Log In

Don't have an account? Sign up now

Lost Password?

Sign Up

Password will be generated and sent to your email address.

Data Processing

EASYJOBHUNT DATA PROCESSING POLICY

1. Introduction and Policy Scope

EasyJobHunt  (“EasyJobHunt,” “we,” “us,” or “our”) has developed this Data Processing Policy (“Policy”) to establish clear guidelines regarding the collection, processing, storage, security, retention, and management of personal data in connection with our operations. 

This comprehensive Policy applies to all personal data processed by EasyJobHunt through our website, mobile applications, and related services (collectively, the “Platform”), whether such data belongs to job seekers, employers, freelancers, business partners, or other individuals who interact with our services. EasyJobHunt is firmly committed to processing personal data in accordance with globally recognized data protection principles, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality. 

This Policy is designed to comply with applicable data protection regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other relevant privacy laws and regulations that govern our operations in various jurisdictions. By accessing or using our Platform, you acknowledge that your personal data will be processed in accordance with this Policy and our Privacy Policy.

2. Definitions of Key Terms

For the purposes of this Policy, the terminology employed is intended to ensure clarity and consistency in our approach to data processing. “Personal data” refers to any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 

“Processing” encompasses any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. 

“Data controller” refers to EasyJobHunt, as the entity which determines the purposes and means of the processing of personal data. “Data processor” refers to a natural or legal person, public authority, agency or other body which processes personal data on behalf of EasyJobHunt. “Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. 

These definitions align with established data protection principles and are intended to provide a framework for understanding the various concepts referenced throughout this Policy.

3. Legal Basis for Processing Personal Data

EasyJobHunt processes personal data in strict accordance with applicable data protection regulations, ensuring that all processing activities have a valid legal foundation. We rely on several legal bases for processing personal data, depending on the specific context and purpose of processing. When processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract, such as when users create accounts, submit job applications, post job listings, or utilize our Platform’s services, we process data as required to fulfill our contractual obligations. 

In many instances, we process personal data based on the legitimate interests pursued by EasyJobHunt or by a third party, provided such interests are not overridden by the interests or fundamental rights and freedoms of the data subject. These legitimate interests include improving our services, preventing fraud, ensuring network and information security, and conducting business development activities. Where required by law, we obtain explicit consent from data subjects before processing their personal data, particularly for marketing communications, optional features, or processing of sensitive data categories. This consent is collected through clear affirmative actions, such as opt-in checkboxes or account settings, and may be withdrawn at any time. 

Additionally, we process personal data when necessary for compliance with legal obligations to which EasyJobHunt is subject, such as tax requirements, employment law compliance, or responding to valid legal process from government authorities. For certain specialized services or features, we may also process personal data to protect the vital interests of the data subject or of another natural person, or for reasons of substantial public interest, though these bases are employed less frequently. EasyJobHunt maintains detailed records of processing activities and regularly reviews the legal basis for each processing operation to ensure continued compliance with applicable regulations.

4. Categories of Personal Data Collected and Processed

EasyJobHunt collects and processes various categories of personal data in accordance with the nature of our services and the specific purposes outlined in this Policy. For job seekers utilizing our Platform, we collect and process identification and contact information including but not limited to name, email address, phone number, postal address, and in some instances, government-issued identification for verification purposes where required by law or necessary for service provision. Professional and employment information constitutes a significant data category for our Platform and includes work history, employment status, job titles, employer names, professional skills, educational background, certifications, licenses, references, and salary expectations. 

We may also process user-generated content such as resumes, cover letters, professional summaries, portfolios, and responses to job application questions. For employers and recruiters, in addition to identification and contact details, we process business information including company name, size, industry, employer identification numbers where applicable, and hiring needs. When users access our Platform, we automatically collect and process technical and usage data including IP addresses, device information, browser type, operating system, access times, pages visited, features used, and clickstream data to enhance service functionality and user experience. Financial information, including payment card details, bank account information, and transaction histories, is collected and processed to facilitate premium service subscriptions, payment processing, and to prevent fraudulent activities. 

In certain jurisdictions and with explicit consent where required, we may collect demographic information such as age, gender, race/ethnicity, disability status, and veteran status to support diversity initiatives or compliance with equal employment opportunity regulations. We also maintain records of user preferences, settings, and interactions with our Platform, including job search criteria, saved listings, notification preferences, and communication history. In all cases, we adhere to data minimization principles, collecting only what is necessary for the specified purposes, and maintain appropriate safeguards to protect all personal data under our stewardship.

5. Processing Activities and Purposes

EasyJobHunt processes personal data for multiple specific and legitimate purposes directly related to the operation of our employment marketplace and the provision of our services. The primary processing purpose is to facilitate job matching and employment opportunities by analyzing job seeker profiles and preferences against employer requirements to generate appropriate job recommendations. 

This process involves algorithms and automated decision-making tools designed to improve the accuracy and relevance of job matches, thereby enhancing the efficiency of the job search and recruiting process. We process personal data to authenticate user identities, maintain user accounts, and secure our Platform against unauthorized access or fraudulent activities. Personal data is also processed to enable communication between users, including job application submissions, interview scheduling, messaging between employers and candidates, and system notifications about account activity or relevant opportunities. 

Our processing activities extend to transaction facilitation and payment processing for premium features, subscription services, or other paid offerings available through our Platform. We engage in analytics and service improvement by analyzing user behavior, preferences, and feedback to enhance our existing features, develop new offerings, and optimize the overall user experience. In accordance with user preferences and applicable regulations, we process personal data for marketing and promotional purposes, including sending job alerts, newsletters, product updates, and relevant offers. 

We also maintain records of user activities for platform monitoring, fraud prevention, and regulatory compliance. This includes detecting and preventing potentially prohibited or illegal activities, protecting the security and integrity of our Platform, and ensuring compliance with our Terms of Service. For employers and business clients, we process data to provide recruitment analytics and reporting, helping them assess the effectiveness of their hiring strategies and optimize their recruitment processes. All processing activities are conducted with appropriate technical and organizational measures to ensure data security, and we regularly review these activities to ensure alignment with stated purposes and legal requirements.

6. Data Retention and Deletion Policies

EasyJobHunt has established comprehensive data retention principles that balance our operational needs, legal obligations, and user expectations regarding how long we maintain personal data in our systems. We retain personal data only for as long as necessary to fulfill the specific purposes for which it was collected, as outlined in this Policy, our Privacy Policy, or as required by applicable laws and regulations. Active user account information is retained for the duration of the account relationship and may be maintained for a reasonable period thereafter to comply with legal obligations, resolve disputes, enforce agreements, support business operations, and continue to improve and personalize our services. 

For job seekers, application data submitted to employers may be retained longer than general account data to satisfy record-keeping requirements under employment laws, typically for periods ranging from one to three years depending on applicable regulations. For employers and business clients, we retain account data, transaction records, and related information in accordance with corporate record-keeping practices and tax regulations, generally for seven years following the end of the business relationship. Data collected for analytics, service improvement, and security purposes is typically retained in identifiable form for shorter periods, often between 90 days and 18 months, after which it may be aggregated or anonymized. Inactive accounts that have shown no login or other activity for an extended period (typically 24 months) may be flagged for potential archiving or deletion, subject to notification procedures where required by applicable law. 

Users may request deletion of their personal data by contacting our Data Protection team, and we will comply with such requests unless there is a legitimate legal basis for retention, such as ongoing contractual obligations, legal compliance requirements, or the need to preserve relevant information for the establishment, exercise, or defense of legal claims. When personal data is no longer necessary or legally required to be maintained, we implement secure deletion procedures, including data erasure from production systems, removal from backup systems according to scheduled backup rotation policies, and secure destruction of physical records. 

For certain data subject to specific regulatory requirements, we may implement specialized retention schedules as required by applicable law. EasyJobHunt regularly reviews and updates its retention policies and schedules to ensure continued compliance with evolving data protection regulations and best practices.

7. Data Security Measures and Safeguards

EasyJobHunt implements robust technical and organizational security measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Our comprehensive security program includes encryption of sensitive personal data both in transit using TLS (Transport Layer Security) protocols and at rest using industry-standard encryption algorithms. We maintain strict access controls based on the principle of least privilege, ensuring that employees and contractors have access only to the personal data necessary for their specific job functions. 

All access to sensitive systems and data repositories requires multi-factor authentication, and we conduct regular access reviews to verify that permissions remain appropriate as roles change within the organization. Our infrastructure incorporates multiple security layers, including firewalls, intrusion detection systems, and regular vulnerability scanning and penetration testing by both internal security teams and independent third-party security specialists. We maintain comprehensive logging and monitoring systems that allow for detection of unusual activities or potential security incidents, with automated alerts configured to notify security personnel of suspicious events requiring investigation. 

Employee security awareness is fostered through mandatory security training conducted at onboarding and at regular intervals thereafter, covering data protection regulations, security best practices, and procedures for identifying and reporting potential security incidents. For physical security, we maintain appropriate controls over facilities where personal data is processed or stored, including access restrictions, surveillance systems, and visitor management protocols. Our third-party service providers and data processors are contractually obligated to implement appropriate security measures consistent with our standards and applicable regulations, and we conduct regular assessments to verify compliance with these obligations. We have established formal incident response procedures that include prompt notification protocols in accordance with applicable regulations, forensic investigation capabilities, and remediation processes to address any identified vulnerabilities. 

Data backups are performed regularly and tested to ensure recoverability, with backup media secured through encryption and access controls. We regularly assess and update our security measures in response to evolving threats, technological developments, and regulatory requirements, engaging external security experts when appropriate to evaluate and strengthen our security posture. These comprehensive security measures reflect our commitment to protecting the personal data entrusted to us while enabling the business functions necessary to provide our services.

8. International Data Transfers

EasyJobHunt operates globally and may transfer personal data across international borders to facilitate our operations and provide our services to users worldwide. We recognize that many jurisdictions have enacted specific requirements governing the transfer of personal data outside their territories, and we are committed to conducting such transfers in compliance with applicable regulations. When transferring personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to countries that have not been deemed to provide an adequate level of data protection by relevant authorities, we implement appropriate safeguards as required by applicable law. 

These safeguards primarily include entering into Standard Contractual Clauses (SCCs) approved by the European Commission with recipients of the data. In some cases, we may rely on derogations provided in applicable data protection laws for specific transfer situations, such as when the transfer is necessary for the performance of a contract between the data subject and EasyJobHunt, or when the data subject has explicitly consented to the proposed transfer after being informed of the potential risks. For transfers to the United States, we assess whether recipients can provide protection consistent with GDPR requirements in light of the Schrems II decision from the Court of Justice of the European Union, implementing supplementary measures where necessary. 

We maintain a comprehensive inventory of international data transfers, including documentation of the transfer mechanism relied upon, the categories of data transferred, the recipients, and the purpose of the transfer. For data originating from jurisdictions with cross-border transfer restrictions outside the EEA, such as Brazil under the LGPD or China under the PIPL, we implement comparable safeguards tailored to the specific requirements of those regulations. We regularly monitor changes in international data protection laws and adjust our data transfer mechanisms accordingly to maintain continuous compliance. 

Data subjects may request additional information regarding the specific safeguards applied to the export of their personal data by contacting our Data Protection Officer using the contact information provided in this Policy. EasyJobHunt remains committed to ensuring that all international transfers of personal data are conducted in a manner that provides appropriate protection and complies with applicable legal requirements, regardless of the destination country or transfer mechanism employed.

9. Data Subject Rights and Procedures

EasyJobHunt recognizes and respects the rights of data subjects as established under applicable data protection laws, including the GDPR, CCPA/CPRA, and other relevant regulations. We have implemented comprehensive procedures to facilitate the exercise of these rights in a timely and transparent manner. Data subjects have the right to access their personal data, receiving confirmation as to whether personal data concerning them is being processed and, where that is the case, access to the personal data and specific information about how it is being processed. 

This information is provided in a concise, transparent, intelligible, and easily accessible form. The right to rectification enables data subjects to have inaccurate personal data corrected without undue delay, and to have incomplete personal data completed, including by means of providing a supplementary statement. For applicable jurisdictions, data subjects possess the right to erasure (“right to be forgotten”), allowing them to obtain the deletion of personal data concerning them without undue delay when specified grounds apply, such as when the data is no longer necessary for the purposes for which it was collected or when consent is withdrawn. The right to restriction of processing permits data subjects to limit how we use their data in certain circumstances, such as when the accuracy of the data is contested or when the processing is unlawful but the data subject opposes erasure. 

Where technically feasible and legally applicable, data subjects may exercise the right to data portability, receiving their personal data in a structured, commonly used, and machine-readable format, with the right to transmit that data to another controller without hindrance from EasyJobHunt. Data subjects may also exercise the right to object to processing based on legitimate interests, direct marketing, or research purposes, with specific conditions applying to each scenario. For decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects, data subjects have the right not to be subject to such decisions, except in limited circumstances permitted by law. 

Data subjects may withdraw consent at any time when consent is the legal basis for processing, though this does not affect the lawfulness of processing based on consent before its withdrawal. To exercise any of these rights, data subjects may submit a request through our dedicated Data Subject Rights portal, by emailing privacy@easyjobhunt.com, or by contacting us using the information provided in this Policy. We will respond to all legitimate requests within the timeframes required by applicable law (generally within 30 days for GDPR requests and 45 days for CCPA/CPRA requests), though we may extend this period when necessary, taking into account the complexity and number of requests. 

We verify the identity of individuals making requests to protect against unauthorized access, and we do not charge a fee for handling standard requests, though we reserve the right to charge a reasonable fee or refuse to act when requests are manifestly unfounded, excessive, or repetitive. Data subjects also have the right to lodge a complaint with a supervisory authority, particularly in the jurisdiction of their habitual residence, place of work, or place of an alleged infringement of applicable data protection laws.

10. Data Processors and Third-Party Processing

EasyJobHunt engages various data processors and third parties to assist in delivering our services and fulfilling our business objectives. These relationships are governed by comprehensive data processing agreements that establish clear responsibilities and limitations regarding personal data processing. When selecting and engaging data processors, we conduct thorough due diligence to ensure they provide sufficient guarantees to implement appropriate technical and organizational measures that meet the requirements of applicable data protection regulations and ensure the protection of data subjects’ rights. 

Our standard data processing agreements include specific provisions mandating that processors: only process personal data on documented instructions from EasyJobHunt, including with regard to transfers to third countries; ensure that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality; implement all required security measures in accordance with applicable regulations; respect the conditions for engaging sub-processors, including obtaining prior specific or general written authorization from EasyJobHunt and ensuring that the same data protection obligations are imposed on any sub-processors; assist EasyJobHunt in responding to requests for exercising data subject rights; assist with security obligations, data breach notifications, data protection impact assessments, and consultations with supervisory authorities; delete or return all personal data to EasyJobHunt after the end of the provision of services, unless storage is required by law; and make available to EasyJobHunt all information necessary to demonstrate compliance with these obligations and contribute to audits and inspections conducted by EasyJobHunt or an auditor mandated by EasyJobHunt. 

We maintain a comprehensive register of all data processors engaged by EasyJobHunt, including details of the processing activities performed by each processor, the categories of data processed, the locations of processing, and the specific security measures implemented. Regular assessments and audits of our processors are conducted to verify ongoing compliance with contractual obligations and applicable data protection regulations. We recognize that we remain fully responsible to data subjects for the processing activities carried out on our behalf by our processors, and we have implemented monitoring and oversight procedures to ensure that processors adhere to our privacy and security standards. 

When engaging processors located outside jurisdictions deemed to provide adequate protection for personal data, we implement appropriate safeguards as described in the International Data Transfers section of this Policy. If a data processor engages in processing beyond our instructions or in violation of applicable regulations or our contractual terms, we take immediate action to address such violations, including termination of the relationship if necessary to protect personal data and data subjects’ rights.

11. Cookies and Similar Tracking Technologies

EasyJobHunt utilizes cookies and similar tracking technologies on our Platform to enhance user experience, analyze usage patterns, enable certain platform functionalities, and in some cases, deliver targeted advertising. These technologies collect and store information when users visit our Platform and may involve the transmission of this information to service providers and partners for the purposes specified in this Policy and our Cookie Policy. 

Essential cookies are necessary for the functioning of our Platform and cannot be disabled through our preference controls, as they enable core features such as security, network management, and account access. These cookies do not store any personally identifiable information and are strictly necessary to provide our services. Functional cookies enhance Platform usability by remembering user choices and preferences, such as language settings, display preferences, and previously used features. Performance and analytics cookies help us understand how visitors interact with our Platform by collecting aggregated information about page visits, engagement time, error messages, and user journeys. This information is used solely to improve Platform performance, enhance user experience, and optimize our services. Marketing and advertising cookies may be placed by us or by third-party advertising partners to build profiles of interests for delivering relevant advertisements on our Platform or on third-party websites. 

These cookies track browsing habits and are used to measure the effectiveness of advertising campaigns. We obtain explicit consent for non-essential cookies in jurisdictions where required by law, typically through a cookie consent banner that allows users to select their preferences before such cookies are placed. Users may modify their cookie preferences at any time through the cookie settings accessible in our Platform footer. Most web browsers also allow some control of cookies through browser settings, including the ability to block or delete cookies, though we note that restricting cookies may impact the functionality and user experience of our Platform. For transparency, our Cookie Policy provides detailed information about the specific cookies used on our Platform, including their names, purposes, durations, and the entities that place them. This policy is regularly updated as we modify our cookie usage or implement new technologies. 

We contractually require our advertising partners and other third parties who place cookies on our Platform to respect user preferences and comply with applicable data protection regulations. While cookies are the most common tracking technology used on our Platform, we may also use other similar technologies, such as pixel tags (small graphic images), web beacons, local storage, and device fingerprinting techniques. These technologies serve similar purposes as cookies and are governed by the same consent requirements and user preference controls.

12. Data Protection Impact Assessments

EasyJobHunt conducts Data Protection Impact Assessments (DPIAs) when implementing new technologies or processing activities that are likely to result in a high risk to the rights and freedoms of data subjects. These comprehensive assessments are performed prior to the commencement of such processing activities and are reviewed periodically thereafter to ensure ongoing compliance and risk mitigation. 

Our DPIA process follows a structured methodology that includes a systematic description of the envisaged processing operations and the purposes of the processing, including, where applicable, the legitimate interest pursued by EasyJobHunt; an assessment of the necessity and proportionality of the processing operations in relation to the purposes; an assessment of the risks to the rights and freedoms of data subjects; and the measures envisaged to address the risks, including safeguards, security measures, and mechanisms to ensure the protection of personal data and to demonstrate compliance with applicable regulations, taking into account the rights and legitimate interests of data subjects and other persons concerned. 

We conduct DPIAs for processing activities such as the implementation of new artificial intelligence or machine learning algorithms for candidate matching or evaluation; large-scale processing of special categories of data or data relating to criminal convictions and offenses; systematic and extensive evaluation of personal aspects relating to natural persons based on automated processing, including profiling, on which decisions are based that produce legal effects or similarly significantly affect the natural person; large-scale, systematic monitoring of publicly accessible areas; and new uses of existing technologies that significantly change how personal data is processed. 

Our DPIA process involves relevant stakeholders, including our legal team, information security specialists, product managers, and, where appropriate, external data protection experts. We also seek input from data subjects or their representatives when feasible and appropriate. When a DPIA indicates that processing would result in a high risk in the absence of measures taken by EasyJobHunt to mitigate the risk, we consult with the relevant supervisory authority prior to proceeding with the processing. The results of DPIAs are documented and maintained as part of our data protection compliance records, and key findings are incorporated into our data processing practices, system designs, and risk management processes.

 We regularly review completed DPIAs when there is a change in the risk associated with processing operations, such as when implementing new technologies or when changes occur in the nature, scope, context, or purposes of the processing. This proactive approach to identifying and mitigating data protection risks demonstrates our commitment to privacy by design and default principles, ensuring that data protection considerations are integrated into our processing activities from their inception.

13. Data Breach Response and Notification

EasyJobHunt has developed and implemented a comprehensive Data Breach Response Plan to address actual or suspected breaches of personal data in a timely, consistent, and effective manner. This plan establishes clear procedures for identifying, containing, assessing, remediating, and notifying affected parties about data breaches in accordance with applicable data protection regulations. Upon discovery or notification of a suspected data breach, our designated Data Breach Response Team is immediately activated to coordinate our response efforts. This cross-functional team includes representatives from information security, legal, IT, communications, and executive leadership, with clearly defined roles and responsibilities. 

The initial response involves prompt containment measures to limit the breach’s scope and prevent further unauthorized access or disclosure of personal data. Simultaneously, we initiate a thorough investigation to determine the nature and extent of the breach, the categories and approximate number of data subjects affected, the categories and approximate volume of personal data records involved, and the likely consequences of the breach. 

Based on this assessment, we determine whether the breach must be reported to relevant supervisory authorities and/or affected data subjects under applicable laws and regulations. For breaches that require notification to supervisory authorities under the GDPR or similar regulations, we provide notification without undue delay and, where feasible, not later than 72 hours after becoming aware of the breach. If notification cannot be provided within 72 hours, we provide a reasoned justification for the delay. Our notifications to authorities include all required information, such as the nature of the breach, contact details of our Data Protection Officer or designated contact person, likely consequences of the breach, and measures taken or proposed to address the breach and mitigate its possible adverse effects. When a breach is likely to result in a high risk to the rights and freedoms of data subjects, we also provide direct notification to affected individuals without undue delay. 

These notifications are written in clear, plain language and include the nature of the breach, contact information for our Data Protection Officer, likely consequences of the breach, and measures taken or proposed to address the breach and mitigate risks. In jurisdictions subject to the CCPA/CPRA, HIPAA, or other breach notification laws, we adhere to the specific requirements and timelines established by those regulations. Following any data breach, we conduct a post-incident review to identify root causes and areas for improvement in our security practices, processing activities, or breach response procedures. Findings from this review are documented, and recommended changes are implemented to reduce the likelihood and potential impact of future breaches. 

We maintain detailed records of all data breaches, including the facts surrounding the breach, its effects, and the remedial action taken, regardless of whether notification was required. These records are available to supervisory authorities upon request. All employees receive regular training on recognizing and reporting potential data breaches, and our Data Breach Response Plan is regularly tested and updated to ensure its effectiveness in addressing evolving threats and regulatory requirements.

14. Privacy by Design and Default

EasyJobHunt embraces the principles of Privacy by Design and Privacy by Default, integrating data protection considerations into the development and operation of all our systems, services, and business practices. These principles ensure that privacy and data protection are embedded into our technologies, operations, and products from the initial design stage rather than added as an afterthought. Our implementation of Privacy by Design begins at the conceptual phase of any new initiative, feature, or process. Before development commences, we conduct comprehensive privacy assessments to identify potential data protection implications and ensure that privacy controls are incorporated into the design specifications. This proactive approach allows us to anticipate and prevent privacy-invasive events before they occur. 

We apply data minimization principles throughout our operations, collecting, processing, and retaining only the personal data that is necessary for the specified purposes. This approach reduces privacy risks while still enabling the functionality of our services. Our systems are designed with strong default privacy settings that automatically provide the maximum degree of privacy protection without requiring user intervention. This ensures that even users who do not actively manage their privacy settings receive robust data protection by default. 

We implement technical measures to ensure that personal data is not accessible to an indefinite number of individuals and that processing is limited to what is necessary for each specific purpose. These measures include role-based access controls, authentication requirements, data segregation, and purpose-specific processing limitations built into our systems. Transparency is integrated throughout the user experience, with clear privacy notices provided at relevant points and controls that empower users to make informed choices about their personal data. 

We design user interfaces that make privacy information accessible and comprehensible, avoiding complex legal terminology when communicating with users about data practices. Data security is a foundational element of our Privacy by Design approach, with appropriate security controls integrated throughout the data lifecycle to protect confidentiality, integrity, and availability of personal data. Our development processes include regular privacy and security reviews, with sign-off required from privacy specialists before new features are deployed to production environments. 

We maintain detailed documentation of our Privacy by Design practices, including privacy impact assessments, design decisions, and implementation measures. This documentation demonstrates our accountability and commitment to data protection principles. Privacy by Design and Default is reinforced through regular training for our development, product, and operational teams, ensuring that privacy considerations are understood and implemented consistently across the organization. By embedding privacy into the architecture of our systems and business practices, we enhance user trust while mitigating privacy risks and ensuring compliance with regulatory requirements across the jurisdictions where we operate.

15. Employee Data Processing

EasyJobHunt processes personal data of our employees, contractors, job applicants, former employees, and other worker categories in accordance with applicable employment and data protection regulations. This section of our policy applies specifically to the processing of personal data in the employment context, which involves unique considerations and legal requirements distinct from those applicable to our Platform users. 

The legal bases for processing employee personal data include performance of the employment contract, compliance with legal obligations in the employment context (such as tax reporting, workplace safety regulations, and equal employment opportunity laws), the pursuit of legitimate interests (such as workforce management, security, and business operations), and in limited circumstances, employee consent. We collect and process employee personal data for specific purposes related to the employment relationship, including but not limited to recruitment and hiring; payroll and benefits administration; performance management and professional development; workforce planning and analytics; workplace security and monitoring; compliance with employment laws and regulations; and business continuity planning. 

The categories of personal data processed in the employment context generally include identification and contact details; employment history, qualifications, and references; compensation and benefits information; performance and disciplinary records; attendance and leave records; and in jurisdictions where permitted, background check results and other screening information. We may also process special categories of personal data (sensitive data) where explicitly authorized by law or with explicit consent, such as health information for benefits administration or diversity information for equal opportunity monitoring. We implement additional safeguards for such sensitive data, including stricter access controls and enhanced security measures. 

Employee personal data is shared internally only with individuals who have a legitimate need to access it for employment-related purposes, and externally only with authorized service providers (such as payroll processors, benefits providers, and professional advisors) who are contractually obligated to maintain its confidentiality and security. We retain employee personal data for the duration of the employment relationship and for specific periods thereafter as required by applicable employment laws, tax regulations, statutes of limitations, or other legitimate business purposes. 

Our retention schedules for various categories of employee data are documented and regularly reviewed for compliance with legal requirements. Employees have specific rights regarding their personal data, which may include access, rectification, erasure, and portability rights, subject to limitations established by employment laws in applicable jurisdictions. We maintain procedures for employees to exercise these rights in accordance with local requirements. 

Employee monitoring activities, such as email monitoring, internet usage tracking, or video surveillance, are conducted only where permitted by law and with appropriate notice to employees. Such monitoring is proportionate to the risks being addressed and limited to what is necessary for specified legitimate purposes, such as ensuring network security, protecting confidential information, or investigating suspected misconduct. 

We provide transparent information to employees about our data processing activities through comprehensive privacy notices, employment policies, and training programs. These communications ensure that employees understand what personal data is collected, how it is used, with whom it is shared, and what rights they have regarding their personal data. In jurisdictions that require consultation with employee representatives or works councils regarding data processing activities, we fulfill these obligations before implementing new processing systems or practices that impact employee data.

16. Children’s Privacy Protection

EasyJobHunt recognizes the importance of providing enhanced privacy protections when processing personal data of children and adolescents. Our Platform and services are designed for individuals who are at least 16 years of age, or the applicable minimum age for providing valid consent to data processing in the relevant jurisdiction, whichever is higher. We do not knowingly collect or process personal data from children below this age threshold, except in limited circumstances where specifically permitted by applicable law and with appropriate parental consent. In jurisdictions where our Platform may be lawfully used by individuals under 18 years of age but above the minimum age threshold (such as for certain educational or apprenticeship opportunities), we implement additional safeguards for processing their personal data. 

These safeguards include simplified privacy notices written in age-appropriate language, more conservative data retention practices, limited data sharing, and restricted marketing activities. If we become aware that we have inadvertently collected personal data from a child below the applicable minimum age threshold, we will promptly delete such data and take reasonable measures to ensure that it is not used or disclosed. We encourage parents and guardians to monitor their children’s online activities and to contact us if they believe we have unintentionally collected personal data from their child. 

Parents or guardians of children below the applicable minimum age threshold who believe their child has provided personal data to EasyJobHunt may contact our Data Protection Officer to request access to, correction of, or deletion of such data. We will respond to such requests in accordance with applicable law and will require verification of the requestor’s identity and relationship to the child before processing such requests. 

In jurisdictions with specific regulations governing children’s privacy (such as the Children’s Online Privacy Protection Act in the United States), we comply with all applicable requirements, which may include obtaining verifiable parental consent before collecting or using children’s personal data, providing parents with review and deletion rights, maintaining the confidentiality and security of children’s personal data, and limiting data retention to what is reasonably necessary. For educational or training programs specifically designed for younger users that may utilize our Platform, we establish additional contractual safeguards and processing limitations with the educational institutions or program administrators responsible for such users. We periodically review and update our age verification mechanisms and children’s privacy protection measures to ensure they remain effective and compliant with evolving regulatory requirements and industry best practices. Through these comprehensive safeguards and practices, EasyJobHunt demonstrates our commitment to respecting and protecting the privacy rights of children and adolescents while providing appropriate services to users of all legally eligible ages.

17. Changes to This Policy

EasyJobHunt reserves the right to modify, update, or amend this Data Processing Policy from time to time to reflect changes in our data processing practices, legal requirements, or the features and functionality of our Platform. We recognize the importance of transparency regarding such changes and are committed to informing data subjects when material modifications occur. When we make significant changes to this Policy that affect the ways in which we process personal data or the rights of data subjects, we will provide clear notice through appropriate channels, which may include prominent notices on our Platform, direct communications to registered users, or other effective means of notification. 

Material changes to this Policy will generally be communicated at least thirty (30) days before the changes take effect, unless immediate implementation is required for legal compliance reasons or to address an urgent security concern. The notification will summarize the key changes and explain their implications for data subjects. Each updated version of this Policy will include an effective date at the beginning of the document, and we maintain an archive of previous versions that can be made available upon request to allow data subjects to understand how our practices have evolved over time. We encourage data subjects to periodically review this Policy to stay informed about our data processing practices. For minor changes that do not materially affect data subject rights or our core data processing activities, we may update the Policy without providing specific notice, though the updated version will always be accessible through our Platform with the current effective date clearly indicated. 

When legally required, we will obtain renewed consent from data subjects for new or substantially different processing activities not covered by the original consent. By continuing to use our Platform after changes to this Policy take effect, data subjects acknowledge and accept the updated terms, provided that such continued use constitutes legally valid acceptance under applicable law. If a data subject does not agree with the modified Policy, they may need to discontinue using our services, subject to any contractual obligations or transition periods that may apply. 

Questions or concerns about changes to this Policy may be directed to our Data Protection Officer using the contact information provided in this Policy. Through this change management process, we balance the need for evolving our practices with the importance of keeping data subjects informed and in control of how their personal data is processed.

18. Contact Information and Data Protection Officer

For questions, concerns, or requests regarding this Data Processing Policy or our data processing practices, data subjects and other interested parties may contact EasyJobHunt using the following information. Our designated Data Protection Officer (“DPO”) oversees our compliance with data protection laws and serves as the primary point of contact for data protection authorities and data subjects on privacy matters. The DPO can be reached directly at dpo@easyjobhunt.com or by mail at EasyJobHunt LLC, Attn: Data Protection Officer, 100 North Howard Street., Suite R Spokane, WA 99201, United States.

For general privacy inquiries or to exercise data subject rights, individuals may contact our Privacy Team at privacy@easyjobhunt.com or use the data subject rights request form available on our Platform. For urgent matters requiring immediate attention, our Privacy Team can be reached by telephone at (360) 999-XXXX during regular business hours (9am-5pm Pacific Time, Monday through Friday, excluding holidays).

While our operations are headquartered in Vancouver, Washington, we are committed to complying with applicable privacy regulations in all jurisdictions where our services are available. California residents may contact us regarding CCPA/CPRA rights or inquiries through our general privacy channels, and we have established the necessary protocols to address jurisdiction-specific requirements.

We strive to respond to all privacy-related inquiries promptly, generally within 30 calendar days, though response times may vary depending on the nature of the request and applicable legal requirements. For complex requests or inquiries, we may extend this response time, providing notification and explanation of the extension to the requestor.

Data subjects also have the right to lodge complaints with supervisory authorities in their country of residence, place of work, or where an alleged infringement of applicable data protection law has occurred. We encourage data subjects to contact us directly with any concerns before filing a complaint with a supervisory authority, as we are committed to addressing legitimate privacy concerns in a timely and appropriate manner.

The most current contact information will always be available in the Privacy section of our Platform. As our business evolves, we may establish additional points of contact to better serve our global user base, while maintaining our commitment to privacy protection and regulatory compliance.

19. Governing Law and Jurisdiction

This Data Processing Policy shall be governed by and construed in accordance with the laws of the State of Washington, United States, without regard to its conflict of law provisions, except where mandatory provisions of EU data protection law or other applicable data protection regulations apply. Notwithstanding the foregoing, nothing in this section shall deprive data subjects of the protections afforded to them by mandatory provisions of the law of the country in which they reside. 

With respect to any disputes or claims arising under or related to this Policy between EasyJobHunt and business users or partners, the parties agree to submit to the exclusive jurisdiction of the state and federal courts located in King County, Washington, United States. For disputes involving individual data subjects using our Platform in their personal capacity, jurisdiction and venue shall be determined in accordance with applicable law, including laws designed to protect consumers and data subjects. 

Where claims relate to data protection rights under the GDPR or similar regulations that grant specific jurisdictional protections, data subjects retain the right to bring legal proceedings in the courts of the EU Member State where they have their habitual residence, where they work, or where the alleged infringement took place. For claims related to other privacy laws that contain specific jurisdictional provisions, such as the CCPA/CPRA for California residents, those provisions shall apply. 

This Policy does not limit any rights data subjects may have to file complaints with relevant data protection authorities or other regulatory bodies. EasyJobHunt remains committed to resolving privacy concerns directly with data subjects where possible and has established the contact procedures outlined in this Policy for that purpose. Any dispute resolution proceedings arising from this Policy shall be conducted in the English language, unless otherwise required by applicable local law. If any provision of this Policy is found to be unenforceable or invalid under any applicable law, such unenforceability or invalidity shall not render this Policy unenforceable or invalid as a whole, and such provisions shall be deleted without affecting the remaining provisions. 

Nothing in this Policy is intended to limit or exclude any liability on the part of EasyJobHunt where it would be unlawful to do so. These governing law and jurisdiction provisions shall be interpreted in a manner that provides the maximum protection to data subjects permitted under applicable law while providing clarity regarding the resolution of any disputes related to our data processing activities.

Effective Date: April 16, 2025
Last Reviewed: April 16, 2025

Version: 1.0