Skip to main content

Privacy policy

Version 1.0, updated on 01.12.2024

Who are we? #

IT Staff OÜ is a recruitment company registered in Estonia, 16896470.

This privacy policy will help you to understand how we collect and use your personal data (information about you) during the course of our business.

In general, we may collect your data if you apply for a job, contact us for business inquiries or when we provide services to our customers. Depending on the nature of our relationship we have with you, we use your data:

  • based on your consent;
  • to fulfill contractual obligations if we have a contract with you;
  • to comply with legal requirements;
  • to pursue our legitimate interests as a business.

More details about when and why we use your personal data is described in the relevant sections below.

When we are collecting and using your personal data on behalf of our customer or partners, the customer or partner will be responsible for exercising your rights.

Our legitimate interests #

If necessary we may use limited personal data to:

  • communicate with you
  • conduct prospecting if you are a representative of a business
  • prevent fraud and keep our business operations and IT systems safe and secure;
  • develop, manage and improve our business;
  • protect our rights in case of any potential legal dispute or claim

Your rights #

If you wish to exercise any of your rights, please contact us. You have a right to:

  • access your data – you can ask us for a copy of the personal data that we hold;
  • rectify your data if you become aware of any errors or inaccuracies concerning your personal data;
  • withdraw your consent – where we process personal data based on consent, you have a right to withdraw consent at any time. Withdrawing your consent does not:
  • make the processing done before the withdrawal illegal;
  • affect the use of personal data for other purposes (for example we can still keep the data to protect us from any potential legal claims).
  • ask for erasure of your data. We may still keep the data if it is necessary for contractual or legal obligation or for pursuing our legitimate interests;
  • ask for your personal data to be sent to you or to another organization if the right of data portability applies;
  • ask us to review automated decisions which have legal effects to you;
  • restrict or object to our processing - you can ask to restrict or object to our processing of your personal data.

Job applicants #

We use your data to manage your application and communicate with you during the recruitment process.

We collect most personal data directly from you when you submit your application or provide the information during interviews:

  • contact details (name, email, telephone number);
  • details of your qualifications (skills, certifications, experience, employment history);
  • information about your expectations and eligibility to work in the relevant country.

Some information may be collected from other sources including:

  • publicly available profile data (job agencies and dedicated sites like LinkedIn);
  • contact details, information about qualifications, skills, experience, employment history from people who are reference for you;
  • background information from screening checks.

We use your personal data for the recruitment process based on your consent. After you submit your application, we also have legitimate interests to keep the data after the recruitment process to protect us from any potential legal claims until they expire (commonly up to 3 years).

If you do not consent to use your data for recruitment purposes or exercise your right to withdraw your consent, you will be unable to continue with the recruitment process.

Requests and communication #

We collect your personal data from you if you contact us via e-mail and use it to manage any requests you submit to us. We keep the data after solving the request commonly up to 3 years, depending on the nature of the request.

Data sharing #

Sometimes we need to share your data with:

  • our business clients to the extent and only whereas it is necessary to services to them;
  • our vendors and suppliers that we use to operate our business and provide services such as providers of software and IT systems, security, storage, legal, advisory, audit and insurance services;
  • law enforcement or other government and regulatory agencies or other third parties, where we are required by law to do so.

In the course of using your data and depending on the relationship we have with you, we may need to transfer your personal data between different regions (namely North America, Europe, Middle East, Asia). Where we do so, we use different legal measures (agreements, legal frameworks, adequacy decisions or certifications) to ensure the protection of your rights and personal data. Contact us for more specifics regarding international data transfers.

How long do we keep personal data? #

Depending on the relationship we have with you, your personal data is kept to until:

you withdraw your consent; we have legitimate interest to keep it for a fixed amount of time; we need to protect our interests in case of any potential complaints and litigations (data is kept up to 3 years depending on the applicable legal jurisdiction); we need to fulfill our legal or contractual requirements.

Updates to this policy #

We may make updates to this privacy policy without prior notice. Please see our website for the most recent version of the policy.