing of your personal data with a data supervisory authority
International transfer of your profile data
Leoforce is located in the US. Where we source your Profile Data from outside of the US, this Profile Data will be transferred to the US.
Changes to this commitment
We may change this Commitment from time to time. We will notify you of any material changes through a notification on our website. Any changes will become effective immediately after being posted.
To exercise your data protection rights, ask questions, or make a complaint, please contact Leoforce via email at firstname.lastname@example.org or via postal mail at Leoforce, LLC, 500 W Peace St, Raleigh, NC 27603, or via phone at +1 919-800-0110.
Last Updated: Aug 1 2019